urlscan.io logo urlscan.io
SecurityTrails logo

www.bg3.co Open in urlscan Pro
103.231.174.251  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.bg3.co/a/xiang-ti-sheng-nan-xing-mei-li-zhao-mie-liao-tian-lao-tong-xue-xu-jiu-gao-gu-tong-kuang-biao.html
Submission: On October 31 via manual from US — Scanned from CH
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 123 IPs in 19 countries across 120 domains to perform 565 HTTP transactions. The main IP is 103.231.174.251, located in New York, United States and belongs to XLC-AS-AP XLC GLOBAL, HK. The main domain is www.bg3.co.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G4 on May 22nd 2023. Valid for: a year.
This is the only time www.bg3.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 103.231.174.251 9744 (XLC-AS-AP...)
4 2a00:1450:400... 15169 (GOOGLE)
21 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 104.20.219.77 13335 (CLOUDFLAR...)
7 152.199.21.70 15133 (EDGECAST)
37 151.101.65.44 54113 (FASTLY)
4 7 192.96.203.13 30633 (LEASEWEB-...)
5 2606:4700:20:... 13335 (CLOUDFLAR...)
3 2001:4860:480... 15169 (GOOGLE)
2 2a04:4e42:400... 54113 (FASTLY)
1 6 2a02:2638:3::c 44788 (ASN-CRITE...)
5 2a00:1450:400... 15169 (GOOGLE)
8 23.97.225.52 8075 (MICROSOFT...)
23 185.165.240.175 49981 (WORLDSTREAM)
6 2a00:1450:400... 15169 (GOOGLE)
3 5 2620:116:800d... 16509 (AMAZON-02)
3 151.101.129.44 54113 (FASTLY)
16 185.106.33.48 200478 (TABOOLA-AS)
7 11 37.157.6.237 198622 (ADFORM)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a02:2638:3::7 44788 (ASN-CRITE...)
8 12 37.252.171.85 29990 (ASN-APPNEX)
1 18.195.81.68 16509 (AMAZON-02)
7 51.89.9.252 16276 (OVH)
19 52.213.237.149 16509 (AMAZON-02)
1 184.30.21.51 16625 (AKAMAI-AS)
1 2 34.241.26.2 16509 (AMAZON-02)
5 19 172.64.151.101 13335 (CLOUDFLAR...)
1 34.120.63.153 396982 (GOOGLE-CL...)
10 104.22.68.131 13335 (CLOUDFLAR...)
3 6 145.40.97.66 54825 (PACKET)
3 35.186.253.211 15169 (GOOGLE)
1 69.173.144.137 26667 (RUBICONPR...)
1 2602:803:c003... 26667 (RUBICONPR...)
1 3.72.190.56 16509 (AMAZON-02)
1 2600:9000:211... 16509 (AMAZON-02)
39 2a00:1450:400... 15169 (GOOGLE)
3 3 23.197.120.249 16625 (AKAMAI-AS)
12 88.221.169.246 16625 (AKAMAI-AS)
15 35.71.131.137 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
18 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
1 1 54.38.197.123 16276 (OVH)
10 11 54.93.103.174 16509 (AMAZON-02)
2 2 178.250.1.9 44788 (ASN-CRITE...)
1 190.2.150.148 49981 (WORLDSTREAM)
1 133.186.12.16 10010 (TOKAI TOK...)
7 141.226.228.48 200478 (TABOOLA-AS)
15 23 69.173.144.139 26667 (RUBICONPR...)
1 10 2a00:1450:400... 15169 (GOOGLE)
1 167.235.184.171 24940 (HETZNER-AS)
3 7 2a05:d018:d29... 16509 (AMAZON-02)
2 2600:1f18:24e... 14618 (AMAZON-AES)
1 2620:1ec:21::14 8068 (MICROSOFT...)
15 20 172.217.16.194 15169 (GOOGLE)
2 5 52.94.223.167 16509 (AMAZON-02)
2 5 52.46.151.131 16509 (AMAZON-02)
6 6 52.214.19.144 16509 (AMAZON-02)
1 172.64.146.152 13335 (CLOUDFLAR...)
1 2 34.111.113.62 396982 (GOOGLE-CL...)
3 3.67.250.230 16509 (AMAZON-02)
2 2 52.23.134.172 14618 (AMAZON-AES)
1 2600:9000:225... 16509 (AMAZON-02)
4 2a00:1450:400... 15169 (GOOGLE)
5 190.2.151.7 49981 (WORLDSTREAM)
1 2600:9000:225... 16509 (AMAZON-02)
4 5 3.75.62.37 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 222.230.178.132 2519 (VECTANT A...)
2 2a02:26f0:c6:... 20940 (AKAMAI-ASN1)
1 2602:803:c003... 26667 (RUBICONPR...)
1 1 193.135.9.129 48314 (IP-PROJECTS)
1 1 217.79.187.68 24961 (MYLOC-AS ...)
9 2800:3f0:4001... 15169 (GOOGLE)
2 35.186.215.140 15169 (GOOGLE)
1 185.84.60.23 198622 (ADFORM)
10 2a00:1450:400... 15169 (GOOGLE)
1 2600:1901:0:e... 396982 (GOOGLE-CL...)
2 2a02:2638:3::3 44788 (ASN-CRITE...)
2 142.250.185.226 15169 (GOOGLE)
10 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 13.32.27.7 16509 (AMAZON-02)
4 8 34.98.64.218 396982 (GOOGLE-CL...)
1 151.101.1.108 54113 (FASTLY)
2 104.18.38.76 13335 (CLOUDFLAR...)
2 3 76.223.111.18 16509 (AMAZON-02)
1 184.30.20.22 16625 (AKAMAI-AS)
2 54.73.51.1 16509 (AMAZON-02)
1 2 89.149.192.76 60781 (LEASEWEB-...)
3 23.211.9.91 16625 (AKAMAI-AS)
6 2600:9000:21d... 16509 (AMAZON-02)
1 77.245.57.72 36057 (WEBAIR-IN...)
4 52.205.208.143 14618 (AMAZON-AES)
2 2 216.52.2.39 32475 (SINGLEHOP...)
3 216.52.2.6 30282 (AS-INAPCD...)
6 6 46.228.174.117 56396 (AMOBEE)
2 2 2001:678:cb4:... 56396 (AMOBEE)
3 3 193.0.160.131 54312 (ROCKETFUEL)
1 1 69.166.1.67 27630 (AS-XFERNET)
3 3 3.211.39.212 14618 (AMAZON-AES)
4 4 188.42.34.65 7979 (SERVERS-COM)
1 1 2.18.160.23 16625 (AKAMAI-AS)
6 6 34.194.166.122 14618 (AMAZON-AES)
2 2 2001:678:cb4:... 56396 (AMOBEE)
1 1 3.127.123.183 16509 (AMAZON-02)
1 2 35.186.193.173 15169 (GOOGLE)
2 2 13.32.110.110 16509 (AMAZON-02)
2 3 35.244.174.68 15169 (GOOGLE)
1 2 34.255.45.168 16509 (AMAZON-02)
4 4 64.202.112.31 23352 (SERVERCEN...)
3 3 185.184.8.90 204995 (RTB-HOUSE...)
14 34.247.233.198 16509 (AMAZON-02)
2 2 35.210.239.72 19527 (GOOGLE-2)
2 2 52.6.69.62 14618 (AMAZON-AES)
1 169.197.150.8 398989 (DEEPINTENT)
2 2 208.93.169.131 46244 (WEBMD-IDC...)
1 4 185.86.139.104 201081 (SMARTADSE...)
2 3 141.95.32.69 16276 (OVH)
3 185.64.190.78 62713 (AS-PUBMATIC)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1288:80:... 203220 (YAHOO-DEB)
1 1 211.120.53.200 4694 (IDCF IDC ...)
5 14 185.64.190.79 62713 (AS-PUBMATIC)
2 2 34.102.253.54 396982 (GOOGLE-CL...)
12 22 198.47.127.205 62713 (AS-PUBMATIC)
2 2 95.101.54.203 20940 (AKAMAI-ASN1)
1 52.49.194.113 16509 (AMAZON-02)
1 1 85.114.159.118 24961 (MYLOC-AS ...)
4 5 34.246.239.231 16509 (AMAZON-02)
1 1 35.214.201.206 15169 (GOOGLE)
1 2 151.101.130.49 54113 (FASTLY)
1 1 82.145.213.8 39832 (NO-OPERA)
1 173.231.180.197 32475 (SINGLEHOP...)
2 2 213.155.156.180 1299 (TWELVE99 ...)
1 195.5.165.20 44968 (IPROM-AS)
1 1 141.94.242.204 16276 (OVH)
2 2 146.59.148.16 16276 (OVH)
2 3 18.202.86.19 16509 (AMAZON-02)
1 2 34.111.129.221 396982 (GOOGLE-CL...)
1 2 35.204.158.49 396982 (GOOGLE-CL...)
3 198.47.127.20 62713 (AS-PUBMATIC)
2 2 98.98.134.243 21859 (ZEN-ECN)
2 2 2a02:fa8:8806... 41041 (VCLK-EU-SE)
3 4 168.119.72.236 24940 (HETZNER-AS)
1 1 69.173.151.100 26667 (RUBICONPR...)
1 1 8.2.108.175 46636 (NATCOWEB)
1 87.248.100.137 34010 (YAHOO-IRD)
1 2a00:1288:110... 34010 (YAHOO-IRD)
2 2 2a02:2638:3::6 44788 (ASN-CRITE...)
1 35.205.65.172 396982 (GOOGLE-CL...)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
1 162.55.120.196 24940 (HETZNER-AS)
1 3 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2 77.243.51.122 42697 (NETIC-AS)
1 1 51.222.80.231 16276 (OVH)
565 123
1    103.231.174.251 (New York, United States)

ASN9744 (XLC-AS-AP XLC GLOBAL, HK)
www.bg3.co
4    2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
21    2a00:1450:4001:81c::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
2    2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    104.20.219.77 (None, )

ASN13335 (CLOUDFLARENET, US)
www.statcounter.com
c.statcounter.com
7    152.199.21.70 (United States)

ASN15133 (EDGECAST, US)
delivery.adrecover.com
cdn.adpushup.com
37    151.101.65.44 (United States)

ASN54113 (FASTLY, US)
cdn.taboola.com
trc.taboola.com
images.taboola.com
imprammp.taboola.com
wf.taboola.com
vidstat.taboola.com
vidstatb.taboola.com
7    192.96.203.13 (Manassas, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
ads.aralego.com
sync.aralego.com
agent.aralego.com
5    2606:4700:20::681a:467 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.aralego.net
3    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
2    2a04:4e42:400::649 (United States)

ASN54113 (FASTLY, US)
code.jquery.com
6    2a02:2638:3::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
mug.criteo.com
5    2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
34ea2439be446e598bd03737d8924673.safeframe.googlesyndication.com
17e731cbde43e73ebd1ddb84bea4691d.safeframe.googlesyndication.com
4eef6f00ceaed3acf2e359b9bcdfe3a9.safeframe.googlesyndication.com
8    23.97.225.52 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
e3.adpushup.com
23    185.165.240.175 (Naaldwijk, Netherlands)

ASN49981 (WORLDSTREAM, NL)
PTR: 185-165-240-175.hosted-by-worldstream.net
ad.vidverto.io
6    2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
5    2620:116:800d:21:5ed4:8d5d:fed7:f5ef (United States)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
pixel.quantserve.com
cms.quantserve.com
3    151.101.129.44 (United States)

ASN54113 (FASTLY, US)
vidstat.taboola.com
16    185.106.33.48 (Israel)

ASN200478 (TABOOLA-AS, IL)
il-trc-events.taboola.com
11    37.157.6.237 (Denmark)

ASN198622 (ADFORM, DK)
track.adform.net
c1.adform.net
dmp.adform.net
cm.adform.net
2    2606:4700::6810:5914 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
1    2a02:2638:3::7 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
bidder.criteo.com
12    37.252.171.85 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
secure.adnxs.com
1    18.195.81.68 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-81-68.eu-central-1.compute.amazonaws.com
tlx.3lift.com
7    51.89.9.252 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip252.ip-51-89-9.eu
onetag-sys.com
19    52.213.237.149 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-213-237-149.eu-west-1.compute.amazonaws.com
ads.servenobid.com
1    184.30.21.51 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-21-51.deploy.static.akamaitechnologies.com
a.teads.tv
2    34.241.26.2 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-241-26-2.eu-west-1.compute.amazonaws.com
hb-api.omnitagjs.com
visitor.omnitagjs.com
19    172.64.151.101 (United States)

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
1    34.120.63.153 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 153.63.120.34.bc.googleusercontent.com
prebid.media.net
10    104.22.68.131 (None, )

ASN13335 (CLOUDFLARENET, US)
prebid.smilewanted.com
csync.smilewanted.com
static.smilewanted.com
6    145.40.97.66 (Amsterdam, Netherlands)

ASN54825 (PACKET, US)
prebid.a-mo.net
3    35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com
rtb.openx.net
1    69.173.144.137 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
prebid-server.rubiconproject.com
1    2602:803:c003:200::31 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
1    3.72.190.56 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-72-190-56.eu-central-1.compute.amazonaws.com
grid.bidswitch.net
1    2600:9000:211a:de00:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
39    2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
3    23.197.120.249 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-197-120-249.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
12    88.221.169.246 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a88-221-169-246.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
15    35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
2    2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
18    2a00:1450:4001:828::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
6    2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
1    54.38.197.123 (France)

ASN16276 (OVH, FR)
PTR: app-ngx-pl-01.adpartner.pro
a4p.adpartner.pro
11    54.93.103.174 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-93-103-174.eu-central-1.compute.amazonaws.com
x.bidswitch.net
2    178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
1    190.2.150.148 (Naaldwijk, Netherlands)

ASN49981 (WORLDSTREAM, NL)
PTR: 190-2-150-148.hosted-by-worldstream.net
ad.vidver.to
1    133.186.12.16 (Yokohama, Japan)

ASN10010 (TOKAI TOKAI Communications Corporation, JP)
PTR: p016.net133186012.broadline.ne.jp
js.genieessp.com
7    141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)
am-match.taboola.com
am-vid-events.taboola.com
sync.taboola.com
am-wf.taboola.com
23    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
pixel.rubiconproject.com
10    2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    167.235.184.171 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.171.184.235.167.clients.your-server.de
inv-nets.admixer.net
7    2a05:d018:d29:3602:b6d5:6b91:e46f:a747 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
2    2600:1f18:24e6:b901:33b0:541:cb9a:ca14 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
http-intake.logs.datadoghq.com
1    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
20    172.217.16.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f194.1e100.net
cm.g.doubleclick.net
5    52.94.223.167 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
5    52.46.151.131 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
6    52.214.19.144 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-214-19-144.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
1    172.64.146.152 (United States)

ASN13335 (CLOUDFLARENET, US)
capi.connatix.com
2    34.111.113.62 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com
pixel.tapad.com
3    3.67.250.230 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-67-250-230.eu-central-1.compute.amazonaws.com
match.sharethrough.com
2    52.23.134.172 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-23-134-172.compute-1.amazonaws.com
sync.ipredictive.com
1    2600:9000:2251:8c00:1a:5235:f980:93a1 (United States)

ASN16509 (AMAZON-02, US)
live.primis.tech
4    2a00:1450:4001:808::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
5    190.2.151.7 (Naaldwijk, Netherlands)

ASN49981 (WORLDSTREAM, NL)
PTR: 190-2-151-7.hosted-by-worldstream.net
cdn.vidverto.io
1    2600:9000:2250:4800:0:e06c:e940:93a1 (United States)

ASN16509 (AMAZON-02, US)
adx.holmesmind.com
5    3.75.62.37 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-75-62-37.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
2    2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
4    2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    222.230.178.132 (Hadano, Japan)

ASN2519 (VECTANT ARTERIA Networks Corporation, JP)
ialaddin.genieesspv.jp
2    2a02:26f0:c6::210:6568 (Düsseldorf, Germany)

ASN20940 (AKAMAI-ASN1, NL)
dmp.im-apps.net
1    2602:803:c003:200::67 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)
beacon-ams3.rubiconproject.com
1    193.135.9.129 (Germany)

ASN48314 (IP-PROJECTS, DE)
ads.smartstream.tv
1    217.79.187.68 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: cm42.as.net
cm.adsafety.net
9    2800:3f0:4001:831::2003 (São Paulo, Brazil)

ASN15169 (GOOGLE, US)
csi.gstatic.com
2    35.186.215.140 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 140.215.186.35.bc.googleusercontent.com
ad.sitemaji.com
1    185.84.60.23 (Denmark)

ASN198622 (ADFORM, DK)
adx3.adform.net
10    2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pubads.g.doubleclick.net
1    2600:1901:0:e207:: (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
audiencedata.im-apps.net
2    2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
2    142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net
googleads4.g.doubleclick.net
10    2606:4700::6811:c96e (United States)

ASN13335 (CLOUDFLARENET, US)
c.bannerflow.net
1    2a00:1450:4001:81c::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
yt3.ggpht.com
1    2a00:1450:400a:8::6 (Zurich, Switzerland)

ASN15169 (GOOGLE, US)
rr1---sn-1gieen7e.googlevideo.com
1    2606:4700::6810:407e (United States)

ASN13335 (CLOUDFLARENET, US)
shared.bannerflow.com
1    13.32.27.7 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-7.fra56.r.cloudfront.net
public.servenobid.com
8    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
adpushup-d.openx.net
us-u.openx.net
u.openx.net
eu-u.openx.net
1    151.101.1.108 (United States)

ASN54113 (FASTLY, US)
acdn.adnxs.com
2    104.18.38.76 (None, )

ASN13335 (CLOUDFLARENET, US)
js-sec.indexww.com
cdn.indexww.com
3    76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
1    184.30.20.22 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-20-22.deploy.static.akamaitechnologies.com
contextual.media.net
2    54.73.51.1 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-73-51-1.eu-west-1.compute.amazonaws.com
g2.gumgum.com
rtb.gumgum.com
2    89.149.192.76 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
ssbsync.smartadserver.com
3    23.211.9.91 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-211-9-91.deploy.static.akamaitechnologies.com
ads.pubmatic.com
6    2600:9000:21dd:e200:1f:4c18:bd40:93a1 (United States)

ASN16509 (AMAZON-02, US)
cs-rtb.minutemedia-prebid.com
1    77.245.57.72 (United States)

ASN36057 (WEBAIR-INTERNET-MTL, US)
sync.adkernel.com
4    52.205.208.143 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-205-208-143.compute-1.amazonaws.com
cs-server-s2s.yellowblue.io
2    216.52.2.39 (New York, United States)

ASN32475 (SINGLEHOP-LLC, US)
ce.lijit.com
3    216.52.2.6 (New York, United States)

ASN30282 (AS-INAPCDN-OCY, US)
ap.lijit.com
6    46.228.174.117 (United Kingdom)

ASN56396 (AMOBEE, GB)
sync.1rx.io
sync.targeting.unrulymedia.com
2    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
3    193.0.160.131 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
1    69.166.1.67 (United States)

ASN27630 (AS-XFERNET, US)
sync.go.sonobi.com
3    3.211.39.212 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-211-39-212.compute-1.amazonaws.com
ssp.disqus.com
4    188.42.34.65 (Luxembourg)

ASN7979 (SERVERS-COM, US)
ads.betweendigital.com
1    2.18.160.23 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-160-23.deploy.static.akamaitechnologies.com
hbx.media.net
6    34.194.166.122 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-194-166-122.compute-1.amazonaws.com
i.liadm.com
2    2001:678:cb4:bbbb::13 (United Kingdom)

ASN56396 (AMOBEE, GB)
d.turn.com
1    3.127.123.183 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-127-123-183.eu-central-1.compute.amazonaws.com
sonata-notifications.taptapnetworks.com
2    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
cm.ctnsnet.com
ipac.ctnsnet.com
2    13.32.110.110 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-110-110.vie50.r.cloudfront.net
live.rezync.com
3    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
idsync.rlcdn.com
2    34.255.45.168 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-255-45-168.eu-west-1.compute.amazonaws.com
dpm.demdex.net
4    64.202.112.31 (United States)

ASN23352 (SERVERCENTRAL, US)
PTR: ny.outbrain.com
b1sync.zemanta.com
3    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
creativecdn.com
14    34.247.233.198 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
usersync.gumgum.com
2    35.210.239.72 (Brussels, Belgium)

ASN19527 (GOOGLE-2, US)
PTR: 72.239.210.35.bc.googleusercontent.com
u.ipw.metadsp.co.uk
2    52.6.69.62 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-6-69-62.compute-1.amazonaws.com
sync.srv.stackadapt.com
1    169.197.150.8 (United States)

ASN398989 (DEEPINTENT, US)
PTR: g.deepintent.com
match.deepintent.com
2    208.93.169.131 (United States)

ASN46244 (WEBMD-IDC1-AS, US)
bh.contextweb.com
4    185.86.139.104 (France)

ASN201081 (SMARTADSERVER, FR)
rtb-csync.smartadserver.com
3    141.95.32.69 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: haproxy-eu-004.roqad.pl
wt.rqtrk.eu
ws.rqtrk.eu
3    185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
1    2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
4    2a00:1288:80:807::2 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)
s.yimg.com
1    211.120.53.200 (Japan)

ASN4694 (IDCF IDC Frontier Inc., JP)
tg.socdm.com
14    185.64.190.79 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image8.pubmatic.com
2    34.102.253.54 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 54.253.102.34.bc.googleusercontent.com
ads.playground.xyz
22    198.47.127.205 (United States)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
image2.pubmatic.com
2    95.101.54.203 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a95-101-54-203.deploy.static.akamaitechnologies.com
ads.stickyadstv.com
1    52.49.194.113 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-49-194-113.eu-west-1.compute.amazonaws.com
cs.yellowblue.io
1    85.114.159.118 (Mossingen, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
5    34.246.239.231 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-246-239-231.eu-west-1.compute.amazonaws.com
a.audrte.com
1    35.214.201.206 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 206.201.214.35.bc.googleusercontent.com
csync.loopme.me
2    151.101.130.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    82.145.213.8 (Norway)

ASN39832 (NO-OPERA, NO)
PTR: n-sysadmin-jumpbox-03.feednews.opera.technology
t.adx.opera.com
1    173.231.180.197 (United States)

ASN32475 (SINGLEHOP-LLC, US)
PTR: ams-delivery-4.sys.adgear.com
cm.adgrx.com
2    213.155.156.180 (Sweden)

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
d5p.de17a.com
1    195.5.165.20 (Slovenia)

ASN44968 (IPROM-AS, SI)
core.iprom.net
1    141.94.242.204 (France)

ASN16276 (OVH, FR)
PTR: bixel-10.cloudy.ovh
green.erne.co
2    146.59.148.16 (France)

ASN16276 (OVH, FR)
PTR: pikafka-eu-2.cloudy.ovh
pixel-eu.onaudience.com
3    18.202.86.19 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-202-86-19.eu-west-1.compute.amazonaws.com
sync.crwdcntrl.net
2    34.111.129.221 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 221.129.111.34.bc.googleusercontent.com
cr.frontend.weborama.fr
2    35.204.158.49 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.158.204.35.bc.googleusercontent.com
um.simpli.fi
3    198.47.127.20 (United States)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
simage4.pubmatic.com
2    98.98.134.243 (United States)

ASN21859 (ZEN-ECN, US)
pixel-sync.sitescout.com
2    2a02:fa8:8806:21::1690 (Singapore)

ASN41041 (VCLK-EU-SE, US)
pubmatic-match.dotomi.com
4    168.119.72.236 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.236.72.119.168.clients.your-server.de
sync.richaudience.com
1    69.173.151.100 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel-us-east.rubiconproject.com
1    8.2.108.175 (United States)

ASN46636 (NATCOWEB, US)
us.ck-ie.com
1    87.248.100.137 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: o2.ycpi.vip.ir2.yahoo.com
ads.yap.yahoo.com
1    2a00:1288:110:c204::b000 (United Kingdom)

ASN34010 (YAHOO-IRD, GB)
geo.yahoo.com
2    2a02:2638:3::6 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
ssp-sync.criteo.com
1    35.205.65.172 (Brussels, Belgium)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 172.65.205.35.bc.googleusercontent.com
cookiesync.api.bliink.io
2    2606:4700::6812:19ad (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
1    162.55.120.196 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.196.120.55.162.clients.your-server.de
matching.truffle.bid
3    2606:4700:10::6816:1857 (United States)

ASN13335 (CLOUDFLARENET, US)
mwzeom.zeotap.com
spl.zeotap.com
2    77.243.51.122 (Denmark)

ASN42697 (NETIC-AS, DK)
uipglob.semasio.net
1    51.222.80.231 (Canada)

ASN16276 (OVH, FR)
PTR: pikafka-us-1.cloudy.ovh
pixel.onaudience.com
Apex Domain
Subdomains		 Transfer
63 taboola.com
cdn.taboola.com — Cisco Umbrella Rank: 1136
trc.taboola.com — Cisco Umbrella Rank: 705
vidstat.taboola.com — Cisco Umbrella Rank: 3029
il-trc-events.taboola.com — Cisco Umbrella Rank: 20251
images.taboola.com — Cisco Umbrella Rank: 1923
imprammp.taboola.com — Cisco Umbrella Rank: 15442
am-match.taboola.com — Cisco Umbrella Rank: 15833
wf.taboola.com — Cisco Umbrella Rank: 3148
am-vid-events.taboola.com — Cisco Umbrella Rank: 15082
vidstatb.taboola.com — Cisco Umbrella Rank: 5039
sync.taboola.com — Cisco Umbrella Rank: 1322
am-wf.taboola.com — Cisco Umbrella Rank: 17326
930 KB
63 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196
googleads.g.doubleclick.net — Cisco Umbrella Rank: 33
cm.g.doubleclick.net — Cisco Umbrella Rank: 245
pubads.g.doubleclick.net — Cisco Umbrella Rank: 401
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 439
634 KB
62 googlesyndication.com
34ea2439be446e598bd03737d8924673.safeframe.googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 97
tpc.googlesyndication.com — Cisco Umbrella Rank: 149
17e731cbde43e73ebd1ddb84bea4691d.safeframe.googlesyndication.com
4eef6f00ceaed3acf2e359b9bcdfe3a9.safeframe.googlesyndication.com
541 KB
45 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 534
image6.pubmatic.com — Cisco Umbrella Rank: 823
image8.pubmatic.com — Cisco Umbrella Rank: 662
simage2.pubmatic.com — Cisco Umbrella Rank: 843
image2.pubmatic.com — Cisco Umbrella Rank: 924
image4.pubmatic.com — Cisco Umbrella Rank: 1184
simage4.pubmatic.com — Cisco Umbrella Rank: 1289
43 KB
42 rubiconproject.com
prebid-server.rubiconproject.com — Cisco Umbrella Rank: 776
fastlane.rubiconproject.com — Cisco Umbrella Rank: 513
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 969
eus.rubiconproject.com — Cisco Umbrella Rank: 602
token.rubiconproject.com — Cisco Umbrella Rank: 458
pixel.rubiconproject.com — Cisco Umbrella Rank: 376
beacon-ams3.rubiconproject.com — Cisco Umbrella Rank: 10151
pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 1156
99 KB
28 vidverto.io
ad.vidverto.io — Cisco Umbrella Rank: 30159
cdn.vidverto.io — Cisco Umbrella Rank: 40183
505 KB
20 servenobid.com
ads.servenobid.com — Cisco Umbrella Rank: 2437
public.servenobid.com — Cisco Umbrella Rank: 5174
11 KB
19 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 511
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 486
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 625
dsum.casalemedia.com — Cisco Umbrella Rank: 1396
16 KB
16 gumgum.com
g2.gumgum.com — Cisco Umbrella Rank: 1591
usersync.gumgum.com — Cisco Umbrella Rank: 2098
rtb.gumgum.com — Cisco Umbrella Rank: 1589
5 KB
15 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 353
2 KB
14 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 492
ups.analytics.yahoo.com — Cisco Umbrella Rank: 327
ads.yap.yahoo.com — Cisco Umbrella Rank: 18467
geo.yahoo.com — Cisco Umbrella Rank: 1552
9 KB
13 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 246
acdn.adnxs.com — Cisco Umbrella Rank: 609
secure.adnxs.com — Cisco Umbrella Rank: 495
42 KB
13 adpushup.com
cdn.adpushup.com — Cisco Umbrella Rank: 16569
e3.adpushup.com — Cisco Umbrella Rank: 19508
287 KB
12 bidswitch.net
grid.bidswitch.net — Cisco Umbrella Rank: 1165
x.bidswitch.net — Cisco Umbrella Rank: 351
4 KB
12 adform.net
track.adform.net — Cisco Umbrella Rank: 4256
adx3.adform.net — Cisco Umbrella Rank: 59130
c1.adform.net — Cisco Umbrella Rank: 599
dmp.adform.net — Cisco Umbrella Rank: 3509
cm.adform.net — Cisco Umbrella Rank: 1267
6 KB
11 gstatic.com
fonts.gstatic.com
csi.gstatic.com
38 KB
11 openx.net
rtb.openx.net — Cisco Umbrella Rank: 695
adpushup-d.openx.net — Cisco Umbrella Rank: 26550
us-u.openx.net — Cisco Umbrella Rank: 522
u.openx.net — Cisco Umbrella Rank: 659
eu-u.openx.net — Cisco Umbrella Rank: 2753
2 KB
11 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 454
bidder.criteo.com — Cisco Umbrella Rank: 757
dis.criteo.com — Cisco Umbrella Rank: 597
mug.criteo.com — Cisco Umbrella Rank: 2926
ssp-sync.criteo.com — Cisco Umbrella Rank: 1269
10 KB
10 bannerflow.net
c.bannerflow.net — Cisco Umbrella Rank: 8923
128 KB
10 amazon-adsystem.com
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 890
s.amazon-adsystem.com — Cisco Umbrella Rank: 310
7 KB
10 smilewanted.com
prebid.smilewanted.com — Cisco Umbrella Rank: 5524
csync.smilewanted.com — Cisco Umbrella Rank: 2822
static.smilewanted.com — Cisco Umbrella Rank: 9244
17 KB
8 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 31
imasdk.googleapis.com — Cisco Umbrella Rank: 447
977 KB
7 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 746
4 KB
7 aralego.com
ads.aralego.com — Cisco Umbrella Rank: 30610
sync.aralego.com — Cisco Umbrella Rank: 3112
agent.aralego.com — Cisco Umbrella Rank: 278968
4 KB
6 liadm.com
i.liadm.com — Cisco Umbrella Rank: 539
3 KB
6 minutemedia-prebid.com
cs-rtb.minutemedia-prebid.com — Cisco Umbrella Rank: 5267
4 KB
6 smartadserver.com
ssbsync.smartadserver.com — Cisco Umbrella Rank: 774
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 733
2 KB
6 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 573
3 KB
6 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 751
800 B
6 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 212
355 KB
5 audrte.com
a.audrte.com — Cisco Umbrella Rank: 2810
3 KB
5 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 567
3 KB
5 lijit.com
ce.lijit.com — Cisco Umbrella Rank: 882
ap.lijit.com — Cisco Umbrella Rank: 683
2 KB
5 yellowblue.io
cs-server-s2s.yellowblue.io — Cisco Umbrella Rank: 2460
cs.yellowblue.io — Cisco Umbrella Rank: 1590
2 KB
5 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 1245
pixel.quantserve.com — Cisco Umbrella Rank: 964
cms.quantserve.com — Cisco Umbrella Rank: 764
11 KB
5 aralego.net
cdn.aralego.net — Cisco Umbrella Rank: 15951
82 KB
4 richaudience.com
sync.richaudience.com — Cisco Umbrella Rank: 1851
1 KB
4 yimg.com
s.yimg.com — Cisco Umbrella Rank: 648
57 KB
4 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 580
2 KB
4 betweendigital.com
ads.betweendigital.com — Cisco Umbrella Rank: 1638
3 KB
4 turn.com
ad.turn.com — Cisco Umbrella Rank: 851
d.turn.com — Cisco Umbrella Rank: 1384
2 KB
4 google.com
www.google.com — Cisco Umbrella Rank: 2
3 KB
4 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 300
69 KB
4 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 572
eb2.3lift.com — Cisco Umbrella Rank: 417
2 KB
4 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 406
89 KB
3 zeotap.com
mwzeom.zeotap.com — Cisco Umbrella Rank: 3222
spl.zeotap.com — Cisco Umbrella Rank: 3274
1 KB
3 crwdcntrl.net
sync.crwdcntrl.net — Cisco Umbrella Rank: 865
1 KB
3 onaudience.com
pixel-eu.onaudience.com — Cisco Umbrella Rank: 19303
pixel.onaudience.com — Cisco Umbrella Rank: 3239
1 KB
3 rqtrk.eu
wt.rqtrk.eu — Cisco Umbrella Rank: 1674
ws.rqtrk.eu — Cisco Umbrella Rank: 3851
932 B
3 creativecdn.com
creativecdn.com — Cisco Umbrella Rank: 592
1 KB
3 rlcdn.com
idsync.rlcdn.com — Cisco Umbrella Rank: 415
866 B
3 disqus.com
ssp.disqus.com — Cisco Umbrella Rank: 1439
992 B
3 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 868
3 KB
3 im-apps.net
dmp.im-apps.net — Cisco Umbrella Rank: 26793
audiencedata.im-apps.net — Cisco Umbrella Rank: 30155
3 KB
3 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 559
103 B
3 media.net
prebid.media.net — Cisco Umbrella Rank: 1335
contextual.media.net — Cisco Umbrella Rank: 691
hbx.media.net — Cisco Umbrella Rank: 1337
11 KB
3 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2462
313 B
2 semasio.net
uipglob.semasio.net — Cisco Umbrella Rank: 1222
1 KB
2 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 860
s.tribalfusion.com — Cisco Umbrella Rank: 2311
1 KB
2 dotomi.com
pubmatic-match.dotomi.com — Cisco Umbrella Rank: 3483
743 B
2 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 726
938 B
2 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 795
1 KB
2 weborama.fr
cr.frontend.weborama.fr — Cisco Umbrella Rank: 24983
498 B
2 de17a.com
d5p.de17a.com — Cisco Umbrella Rank: 4905
562 B
2 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 709
772 B
2 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 566
1 KB
2 playground.xyz
ads.playground.xyz — Cisco Umbrella Rank: 4089
679 B
2 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 547
2 KB
2 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 689
3 KB
2 metadsp.co.uk
u.ipw.metadsp.co.uk — Cisco Umbrella Rank: 5190
913 B
2 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 228
2 KB
2 rezync.com
live.rezync.com — Cisco Umbrella Rank: 1922
1 KB
2 ctnsnet.com
cm.ctnsnet.com — Cisco Umbrella Rank: 4186
ipac.ctnsnet.com — Cisco Umbrella Rank: 5723
757 B
2 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 674
cdn.indexww.com — Cisco Umbrella Rank: 1531
2 KB
2 criteo.net
static.criteo.net — Cisco Umbrella Rank: 668
60 KB
2 sitemaji.com
ad.sitemaji.com — Cisco Umbrella Rank: 105045
20 KB
2 ipredictive.com
sync.ipredictive.com — Cisco Umbrella Rank: 909
958 B
2 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 487
1 KB
2 datadoghq.com
http-intake.logs.datadoghq.com — Cisco Umbrella Rank: 8487
505 B
2 omnitagjs.com
hb-api.omnitagjs.com — Cisco Umbrella Rank: 3481
visitor.omnitagjs.com — Cisco Umbrella Rank: 799
911 B
2 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 335
7 KB
2 jquery.com
code.jquery.com — Cisco Umbrella Rank: 762
60 KB
2 adrecover.com
delivery.adrecover.com — Cisco Umbrella Rank: 27295
11 KB
2 statcounter.com
www.statcounter.com — Cisco Umbrella Rank: 15116
c.statcounter.com — Cisco Umbrella Rank: 9937
15 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 35
179 KB
1 truffle.bid
matching.truffle.bid — Cisco Umbrella Rank: 6588
1 bliink.io
cookiesync.api.bliink.io — Cisco Umbrella Rank: 10511
174 B
1 ck-ie.com
us.ck-ie.com — Cisco Umbrella Rank: 3060
496 B
1 erne.co
green.erne.co — Cisco Umbrella Rank: 31191
412 B
1 iprom.net
core.iprom.net — Cisco Umbrella Rank: 6074
276 B
1 adgrx.com
cm.adgrx.com — Cisco Umbrella Rank: 1392
282 B
1 opera.com
t.adx.opera.com — Cisco Umbrella Rank: 1397
554 B
1 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 940
226 B
1 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1533
524 B
1 socdm.com
tg.socdm.com — Cisco Umbrella Rank: 1208
841 B
1 youtube.com
www.youtube.com — Cisco Umbrella Rank: 68
1 deepintent.com
match.deepintent.com — Cisco Umbrella Rank: 1055
44 B
1 taptapnetworks.com
sonata-notifications.taptapnetworks.com — Cisco Umbrella Rank: 6560
343 B
1 sonobi.com
sync.go.sonobi.com — Cisco Umbrella Rank: 931
623 B
1 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1268
465 B
1 adkernel.com
sync.adkernel.com — Cisco Umbrella Rank: 1545
160 B
1 bannerflow.com
shared.bannerflow.com — Cisco Umbrella Rank: 481089
63 KB
1 googlevideo.com
rr1---sn-1gieen7e.googlevideo.com — Cisco Umbrella Rank: 259839
1 ggpht.com
yt3.ggpht.com — Cisco Umbrella Rank: 219
2 KB
1 adsafety.net
cm.adsafety.net — Cisco Umbrella Rank: 22807
1 KB
1 smartstream.tv
ads.smartstream.tv — Cisco Umbrella Rank: 31114
823 B
1 genieesspv.jp
ialaddin.genieesspv.jp — Cisco Umbrella Rank: 40856
643 B
1 holmesmind.com
adx.holmesmind.com — Cisco Umbrella Rank: 866767
870 B
1 primis.tech
live.primis.tech — Cisco Umbrella Rank: 1458
501 B
1 connatix.com
capi.connatix.com — Cisco Umbrella Rank: 1113
1 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 377
647 B
1 admixer.net
inv-nets.admixer.net — Cisco Umbrella Rank: 2430
262 B
1 genieessp.com
js.genieessp.com — Cisco Umbrella Rank: 42330
4 KB
1 vidver.to
ad.vidver.to — Cisco Umbrella Rank: 53225
155 B
1 adpartner.pro
a4p.adpartner.pro — Cisco Umbrella Rank: 10367
257 B
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 1212
634 B
1 teads.tv
a.teads.tv — Cisco Umbrella Rank: 1462
493 B
1 bg3.co
www.bg3.co
static.bg3.co Failed
19 KB
0 mrtnsvr.com Failed
ad.mrtnsvr.com Failed
0 gammaplatform.com Failed
cm-supply-web.gammaplatform.com Failed
565 120
Domain Requested by
39 pagead2.googlesyndication.com ads.aralego.com
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
imasdk.googleapis.com
www.bg3.co
tpc.googlesyndication.com
googleads.g.doubleclick.net
www.googletagservices.com
23 ad.vidverto.io www.bg3.co
ad.vidverto.io
imasdk.googleapis.com
21 securepubads.g.doubleclick.net www.bg3.co
securepubads.g.doubleclick.net
cdn.aralego.net
www.googletagservices.com
34ea2439be446e598bd03737d8924673.safeframe.googlesyndication.com
agent.aralego.com
20 cm.g.doubleclick.net 15 redirects www.bg3.co
googleads.g.doubleclick.net
g2.gumgum.com
adpushup-d.openx.net
19 ads.servenobid.com cdn.adpushup.com
public.servenobid.com
ssum-sec.casalemedia.com
g2.gumgum.com
ssbsync.smartadserver.com
cs-rtb.minutemedia-prebid.com
cs-server-s2s.yellowblue.io
ads.pubmatic.com
eus.rubiconproject.com
18 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
34ea2439be446e598bd03737d8924673.safeframe.googlesyndication.com
www.bg3.co
pagead2.googlesyndication.com
imasdk.googleapis.com
16 il-trc-events.taboola.com www.bg3.co
15 match.adsrvr.org www.bg3.co
imprammp.taboola.com
am-match.taboola.com
googleads.g.doubleclick.net
cdn.adpushup.com
ssum-sec.casalemedia.com
g2.gumgum.com
ads.pubmatic.com
csync.smilewanted.com
adpushup-d.openx.net
14 image8.pubmatic.com 5 redirects cs-rtb.minutemedia-prebid.com
cs-server-s2s.yellowblue.io
ads.pubmatic.com
14 usersync.gumgum.com g2.gumgum.com
ads.pubmatic.com
14 pixel.rubiconproject.com 10 redirects www.bg3.co
14 images.taboola.com www.bg3.co
14 cdn.taboola.com www.bg3.co
cdn.taboola.com
13 simage2.pubmatic.com 9 redirects ads.pubmatic.com
12 eus.rubiconproject.com ads.aralego.com
eus.rubiconproject.com
am-match.taboola.com
www.bg3.co
cdn.adpushup.com
public.servenobid.com
g2.gumgum.com
11 x.bidswitch.net 10 redirects imprammp.taboola.com
10 c.bannerflow.net s0.2mdn.net
c.bannerflow.net
10 pubads.g.doubleclick.net imasdk.googleapis.com
10 googleads.g.doubleclick.net 1 redirects pagead2.googlesyndication.com
www.bg3.co
9 image2.pubmatic.com 3 redirects ads.pubmatic.com
9 csi.gstatic.com imasdk.googleapis.com
9 token.rubiconproject.com 5 redirects eus.rubiconproject.com
8 ib.adnxs.com 4 redirects cdn.adpushup.com
www.bg3.co
acdn.adnxs.com
8 e3.adpushup.com www.bg3.co
7 dsum-sec.casalemedia.com 2 redirects ssum-sec.casalemedia.com
7 ssum-sec.casalemedia.com 3 redirects public.servenobid.com
js-sec.indexww.com
ssum-sec.casalemedia.com
7 csync.smilewanted.com cdn.adpushup.com
csync.smilewanted.com
7 pr-bh.ybp.yahoo.com 3 redirects imprammp.taboola.com
am-match.taboola.com
ssum-sec.casalemedia.com
ads.pubmatic.com
7 onetag-sys.com cdn.adpushup.com
ad.vidverto.io
public.servenobid.com
csync.smilewanted.com
6 i.liadm.com 6 redirects
6 cs-rtb.minutemedia-prebid.com public.servenobid.com
cs-rtb.minutemedia-prebid.com
6 match.prod.bidr.io 6 redirects
6 imasdk.googleapis.com ad.vidverto.io
imasdk.googleapis.com
6 prebid.a-mo.net 3 redirects cdn.adpushup.com
www.bg3.co
6 www.googletagservices.com securepubads.g.doubleclick.net
www.bg3.co
34ea2439be446e598bd03737d8924673.safeframe.googlesyndication.com
s0.2mdn.net
5 a.audrte.com 4 redirects ads.pubmatic.com
5 sync.1rx.io 5 redirects
5 ups.analytics.yahoo.com 4 redirects am-match.taboola.com
5 cdn.vidverto.io www.bg3.co
5 s.amazon-adsystem.com 2 redirects www.bg3.co
ssum-sec.casalemedia.com
5 aax-eu.amazon-adsystem.com 2 redirects www.bg3.co
ads.pubmatic.com
adpushup-d.openx.net
5 track.adform.net 2 redirects www.bg3.co
cdn.taboola.com
5 vidstat.taboola.com cdn.taboola.com
vidstat.taboola.com
5 gum.criteo.com 1 redirects cdn.taboola.com
static.criteo.net
cdn.adpushup.com
5 cdn.aralego.net www.bg3.co
ads.aralego.com
adx.holmesmind.com
agent.aralego.com
5 cdn.adpushup.com www.bg3.co
cdn.adpushup.com
4 sync.richaudience.com 3 redirects csync.smilewanted.com
4 c1.adform.net 3 redirects ads.pubmatic.com
4 s.yimg.com ad.sitemaji.com
s.yimg.com
adx.holmesmind.com
4 rtb-csync.smartadserver.com 1 redirects ssbsync.smartadserver.com
4 us-u.openx.net 2 redirects adpushup-d.openx.net
4 secure.adnxs.com 4 redirects
4 b1sync.zemanta.com 4 redirects
4 ads.betweendigital.com 4 redirects
4 cs-server-s2s.yellowblue.io public.servenobid.com
ads.pubmatic.com
4 www.google.com tpc.googlesyndication.com
4 s0.2mdn.net imasdk.googleapis.com
www.bg3.co
s0.2mdn.net
4 cdn.ampproject.org www.bg3.co
cdn.ampproject.org
3 sync.crwdcntrl.net 2 redirects ads.pubmatic.com
3 image6.pubmatic.com ads.pubmatic.com
3 cms.quantserve.com 3 redirects
3 creativecdn.com 3 redirects
3 idsync.rlcdn.com 2 redirects ssum-sec.casalemedia.com
3 ssp.disqus.com 3 redirects
3 p.rfihub.com 3 redirects
3 ap.lijit.com public.servenobid.com
cs-rtb.minutemedia-prebid.com
csync.smilewanted.com
3 ads.pubmatic.com public.servenobid.com
g2.gumgum.com
ads.pubmatic.com
3 eb2.3lift.com 2 redirects cdn.adpushup.com
3 match.sharethrough.com www.bg3.co
public.servenobid.com
cs-server-s2s.yellowblue.io
3 secure-assets.rubiconproject.com 3 redirects
3 rtb.openx.net cdn.adpushup.com
3 htlb.casalemedia.com cdn.adpushup.com
3 sync.aralego.com 2 redirects ads.aralego.com
3 34ea2439be446e598bd03737d8924673.safeframe.googlesyndication.com securepubads.g.doubleclick.net
34ea2439be446e598bd03737d8924673.safeframe.googlesyndication.com
3 trc.taboola.com cdn.taboola.com
3 region1.google-analytics.com www.googletagmanager.com
3 ads.aralego.com 1 redirects ads.aralego.com
agent.aralego.com
2 uipglob.semasio.net 1 redirects ads.pubmatic.com
2 mwzeom.zeotap.com ads.pubmatic.com
2 simage4.pubmatic.com ads.pubmatic.com
2 am-wf.taboola.com vidstat.taboola.com
2 ssp-sync.criteo.com 2 redirects
2 pubmatic-match.dotomi.com 2 redirects
2 pixel-sync.sitescout.com 2 redirects
2 um.simpli.fi 1 redirects ads.pubmatic.com
2 cr.frontend.weborama.fr 1 redirects ads.pubmatic.com
2 pixel-eu.onaudience.com 2 redirects
2 d5p.de17a.com 2 redirects
2 sync-tm.everesttech.net 1 redirects ads.pubmatic.com
2 ws.rqtrk.eu 2 redirects
2 ads.stickyadstv.com 2 redirects
2 ads.playground.xyz 2 redirects
2 bh.contextweb.com 2 redirects
2 sync.srv.stackadapt.com 2 redirects
2 u.ipw.metadsp.co.uk 2 redirects
2 dpm.demdex.net 1 redirects ssum-sec.casalemedia.com
2 live.rezync.com 2 redirects
2 dsum.casalemedia.com ssum-sec.casalemedia.com
2 d.turn.com 2 redirects
2 ad.turn.com 2 redirects
2 ce.lijit.com 2 redirects
2 ssbsync.smartadserver.com 1 redirects public.servenobid.com
2 adpushup-d.openx.net 1 redirects cdn.adpushup.com
2 googleads4.g.doubleclick.net www.bg3.co
2 static.criteo.net cdn.adpushup.com
static.criteo.net
2 ad.sitemaji.com adx.holmesmind.com
securepubads.g.doubleclick.net
2 dmp.im-apps.net js.genieessp.com
dmp.im-apps.net
2 fonts.gstatic.com ad.vidverto.io
2 sync.ipredictive.com 2 redirects
2 pixel.tapad.com 1 redirects www.bg3.co
2 http-intake.logs.datadoghq.com cdn.adpushup.com
2 am-vid-events.taboola.com www.bg3.co
2 wf.taboola.com vidstat.taboola.com
2 am-match.taboola.com vidstat.taboola.com
2 dis.criteo.com 2 redirects
2 fonts.googleapis.com cdn.taboola.com
securepubads.g.doubleclick.net
2 prebid.smilewanted.com cdn.adpushup.com
2 cdn.jsdelivr.net cdn.adpushup.com
34ea2439be446e598bd03737d8924673.safeframe.googlesyndication.com
2 code.jquery.com delivery.adrecover.com
cdn.adpushup.com
2 delivery.adrecover.com www.bg3.co
2 www.googletagmanager.com www.bg3.co
www.googletagmanager.com
1 spl.zeotap.com 1 redirects
1 pixel.onaudience.com 1 redirects
1 matching.truffle.bid ads.pubmatic.com
1 s.tribalfusion.com ads.pubmatic.com
1 a.tribalfusion.com 1 redirects
1 eu-u.openx.net adpushup-d.openx.net
1 cookiesync.api.bliink.io csync.smilewanted.com
1 cm.adform.net 1 redirects
1 geo.yahoo.com adx.holmesmind.com
1 ads.yap.yahoo.com s.yimg.com
1 us.ck-ie.com 1 redirects
1 pixel-us-east.rubiconproject.com 1 redirects
1 image4.pubmatic.com ads.pubmatic.com
1 dmp.adform.net 1 redirects
1 green.erne.co 1 redirects
1 core.iprom.net ads.pubmatic.com
1 ipac.ctnsnet.com ads.pubmatic.com
1 cm.adgrx.com ads.pubmatic.com
1 t.adx.opera.com 1 redirects
1 csync.loopme.me 1 redirects
1 dsp.adfarm1.adition.com 1 redirects
1 cs.yellowblue.io cs-server-s2s.yellowblue.io
1 visitor.omnitagjs.com 1 redirects
1 u.openx.net 1 redirects
1 tg.socdm.com 1 redirects
1 rtb.gumgum.com g2.gumgum.com
1 www.youtube.com
1 wt.rqtrk.eu ssbsync.smartadserver.com
1 match.deepintent.com g2.gumgum.com
1 cdn.indexww.com ssum-sec.casalemedia.com
1 cm.ctnsnet.com 1 redirects
1 sonata-notifications.taptapnetworks.com 1 redirects
1 static.smilewanted.com csync.smilewanted.com
1 hbx.media.net 1 redirects
1 sync.go.sonobi.com 1 redirects
1 sync.targeting.unrulymedia.com 1 redirects
1 sync.adkernel.com public.servenobid.com
1 g2.gumgum.com public.servenobid.com
1 contextual.media.net cdn.adpushup.com
1 js-sec.indexww.com cdn.adpushup.com
1 acdn.adnxs.com cdn.adpushup.com
1 public.servenobid.com cdn.adpushup.com
1 4eef6f00ceaed3acf2e359b9bcdfe3a9.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 shared.bannerflow.com c.bannerflow.net
1 rr1---sn-1gieen7e.googlevideo.com
1 yt3.ggpht.com
1 mug.criteo.com
1 audiencedata.im-apps.net dmp.im-apps.net
1 agent.aralego.com 1 redirects
1 adx3.adform.net imasdk.googleapis.com
1 cm.adsafety.net 1 redirects
1 ads.smartstream.tv 1 redirects
1 beacon-ams3.rubiconproject.com www.bg3.co
1 ialaddin.genieesspv.jp www.bg3.co
1 sync.taboola.com am-match.taboola.com
1 vidstatb.taboola.com www.bg3.co
1 adx.holmesmind.com pagead2.googlesyndication.com
1 live.primis.tech www.bg3.co
1 capi.connatix.com www.bg3.co
1 px.ads.linkedin.com www.bg3.co
1 17e731cbde43e73ebd1ddb84bea4691d.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 inv-nets.admixer.net ad.vidverto.io
1 imprammp.taboola.com vidstat.taboola.com
1 pixel.quantserve.com www.bg3.co
1 js.genieessp.com www.bg3.co
1 ad.vidver.to www.bg3.co
1 a4p.adpartner.pro 1 redirects
1 rules.quantcount.com secure.quantserve.com
1 grid.bidswitch.net cdn.adpushup.com
1 fastlane.rubiconproject.com cdn.adpushup.com
1 prebid-server.rubiconproject.com cdn.adpushup.com
1 prebid.media.net cdn.adpushup.com
1 hb-api.omnitagjs.com cdn.adpushup.com
1 a.teads.tv cdn.adpushup.com
1 tlx.3lift.com cdn.adpushup.com
1 bidder.criteo.com cdn.adpushup.com
1 secure.quantserve.com cdn.adpushup.com
1 c.statcounter.com www.statcounter.com
1 www.statcounter.com www.bg3.co
1 www.bg3.co
0 ad.mrtnsvr.com Failed ads.pubmatic.com
0 cm-supply-web.gammaplatform.com Failed ads.pubmatic.com
0 static.bg3.co Failed www.bg3.co
565 204
Subject Issuer Validity Valid
*.bg3.co
AlphaSSL CA - SHA256 - G4		 2023-05-22 -
2024-06-22		 a year crt.sh
misc-sni.google.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
statcounter.com
Sectigo RSA Domain Validation Secure Server CA		 2022-11-24 -
2023-12-24		 a year crt.sh
*.adpushup.com
GeoTrust TLS RSA CA G1		 2023-08-11 -
2024-07-12		 a year crt.sh
*.taboola.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-23 -
2024-11-22		 a year crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2023-07-11 -
2024-07-14		 a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-26 -
2023-12-23		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-04-18 -
2024-04-17		 a year crt.sh
*.aralego.com
Sectigo RSA Domain Validation Secure Server CA		 2022-10-19 -
2023-11-19		 a year crt.sh
ad.vidverto.io
R3		 2023-09-24 -
2023-12-23		 3 months crt.sh
quantserve.com
R3		 2023-10-28 -
2024-01-26		 3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
*.3lift.com
Amazon RSA 2048 M02		 2023-04-13 -
2024-05-11		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-28 -
2024-01-28		 a year crt.sh
ads.servenobid.com
Amazon RSA 2048 M01		 2023-04-29 -
2024-05-27		 a year crt.sh
teads.tv
R3		 2023-10-09 -
2024-01-07		 3 months crt.sh
omnitagjs.com
Sectigo RSA Domain Validation Secure Server CA		 2023-06-23 -
2024-07-22		 a year crt.sh
casalemedia.com
Cloudflare Inc ECC CA-3		 2023-05-21 -
2024-05-20		 a year crt.sh
prebid.media.net
GTS CA 1D4		 2023-10-28 -
2024-01-26		 3 months crt.sh
*.a-mo.net
R3		 2023-10-06 -
2024-01-04		 3 months crt.sh
*.openx.net
RapidSSL TLS RSA CA G1		 2023-08-18 -
2024-08-18		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-05 -
2024-04-03		 a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2023-03-23 -
2024-03-23		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
track.adform.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-06 -
2024-09-19		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
*.genieessp.com
Sectigo RSA Domain Validation Secure Server CA		 2022-11-08 -
2023-11-26		 a year crt.sh
*.admixer.net
Sectigo ECC Domain Validation Secure Server CA		 2022-11-21 -
2023-12-22		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-08-29 -
2024-02-21		 6 months crt.sh
*.logs.datadoghq.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-03-22 -
2024-03-22		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
cdn.vidverto.io
R3		 2023-09-23 -
2023-12-22		 3 months crt.sh
*.holmesmind.com
Go Daddy Secure Certificate Authority - G2		 2023-05-19 -
2024-06-19		 a year crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-08-03 -
2024-01-24		 6 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
*.genieesspv.jp
GeoTrust TLS RSA CA G1		 2023-03-31 -
2024-04-30		 a year crt.sh
*.im-apps.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-04-13 -
2024-04-13		 a year crt.sh
feebee.com.tw
R3		 2023-09-05 -
2023-12-04		 3 months crt.sh
*.adform.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-05-25 -
2024-06-18		 a year crt.sh
audiencedata.im-apps.net
GTS CA 1D4		 2023-10-05 -
2024-01-03		 3 months crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-09 -
2024-01-06		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
*.googleusercontent.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
*.c.docs.google.com
GTS CA 1C3		 2023-10-10 -
2023-12-19		 2 months crt.sh
*.servenobid.com
Amazon RSA 2048 M02		 2023-02-21 -
2024-02-05		 a year crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1		 2023-03-27 -
2024-04-26		 a year crt.sh
indexww.com
Cloudflare Inc ECC CA-3		 2023-09-05 -
2024-09-03		 a year crt.sh
*.media.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-10 -
2024-02-18		 a year crt.sh
ie-ad-exch-prd-one-eks.prd.eks.ie.adexchange.gumgum.com
Amazon RSA 2048 M01		 2023-07-17 -
2024-08-14		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-21 -
2024-01-23		 a year crt.sh
*.pubmatic.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-25 -
2024-01-24		 a year crt.sh
*.minutemedia-prebid.com
Amazon RSA 2048 M01		 2023-05-01 -
2024-05-29		 a year crt.sh
*.adkernel.com
AlphaSSL CA - SHA256 - G4		 2023-01-03 -
2024-02-04		 a year crt.sh
*.yellowblue.io
Amazon ECDSA 256 M02		 2023-04-18 -
2024-05-16		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2023-05-06 -
2024-05-04		 a year crt.sh
*.sharethrough.com
Amazon RSA 2048 M01		 2023-06-14 -
2024-07-12		 a year crt.sh
s.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-03 -
2024-02-19		 a year crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2022-11-30 -
2024-01-01		 a year crt.sh
*.api.fantasysports.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-09-25 -
2023-11-15		 2 months crt.sh
*.ad-server.k8s.ie.ggops.com
Amazon RSA 2048 M02		 2023-02-08 -
2024-02-15		 a year crt.sh
aax-eu.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-06-21 -
2024-03-02		 8 months crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-08-11 -
2024-09-11		 a year crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA		 2023-03-03 -
2024-03-31		 a year crt.sh
*.ctnsnet.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-13 -
2024-11-10		 a year crt.sh
*.iprom.net
R3		 2023-08-16 -
2023-11-14		 3 months crt.sh
*.simpli.fi
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-07 -
2023-12-08		 a year crt.sh
*.richaudience.com
RapidSSL Global TLS RSA4096 SHA256 2022 CA1		 2023-02-27 -
2024-02-26		 a year crt.sh
*.pubgw.ads.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-09-25 -
2023-11-15		 2 months crt.sh
yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-09-26 -
2024-03-20		 6 months crt.sh
*.api.bliink.io
GoGetSSL RSA DV CA		 2023-05-22 -
2024-06-21		 a year crt.sh
truffle.bid
R3		 2023-10-24 -
2024-01-22		 3 months crt.sh

This page contains 111 frames:

Primary Page: https://www.bg3.co/a/xiang-ti-sheng-nan-xing-mei-li-zhao-mie-liao-tian-lao-tong-xue-xu-jiu-gao-gu-tong-kuang-biao.html
Frame ID: 314464B73D325F119F653531716B3612
Requests: 201 HTTP requests in this frame

Frame: https://34ea2439be446e598bd03737d8924673.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 84FF140945D3607B98F8A61B2A36C80D
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssm374Je2eSX6T2PtaDqFVXFbrpoNsPup2OkECIisZYQKzmq2ZZcT3b3Lc_lPALGR2OrH-syEY6GmYbgD6-EUDNX5DLZ5DJE_obMuK8BDpRIRkocUrUsupkOfjTbkZRSHBFJXW4tCxiltWbyb6IHJKlGwirLabmZeqZfjAKQ20aaPtSADSEoI1KukuQ4XOhFA57C2LErjGhwPU9OBcBrzvZwZ2DHrG9BjHx5CKXAEv3Ao8FmBbQLK8gyCA2KBZREg98rmK8ZJHn_RNvrsSjVy6Ri4SZqM2UBijFvwBF-Zl_wWJHBeqQ8jOPnuMiVkW4tAM3zA&sai=AMfl-YSXSCx013jgSmTWSjO8-HSCNrRlBzvjcJOvd80kDcewieMLQNnxEsviS-CSIueGW9ihY79SKEPMGpgU5ailVaRfSG5A7LHJdeXXF6b-gsaHrobRH3BtDjmMFD8pn2QKJPBDey7gbcShSg9UhzGb&sig=Cg0ArKJSzC8SI8Dd-kJdEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: BCAF13F09D4DBDF74ED8B81455DC5C82
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: 6D7C8B69CF01E4418F40868CE61B12D4
Requests: 6 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Frame ID: 6DB6B8796B201C02495590B077340127
Requests: 7 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=adiiix
Frame ID: 72189604E68D953E456804F4609FBBBE
Requests: 20 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Frame ID: 0F1048AA9243CB7E1A898C0DE286ED57
Requests: 2 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=
Frame ID: B843C99FE8F317FBE2D16745AE9D47EF
Requests: 1 HTTP requests in this frame

Frame: https://js.genieessp.com/t/550/967/a1550967.js
Frame ID: 1A62FF73623F4353D025292574B281E7
Requests: 6 HTTP requests in this frame

Frame: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8FNMCLAb0wbEiL-jGhxHog2NFXtCNDysAAABgYID-AEnMXJvNcrRYqza-wVo0m9jWEsvIuFYulrONaTfbOFceIyCJmWuzWY4Wa9XGN1iLZhPbWmIZGdfKxXK2Me1mG-fKYwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ2aDodPte9Xvf73SU-z1zj9yv8wqfD7nOLnm7N0WX3ueUOu1v4tPvcapfTLXa6pUeH3612utxip8PvFj0ddrfY4XeL_nafW_h6uYWvt9TpeuscfrfO9Rb97T631vWw-9wSp8NvF5reZjsAAAAAePD___8PAQAAACACAAAAgAQAAAAACgEV_i0IXAAAAADA8P___68B4JkDwhgdbovZb_cHAAAAABAAAAAAJAAQ0A9LAMQY7534_________48xQJ95I-P_____hkEPgAcfAA9CAAAAPoYEwIFP2Z-Z0xIpOC7CCAAAAMCwc5rgkUk6QcWiyv__f78VgCsAAAGLhjqGr1l0ByXewgAAAAiMWaCHxe83O-wav9tl_v_________N_J_5RyO044GbBmi68EPNLyAAwJpfQAAANuoGAOCNAJygQ9CKwWB1AmJ2AAAAAO78____6wHJwcowc2wmg4XN5BoOB8ONa-aZrVwLk2dlWw1m3hPvPGh1_LV932dDWGa_76CgnJ4es8sgY7lMBvFBw7CcDIL5mbDFaDWZbJbD2XIxGQxHw9FofwRwOUATMVguJ5PFZLcarUab4W40GyyQQAwmiKJFg8lqNJosJsPVaLKaLRe73QZRtGo1G20Gw9VsMtvtVsPBcDkaoQlbjFaTyWY5nC0Xk8FwNByNhgjmVqvlxGHzrRWu1WQtGm08a-FyYnMLhoPhyjObzYYjj1v0-pg-noVz4TBskWAA314kT4t0oluMFsuZZTcYuRye5WqwsYxWlsFgM1uZXJaJyzURSzQni3Qiu-ybg5Vh5thMBgubyTUcDoYb18wzW7kWJs_KthrM_L3Vajlx2HxrhWs1WYtGG89auJzY3ILhYLjyzGaz4cjjFr0-po9n4Vw4DPvGbDnczUaD2WjfmC2Hu9loMBvtO3SG7-pzNirLKslHaJ5pkx9pzWlQuAwW70t9Og8LxoL67Dk6hR7Ps6gz-v1-v9_v9_v9fr9B6zmYDQrf8_AXTh_LczmcjR7EBoMilggu0ongYXY7TC-3xOfZ-C1iidJ0kU70Cr_w6bD73KKnW3N02X1uucPuFj7tPrfa5XSLnW7p0eF3q50ut9jp8LtFT4fdLXb43aK_3ecWvl5u4estdbreOoffrXO9RX-7z611Pew-t8Tp8NuFprfZIpYIThfpRPQyni7qP3qI5WouGczmisFqrtgMVgkAAAAAAAAAwBJMM90EAAAAwMmghpvhYrVOBzOZTQa71XIBXARl6QIGAQAAAAAAKNbYYw3wMLsdppdb4vNs_FYGIMGcx2yzzwhirVbLGgAAgAA2AACAAG668SZgJYr7____HwcAAEBGDj0AAAD6fUBYIUeuFHrh_ApiMtkM9w9AhVir1ep2Y61WK6DBrJajzW4C_____wE!&cmcv=&pix=undefined&cb=1698764065265&uv=3351&tms=1698764065265&abt=adxLoadDist7-out_vB!adxsub-out_vA!adxsub-out_vB!esv_vC!rbcatc_vA!ufm_vD!ufwfrtb_vA!unf_vA&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=1f533941-5c70-46b6-b2d8-9196c476c9ec&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Frame ID: EA44D7E746F91CE50713E0FDCC132901
Requests: 4 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V8FNMCLAb0wbEiL-jGhxHog2NFXtCNDysAAABgYID-AEnMXJvNcrRYqza-wVo0m9jWEsvIuFYulrONaTfbOFceIyCJmWuzWY4Wa9XGN1iLZhPbWmIZGdfKxXK2Me1mG-fKYwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ2aDodPte9Xvf73SU-z1zj9yv8wqfD7nOLnm7N0WX3ueUOu1v4tPvcapfTLXa6pUeH3612utxip8PvFj0ddrfY4XeL_nafW_h6uYWvt9TpeuscfrfO9Rb97T631vWw-9wSp8NvF5reZjsAAAAAePD___8PAQAAACACAAAAgAQAAAAACgEV_i0IXAAAAADA8P___68B4JkDwhgdbovZb_cHAAAAABAAAAAAJAAQ0A9LAMQY7534_________48xQJ95I-P_____hkEPgAcfAA9CAAAAPoYEwIFP2Z-Z0xIpOC7CCAAAAMCwc5rgkUk6QcWiyv__f78VgCsAAAGLhjqGr1l0ByXewgAAAAiMWaCHxe83O-wav9tl_v_________N_J_5RyO044GbBmi68EPNLyAAwJpfQAAANuoGAOCNAJygQ9CKwWB1AmJ2AAAAAO78____6wHJwcowc2wmg4XN5BoOB8ONa-aZrVwLk2dlWw1m3hPvPGh1_LV932dDWGa_76CgnJ4es8sgY7lMBvFBw7CcDIL5mbDFaDWZbJbD2XIxGQxHw9FofwRwOUATMVguJ5PFZLcarUab4W40GyyQQAwmiKJFg8lqNJosJsPVaLKaLRe73QZRtGo1G20Gw9VsMtvtVsPBcDkaoQlbjFaTyWY5nC0Xk8FwNByNhgjmVqvlxGHzrRWu1WQtGm08a-FyYnMLhoPhyjObzYYjj1v0-pg-noVz4TBskWAA314kT4t0oluMFsuZZTcYuRye5WqwsYxWlsFgM1uZXJaJyzURSzQni3Qiu-ybg5Vh5thMBgubyTUcDoYb18wzW7kWJs_KthrM_L3Vajlx2HxrhWs1WYtGG89auJzY3ILhYLjyzGaz4cjjFr0-po9n4Vw4DPvGbDnczUaD2WjfmC2Hu9loMBvtO3SG7-pzNirLKslHaJ5pkx9pzWlQuAwW70t9Og8LxoL67Dk6hR7Ps6gz-v1-v9_v9_v9fr9B6zmYDQrf8_AXTh_LczmcjR7EBoMilggu0ongYXY7TC-3xOfZ-C1iidJ0kU70Cr_w6bD73KKnW3N02X1uucPuFj7tPrfa5XSLnW7p0eF3q50ut9jp8LtFT4fdLXb43aK_3ecWvl5u4estdbreOoffrXO9RX-7z611Pew-t8Tp8NuFprfZIpYIThfpRPQyni7qP3qI5WouGczmisFqrtgMVgkAAAAAAAAAwBJMM90EAAAAwMmghpvhYrVOBzOZTQa71XIBXARl6QIGAQAAAAAAKNbYYw3wMLsdppdb4vNs_FYGIMGcx2yzzwhirVbLGgAAgAA2AACAAG668SZgJYr7____HwcAAEBGDj0AAAD6fUBYIUeuFHrh_ApiMtkM9w9AhVir1ep2Y61WK6DBrJajzW4C_____wE!&excid=22&docw=0&cijs=1&nlb=false
Frame ID: F4C9A9777FA4157D9CD52E5561375F29
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231026/r20190131/zrt_lookup.html
Frame ID: B1A479D8C86101AAA2ECCD5741BB0109
Requests: 1 HTTP requests in this frame

Frame: https://17e731cbde43e73ebd1ddb84bea4691d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 0D97833F0C703D3BF0FD4C4EBC1414B2
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Frame ID: DA112D081D91B9D37488773CD525EB7C
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.599.0_en.html
Frame ID: 35DF6D7688CA82178C777B456D7C8407
Requests: 22 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: DF25CE01E41F830357DC34A0590274C1
Requests: 1 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V8FNMCLAb0wbEiL-jGhxHog2NFXtCNDysAAABgYID-AEnMXJvNcrRYqza-wVo0m9jWEsvIuFYulrONaTfbOFceIyCJmWuzWY4Wa9XGN1iLZhPbWmIZGdfKxXK2Me1mG-fKYwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ2aDodPte9Xvf73SU-z1zj9yv8wqfD7nOLnm7N0WX3ueUOu1v4tPvcapfTLXa6pUeH3612utxip8PvFj0ddrfY4XeL_nafW_h6uYWvt9TpeuscfrfO9Rb97T631vWw-9wSp8NvF5reZjsAAAAAePD___8PAQAAACACAAAAgAQAAAAACgEV_i0IXAAAAADA8P___68B4JkDwhgdbovZb_cHAAAAABAAAAAAJAAQ0A9LAMQY7534_________48xQJ95I-P_____hkEPgAcfAA9CAAAAPoYEwIFP2Z-Z0xIpOC7CCAAAAMCwc5rgkUk6QcWiyv__f78VgCsAAAGLhjqGr1l0ByXewgAAAAiMWaCHxe83O-wav9tl_v_________N_J_5RyO044GbBmi68EPNLyAAwJpfQAAANuoGAOCNAJygQ9CKwWB1AmJ2AAAAAO78____6wHJwcowc2wmg4XN5BoOB8ONa-aZrVwLk2dlWw1m3hPvPGh1_LV932dDWGa_76CgnJ4es8sgY7lMBvFBw7CcDIL5mbDFaDWZbJbD2XIxGQxHw9FofwRwOUATMVguJ5PFZLcarUab4W40GyyQQAwmiKJFg8lqNJosJsPVaLKaLRe73QZRtGo1G20Gw9VsMtvtVsPBcDkaoQlbjFaTyWY5nC0Xk8FwNByNhgjmVqvlxGHzrRWu1WQtGm08a-FyYnMLhoPhyjObzYYjj1v0-pg-noVz4TBskWAA314kT4t0oluMFsuZZTcYuRye5WqwsYxWlsFgM1uZXJaJyzURSzQni3Qiu-ybg5Vh5thMBgubyTUcDoYb18wzW7kWJs_KthrM_L3Vajlx2HxrhWs1WYtGG89auJzY3ILhYLjyzGaz4cjjFr0-po9n4Vw4DPvGbDnczUaD2WjfmC2Hu9loMBvtO3SG7-pzNirLKslHaJ5pkx9pzWlQuAwW70t9Og8LxoL67Dk6hR7Ps6gz-v1-v9_v9_v9fr9B6zmYDQrf8_AXTh_LczmcjR7EBoMilggu0ongYXY7TC-3xOfZ-C1iidJ0kU70Cr_w6bD73KKnW3N02X1uucPuFj7tPrfa5XSLnW7p0eF3q50ut9jp8LtFT4fdLXb43aK_3ecWvl5u4estdbreOoffrXO9RX-7z611Pew-t8Tp8NuFprfZIpYIThfpRPQyni7qP3qI5WouGczmisFqrtgMVgkAAAAAAAAAwBJMM90EAAAAwMmghpvhYrVOBzOZTQa71XIBXARl6QIGAQAAAAAAKNbYYw3wMLsdppdb4vNs_FYGIMGcx2yzzwhirVbLGgAAgAA2AACAAG668SZgJYr7____HwcAAEBGDj0AAAD6fUBYIUeuFHrh_ApiMtkM9w9AhVir1ep2Y61WK6DBrJajzW4C_____wE!&excid=22&docw=0&cijs=1&nlb=false
Frame ID: 35E4FF37E9A284B1EF4FA4921D0BE5DA
Requests: 4 HTTP requests in this frame

Frame: https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html
Frame ID: 061C3A9153D6ACFAC397F390EB1D25F9
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 3E7419EB286B0EB7615F0023AE4789B7
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 1F26BC070999E62B4DC785A121FFD103
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstNz-OHvgLMmKnMv-T0pvRZkIf1b4yHSBqCEJV5AU9CuctJVzLpm6WBmbX_GxLU59Ih3Hv7gW-_Fw_mX6ZGaDUwbqFIq61jYZwg_1CSXnIGuc0PKg-kDAtoLnSGC1aa3HWk3828E4cc1hl1zorcQa6-lzd2szxz3ESZJW653ifkeLGn9PTb0TRRFZTUdRbc9AZ0k-2ZHmaGTmbOa391S6P2ZAsM2owEL2jT1BjRhQ2lixt05ctdJGN5KOk8mfmq0WiTq0cDKeR4NjK3UqBH8fs2X7jLQ1lff2vi4w2IYRKdqA9BHEGC-3zSzq73p964A21k7CbbbEcDmeKPaaVXa6g-6vNlpX-3ew&sai=AMfl-YRhB8qEV3DUoAX844ShShVu-XAEGmxvcfEeJe1ttNBaMxhO70uCLM9OSrIXCV8wl2WtJy9yheXasTrQCOH128iBvrgNeEevET6q1Ddg3ySRDT2iUACXXgNSOn0VIgk&sig=Cg0ArKJSzM08cD5Qlr4MEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 17E7160F0810F37D661C20C16656BBF3
Requests: 22 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CICSjpAFEL_Xk7MFGNn-0_oBMAE&v=APEucNW16ik6LFxyLfHrGKBVzZ1RyR-TVJDxg2dKgfxCR2RlNH2UcRcnrOH2x_1UeHlZZs-j9B_erUv1jn4liMaj8P2tPM69Gw
Frame ID: 05B76F0C4127062E8BAC496196B6FF02
Requests: 3 HTTP requests in this frame

Frame: https://34ea2439be446e598bd03737d8924673.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: ACA717F5C73758384536F7F00D8D35EB
Requests: 9 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.599.0_en.html
Frame ID: D74059D2B441E28C8F7145D49E8503C3
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: E5C4EFE09AE71512064F3CA95AAC05CE
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&geo=eu&co=ch
Frame ID: 10262F18A957A47A9FDF429978A6C125
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: F2F8C5EEF4161167DD9A022EB41004BF
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/2424957407877660672/CH-DE_interest_rate-1-DECH-728x90-638330445206768758-a8731108-9fa3-40c3-89dc-1ceef44a5f3f.html?ev=01_250
Frame ID: 9ADDCA7478DE9DBBBAA43E7025BB389C
Requests: 8 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.599.0_en.html
Frame ID: C25E793DEEF235E3B191C4B8899D569D
Requests: 19 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 9DDE6C620221630D605705744D7E225C
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.bg3.co
Frame ID: A1D795137AD802DBF99C285CED4A43EB
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: B29842AA7F69B58CA13516B2849E765A
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 23115E3F92E4E9978A1FEA15FDBA50AD
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 6B3B1D6EECB7BCD57AEBD2360F39CC6B
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 25CC1B859C8F1ED2C6A839BF31AA4E22
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: DB97C4972AE9756B257FC3EBE2833B94
Requests: 6 HTTP requests in this frame

Frame: blob://https://s0.2mdn.net/2d7de2f6-431a-4c83-9653-5e82085482e6
Frame ID: 03465903F6B3D5776DFECE49C8011AC1
Requests: 1 HTTP requests in this frame

Frame: https://c.bannerflow.net/accounts/saxo-bank/5a0d3b1088665f7354f5da6c/images/9385cbed-00ad-4793-94f1-014c2e89e9b8.svg
Frame ID: 36B2EE145942A28A10AC104600FDF367
Requests: 4 HTTP requests in this frame

Frame: https://shared.bannerflow.com/libs/lottie/lottie.min.js
Frame ID: 1C172A565BC8C3FB51261EA2B2959F33
Requests: 1 HTTP requests in this frame

Frame: https://4eef6f00ceaed3acf2e359b9bcdfe3a9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3
Frame ID: 928225D2C20A90DC1FFDB7F9D48F17A7
Requests: 1 HTTP requests in this frame

Frame: https://prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=&gpp=&gpp_sid=
Frame ID: C540591741D2BFA1D88964CE29748A2A
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 39353AFA1FFAD41C21BC9986D02AE584
Requests: 2 HTTP requests in this frame

Frame: https://public.servenobid.com/sync.html
Frame ID: 5CDC02729B21851CC9539441B0C05B00
Requests: 13 HTTP requests in this frame

Frame: https://adpushup-d.openx.net/w/1.0/pd?cc=1
Frame ID: 10B346DB4C4F71B9167BBF1CC0033F73
Requests: 7 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1698764064962
Frame ID: D7B011D3B94835E024B937B1782C8AD9
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/
Frame ID: 0F9C26DD67BF39D4BFD4B1F721AB7FFF
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 1998931AE48C9AB35F87CA4F40E32545
Requests: 3 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 0B2CEDB08B166F6E82E743A528A64BC0
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: F57C7D5CB8EF388E7780B143CE3B3531
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C2045%2C3012%2C2043%2C2040%2C244%2C2039%2C3007%2C246%2C4%2C203%2C446%2C9%2C2055%2C2099%2C173%2C294%2C251%2C175%2C450%2C132%2C374%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C459%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C461%2C222%2C345%2C468%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Frame ID: 10276028979830E7040C3D6043DF1085
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 929A661A261669F7B72E08561885F1A3
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 6819563878C95864BBF4485DD4DB4288
Requests: 2 HTTP requests in this frame

Frame: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Frame ID: 2260A5B9B427AA3A032739144B074DC9
Requests: 12 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Frame ID: BB8BBC3F3031013FCD30D35C61208AE0
Requests: 1 HTTP requests in this frame

Frame: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Frame ID: 9599DA85A9D9F2A3F3AE97C008BC7DBA
Requests: 6 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Frame ID: C190515D17B3C226725E56E719A8E68A
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Frame ID: 65AB3D837C95742A9B27B9E13068DD75
Requests: 4 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Frame ID: 931AD67C5F1F471D977D6395FC5AA264
Requests: 23 HTTP requests in this frame

Frame: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Frame ID: 45E51FC6F1B03E66C20CA0F6EE993F2F
Requests: 9 HTTP requests in this frame

Frame: https://sync.adkernel.com/user-sync?zone=181225&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D152%26uid%3D%7BUID%7D&gdpr=0&gdpr_consent=&us_privacy=1YN-&
Frame ID: ECB4F123F6FDF216BC89E22CA9F74088
Requests: 1 HTTP requests in this frame

Frame: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Frame ID: 150941D221647B35101162183B6ACD66
Requests: 5 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: 6A934E78B974A36CEBAA95C2FE42C78F
Requests: 10 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssp9dAM4_pV9m-OH-NxBrPABIfXvrJlC-61kpBcWkPLkI1jUnXCvijdOHxM6SjKXCrbwWHkQfZUoO1FhLVvg49--wB4uuzLePtfcyfthavFQhykzd7bkrf8QhxKah-z7Cxfa0Ql-65BT0zQLZrSq4uP3YOlu88BQMzaM4KZzmx0Cwo5v202ZBL7ogsGVftYhhZRRG6Z-jXxI0eX5XcV_EaXHLQy7N1iuxybU-iS97PBBp3bgrAhPA-pcpYVYV4guij5lCUZJ0Tykz9l-_sDWdlWvXsqynMdOTpDgGtv1lNcgrZEeRdlfiQ3BcTJN1n4EvECoTWDckSn2pyCwu2Xj7t-ezogqdPpvKnf988H3hPEnQ&sai=AMfl-YRCiw7n6na8iyxxiplbHz1-p7EU4O7oqm3a8IkSItGaHGCRebjV4ZEmtP1m4j_KIHcnpqaoTXK1C4wUMBEF_PgQBSRYLnuTUdwMAQ&sig=Cg0ArKJSzGJNFWVZ1njJEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 6D01C19D81D6051B32A6A2592A3D2AFB
Requests: 12 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=adf&i=3765797799554591622&gdpr=0&gdpr_consent=
Frame ID: 6C5AB42135247F3A492E6AFAC9E84266
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/drop_cookie_sw.php
Frame ID: EE27DB90ADCBED0DC8E39D74A874A549
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV82ZjNhODkyZS03NDc2LTQxM2QtOGJiOS02NDIzNGQ0ZDgxODU=&gdpr=0&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Frame ID: 20D8F3FB4D5364BDCEBA7057C706ABDC
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Frame ID: CC45FC0074A1319EA7E8A6B20F736453
Requests: 2 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
Frame ID: D8D687FC2B97669092FE7511A555735F
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=sus&i=ZUEVJsCo5s8AADDHjtEAAAAA
Frame ID: C281CC5DDF659FC839059647EE6C38C8
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=rth&i=RmUd31MLs7eUvNzo6Awi&pi=gumgum
Frame ID: 3362DAF564F43D024F0B874870DCA580
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: 52E06965A147A095C9E3CF0D975EEB8D
Requests: 4 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Frame ID: 1098033BB7A8B9E5708C5B5EED3D4E26
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fsovrn%2F%24UID
Frame ID: C96EA3436ADFB6A9072E7D4B94E7A619
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/hhrtBw21.html
Frame ID: D9F52FAA5E1C038470C87B8C14B7E560
Requests: 3 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Frame ID: DC82B811D27AA1B8F10491309DE12BCE
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=A01F74C6-5714-45B1-8E9F-B6A125E3E453&redir=true&gdpr=0&gdpr_consent=
Frame ID: 85D2BAB52F313980B06D1E3E5AACCC19
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=5zbg0eA25tH8MeTX42f52OBi44L8NeXX5jByHDEs
Frame ID: 7CBF57E9C90C6A9B12F65316CEB5BB4D
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2447243403012636083&gdpr=0&gdpr_consent=
Frame ID: A8A6BC7B74BCA7C1323EFCE7FE671457
Requests: 1 HTTP requests in this frame

Frame: https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=A01F74C6-5714-45B1-8E9F-B6A125E3E453
Frame ID: C0F03F30EE37FBCAD2F2CD0CF53B34D5
Requests: 1 HTTP requests in this frame

Frame: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Frame ID: 0F3A4DD84E9BE9C794AB77612897B047
Requests: 1 HTTP requests in this frame

Frame: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Frame ID: 06ED10938822D0A5806C426F24F0B6CA
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Frame ID: 71F2FCCD8623DC1903AA3AD4E28890A7
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZUEVJQAAQw9o3gBH
Frame ID: 2E3AB45900A949ABFA78CE52409D3231
Requests: 1 HTTP requests in this frame

Frame: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Frame ID: 42F01120A4C9F022D8B6329139395119
Requests: 1 HTTP requests in this frame

Frame: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Frame ID: E73CE443F2E5CBC2054B3E1D0A03ED53
Requests: 1 HTTP requests in this frame

Frame: https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=A01F74C6-5714-45B1-8E9F-B6A125E3E453
Frame ID: BA0B15465B41E7906B0B551299E06F5A
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: 98F48684E3B2B176BBA62DAB447DB38E
Requests: 1 HTTP requests in this frame

Frame: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Frame ID: 2DD8E7716917DBFB651ED5BD6E57383B
Requests: 1 HTTP requests in this frame

Frame: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Frame ID: 8B0272ACE9C21C96B68D838B74EB63C4
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5140084928013254505
Frame ID: 40EEE1752429C02ABCADABBC8663B3FD
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Frame ID: C8528CCC8D5E5F0B9D4951F928F8A80B
Requests: 1 HTTP requests in this frame

Frame: https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel
Frame ID: 9B5E85F608EAAE5D317A37B5925547EE
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=tk2EoAPtRnMVjgSjbTVUSgng&gdpr=0&gdpr_consent=
Frame ID: 8DEB1CFD12131DFE3750C99CE54D51E4
Requests: 1 HTTP requests in this frame

Frame: https://ads.servenobid.com/sync?pid=316&uid=A01F74C6-5714-45B1-8E9F-B6A125E3E453
Frame ID: CB88B23D9021DB514734296A2D949384
Requests: 1 HTTP requests in this frame

Frame: https://sync.richaudience.com/a939d25b950298d0a5d324cea4fcd3d1/?uid=2447243403012636083&gdpr=0&gdpr_consent=
Frame ID: 1BE95B4FF44D0B186AA63F27C0FE3156
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8966135194
Frame ID: 58702A5364896DEF63026684AF165D4F
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/betweenx/48237484-3cf0-5230-bbe4-d491dea5c1b4
Frame ID: A8AE068CD4FAB1DC080A349DD02125A1
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/bizzclick/64800e60d36c11fe0f0ab3f8954851400cd5b0b7725554801b5d041414a71b22
Frame ID: 20A294A00CB69ABD8DC581D9393FE29D
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/adform/3765797799554591622
Frame ID: 86F3E24C6CE5383332012E3A6BAA96BB
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/criteo/k-kaPJVqtCQrZO7B5GJ7L-_xeUIV0xTukt9P0jng
Frame ID: C2F3D14EBFFF3A65EA24C3217C39C92F
Requests: 1 HTTP requests in this frame

Frame: https://cookiesync.api.bliink.io/getuid?url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbliink%2F%24UID
Frame ID: FEBE8733D1290E1D9954B166AE059A5C
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/freewheel/fadb51c9341f022911b67d771ee3e63?gdpr_consent=&gdpr=0
Frame ID: C8F2A27E813BD78134B3936AAC0C612F
Requests: 1 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=A01F74C6-5714-45B1-8E9F-B6A125E3E453&gdpr=0&gdpr_consent=
Frame ID: B0F72211DBFFCE52CA9F1DD5B62051CC
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 8D9D0C9B03B7B348C9E514E5E215657A
Requests: 1 HTTP requests in this frame

Frame: https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent=
Frame ID: 91AB403C27A7D749C2B3C9729D243DBA
Requests: 1 HTTP requests in this frame

Frame: https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Frame ID: 9947EE61D97596339358E0AA82C4D7CA
Requests: 1 HTTP requests in this frame

Frame: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Frame ID: F8B91C3A901A19B9C110C53EBC546095
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6763817689
Frame ID: 2CC69C2F3A31DA5A082BEC7272139023
Requests: 1 HTTP requests in this frame

Frame: https://ads.servenobid.com/sync?pid=316&uid=A01F74C6-5714-45B1-8E9F-B6A125E3E453
Frame ID: 84AB367894C0D7A5A66AA9E3FBBBBE3D
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=pbm&i=A01F74C6-5714-45B1-8E9F-B6A125E3E453
Frame ID: BB49F595B934A0D015BD644AA68211B9
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=pbm&i=A01F74C6-5714-45B1-8E9F-B6A125E3E453
Frame ID: 632E7FF36E251948929FAF489477DA69
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

想提升男性魅力?找咩聊天、老同學敘舊...睾固酮狂飆 - 天天要聞

Detected technologies

Overall confidence: 100%
Detected patterns
  • <[^>]+\sdata-v(?:ue)?-
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/pagead/show_ads\.js
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • lightbox(?:-plus-jquery)?.{0,32}\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • /prebid\.js
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • statcounter\.com/counter/counter
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

565
Requests

79 %
HTTPS

29 %
IPv6

120
Domains

204
Subdomains

123
IPs

19
Countries

5421 kB
Transfer

22914 kB
Size

198
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 8
  • https://ads.aralego.com/sdk HTTP 301
  • https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Request Chain 78
  • https://track.adform.net/adfserve/?bn=68607215;1x1inv=1;srctype=3;ord= HTTP 302
  • https://track.adform.net/adfserve/?CC=1&bn=68607215;1x1inv=1;srctype=3;ord=
Request Chain 80
  • https://track.adform.net/adfserve/?bn=68607217;1x1inv=1;srctype=3;ord=[timestamp] HTTP 302
  • https://track.adform.net/adfserve/?CC=1&bn=68607217;1x1inv=1;srctype=3;ord=[timestamp]
Request Chain 125
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adiiix HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=adiiix
Request Chain 126
  • https://sync.aralego.com/idsync?euconsent-v2=${GDPR_CONSENT_607}& HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
Request Chain 148
  • https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fad.vidverto.io%2Fdelivery%2Fv2%2Fsync%3Fuserid%3D%7Buser_id%7D%26p_id%3D23 HTTP 302
  • https://ad.vidverto.io/delivery/v2/sync?userid=c0ecd9ed-b270-41a5-8fd9-076e26c977a5&p_id=23
Request Chain 149
  • https://x.bidswitch.net/sync?ssp=prodoohmox&user_id=85136c70-477c-470d-8197-ff16ffd78f18&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=prodoohmox&user_id=85136c70-477c-470d-8197-ff16ffd78f18&gdpr=0&gdpr_consent= HTTP 302
  • https://dis.criteo.com/dis/usersync.aspx?r=25&p=52&dis=0&gdpr=0&gdpr_consent=&url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D462%26ssp%3Dprodoohmox%26user_id%3D%40%40CRITEO_USERID%40%40 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=462&ssp=prodoohmox&user_id=k-IY2hAKtCQrZO7B5GJ7L-_xeUIV3R-uEJxUR-0w&gdpr=0&gdpr_consent= HTTP 302
  • https://ad.vidver.to/delivery/v2/sync?userid=9b45e93c-af27-4e01-ba3b-f5b8983d2c33&p_id=15
Request Chain 174
  • https://pixel.rubiconproject.com/exchange/sync.php?p=adiiix&khaos=LOEG9HJE-1C-LMHU HTTP 302
  • https://sync.aralego.com/idsync?ucf_nid=dsp-34BA74DB2DB8A36B0867EE4A76799A2&ucf_user_id=LOEG9HJE-1C-LMHU HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
Request Chain 183
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LOEG9HJE-1C-LMHU
Request Chain 185
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TE9FRzlISkUtMUMtTE1IVQ== HTTP 302
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEBbJs4nATJLoE2GMBRGbv6g&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE9FRzlISkUtMUMtTE1IVQ==&google_push=
Request Chain 186
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=2hnRiMMoScaHj897ietwNA&rk=usync-other HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=2hnRiMMoScaHj897ietwNA
Request Chain 187
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/riviOlqTweI9Rj-YXnlBbcn5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-7Vsjx95E2oJ_JhsP_uWM70tggz3R18K98sz59w--~A
Request Chain 188
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=2bWjgWsLRfuHyJv0h9Q4Tw&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=2bWjgWsLRfuHyJv0h9Q4Tw
Request Chain 189
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEKu9xCqesCbrxdDDHB5nEwg&google_cver=1
Request Chain 190
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZjE0NGYxYTU0Y2ZjN2FkOTYzZjZmNDViMTc0NTFlMWEyZGE5ODdmMw
Request Chain 191
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp HTTP 303
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&_bee_ppp=1 HTTP 303
  • https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAC5dU7KgioAABfIVHASlA&expires=30
Request Chain 192
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx HTTP 302
  • https://prebid.a-mo.net/setuid/magnite?uid=LOEG9HJE-1C-LMHU
Request Chain 193
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-apn HTTP 302
  • https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LOEG9HJE-1C-LMHU
Request Chain 194
  • https://pixel.rubiconproject.com/exchange/sync.php?p=19564 HTTP 302
  • https://capi.connatix.com/us/pixel?puid=LOEG9HJE-1C-LMHU&pId=11&gdpr=&gdpr_consent=&us_privacy=
Request Chain 195
  • https://token.rubiconproject.com/token?pid=37556&a=1 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LOEG9HJE-1C-LMHU HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3355&partner_device_id=LOEG9HJE-1C-LMHU
Request Chain 196
  • https://pixel.rubiconproject.com/exchange/sync.php?p=18694 HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LOEG9HJE-1C-LMHU
Request Chain 197
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=${ADELPHIC_CUID}&expires=30 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=d6a7516a-d2a5-410b-987c-9f507af44a7c&expires=30
Request Chain 198
  • https://pixel.rubiconproject.com/exchange/sync.php?p=primis HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LOEG9HJE-1C-LMHU
Request Chain 214
  • https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1698760465&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxiang-ti-sheng-nan-xing-mei-li-zhao-mie-liao-tian-lao-tong-xue-xu-jiu-gao-gu-tong-kuang-biao.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698764065083&bpp=334&bdt=719&idt=875&shv=r20231026&mjsv=m202310250101&ptt=5&saldr=sd&cookie=ID%3Db9006376001d9785%3AT%3D1698764064%3ART%3D1698764064%3AS%3DALNI_MYqwA0M6cyUwPLq-7_IJqS8H0YPPQ&gpic=UID%3D00000caf8311e983%3AT%3D1698764064%3ART%3D1698764064%3AS%3DALNI_MZgOXJZPjiP8Dpzft0WXyqThEUK6A&correlator=3439827716239&frm=23&ife=1&pv=2&ga_vid=941611089.1698764064&ga_sid=1698764066&ga_hid=1838184214&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=3493&biw=1600&bih=1200&isw=336&ish=280&ifk=166588410&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079086%2C31079232%2C44798934%2C44805934%2C31078297%2C31079177%2C31079294&oid=2&pvsid=1818925047080155&tmod=569547398&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.onfsmget6g0z&btvi=1&fsb=1&dtd=892 HTTP 302
  • https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html
Request Chain 221
  • https://pr-bh.ybp.yahoo.com/sync/taboola/7559baf7-a552-44c3-89bf-0808e36668dc-tuctc3a9aa0?gdpr=1&us_privacy=1--- HTTP 302
  • https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-wYJZAspE2oSKW.53xYwFeX2BTPpjHwaPJz36Vw--~A
Request Chain 248
  • https://cm.g.doubleclick.net/pixel?google_nid=smartstreamtv_dbm&google_cm&google_dbm HTTP 302
  • https://ads.smartstream.tv/cm/?cmsrc=dcm&google_gid=CAESEOMzE050TmBN0Wo4vEQrMm0&google_cver=1 HTTP 302
  • https://cm.adsafety.net/?_cmsrc=dcm&testmidt=1&testdid=CAESEOMzE050TmBN0Wo4vEQrMm0&idt=0&did=0&data[stv][midt]=100&data[stv][mdid]=1758f9500c97766912b06a3c40ff96ce&uid=1758f9500c97766912b06a3c40ff96ce&data[stv][idt_did_status]=added&gdpr_consent=&gdpr=0 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=admans&ttd_tpi=1&gdpr=1&gdpr_consent=
Request Chain 272
  • https://agent.aralego.com/sdk HTTP 301
  • https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Request Chain 319
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=bg3.co&sn=ChromeSyncframe&so=0&topUrl=www.bg3.co&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=N7hEBnx0bDNiYWR0WC9pdlJRVHpwR09KUjJsaWlDdVNpaVlhSzdoT3NSVlh2aFNVTnAxa0VZejl6aGd2QjdBMVp5eWUrb0YwZGxFeE1pcDZpZGdHdmd4dVRHcm1NZTdLZ3VaRjdNREVPMlh6TTEvWGdJcHo3eFNYbW8wNUsvSnJSc2IrTUJWVzF1Y0N6NGNHcWxzVk9RSlRyazYyNEI4cUdVZnExeWxRdFUxalpuMUNjU3kxMzhmdmg1U1VBZmwzYUhBTmdGakpBbUdnVllxd2h2WU93N3VTb0RIV0ZQZXNuVTdJRUZMNVFwVkhXYXJXY014NHdUdHJ4VncvbDY1OXV2Wkhia2orNG9penZUalA4dUVOWlBZcnRSZz09fA&cppv=2
Request Chain 371
  • https://adpushup-d.openx.net/w/1.0/pd HTTP 302
  • https://adpushup-d.openx.net/w/1.0/pd?cc=1
Request Chain 389
  • https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Request Chain 390
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Request Chain 395
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID HTTP 302
  • https://ads.servenobid.com/sync?pid=312&uid=2447243403012636083
Request Chain 396
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D HTTP 302
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1 HTTP 302
  • https://ads.servenobid.com/sync?pid=310&uid=HlBevRZHFUfbqa7HQBikmzIX
Request Chain 398
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&zcc=1&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D&cb=1698764069233 HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=3106374019 HTTP 302
  • https://sync.1rx.io/usersync/turn/3376923166007774755?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-1e5f4efd-420e-44fb-a41e-0d169105e820-003?redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3DRX-1e5f4efd-420e-44fb-a41e-0d169105e820-003 HTTP 302
  • https://ads.servenobid.com/sync?pid=321&uid=RX-1e5f4efd-420e-44fb-a41e-0d169105e820-003
Request Chain 399
  • https://p.rfihub.com/cm?pub=44007&in=1 HTTP 302
  • https://ads.servenobid.com/sync?pid=324&uid=5140084928013254505
Request Chain 400
  • https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D332%26uid%3D HTTP 302
  • https://ads.servenobid.com/sync?pid=332&uid=2bf8ccb3-b355-488e-bda3-83693e025ff1
Request Chain 401
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D HTTP 302
  • https://ads.servenobid.com/sync?pid=327&uid=&us_privacy=1YN-&gdpr=0
Request Chain 402
  • https://ups.analytics.yahoo.com/ups/58559/occ HTTP 302
  • https://ads.servenobid.com/sync?pid=337&uid=y-QQo7zT1E2uHGLDhgpVk8MaAc.__DlhjAwQe68sA-~A
Request Chain 403
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID HTTP 302
  • https://prebid.a-mo.net/cchain/0?gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D6%26r%3DCid1YS0wYmE0NTM4ZS04Y2E0LTM4YjQtOTA4NS1jYmIwYmU3NmE5MTYQ____________ASpTaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzQ2JnVpZD11YS0wYmE0NTM4ZS04Y2E0LTM4YjQtOTA4NS1jYmIwYmU3NmE5MTYyAgYgOAE=%26buyeruid%3D HTTP 302
  • https://ssp.disqus.com/match?bidder=6&r=Cid1YS0wYmE0NTM4ZS04Y2E0LTM4YjQtOTA4NS1jYmIwYmU3NmE5MTYQ____________ASpTaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzQ2JnVpZD11YS0wYmE0NTM4ZS04Y2E0LTM4YjQtOTA4NS1jYmIwYmU3NmE5MTYyAgYgOAE=&buyeruid= HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=45188&callback_url=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D32%26buyeruid%3D%24%7BUSER_ID%7D%26r%3DCid1YS0wYmE0NTM4ZS04Y2E0LTM4YjQtOTA4NS1jYmIwYmU3NmE5MTYQ____________ASpTaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzQ2JnVpZD11YS0wYmE0NTM4ZS04Y2E0LTM4YjQtOTA4NS1jYmIwYmU3NmE5MTYyAgYgOAI=&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=45188&callback_url=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D32%26buyeruid%3D%24%7BUSER_ID%7D%26r%3DCid1YS0wYmE0NTM4ZS04Y2E0LTM4YjQtOTA4NS1jYmIwYmU3NmE5MTYQ____________ASpTaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzQ2JnVpZD11YS0wYmE0NTM4ZS04Y2E0LTM4YjQtOTA4NS1jYmIwYmU3NmE5MTYyAgYgOAI%3D&gdpr=&gdpr_consent=&us_privacy=&crf=1&rts=6132762705890305557 HTTP 302
  • https://ssp.disqus.com/match?bidder=32&buyeruid=48237484-3cf0-5230-bbe4-d491dea5c1b4&r=Cid1YS0wYmE0NTM4ZS04Y2E0LTM4YjQtOTA4NS1jYmIwYmU3NmE5MTYQ____________ASpTaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzQ2JnVpZD11YS0wYmE0NTM4ZS04Y2E0LTM4YjQtOTA4NS1jYmIwYmU3NmE5MTYyAgYgOAI= HTTP 302
  • https://ads.servenobid.com/sync?pid=346&uid=ua-0ba4538e-8ca4-38b4-9085-cbb0be76a916
Request Chain 404
  • https://ups.analytics.yahoo.com/ups/58632/occ HTTP 302
  • https://ads.servenobid.com/sync?pid=339&uid=y-QQo7zT1E2uHGLDhgpVk8MaAc.__DlhjAwQe68sA-~A
Request Chain 406
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D353%26uid%3D%3Cvsid%3E HTTP 302
  • https://ads.servenobid.com/sync?pid=353&uid=0000EEA
Request Chain 408
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Request Chain 413
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZUEVJfR4DtR-Kbmzt7gnpAAAFA4AAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEIWMbjriYOYq3QoK6fjqxkE&google_cver=1
Request Chain 414
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZUEVJUQS5JXaHCYGXqdF4wAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEDCeKgPdVMwBurct-0LC97o&google_cver=1
Request Chain 415
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZUEVJfR4DtR.Kbmzt7gnpAAA%265134&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid= HTTP 303
  • https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZUEVJfR4DtR.Kbmzt7gnpAAA%265134&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=d04c8cdf01d74d1284361104ea40cac3 HTTP 303
  • https://d.turn.com/r/dd/id/L21rdC8xOTcxL2NpZC8xNzQ5ODczMjc1L3QvMg/url/https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=$!%7BTURN_UUID%7D HTTP 302
  • https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=3376923166007774755 HTTP 303
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=liveintent&ttd_tpi=1&gdpr=0
Request Chain 417
  • https://x.bidswitch.net/sync?ssp=index HTTP 302
  • https://sonata-notifications.taptapnetworks.com/web/cookie/bidswitch/sync?bidswitch_ssp_id=index&bsw_custom_parameter=9b45e93c-af27-4e01-ba3b-f5b8983d2c33&gdpr=&gdpr_consent=&gdpr_pd= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=413&ssp=index&user_id=csonata_1c872633-0ef4-413a-858e-87b62aa39aa0&bsw_param=9b45e93c-af27-4e01-ba3b-f5b8983d2c33&expires=10&gdpr=&gdpr_consent=&gdpr_pd= HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=9b45e93c-af27-4e01-ba3b-f5b8983d2c33&gdpr=&gdpr_consent=&us_privacy=
Request Chain 418
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZUEVJfR4DtR-Kbmzt7gnpAAAFA4AAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/casale/ZUEVJfR4DtR-Kbmzt7gnpAAAFA4AAAAB
Request Chain 419
  • https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID HTTP 302
  • https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=2447243403012636083
Request Chain 420
  • https://cm.ctnsnet.com/int/cm?exc=19 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=e992795b38b5450cbf7a9471e0b1c6d9&expiration=1701356069
Request Chain 422
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZUEVJUQS5JXaHCYGXqdF4wAA%265293&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid= HTTP 303
  • https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZUEVJUQS5JXaHCYGXqdF4wAA%265293&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=33876c72972345c4944ba937d75e249f HTTP 303
  • https://d.turn.com/r/dd/id/L21rdC8xOTcxL2NpZC8xNzQ5ODczMjc1L3QvMg/url/https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=$!%7BTURN_UUID%7D HTTP 302
  • https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=3376923166007774755 HTTP 303
  • https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=33876c72-9723-45c4-944b-a937d75e249f HTTP 302
  • https://p.rfihub.com/cm?pub=39342&in=1&userid=febba5ac-38b2-4c04-8156-fea2350cb746%3A1698764070.429616&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3Dfebba5ac-38b2-4c04-8156-fea2350cb746%253A1698764070.429616%26_%3D1698764070.4317338&cb=1698764070.4317667 HTTP 302
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5140084928013254505&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3Dfebba5ac-38b2-4c04-8156-fea2350cb746%253A1698764070.429616%26_%3D1698764070.4317338 HTTP 302
  • https://idsync.rlcdn.com/501709.gif?partner_uid=febba5ac-38b2-4c04-8156-fea2350cb746%3A1698764070.429616&_=1698764070.4317338 HTTP 307
  • https://idsync.rlcdn.com/1000.gif?memo=CM3PHhJACjwIARAFGjZmZWJiYTVhYy0zOGIyLTRjMDQtODE1Ni1mZWEyMzUwY2I3NDY6MTY5ODc2NDA3MC40Mjk2MTYQABoNCKaqhKoGEgUI6AcQAEIASgA HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm HTTP 302
  • https://idsync.rlcdn.com/362358.gif?google_gid=CAESEL8argvBwO-joRcqbCtLiQY&google_cver=1
Request Chain 425
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZUEVJUQS5JXaHCYGXqdF4wAAFK0AAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEIWMbjriYOYq3QoK6fjqxkE&google_cver=1
Request Chain 426
  • https://dpm.demdex.net/ibs:dpid=23728&dpuuid=ZUEVJUQS5JXaHCYGXqdF4wAA%265293?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=ZUEVJUQS5JXaHCYGXqdF4wAA%265293
Request Chain 427
  • https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=
Request Chain 428
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZUEVJUQS5JXaHCYGXqdF4wAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEDCeKgPdVMwBurct-0LC97o&google_cver=1
Request Chain 429
  • https://creativecdn.com/cm-notify?pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZUEVJUQS5JXaHCYGXqdF4wAA%265293 HTTP 302
  • https://creativecdn.com/cm-notify?pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZUEVJUQS5JXaHCYGXqdF4wAA%265293&tc=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=133&external_user_id=RmUd31MLs7eUvNzo6Awi&pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZUEVJUQS5JXaHCYGXqdF4wAA%265293&tc=1
Request Chain 433
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID HTTP 302
  • https://usersync.gumgum.com/usersync?b=apn&i=2447243403012636083
Request Chain 434
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_6f3a892e-7476-413d-8bb9-64234d4d8185&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://u.ipw.metadsp.co.uk/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2&bsw_user_id=${BSW_USER_UD}&bsw_param=9b45e93c-af27-4e01-ba3b-f5b8983d2c33&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=1--- HTTP 302
  • https://u.ipw.metadsp.co.uk/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2&bsw_user_id=${BSW_USER_UD}&bsw_param=9b45e93c-af27-4e01-ba3b-f5b8983d2c33&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=1--- HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=339&expires=14&gdpr=0&gdpr_consent=&user_group=1&user_id=7b44d321-9916-49e6-832f-875b04695654&ssp=gumgum2&bsw_param=9b45e93c-af27-4e01-ba3b-f5b8983d2c33 HTTP 302
  • https://usersync.gumgum.com/usersync?b=bsw&i=9b45e93c-af27-4e01-ba3b-f5b8983d2c33&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 435
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://us-u.openx.net/w/1.0/cm?cc=1&_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=opx&i=d5e25f35-3b73-4b86-bc76-6ba1d73afb09
Request Chain 436
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sta&i=0-92700a2f-2a32-5f4b-73cb-76eb9b3cac48$ip$195.206.105.130
Request Chain 437
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=oth&i=y-NYjMk6JE2pfpHmxXkvc8aUg0bShFoIe3T4VK~A
Request Chain 438
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=vnt&i=d6a7516a-d2a5-410b-987c-9f507af44a7c
Request Chain 440
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_6f3a892e-7476-413d-8bb9-64234d4d8185&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__ HTTP 302
  • https://b1sync.zemanta.com/usersync/gumgum/?cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__&gdpr=0&gdpr_consent=&puid=e_6f3a892e-7476-413d-8bb9-64234d4d8185&s=2&us_privacy=1--- HTTP 302
  • https://usersync.gumgum.com/usersync?b=zem&i=v4fffpB6rU08YIjKlodd&gdpr=0&us_privacy=1---
Request Chain 441
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
  • https://usersync.gumgum.com/usersync?b=pln&i=DPWjjnhlS1Ij&ev=1&pid=558355
Request Chain 442
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sad&i=4357037334949060290
Request Chain 445
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=150&partneruserid=0&redirurl=https%3A%2F%2Fwt.rqtrk.eu%3Fpid%3D58a76248-f101-4e52-b8f7-c4de9362ea12%26src%3Dwww%26type%3D100%26sid%3D0%26uid%3DSMART_USER_ID%26gdpr_pd%3D0&gdpr=0&gdpr_consent= HTTP 302
  • https://wt.rqtrk.eu/?pid=58a76248-f101-4e52-b8f7-c4de9362ea12&src=www&type=100&sid=0&uid=4357037334949060290&gdpr_pd=0&gdpr=0&gdpr_consent=
Request Chain 446
  • https://secure.adnxs.com/getuid?https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D86%26partneruserid%3D$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=86&partneruserid=2447243403012636083&gdpr=0&gdpr_consent=
Request Chain 447
  • https://match.prod.bidr.io/cookie-sync/sas?gdpr=0&gdpr_consent= HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partneruserid=AAC5dU7KgioAABfIVHASlA&partnerid=127&gdpr=0
Request Chain 448
  • https://cms.quantserve.com/pixel/p-EtBqU4Lj3YbAv.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=80&gdpr=0&partneruserid=SUPwgE5D9oBSRPSGTRLpiU4X89NSQPWGSEUJZMCQ
Request Chain 459
  • https://c1.adform.net/serving/cookie/match?party=1301&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/usersync?b=adf&i=3765797799554591622&gdpr=0&gdpr_consent=
Request Chain 469
  • https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
  • https://usersync.gumgum.com/usersync?b=sus&i=ZUEVJsCo5s8AADDHjtEAAAAA
Request Chain 470
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://usersync.gumgum.com/usersync?b=rth&i=RmUd31MLs7eUvNzo6Awi&pi=gumgum
Request Chain 471
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=gumgum
Request Chain 474
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&ismms2s=1&p=161683&pu=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21482%26id%3D%23PMUID HTTP 302
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=2447243403012636083 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Request Chain 475
  • https://prebid.a-mo.net/cchain/0?cb=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21492%26uid%3D&gdpr=0&gdpr_consent=&ismms2s=1 HTTP 302
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21492&uid=&gdpr=0
Request Chain 476
  • https://u.openx.net/w/1.0/cm?gdpr=0&gdpr_consent=&id=29975467-6f1b-4e06-b545-920b22ea49b2&ismms2s=1&r=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21477%26id%3D HTTP 302
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21477&id=bb861941-6cf4-4c84-a395-62bb5f6970aa
Request Chain 477
  • https://visitor.omnitagjs.com/visitor/bsync?gdpr=0&gdpr_consent=&ismms2s=1&name=MinuteMedia&uid=a1aca1d7a7acd80e26595e82223f1e6f&url=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21502%26id%3D%5BBUYER_ID%5D HTTP 307
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21502&id=b0ce368651a755b519f599af3a952f7e
Request Chain 478
  • https://eb2.3lift.com/getuid?cmp_cs=&gdpr=0&ismms2s=1&redir=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21480%26id%3D%24UID HTTP 302
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21480%26id%3D%24UID HTTP 302
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21480&id=3442246116530153603786
Request Chain 479
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21476%26id%3D&ismms2s=1&s=196326 HTTP 302
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21476&id=ZUEVJUQS5JXaHCYGXqdF4wAA%265293
Request Chain 481
  • https://ads.stickyadstv.com/user-matching?id=3663&gdpr=0&gdpr_consent= HTTP 302
  • https://cs.yellowblue.io/cs?aid=11601&id=fadb51c9341f022911b67d771ee3e63&gdpr_consent=&gdpr=0
Request Chain 483
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160295&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11576%26id%3D%23PMUID HTTP 302
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=2447243403012636083 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Request Chain 487
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Request Chain 489
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=5zbg0eA25tH8MeTX42f52OBi44L8NeXX5jByHDEs
Request Chain 490
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2447243403012636083&gdpr=0&gdpr_consent=
Request Chain 491
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7296136119996512409&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=A01F74C6-5714-45B1-8E9F-B6A125E3E453
Request Chain 492
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://ws.rqtrk.eu/pull?pid=6298098f-c92c-4c68-bdfc-f454f26a86ac&redirect=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D193%26user_id%3D%24BROWSER_ID%26gdpr%3D%24GDPR%26gdpr_consent%3D%24GDPR_CONSENT%26expires%3D1%26ssp%3D%24bidswitch_ssp_id&return-unstable=true&eb=&bidswitch_ssp_id=pubmatic&g=1&gdpr_pd=&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/get?gdpr=0&gdpr_consent=&p=1017871179&r=https://ws.rqtrk.eu/push?pid%3D30036f87-064a-40e2-82e0-38cacebdccad%26uid%3D$UID%26tr%3D0 HTTP 302
  • https://ws.rqtrk.eu/push?pid=30036f87-064a-40e2-82e0-38cacebdccad&uid=c3brbZGjPxCQPa6FBfm9MJ8oA&tr=0 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=193&user_id=a6f0cba5-9e58-455b-92d2-0b2260d1b377&gdpr=0&gdpr_consent=&expires=1&ssp=pubmatic HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=9b45e93c-af27-4e01-ba3b-f5b8983d2c33&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Request Chain 493
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=knAKLyoyX0tzy3brmzysSMPOaYI&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Request Chain 494
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token} HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Request Chain 495
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZUEVJQAAQw9o3gBH
Request Chain 496
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent= HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFDNWRVN0tnaW9BQUJmSVZIQVNsQQ&gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://bh.contextweb.com/bh/rtset?ev=AAC5dU7KgioAABfIVHASlA&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=pm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AAC5dU7KgioAABfIVHASlA&pid=558502&do=add&gdpr=0 HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAC5dU7KgioAABfIVHASlA&gdpr=0 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Request Chain 497
  • https://t.adx.opera.com/pub/sync?pubid=pub8730968190912 HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPUcd7d83846cbc4bf7bbcd2f4622650f8d HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Request Chain 498
  • https://b1sync.zemanta.com/usersync/pubmatic/?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:&gdpr=0&gdpr_consent=&gdpr=0 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=A01F74C6-5714-45B1-8E9F-B6A125E3E453
Request Chain 501
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=3774270476419636622 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Request Chain 502
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5140084928013254505
Request Chain 505
  • https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent= HTTP 302
  • https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25_rid%26gdpr%3D0%26gdpr_consent%3D%25_gdpr_consent HTTP 302
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=9ef5ca8c17568aea/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253Dtk2EoAPtRnMVjgSjbTVUSgng%2526gdpr%253D0%2526gdpr_consent%253D HTTP 302
  • https://pixel-eu.onaudience.com/?partner=104&icm&cver&mapped=71f2983ac7677acd3b9726cceb7f1ba3&gdpr=0&redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3Dtk2EoAPtRnMVjgSjbTVUSgng%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=tk2EoAPtRnMVjgSjbTVUSgng&gdpr=0&gdpr_consent=
Request Chain 507
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=oB90xlcURbGOn7ahJePkUw%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 508
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=A01F74C6-5714-45B1-8E9F-B6A125E3E453&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=A01F74C6-5714-45B1-8E9F-B6A125E3E453&gdpr=0&gdpr_consent=&ct=y
Request Chain 509
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent= HTTP 307
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=1502487348
Request Chain 510
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=A01F74C6-5714-45B1-8E9F-B6A125E3E453 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=YzNiSTZ4NU1nQzBUcDZMamliLVl2WktXdw==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%253D%253D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/a?adform_uid=3765797799554591622&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D HTTP 302
  • https://a.audrte.com/p
Request Chain 511
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QTAxRjc0QzYtNTcxNC00NUIxLThFOUYtQjZBMTI1RTNFNDUz&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 512
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEMppDb6C35J4XVXiHbL-HmE&google_cver=1
Request Chain 514
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=3765797799554591622 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=A01F74C6-5714-45B1-8E9F-B6A125E3E453
Request Chain 517
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=A01F74C6-5714-45B1-8E9F-B6A125E3E453&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-YZ8s9FhE2uWZLDxrTyb0IeMHqhTFkRY-~A&gdpr=0
Request Chain 518
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=bcac1c91-5988-42c1-b9e2-49bb8fc304d7-65411525-4348&gdpr=0&gdpr_consent=
Request Chain 519
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3376923166007774755&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 520
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=A01F74C6-5714-45B1-8E9F-B6A125E3E453&gdpr=0&gdpr_consent= HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=571e0c8e1cc31615&is_secure=true&networkId=17100&version=1&nuid=A01F74C6-5714-45B1-8E9F-B6A125E3E453&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAIICPG5F7edANf8NXlAAAAAAA&expiration=1698850469&nuid=A01F74C6-5714-45B1-8E9F-B6A125E3E453&is_secure=true&gdpr_consent=&gdpr=0 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Request Chain 521
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:20e14219-bc79-4aa9-acbb-38c1d5f70d98&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 523
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=ns9qrKJLKD&consentString=&r=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Frichaudience%2F%5BPDID%5D HTTP 302
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcsync.smilewanted.com%2F HTTP 302
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcsync.smilewanted.com%2F&rd=1 HTTP 303
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.richaudience.com%2Fa939d25b950298d0a5d324cea4fcd3d1%2F%3Fuid%3D$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.richaudience.com/a939d25b950298d0a5d324cea4fcd3d1/?uid=2447243403012636083&gdpr=0&gdpr_consent=
Request Chain 525
  • https://sync.1rx.io/usersync2/rmpssp?sub=smilewanted HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8966135194
Request Chain 526
  • https://ads.betweendigital.com/match?bidder_id=45128&callback_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbetweenx%2F${USER_ID} HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=45128&callback_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbetweenx%2F${USER_ID}&crf=1&rts=8445765279022348259 HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/betweenx/48237484-3cf0-5230-bbe4-d491dea5c1b4
Request Chain 527
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=duration_media&khaos=LOEG9HJE-1C-LMHU HTTP 302
  • https://ads.servenobid.com/sync?pid=323&uid=LOEG9HJE-1C-LMHU
Request Chain 528
  • https://us.ck-ie.com/smwt256.gif?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbizzclick%2F%7B%24PARTNER_UID%7D HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/bizzclick/64800e60d36c11fe0f0ab3f8954851400cd5b0b7725554801b5d041414a71b22
Request Chain 532
  • https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fadform%2F%24UID HTTP 303
  • https://csync.smilewanted.com/set_partner_userid_get/adform/3765797799554591622
Request Chain 533
  • https://ssp-sync.criteo.com/user-sync/redirect?gdprapplies=0&gdpr=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fcriteo%2F%24%7BCRITEO_USER_ID%7D&profile=230 HTTP 302
  • https://x.bidswitch.net/sync?ssp=criteo&custom_data=8726y19tb2pmSUdMMm5RJTJGSHhQJTJGSTdjek42S082QktDUVd5Z0Y1ZTRKJTJCT2ZBcUZDSGZ4UG9YSTAlMkY1Y0hkczVpMnAlMkJhcEJSa1RoOUVhSkcyQnhSdHczRlM5VHEzZVRwdjVYYWU5a2FKYiUyRlVUUkFId1RYVlY1enpGdmRybXVDYmJDRFRrancwQWs3ZHJrQzRMV1JHbEJUMjYwJTJCY2hsR2J1MHBoZ1RDMXNuWE50Mm96Z0lUQ1JnNjlNblg5Yk5rZWJNVDJoRA&gdpr=&gdpr_consent=&us_privacy=&cr_user_id=k-IY2hAKtCQrZO7B5GJ7L-_xeUIV3R-uEJxUR-0w HTTP 302
  • https://ssp-sync.criteo.com/user-sync/match?p=8726y19tb2pmSUdMMm5RJTJGSHhQJTJGSTdjek42S082QktDUVd5Z0Y1ZTRKJTJCT2ZBcUZDSGZ4UG9YSTAlMkY1Y0hkczVpMnAlMkJhcEJSa1RoOUVhSkcyQnhSdHczRlM5VHEzZVRwdjVYYWU5a2FKYiUyRlVUUkFId1RYVlY1enpGdmRybXVDYmJDRFRrancwQWs3ZHJrQzRMV1JHbEJUMjYwJTJCY2hsR2J1MHBoZ1RDMXNuWE50Mm96Z0lUQ1JnNjlNblg5Yk5rZWJNVDJoRA&u=9b45e93c-af27-4e01-ba3b-f5b8983d2c33 HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/criteo/k-kaPJVqtCQrZO7B5GJ7L-_xeUIV0xTukt9P0jng
Request Chain 536
  • https://ads.stickyadstv.com/user-matching?id=3602&gdpr=0&gdpr_consent= HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/freewheel/fadb51c9341f022911b67d771ee3e63?gdpr_consent=&gdpr=0
Request Chain 538
  • https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&khaos=LOEG9HJE-1C-LMHU HTTP 302
  • https://usersync.gumgum.com/usersync?b=mag&i=LOEG9HJE-1C-LMHU
Request Chain 539
  • https://cms.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=yO_BKM_vxyjT6MUuzL7YIc-7wnvT7MQuyelompXv
Request Chain 540
  • https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=3765797799554591622
Request Chain 544
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEaMBBJLhVFHAD-polHuEnc&google_cver=1
Request Chain 560
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Request Chain 563
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:2DCA60587CCB4E3CA2C521D7AD5406E9&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Request Chain 564
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6763817689
Request Chain 567
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=A01F74C6-5714-45B1-8E9F-B6A125E3E453&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=A01F74C6-5714-45B1-8E9F-B6A125E3E453&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 568
  • https://pixel.onaudience.com/?partner=214&mapped=A01F74C6-5714-45B1-8E9F-B6A125E3E453&gdpr=0&gdpr_consent= HTTP 302
  • https://spl.zeotap.com/?zdid=1332&zcluid=9ef5ca8c17568aea HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=132dbe81-4ec4-4486-730f-10d65dffbdb4&reqId=ff98a4a1-18ae-48a8-5036-99dfc54acd3c&zcluid=9ef5ca8c17568aea&zdid=1332 HTTP 302
  • https://mwzeom.zeotap.com/mw?google_gid=CAESEN3xm07rfyFD5D_WiIi1ge4&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=132dbe81-4ec4-4486-730f-10d65dffbdb4&reqId=ff98a4a1-18ae-48a8-5036-99dfc54acd3c&zcluid=9ef5ca8c17568aea&zdid=1332

565 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request xiang-ti-sheng-nan-xing-mei-li-zhao-mie-liao-tian-lao-tong-xue-xu-jiu-gao-gu-tong-kuang-biao.html
www.bg3.co/a/ 		63 KB
19 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.bg3.co/a/xiang-ti-sheng-nan-xing-mei-li-zhao-mie-liao-tian-lao-tong-xue-xu-jiu-gao-gu-tong-kuang-biao.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.231.174.251 New York, United States, ASN9744 (XLC-AS-AP XLC GLOBAL, HK),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
d955618eccbf6f0cbfb990ff2966d3995da6f4fb1a917920cb13f906643edbd4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
max-age=60
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Tue, 31 Oct 2023 14:54:23 GMT
etag
"fa04-xO+z7VUC2dsdweTeNBixufHC2ZA"
expires
Tue, 31 Oct 2023 14:55:23 GMT
server
nginx/1.18.0 (Ubuntu)
vary
Accept-Encoding
v0.js
cdn.ampproject.org/ 		278 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xiang-ti-sheng-nan-xing-mei-li-zhao-mie-liao-tian-lao-tong-xue-xu-jiu-gao-gu-tong-kuang-biao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0c85c630601edab15e8aa2e0a5ab14ae6168816700c3b2a2bb4983cdc2b11acd
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Tue, 31 Oct 2023 14:54:23 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
73031
x-xss-protection
0
server
sffe
etag
"aa4f775a8c339659"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3000, stale-while-revalidate=1206600
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 31 Oct 2023 14:54:23 GMT
amp-sidebar-0.1.js
cdn.ampproject.org/v0/ 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-sidebar-0.1.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xiang-ti-sheng-nan-xing-mei-li-zhao-mie-liao-tian-lao-tong-xue-xu-jiu-gao-gu-tong-kuang-biao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
93870d49d621c8497ff79e8e43190812369c744395be1e8cf58416372b990a3e
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Tue, 31 Oct 2023 14:54:23 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9646
x-xss-protection
0
server
sffe
etag
"34199929c7bc09b9"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 31 Oct 2023 14:54:23 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		95 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xiang-ti-sheng-nan-xing-mei-li-zhao-mie-liao-tian-lao-tong-xue-xu-jiu-gao-gu-tong-kuang-biao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3a87e77ec3b3a012b4037ab4168ab0e7ab7ad7a8cdf77798bfb9d882d04e60f3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 14:54:23 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29925
x-xss-protection
0
server
cafe
etag
326 / 19661 / m202310230101 / config-hash: 14732226932962608853
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 31 Oct 2023 14:54:23 GMT
js
www.googletagmanager.com/gtag/ 		267 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-JLX4K2W8JS
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xiang-ti-sheng-nan-xing-mei-li-zhao-mie-liao-tian-lao-tong-xue-xu-jiu-gao-gu-tong-kuang-biao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ca06fe1ecaf131feeaeec57c84104646f862606cb7c58bbe11dabc4aca9270f5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 14:54:23 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
91034
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 31 Oct 2023 14:54:23 GMT
counter.js
www.statcounter.com/counter/ 		40 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.statcounter.com/counter/counter.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xiang-ti-sheng-nan-xing-mei-li-zhao-mie-liao-tian-lao-tong-xue-xu-jiu-gao-gu-tong-kuang-biao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.219.77 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9b6a7ca7428363767b92f9cf0ebc6dc31c5228022e2d2cb5016c0d9493021d1c

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 14:54:23 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 26 Oct 2023 09:54:32 GMT
server
cloudflare
age
42178
etag
W/"653a3758-a1eb"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
cf-ray
81ecbba51edd90d6-FRA
expires
Tue, 31 Oct 2023 15:11:25 GMT
adRecover.js
delivery.adrecover.com/43519/ 		39 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://delivery.adrecover.com/43519/adRecover.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xiang-ti-sheng-nan-xing-mei-li-zhao-mie-liao-tian-lao-tong-xue-xu-jiu-gao-gu-tong-kuang-biao.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/48D0) /
Resource Hash
79435c78f5700a51da5339350b2c640153fcb817d0a7d328b5a53dd3f71252c9

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-client-geo
CH
date
Tue, 31 Oct 2023 14:54:23 GMT
content-encoding
br
age
10933
x-cache
HIT
x-client-device
desktop
content-length
10736
x-ap-device
DESKTOP
last-modified
Tue, 31 Oct 2023 06:59:45 GMT
server
ECAcc (ama/48D0)
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
x-ap-geo
CH
accept-ranges
bytes
expires
Tue, 31 Oct 2023 15:54:23 GMT
adpushup.js
cdn.adpushup.com/42753/ 		710 KB
146 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/42753/adpushup.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xiang-ti-sheng-nan-xing-mei-li-zhao-mie-liao-tian-lao-tong-xue-xu-jiu-gao-gu-tong-kuang-biao.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/48F2) /
Resource Hash
cdc8970d14a6af6f4ec3c8ba1c6b0effba47a68076a0728bade3c8fb57ea0e68

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-client-geo
CH
date
Tue, 31 Oct 2023 14:54:23 GMT
content-encoding
br
age
10933
x-cache
HIT
x-client-device
desktop
content-length
149535
x-ap-device
DESKTOP
last-modified
Tue, 31 Oct 2023 10:11:50 GMT
server
ECAcc (ama/48F2)
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
x-ap-geo
CH
accept-ranges
bytes
expires
Tue, 31 Oct 2023 15:54:23 GMT
loader.js
cdn.taboola.com/libtrc/palmate-bg3co/ 		574 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xiang-ti-sheng-nan-xing-mei-li-zhao-mie-liao-tian-lao-tong-xue-xu-jiu-gao-gu-tong-kuang-biao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e5ca865f9ccbb860ff0e593eac9b8cb853782fe864c30947b1de87a455af4775

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
6b2jOJAJNxrQwzONTzLv4n9w1Oavic1A
content-encoding
gzip
via
1.1 varnish
date
Tue, 31 Oct 2023 14:54:23 GMT
x-amz-request-id
75B6K5YWV15SGZQX
age
14240
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
55395
x-amz-id-2
+MtMuQLCGRndJbNocNnJmcOH26gV4fifL8ekAKBaIRcGLeM004p4O0d192E50FvMU2IuxANmmgA=
x-served-by
cache-fra-eddf8230065-FRA
last-modified
Tue, 31 Oct 2023 10:56:57 GMT
server
AmazonS3
x-timer
S1698764064.532743,VS0,VE2
etag
"34621616065d354ebd99e5a6425195e9"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
65
access-control-allow-origin
*
cache-control
private,max-age=14401
accept-ranges
bytes
x-cache-hits
1
sdk
cdn.aralego.net/ucfad/sdk/us-east/
Redirect Chain
  • https://ads.aralego.com/sdk
  • https://cdn.aralego.net/ucfad/sdk/us-east/sdk
39 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xiang-ti-sheng-nan-xing-mei-li-zhao-mie-liao-tian-lao-tong-xue-xu-jiu-gao-gu-tong-kuang-biao.html
Protocol
H2
Server
2606:4700:20::681a:467 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb7942f135ce5b7b6bcb9becd335aac30ed761972e48d73197a287ae13b7565b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 14:54:24 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5365
alt-svc
h3=":443"; ma=86400
content-length
40188
last-modified
Mon, 28 Aug 2023 06:02:11 GMT
server
cloudflare
etag
"64ec3863-9cfc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X1goAPd5pb0TL2I7qoGmSRCaLlOqt01ARAR1c%2BwKWAN35arrfBLlyToj27JmlZcji%2F8ya1nwRUavOeb4T8q01S0HVanZiScgsNzQZN4ElIxquS00gpqt5B9jXe0nJfQpX1aBYvjwwPfI1z5g4g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
max-age=14400
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
81ecbba97d3e5d81-FRA

Redirect headers

Location
https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Connection
close
Content-length
0
t.php
c.statcounter.com/ 		192 B
566 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.statcounter.com/t.php?sc_project=12918656&u1=97AAFC03A66D4F84EA2B2A2FB91C8899&java=1&security=dd738f34&sc_snum=1&sess=de22c1&p=0&rcat=d&rdom=d&rdomg=new&bb=1&jg=new&rr=1.1.1.1.1.1.1.1.1&resolution=1600&h=1200&camefrom=&u=https%3A//www.bg3.co/a/xiang-ti-sheng-nan-xing-mei-li-zhao-mie-liao-tian-lao-tong-xue-xu-jiu-gao-gu-tong-kuang-biao.html&t=%E6%83%B3%E6%8F%90%E5%8D%87%E7%94%B7%E6%80%A7%E9%AD%85%E5%8A%9B%EF%BC%9F%E6%89%BE%E5%92%A9%E8%81%8A%E5%A4%A9%E3%80%81%E8%80%81%E5%90%8C%E5%AD%B8%E6%95%98%E8%88%8A...%E7%9D%BE%E5%9B%BA%E9%85%AE%E7%8B%82%E9%A3%86%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&invisible=1&sc_rum_e_s=1985&sc_rum_e_e=2037&sc_rum_f_s=0&sc_rum_f_e=1981&get_config=true
Requested by
Host: www.statcounter.com
URL: https://www.statcounter.com/counter/counter.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.219.77 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb2697b60c526a1d4980e0874700e7c2b4f43bb9292770f71bb4bb972506e415

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 14:54:23 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
content-type
application/json
access-control-allow-origin
https://www.bg3.co
p3p
policyref="http://www.statcounter.com/w3c/p3p.xml", CP="ADMa OUR COM NAV NID DSP NOI COR"
access-control-allow-credentials
true
cf-ray
81ecbba5ff6b90d6-FRA
expires
Mon, 26 Jul 1997 05:00:00 GMT
impl.20231031-1-RELEASE.js
cdn.taboola.com/libtrc/ 		816 KB
169 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/impl.20231031-1-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
be30241d97548b4d0ae8b0fb91e586eb198cb138c9d27458ea4328dd2be0693e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
1z8__gjZsw2lnWv02jEYoysVdoYZaDQ5
content-encoding
br
via
1.1 varnish
date
Tue, 31 Oct 2023 14:54:23 GMT
x-amz-request-id
8819WNG256X1KZK0
age
21298
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
172926
x-amz-id-2
9ErFML6GBYcySxEUOI7fO2CkTEFBKtpXO7/MD7ogwkvBbolhxFFGLQgxIIOurXh+Hl8cZ0+Ys1U=
x-served-by
cache-fra-eddf8230065-FRA
last-modified
Tue, 31 Oct 2023 08:51:31 GMT
server
AmazonS3-br
x-timer
S1698764064.771207,VS0,VE0
etag
"a6821cf9d48e067f1c1bf39f1a3f8ba7"
vary
Accept-Encoding
content-type
application/javascript
abp
27
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
75467
b4690b480b451bf4b0769fbc5d35b134.jpg
static.bg3.co/imgs/202106/ 		0
0
5bce03c10680437adb6c019699e6216e.jpg
static.bg3.co/imgs/202106/ 		0
0
7bfad1903450e5d570f3a1ee1f7ea927.jpg
static.bg3.co/imgs/202105/ 		0
0
d3c4d85a866e33aca295c6304a0b1098.jpg
static.bg3.co/imgs/202309/ 		0
0
51fbf36abb40ef2fd9a12a381a5a5d81.jpg
static.bg3.co/imgs/202105/ 		0
0
5df09551d4e6bdb90dfe768ef4687789.jpg
static.bg3.co/imgs/202106/ 		0
0
ea911093a75d9b12fcc5e6275540a3c7.jpg
static.bg3.co/imgs/202105/ 		0
0
79401d002e29cc5104dad08d989537f0.jpg
static.bg3.co/imgs/202309/ 		0
0
7afbc44ea234fea2e126543815919a8d.jpg
static.bg3.co/imgs/202106/ 		0
0
58c54f35beb14898795fe84cd8d0998a.jpg
static.bg3.co/imgs/202105/ 		0
0
7325087fbe0fea2520333356dbc808af.jpg
static.bg3.co/imgs/202309/ 		0
0
3c53a764b4fad74307232fd78eef9fde.jpg
static.bg3.co/imgs/202105/ 		0
0
2d7c8ae313582ee88ef692382e1d2fef.jpg
static.bg3.co/imgs/202105/ 		0
0
1779145f141e134a1d6c84f930a2dc91.jpg
static.bg3.co/imgs/202106/ 		0
0
0d96627f9f9fa072f738109b0b515edb.jpg
static.bg3.co/imgs/202105/ 		0
0
54e377ee13bb445cae0ee70376de061b.jpg
static.bg3.co/imgs/202110/ 		0
0
de603c26b05bebcb407336b4027fc667.jpg
static.bg3.co/imgs/202106/ 		0
0
2c0a716c2c226ad6ad1397295d47329e.jpg
static.bg3.co/imgs/202105/ 		0
0
58debebcd91f06a260d5c9b9e01533ba.jpg
static.bg3.co/imgs/202106/ 		0
0
f85f44f8e05d695c8ae3e793839db024.jpg
static.bg3.co/imgs/202105/ 		0
0
059a40e394768dcd5943c283b87b53bb.jpg
static.bg3.co/imgs/202106/ 		0
0
33808e04789c8b2d47342d359995fbda.jpg
static.bg3.co/imgs/202106/ 		0
0
ef77deaf27f5adadf4320c3c86d6cd85.jpg
static.bg3.co/imgs/202107/ 		0
0
0b8d2d42b484f278190928355561de88.jpg
static.bg3.co/imgs/202106/ 		0
0
8a9866fb8e69b5923872d3feb58b598d.jpg
static.bg3.co/imgs/202105/ 		0
0
8196c340da7ca499a9f763518f4b2c3e.jpg
static.bg3.co/imgs/202105/ 		0
0
a8033bc7a364ed6186779ce66d6e603e.jpg
static.bg3.co/imgs/202105/ 		0
0
amp-auto-lightbox-0.1.js
cdn.ampproject.org/rtv/012310111731000/v0/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310111731000/v0/amp-auto-lightbox-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
29cc53c94045f5992fe796c8c978b1c06e691ad2509afcbbf9fcccd09a748944
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 27 Oct 2023 08:11:50 GMT
age
369754
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2971
x-xss-protection
0
server
sffe
etag
"d3318576b6061a39"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 26 Oct 2024 08:11:50 GMT
collect
region1.google-analytics.com/g/ 		0
251 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-JLX4K2W8JS&gtm=45je3ap0v9102959953&_p=335915574&gcd=11l1l1l1l1&cid=941611089.1698764064&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1698764064&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxiang-ti-sheng-nan-xing-mei-li-zhao-mie-liao-tian-lao-tong-xue-xu-jiu-gao-gu-tong-kuang-biao.html&dt=%E6%83%B3%E6%8F%90%E5%8D%87%E7%94%B7%E6%80%A7%E9%AD%85%E5%8A%9B%EF%BC%9F%E6%89%BE%E5%92%A9%E8%81%8A%E5%A4%A9%E3%80%81%E8%80%81%E5%90%8C%E5%AD%B8%E6%95%98%E8%88%8A...%E7%9D%BE%E5%9B%BA%E9%85%AE%E7%8B%82%E9%A3%86%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JLX4K2W8JS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Oct 2023 14:54:24 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
amp-loader-0.1.js
cdn.ampproject.org/rtv/012310111731000/v0/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310111731000/v0/amp-loader-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8ccb468c058da5e92426f3a868dbe38245e3e4ed71985f96264ae1407c130ff9
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 24 Oct 2023 18:02:50 GMT
age
593494
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3951
x-xss-protection
0
server
sffe
etag
"e11a2f49b1f47e4c"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 23 Oct 2024 18:02:50 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310230101/ 		421 KB
132 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310230101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8895c83287e65a12c85a2b9c9b284b021a906f42e407f9aa3d5969f4931b60dd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 10:57:56 GMT
content-encoding
br
x-content-type-options
nosniff
age
14188
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
135211
x-xss-protection
0
server
cafe
etag
17495413759700775962
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Wed, 30 Oct 2024 10:57:56 GMT
jquery-2.2.2.min.js
code.jquery.com/ 		84 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-2.2.2.min.js
Requested by
Host: delivery.adrecover.com
URL: https://delivery.adrecover.com/43519/adRecover.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
dfa729d82a3effadab1000181cb99108f232721e3b0af74cfae4c12704b35a32

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 14:54:24 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
3961859
x-cache
HIT, HIT
content-length
29880
x-served-by
cache-lga21979-LGA, cache-fra-eddf8230036-FRA
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
x-timer
S1698764064.286985,VS0,VE0
etag
W/"28feccc0-14e98"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=604800
accept-ranges
bytes
x-cache-hits
44, 12376
jquery-3.6.0.min.js
code.jquery.com/ 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.6.0.min.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 14:54:24 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
3525963
x-cache
HIT, HIT
content-length
30875
x-served-by
cache-lga21931-LGA, cache-fra-eddf8230036-FRA
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
x-timer
S1698764064.287135,VS0,VE0
etag
W/"28feccc0-15d9d"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=604800
accept-ranges
bytes
x-cache-hits
11, 600581
sync
gum.criteo.com/ 		46 B
288 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231031-1-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 14:54:23 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
293491
expires
60
json
trc.taboola.com/palmate-bg3co/trc/3/ 		73 KB
17 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/palmate-bg3co/trc/3/json?tim=15%3A54%3A24.255&lti=deflated&data=%7B%22id%22%3A680%2C%22ii%22%3A%22%2Fa%2Fxiang-ti-sheng-nan-xing-mei-li-zhao-mie-liao-tian-lao-tong-xue-xu-jiu-gao-gu-tong-kuang-biao.html%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1698749809947%2C%22vi%22%3A1698764064252%2C%22cv%22%3A%2220231031-1-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2Fxiang-ti-sheng-nan-xing-mei-li-zhao-mie-liao-tian-lao-tong-xue-xu-jiu-gao-gu-tong-kuang-biao.html%22%2C%22bv%22%3A%220%22%2C%22wc%22%3Atrue%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bu%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2Fxiang-ti-sheng-nan-xing-mei-li-zhao-mie-liao-tian-lao-tong-xue-xu-jiu-gao-gu-tong-kuang-biao.html%22%2C%22vpi%22%3A%22%2Fa%2Fxiang-ti-sheng-nan-xing-mei-li-zhao-mie-liao-tian-lao-tong-xue-xu-jiu-gao-gu-tong-kuang-biao.html%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A3874%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A6%2C%22uim%22%3A%22alternating-thumbnails-a%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Article%20Feed%22%2C%22orig_uip%22%3A%22Below%20Article%20Feed%22%2C%22cd%22%3A3754.0625%2C%22mw%22%3A760%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Fa%2Fxiang-ti-sheng-nan-xing-mei-li-zhao-mie-liao-tian-lao-tong-xue-xu-jiu-gao-gu-tong-kuang-biao.html%2CBelow%20Article%20Feed%3Dalternating-thumbnails-a%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231031-1-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
73e487e250b1fd7d9c2a638a3532f49c96e958845e79c3f0542f77eceeac5427

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
302
date
Tue, 31 Oct 2023 14:54:24 GMT
content-encoding
gzip
via
1.1 varnish
cpu
0.883125
x-fastly-to-nlb-rtt
59272
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-fra-eddf8230065-FRA
x-log-content-encoding
gzip
server
nginx
x-timer
S1698764064.277738,VS0,VE302
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
https://www.bg3.co
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
ads
securepubads.g.doubleclick.net/gampad/ 		28 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3035925322168159&correlator=4148016578639179&eid=31079240&output=ldjh&gdfp_req=1&vrg=202310230101&ptt=17&impl=fif&iu_parts=22574853003%2CADU-BG3-VIDEO&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&sfv=1-0-40&sc=1&cookie_enabled=1&arp=1&abxe=1&dt=1698764064346&lmt=1698760464&adxs=220&adys=498&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxiang-ti-sheng-nan-xing-mei-li-zhao-mie-liao-tian-lao-tong-xue-xu-jiu-gao-gu-tong-kuang-biao.html&vis=1&psz=760x225&msz=760x0&fws=4&ohw=1600&ga_vid=941611089.1698764064&ga_sid=1698764064&ga_hid=335915574&ga_fc=true&dlt=1698764063412&idt=901&adks=2226185566&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310230101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e48ad39da56ff092f81a47bb001fa1cbd3c2cd2251bb95d5ef545f6d175f5b0f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 14:54:24 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12606
x-xss-protection
0
google-lineitem-id
6344488284
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138440076868
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
34ea2439be446e598bd03737d8924673.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 84FF 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://34ea2439be446e598bd03737d8924673.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310230101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 31 Oct 2023 14:54:24 GMT
expires
Wed, 30 Oct 2024 14:54:24 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ucfad-formats.css
cdn.aralego.net/css/dev/ 		975 B
630 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:467 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 14:54:24 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6480
cf-polished
origSize=1191
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 16 Mar 2018 07:19:46 GMT
server
cloudflare
etag
W/"5aab7012-4a7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nNXPb9uVNnldxryNkNtBQjXZ8RqwNjISR0fxoNRcX1ixcMbive0Uilu2TaKul3SukUKulK4W8fZPzeCARxVVBmSbi%2FFwMdxD4wKvTqYYotYE%2BdlKaEI6T%2BLiE5L0IarFnFE5Ri17%2FTt1z0c0YQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
access-control-allow-credentials
true
cf-ray
81ecbbaa5e125d81-FRA
idRequest
sync.aralego.com/ 		46 B
488 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.96.203.13 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
179b7e1951da161ed13c7877025515b1691a3b7576df631bccb401368c7be9cb

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 31 Oct 2023 14:54:24 GMT
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://www.bg3.co
Access-Control-Allow-Credentials
true
Connection
close
Content-Length
46
ad_request
ads.aralego.com/ 		564 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=0&bl=en-US&je=1&dnt=0&host=www.bg3.co&u=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxiang-ti-sheng-nan-xing-mei-li-zhao-mie-liao-tian-lao-tong-xue-xu-jiu-gao-gu-tong-kuang-biao.html&adid=ad-34BA6B783D78883D133AD3AD3D6293B9&w=&h=280&ver=UCX_WEB-20200113&pos=1&seq=0&cb=0.4695282212680738&gdpr=%24%7BGDPR%7D&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&format=300%2C250%3B336%2C280%3B&lang=en-US%2Cen&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&uaMobile=%3F0
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.96.203.13 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
7eddc7e40f583d7244a3f2235d6be162336c446b943ebcf7a4f4a0d02fa18030

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 31 Oct 2023 14:54:24 GMT
X-Width
336
X-Height
280
X-AdStyle
banner
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://www.bg3.co
Access-Control-Expose-Headers
X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
Vary
Accept-Encoding
Access-Control-Allow-Credentials
true
X-AdSource
PSA
X-Adtype
html
Connection
close
Content-Length
564
pb.42753.1685716554093.js
cdn.adpushup.com/prebid/ 		409 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/48CC) /
Resource Hash
2e1c308b644d5be0cb3ca8d1ed6ca9caf2f559a2db097ce23040bb7e6f352d6e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-client-geo
CH
date
Tue, 31 Oct 2023 14:54:24 GMT
content-encoding
br
age
4058601
x-cache
HIT
x-client-device
desktop
content-length
122286
last-modified
Wed, 19 Jul 2023 17:13:32 GMT
server
ECAcc (ama/48CC)
etag
W/"64b819bc-66521"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
expires
Wed, 30 Oct 2024 14:54:24 GMT
quantcast.js
cdn.adpushup.com/pbuseridscripts/ 		450 B
309 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/48CB) /
Resource Hash
26914004d3a8d5ddde2202b642d7936eb61c9f195b5cd3c87e44ef8ad4d57c16

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-client-geo
CH
date
Tue, 31 Oct 2023 14:54:24 GMT
content-encoding
br
age
7026886
x-cache
HIT
x-client-device
desktop
content-length
211
last-modified
Mon, 28 Jun 2021 04:15:23 GMT
server
ECAcc (ama/48CB)
etag
W/"60d94cdb-1c2"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
expires
Wed, 30 Oct 2024 14:54:24 GMT
linkPreview.js
cdn.adpushup.com/42753/ 		75 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/42753/linkPreview.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xiang-ti-sheng-nan-xing-mei-li-zhao-mie-liao-tian-lao-tong-xue-xu-jiu-gao-gu-tong-kuang-biao.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/48AA) /
Resource Hash
6b278e48df6b2e2f917803f532a9257fbb46bf576a8dfc07f1f8eb94468b54e8

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-client-geo
CH
date
Tue, 31 Oct 2023 14:54:24 GMT
content-encoding
br
age
4058601
x-cache
HIT
x-client-device
desktop
content-length
18371
last-modified
Tue, 13 Dec 2022 07:20:55 GMT
server
ECAcc (ama/48AA)
etag
W/"639827d7-12dc3"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
expires
Wed, 30 Oct 2024 14:54:24 GMT
testmode
e3.adpushup.com/AdPushupFeedbackWebService/feedback/ 		70 B
318 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/testmode?data=eyJjcmVhdGVkVFMiOjE2OTg3NjQwNjQ0MjksInBhY2tldElkIjoiMDAwMEE3MDEtMmY1N2RiMTAtMjM5Mi00ZjYyLTgzMjEtNTg5ODUwNmZiNGNhIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL3hpYW5nLXRpLXNoZW5nLW5hbi14aW5nLW1laS1saS16aGFvLW1pZS1saWFvLXRpYW4tbGFvLXRvbmcteHVlLXh1LWppdS1nYW8tZ3UtdG9uZy1rdWFuZy1iaWFvLmh0bWwiLCJtb2RlIjo0LCJlcnJvckNvZGUiOjAsInJlZmVycmVyIjoiIiwicGxhdGZvcm0iOiJERVNLVE9QIiwiaXNHZW5pZWUiOmZhbHNlLCJzZWN0aW9ucyI6bnVsbCwiY291bnRyeSI6IkNIIn0%3D&c_b=2848.099998474121
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xiang-ti-sheng-nan-xing-mei-li-zhao-mie-liao-tian-lao-tong-xue-xu-jiu-gao-gu-tong-kuang-biao.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Oct 2023 14:54:24 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
sync
e3.adpushup.com/AdPushupFeedbackWebService/user/ 		70 B
364 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/user/sync
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xiang-ti-sheng-nan-xing-mei-li-zhao-mie-liao-tian-lao-tong-xue-xu-jiu-gao-gu-tong-kuang-biao.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Oct 2023 14:54:24 GMT
server
nginx/1.18.0 (Ubuntu)
ap-cookie-status
cookies ap_uid and ap_usid not set due to GDPR
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
block.jpg
delivery.adrecover.com/ 		631 B
736 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://delivery.adrecover.com/block.jpg?ts=1698764064518
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xiang-ti-sheng-nan-xing-mei-li-zhao-mie-liao-tian-lao-tong-xue-xu-jiu-gao-gu-tong-kuang-biao.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/48F4) /
Resource Hash
9284d948e86d2e99f31483b5f4b3a4c3e65e0a6fbca9a8d2db8c6095f82ac3f5

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Wed, 30 Oct 2024 14:54:24 GMT
date
Tue, 31 Oct 2023 14:54:24 GMT
last-modified
Wed, 23 Jun 2021 06:37:54 GMT
server
ECAcc (ama/48F4)
age
6493740
etag
"60d2d6c2-277"
x-cache
HIT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-client-device
desktop
content-length
631
x-client-geo
CH
view
securepubads.g.doubleclick.net/pcs/ Frame BCAF 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssm374Je2eSX6T2PtaDqFVXFbrpoNsPup2OkECIisZYQKzmq2ZZcT3b3Lc_lPALGR2OrH-syEY6GmYbgD6-EUDNX5DLZ5DJE_obMuK8BDpRIRkocUrUsupkOfjTbkZRSHBFJXW4tCxiltWbyb6IHJKlGwirLabmZeqZfjAKQ20aaPtSADSEoI1KukuQ4XOhFA57C2LErjGhwPU9OBcBrzvZwZ2DHrG9BjHx5CKXAEv3Ao8FmBbQLK8gyCA2KBZREg98rmK8ZJHn_RNvrsSjVy6Ri4SZqM2UBijFvwBF-Zl_wWJHBeqQ8jOPnuMiVkW4tAM3zA&sai=AMfl-YSXSCx013jgSmTWSjO8-HSCNrRlBzvjcJOvd80kDcewieMLQNnxEsviS-CSIueGW9ihY79SKEPMGpgU5ailVaRfSG5A7LHJdeXXF6b-gsaHrobRH3BtDjmMFD8pn2QKJPBDey7gbcShSg9UhzGb&sig=Cg0ArKJSzC8SI8Dd-kJdEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xiang-ti-sheng-nan-xing-mei-li-zhao-mie-liao-tian-lao-tong-xue-xu-jiu-gao-gu-tong-kuang-biao.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 14:54:24 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 31 Oct 2023 14:54:24 GMT
invocation.js
ad.vidverto.io/vidverto/js/aries/v1/ 		26 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xiang-ti-sheng-nan-xing-mei-li-zhao-mie-liao-tian-lao-tong-xue-xu-jiu-gao-gu-tong-kuang-biao.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.165.240.175 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-165-240-175.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
ac2fe2697b560ed2c6826bf1e2aa8e2e11976155d5d72410a196d04beffb10a4

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 14:54:24 GMT
content-encoding
gzip
last-modified
Thu, 05 Oct 2023 13:45:26 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"651ebdf6-66b6"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600, public, max-age=3600
expires
Tue, 31 Oct 2023 15:54:24 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame BCAF 		188 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310230101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cfd86eed5b662601ed1effa05e0922030a1bbfb3111d160df9b4f71630198c37
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 14:54:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60393
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1698666127188353"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 31 Oct 2023 14:54:26 GMT
feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2OTg3NjQwNjQ1NzEsInBhY2tldElkIjoiMDAwMEE3MDEtMmY1N2RiMTAtMjM5Mi00ZjYyLTgzMjEtNTg5ODUwNmZiNGNhIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL3hpYW5nLXRpLXNoZW5nLW5hbi14aW5nLW1laS1saS16aGFvLW1pZS1saWFvLXRpYW4tbGFvLXRvbmcteHVlLXh1LWppdS1nYW8tZ3UtdG9uZy1rdWFuZy1iaWFvLmh0bWwiLCJtb2RlIjoxLCJlcnJvckNvZGUiOjEsInJlZmVycmVyIjoiIiwicGxhdGZvcm0iOiJERVNLVE9QIiwiaXNHZW5pZWUiOmZhbHNlLCJzZWN0aW9ucyI6W3sic2VjdGlvbklkIjoiNzdhOWMyMmYtYWMwMi00NWRkLTk2YmMtYjA4OTZhOGE3ZDVhIiwic2VjdGlvbk5hbWUiOiJBUF9MX0RfQVJUSUNMRV83MjhYMjUwXzc3YTljIiwic3RhdHVzIjoxLCJuZXR3b3JrIjoiYWRwVGFncyIsIm5ldHdvcmtBZFVuaXRJZCI6IkFEUF80Mjc1M183MjhYMjUwXzc3YTljMjJmLWFjMDItNDVkZC05NmJjLWIwODk2YThhN2Q1YSIsInNlcnZpY2VzIjpbMSwzXSwiYWRVbml0VHlwZSI6MX1dLCJwYWdlR3JvdXAiOiJBUlRJQ0xFIiwicGFnZVZhcmlhdGlvbklkIjoiOTY3NTAxMjUtYjkwYy00OTdhLTg2OTktNzMxNzFmN2I0OTM1IiwicGFnZVZhcmlhdGlvbk5hbWUiOiJBZFB1c2h1cCIsInBhZ2VWYXJpYXRpb25UeXBlIjoxLCJjb3VudHJ5IjoiQ0gifQ%3D%3D&c_b=2989.800003051758
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xiang-ti-sheng-nan-xing-mei-li-zhao-mie-liao-tian-lao-tong-xue-xu-jiu-gao-gu-tong-kuang-biao.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Oct 2023 14:54:24 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2OTg3NjQwNjQ1NzYsInBhY2tldElkIjoiMDAwMEE3MDEtMmY1N2RiMTAtMjM5Mi00ZjYyLTgzMjEtNTg5ODUwNmZiNGNhIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL3hpYW5nLXRpLXNoZW5nLW5hbi14aW5nLW1laS1saS16aGFvLW1pZS1saWFvLXRpYW4tbGFvLXRvbmcteHVlLXh1LWppdS1nYW8tZ3UtdG9uZy1rdWFuZy1iaWFvLmh0bWwiLCJtb2RlIjoxLCJlcnJvckNvZGUiOjEsInJlZmVycmVyIjoiIiwicGxhdGZvcm0iOiJERVNLVE9QIiwiaXNHZW5pZWUiOmZhbHNlLCJzZWN0aW9ucyI6W3sic2VjdGlvbklkIjoiZDFjMTBhNzItMjdiNC00OTMxLThjZTctOTlhMThlYmJkYmFlIiwic2VjdGlvbk5hbWUiOiJBUF9JX0RfQVJUSUNMRV83MjhYOTBfZDFjMTAiLCJzdGF0dXMiOjEsIm5ldHdvcmsiOiJhZHBUYWdzIiwibmV0d29ya0FkVW5pdElkIjoiU1RJQ0tZX0FEUF80Mjc1M183MjhYOTBfZDFjMTBhNzItMjdiNC00OTMxLThjZTctOTlhMThlYmJkYmFlIiwic2VydmljZXMiOls1LDNdLCJhZFVuaXRUeXBlIjozfV0sInBhZ2VHcm91cCI6IkFSVElDTEUiLCJwYWdlVmFyaWF0aW9uSWQiOiI5Njc1MDEyNS1iOTBjLTQ5N2EtODY5OS03MzE3MWY3YjQ5MzUiLCJwYWdlVmFyaWF0aW9uTmFtZSI6IkFkUHVzaHVwIiwicGFnZVZhcmlhdGlvblR5cGUiOjEsImNvdW50cnkiOiJDSCJ9&c_b=2994.800003051758
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xiang-ti-sheng-nan-xing-mei-li-zhao-mie-liao-tian-lao-tong-xue-xu-jiu-gao-gu-tong-kuang-biao.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Oct 2023 14:54:24 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2OTg3NjQwNjQ1NzksInBhY2tldElkIjoiMDAwMEE3MDEtMmY1N2RiMTAtMjM5Mi00ZjYyLTgzMjEtNTg5ODUwNmZiNGNhIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL3hpYW5nLXRpLXNoZW5nLW5hbi14aW5nLW1laS1saS16aGFvLW1pZS1saWFvLXRpYW4tbGFvLXRvbmcteHVlLXh1LWppdS1nYW8tZ3UtdG9uZy1rdWFuZy1iaWFvLmh0bWwiLCJtb2RlIjoxLCJlcnJvckNvZGUiOjEsInJlZmVycmVyIjoiIiwicGxhdGZvcm0iOiJERVNLVE9QIiwiaXNHZW5pZWUiOmZhbHNlLCJzZWN0aW9ucyI6W3sic2VjdGlvbklkIjoiODYxZTBmNWUtMTRmMC00ZmUwLWIxZjYtMzVhMjhmMzNkMjI4Iiwic2VjdGlvbk5hbWUiOiJBUF9JX0RfMzM2WDI4MF84NjFlMCIsInN0YXR1cyI6MSwibmV0d29yayI6ImFkcFRhZ3MiLCJuZXR3b3JrQWRVbml0SWQiOiJBRFBfNDI3NTNfMzM2WDI4MF84NjFlMGY1ZS0xNGYwLTRmZTAtYjFmNi0zNWEyOGYzM2QyMjgiLCJzZXJ2aWNlcyI6WzVdLCJhZFVuaXRUeXBlIjo4fV0sInBhZ2VHcm91cCI6IkFSVElDTEUiLCJwYWdlVmFyaWF0aW9uSWQiOiI5Njc1MDEyNS1iOTBjLTQ5N2EtODY5OS03MzE3MWY3YjQ5MzUiLCJwYWdlVmFyaWF0aW9uTmFtZSI6IkFkUHVzaHVwIiwicGFnZVZhcmlhdGlvblR5cGUiOjEsImNvdW50cnkiOiJDSCJ9&c_b=2997.400001525879
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xiang-ti-sheng-nan-xing-mei-li-zhao-mie-liao-tian-lao-tong-xue-xu-jiu-gao-gu-tong-kuang-biao.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Oct 2023 14:54:24 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
ads
securepubads.g.doubleclick.net/gampad/ 		45 KB
16 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3035925322168159&correlator=2730501871817633&eid=31079240&output=ldjh&gdfp_req=1&vrg=202310230101&ptt=17&impl=fif&iu_parts=103512698%3A22574853003%2C22967173653&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=2&sfv=1-0-40&ists=1&fas=8&eri=1&sc=1&cookie=ID%3Db9006376001d9785%3AT%3D1698764064%3ART%3D1698764064%3AS%3DALNI_MYqwA0M6cyUwPLq-7_IJqS8H0YPPQ&gpic=UID%3D00000caf8311e983%3AT%3D1698764064%3ART%3D1698764064%3AS%3DALNI_MZgOXJZPjiP8Dpzft0WXyqThEUK6A&arp=1&abxe=1&dt=1698764064585&lmt=1698760464&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxiang-ti-sheng-nan-xing-mei-li-zhao-mie-liao-tian-lao-tong-xue-xu-jiu-gao-gu-tong-kuang-biao.html&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=941611089.1698764064&ga_sid=1698764064&ga_hid=335915574&ga_fc=true&dlt=1698764063412&idt=901&prev_scp=stopUnfilledRefresh3%3Dd_g0_u0%26adpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D0%26fluid%3D0%26vacant_variation%3Dexperiment_bp_0%26vacant_RCA%3DE_0%26refreshcount%3D0%26refreshrate%3D30%26control_reporting%3Dchrome_DESKTOP_7_0_pv%26cluster_reporting%3Dchrome_DESKTOP_7_1_active_0_pv%26ap_refresh_type%3DAV_8%26fcEnabled%3D0&cust_params=da%3Dadx%26outbrain%3Dtrue%26ap_product%3Dadpushup%26pubmatic_eb_disable%3Dfalse%26faid%3Dfalse%26adro%3Dv8_c&adks=3412779558&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310230101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4551fcd9dadcc112744127c0bb2d260add603b57093cfb2f30e29852f3c57b87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 14:54:24 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16039
x-xss-protection
0
google-lineitem-id
6393702623
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138449155092
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl_page_level_ads.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310230101/ 		39 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310230101/pubads_impl_page_level_ads.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310230101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a03c4578f73d61ff2655eeb096a800f0bbd1da1a3477f7db4185fe2210740866
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 18:16:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
74256
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13692
x-xss-protection
0
server
cafe
etag
13787945745808829369
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Tue, 29 Oct 2024 18:16:48 GMT
testmode
e3.adpushup.com/AdPushupFeedbackWebService/feedback/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/testmode?data=eyJjcmVhdGVkVFMiOjE2OTg3NjQwNjQ1NzEsInBhY2tldElkIjoiMDAwMEE3MDEtMmY1N2RiMTAtMjM5Mi00ZjYyLTgzMjEtNTg5ODUwNmZiNGNhIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL3hpYW5nLXRpLXNoZW5nLW5hbi14aW5nLW1laS1saS16aGFvLW1pZS1saWFvLXRpYW4tbGFvLXRvbmcteHVlLXh1LWppdS1nYW8tZ3UtdG9uZy1rdWFuZy1iaWFvLmh0bWwiLCJtb2RlIjo1LCJlcnJvckNvZGUiOjEsInJlZmVycmVyIjoiIiwicGxhdGZvcm0iOiJERVNLVE9QIiwiaXNHZW5pZWUiOmZhbHNlLCJzZWN0aW9ucyI6bnVsbCwicGFnZUdyb3VwIjoiQVJUSUNMRSIsInBhZ2VWYXJpYXRpb25JZCI6Ijk2NzUwMTI1LWI5MGMtNDk3YS04Njk5LTczMTcxZjdiNDkzNSIsInBhZ2VWYXJpYXRpb25OYW1lIjoiQWRQdXNodXAiLCJwYWdlVmFyaWF0aW9uVHlwZSI6MSwiY291bnRyeSI6IkNIIn0%3D&c_b=3011
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xiang-ti-sheng-nan-xing-mei-li-zhao-mie-liao-tian-lao-tong-xue-xu-jiu-gao-gu-tong-kuang-biao.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Oct 2023 14:54:24 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
quant.js
secure.quantserve.com/ 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:5ed4:8d5d:fed7:f5ef , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
ba34abe5f7db9bccc4e96465f09ab91bf5393f22dd0acfc2c0e304dd3d94e66a

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 14:54:24 GMT
content-encoding
gzip
etag
"0nVqEbFaTM2zzuiWgn9NwQ=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Tue, 07 Nov 2023 14:54:24 GMT
floating-unit.20231031-1-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/floating-unit.20231031-1-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cf42e132308db4daf29fc5d8af08e4bef27adc3cab3082d8cc3ded5908fd3924

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
gB7WciXSxMgAeurNg1XZmpv7TsUlLwAU
content-encoding
gzip
via
1.1 varnish
date
Tue, 31 Oct 2023 14:54:24 GMT
x-amz-request-id
BDW7V62F8MZDB3CM
age
17808
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
2493
x-amz-id-2
bremx9TxUIITO2nLpdo0XFirJD86JyqsbiNk6Mg+JIqjtCmFenRnLqTwUlL2wBJeBOZGxe6VhNE=
x-served-by
cache-fra-eddf8230065-FRA
last-modified
Tue, 31 Oct 2023 09:57:36 GMT
server
AmazonS3
x-timer
S1698764065.654326,VS0,VE0
etag
"4024c2620f033047985e636b1f7a3473"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
28
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
4446
taboola-vignette-new-scanning.20231031-1-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		27 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/taboola-vignette-new-scanning.20231031-1-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1d97ed55854b9ba2188b903f4784395c01e93f77ae489172e8fe6e1be4ad61e8

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
hqBJWBIq42ZE2LAETYTLyPgFK6OCVvib
content-encoding
gzip
via
1.1 varnish
date
Tue, 31 Oct 2023 14:54:24 GMT
x-amz-request-id
790XWXW3A9KC9X71
age
17829
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
8019
x-amz-id-2
TCswqioN4ZASQu2LB7GW3GWP1UCelWj5XHnDrPCheEraOW2WAfZbDoJYLFB0waLB9VOmrRz/2jM=
x-served-by
cache-fra-eddf8230065-FRA
last-modified
Tue, 31 Oct 2023 09:57:16 GMT
server
AmazonS3
x-timer
S1698764065.656251,VS0,VE0
etag
"5408b44fea4dfec6e4712f097120d4d7"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
48
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
3632
distance-from-article.20231031-1-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/distance-from-article.20231031-1-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2216d34c7dcc4c1ae0ca523ef5c72e2588979ca3088f78f649be0d5288da27f2

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
xVoR1HYQobzeweHZTT5X.cmxNeg2pvQs
content-encoding
gzip
via
1.1 varnish
date
Tue, 31 Oct 2023 14:54:24 GMT
x-amz-request-id
320Z89Q3VGZBW23B
age
17797
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1131
x-amz-id-2
sciWjGttaaR098M474GXxAUYGtVz99UxtnyxxuHIdAVgxxHfQfA10spZm/yDxT84RSyEEFuYQY4=
x-served-by
cache-fra-eddf8230065-FRA
last-modified
Tue, 31 Oct 2023 09:57:47 GMT
server
AmazonS3
x-timer
S1698764065.690381,VS0,VE0
etag
"33c1a522b44779d2fe075f20ad15fe4d"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
8
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
51497
article-detection.20231031-1-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/article-detection.20231031-1-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c5b31d69948ec82644877bfedd33b1da2f216e9cbeb1cca98beb2d166ff2fda9

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
pf5GMMMcNNeuIRmLC49DvBW_TERIrHo8
content-encoding
gzip
via
1.1 varnish
date
Tue, 31 Oct 2023 14:54:24 GMT
x-amz-request-id
HYN9ZE220968076S
age
17789
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1290
x-amz-id-2
2WuwwONQLQAmXcjy5Ntzvt97YoXgRtOFY+y6wgQsAAPP1C/r4HRLaFRtYtZORa4xQQQXi+q10bA=
x-served-by
cache-fra-eddf8230065-FRA
last-modified
Tue, 31 Oct 2023 09:57:55 GMT
server
AmazonS3
x-timer
S1698764065.691402,VS0,VE0
etag
"59d28eee11c0f393feb0dc852e20c0c0"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
35
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
51453
article-and-feed-area-scanner.20231031-1-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/article-and-feed-area-scanner.20231031-1-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9e7db974c241558a99427dd9f07298013201747cd0b96a95d1fb166eb22f576d

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
QNdetThjg3R9YfulSklaQVLGRtB5YGHn
content-encoding
gzip
via
1.1 varnish
date
Tue, 31 Oct 2023 14:54:24 GMT
x-amz-request-id
XPVBZDHQ1J0FECV0
age
17788
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1146
x-amz-id-2
xsHJX+hbA5BZrNSU81EM/sJkvV/ksO7jp9n5PBx/98jdtovaGcp9EQF5sLI0VUdse2hXtwPm0q0=
x-served-by
cache-fra-eddf8230065-FRA
last-modified
Tue, 31 Oct 2023 09:57:56 GMT
server
AmazonS3
x-timer
S1698764065.691596,VS0,VE0
etag
"cba5b0c9b49929e69813cbbd09a4afc0"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
79
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
16945
UnitFeedManagerDesktop.min.js
vidstat.taboola.com/lite-unit/4.5.3/ 		129 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/lite-unit/4.5.3/UnitFeedManagerDesktop.min.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231031-1-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5b78162f8769a076a8a1b6410a6cbff12c3b09919848817de4d8d89e9fc34fd5

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 14:54:24 GMT
via
1.1 0c249abd36bc8d7e9154dd60b0cf8244.cloudfront.net (CloudFront), 1.1 varnish
content-encoding
gzip
x-amz-cf-pop
MAA51-C1
age
20436
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront, HIT
content-length
34965
x-served-by
cache-fra-eddf8230067-FRA
last-modified
Tue, 31 Oct 2023 09:12:39 GMT
server
AmazonS3
x-timer
S1698764065.753288,VS0,VE0
etag
"0503214c6184856a0b13f502bcc057a6"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
4oygbkeban_qYoUl6bCDpMrEy4Bg8XZ0_Jrfs8JaoGw-ufP7029nTQ==
x-cache-hits
5979
feed-card-placeholder.20231031-1-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		5 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/feed-card-placeholder.20231031-1-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
53822990c924d204a15e37673d6c36b4589c9a412a83d879ef2a9124b0ae16cc

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
0XmJuPcWDTZLM151Q6J.GGnYqSx2Qg18
content-encoding
gzip
via
1.1 varnish
date
Tue, 31 Oct 2023 14:54:24 GMT
x-amz-request-id
F5NF1PHBAH01146E
age
17803
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1262
x-amz-id-2
yi22DLHCeqLGheloaFrC5UtSbKUmWJFJucpNDNigmG3wxoL8Gp5A3SL/H39UhVsy7bkJaHHVFzk=
x-served-by
cache-fra-eddf8230065-FRA
last-modified
Tue, 31 Oct 2023 09:57:41 GMT
server
AmazonS3
x-timer
S1698764065.695246,VS0,VE0
etag
"79f49473ac2a3b66b42e318f1ee07933"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
85
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
47130
userx.20231031-1-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/userx.20231031-1-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d2ee87eebf29ad69e63d734eff3bfcf2a8fd1a4472e1b25b62981c8f5386c53f

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
lk8VVs9Em2tTftNPFX4tf6m5B2ESntge
content-encoding
gzip
via
1.1 varnish
date
Tue, 31 Oct 2023 14:54:24 GMT
x-amz-request-id
6GJ5NR21DXF2Q7V0
age
17832
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
5398
x-amz-id-2
z7LgPRlB9ydrQwBkegrxk3jchpremA6gDhsVKpvtoKO4g1L/yeIKPxaRgrx4qHevFxEZq87QYdM=
x-served-by
cache-fra-eddf8230065-FRA
last-modified
Tue, 31 Oct 2023 09:57:13 GMT
server
AmazonS3
x-timer
S1698764065.701206,VS0,VE0
etag
"957c3ab232c38cd96af72268df6cbe5b"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
49
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
13694
explore-more.20231031-1-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		26 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/explore-more.20231031-1-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
19357ba4599338efef8275b32f7810565385f2aeabdb8a98fe7ee2c2576cbbb7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
rlVTbSvfYmcs3.wA0njkvKsGuGZfTHfN
content-encoding
gzip
via
1.1 varnish
date
Tue, 31 Oct 2023 14:54:24 GMT
x-amz-request-id
EDJ695HVSV4ASSNM
age
17801
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
7706
x-amz-id-2
98unUBfvE818+eFYIPUjWNmB61Mra4LPW7phnvFF5rShtCWNu+w/1KRIro80k26c88PvMc2oaw0=
x-served-by
cache-fra-eddf8230065-FRA
last-modified
Tue, 31 Oct 2023 09:57:43 GMT
server
AmazonS3
x-timer
S1698764065.718167,VS0,VE0
etag
"9ceed42d20baa82cdb1133086d6dc129"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
13
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
22157
supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&tvi2=-2&tvi48=10143&tvi50=12238&lti=deflated&ri=fb4d4464b1ca4ff3b20b539a9a00df97&sd=v2_90e0f1320afd58808c5f36e5ad3e650f_7559baf7-a552-44c3-89bf-0808e36668dc-tuctc3a9aa0_1698764064_1698764064_CNawjgYQ2YJdGPyL6rG4MSABKAEwKziy0A1AzYgQSPGg3QNQ____________AVgAYABosa_ptcr9986tAXAA&ui=7559baf7-a552-44c3-89bf-0808e36668dc-tuctc3a9aa0&pi=/a/xiang-ti-sheng-nan-xing-mei-li-zhao-mie-liao-tian-lao-tong-xue-xu-jiu-gao-gu-tong-kuang-biao.html&wi=-5712192277976037390&pt=text&vi=1698764064252&d=%7B%22event_type%22%3A%22next_up%22%2C%22event_state%22%3A%22RENDERED%22%2C%22event_value%22%3Anull%2C%22event_msg%22%3Anull%7D&tim=15%3A54%3A24.641&id=7323&llvl=2&cv=20231031-1-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xiang-ti-sheng-nan-xing-mei-li-zhao-mie-liao-tian-lao-tong-xue-xu-jiu-gao-gu-tong-kuang-biao.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Tue, 31 Oct 2023 14:54:24 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&tvi2=-2&tvi48=10143&tvi50=12238&lti=deflated&ri=fb4d4464b1ca4ff3b20b539a9a00df97&sd=v2_90e0f1320afd58808c5f36e5ad3e650f_7559baf7-a552-44c3-89bf-0808e36668dc-tuctc3a9aa0_1698764064_1698764064_CNawjgYQ2YJdGPyL6rG4MSABKAEwKziy0A1AzYgQSPGg3QNQ____________AVgAYABosa_ptcr9986tAXAA&ui=7559baf7-a552-44c3-89bf-0808e36668dc-tuctc3a9aa0&pi=/a/xiang-ti-sheng-nan-xing-mei-li-zhao-mie-liao-tian-lao-tong-xue-xu-jiu-gao-gu-tong-kuang-biao.html&wi=-5712192277976037390&pt=text&vi=1698764064252&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22taboola-vignette-before-load%22%2C%22eventTime%22%3A1698764064642%7D&tim=15%3A54%3A24.643&id=698&llvl=2&cv=20231031-1-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xiang-ti-sheng-nan-xing-mei-li-zhao-mie-liao-tian-lao-tong-xue-xu-jiu-gao-gu-tong-kuang-biao.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Tue, 31 Oct 2023 14:54:24 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
/
track.adform.net/adfserve/
Redirect Chain
  • https://track.adform.net/adfserve/?bn=68607215;1x1inv=1;srctype=3;ord=
  • https://track.adform.net/adfserve/?CC=1&bn=68607215;1x1inv=1;srctype=3;ord=
35 B
518 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.adform.net/adfserve/?CC=1&bn=68607215;1x1inv=1;srctype=3;ord=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xiang-ti-sheng-nan-xing-mei-li-zhao-mie-liao-tian-lao-tong-xue-xu-jiu-gao-gu-tong-kuang-biao.html
Protocol
H2
Server
37.157.6.237 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Oct 2023 14:54:24 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
content-type
image/gif
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
expires
-1

Redirect headers

pragma
no-cache
date
Tue, 31 Oct 2023 14:54:24 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
content-type
text/html; charset=utf-8
location
https://track.adform.net/adfserve/?CC=1&bn=68607215;1x1inv=1;srctype=3;ord=
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
expires
-1
abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&tvi2=-2&tvi48=10143&tvi50=12238&lti=deflated&ri=fb4d4464b1ca4ff3b20b539a9a00df97&sd=v2_90e0f1320afd58808c5f36e5ad3e650f_7559baf7-a552-44c3-89bf-0808e36668dc-tuctc3a9aa0_1698764064_1698764064_CNawjgYQ2YJdGPyL6rG4MSABKAEwKziy0A1AzYgQSPGg3QNQ____________AVgAYABosa_ptcr9986tAXAA&ui=7559baf7-a552-44c3-89bf-0808e36668dc-tuctc3a9aa0&pi=/a/xiang-ti-sheng-nan-xing-mei-li-zhao-mie-liao-tian-lao-tong-xue-xu-jiu-gao-gu-tong-kuang-biao.html&wi=-5712192277976037390&pt=text&vi=1698764064252&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22block_clicks_init%22%2C%22type%22%3A%22block-clicks-manager%22%2C%22eventTime%22%3A1698764064663%7D&tim=15%3A54%3A24.664&id=2687&llvl=2&cv=20231031-1-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xiang-ti-sheng-nan-xing-mei-li-zhao-mie-liao-tian-lao-tong-xue-xu-jiu-gao-gu-tong-kuang-biao.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Tue, 31 Oct 2023 14:54:24 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
/
track.adform.net/adfserve/
Redirect Chain
  • https://track.adform.net/adfserve/?bn=68607217;1x1inv=1;srctype=3;ord=[timestamp]
  • https://track.adform.net/adfserve/?CC=1&bn=68607217;1x1inv=1;srctype=3;ord=[timestamp]
35 B
519 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.adform.net/adfserve/?CC=1&bn=68607217;1x1inv=1;srctype=3;ord=[timestamp]
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xiang-ti-sheng-nan-xing-mei-li-zhao-mie-liao-tian-lao-tong-xue-xu-jiu-gao-gu-tong-kuang-biao.html
Protocol
H2
Server
37.157.6.237 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Oct 2023 14:54:24 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
content-type
image/gif
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
expires
-1

Redirect headers

pragma
no-cache
date
Tue, 31 Oct 2023 14:54:24 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
content-type
text/html; charset=utf-8
location
https://track.adform.net/adfserve/?CC=1&bn=68607217;1x1inv=1;srctype=3;ord=[timestamp]
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
expires
-1
supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&tvi2=-2&tvi48=10143&tvi50=12238&lti=deflated&ri=fb4d4464b1ca4ff3b20b539a9a00df97&sd=v2_90e0f1320afd58808c5f36e5ad3e650f_7559baf7-a552-44c3-89bf-0808e36668dc-tuctc3a9aa0_1698764064_1698764064_CNawjgYQ2YJdGPyL6rG4MSABKAEwKziy0A1AzYgQSPGg3QNQ____________AVgAYABosa_ptcr9986tAXAA&ui=7559baf7-a552-44c3-89bf-0808e36668dc-tuctc3a9aa0&pi=/a/xiang-ti-sheng-nan-xing-mei-li-zhao-mie-liao-tian-lao-tong-xue-xu-jiu-gao-gu-tong-kuang-biao.html&wi=-5712192277976037390&pt=text&vi=1698764064252&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22ADOPTED%22%2C%22event_value%22%3A%22%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=15%3A54%3A24.703&id=1205&llvl=2&cv=20231031-1-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xiang-ti-sheng-nan-xing-mei-li-zhao-mie-liao-tian-lao-tong-xue-xu-jiu-gao-gu-tong-kuang-biao.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Tue, 31 Oct 2023 14:54:24 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=15%3A54%3A24.706&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-rec-reel-01-x-delta&llvl=2&id=2544&cv=20231031-1-RELEASE&lt=deflated&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xiang-ti-sheng-nan-xing-mei-li-zhao-mie-liao-tian-lao-tong-xue-xu-jiu-gao-gu-tong-kuang-biao.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 14:54:24 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
70363
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
90 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=15%3A54%3A24.733&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-01-x-delta&llvl=2&id=6159&cv=20231031-1-RELEASE&lt=deflated&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xiang-ti-sheng-nan-xing-mei-li-zhao-mie-liao-tian-lao-tong-xue-xu-jiu-gao-gu-tong-kuang-biao.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 14:54:24 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
70363
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=15%3A54%3A24.737&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-01-b-em-delta&llvl=2&id=8392&cv=20231031-1-RELEASE&lt=deflated&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xiang-ti-sheng-nan-xing-mei-li-zhao-mie-liao-tian-lao-tong-xue-xu-jiu-gao-gu-tong-kuang-biao.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 14:54:24 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
70363
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=15%3A54%3A24.738&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-y-em-delta&llvl=2&id=7265&cv=20231031-1-RELEASE&lt=deflated&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xiang-ti-sheng-nan-xing-mei-li-zhao-mie-liao-tian-lao-tong-xue-xu-jiu-gao-gu-tong-kuang-biao.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 14:54:25 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
70353
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=15%3A54%3A24.742&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-y-em-delta&llvl=2&id=5502&cv=20231031-1-RELEASE&lt=deflated&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xiang-ti-sheng-nan-xing-mei-li-zhao-mie-liao-tian-lao-tong-xue-xu-jiu-gao-gu-tong-kuang-biao.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 14:54:25 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
70353
f89e1763-220d-4e09-ba69-9e040548fb7a.svg
cdn.taboola.com/static/f8/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/static/f8/f89e1763-220d-4e09-ba69-9e040548fb7a.svg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xiang-ti-sheng-nan-xing-mei-li-zhao-mie-liao-tian-lao-tong-xue-xu-jiu-gao-gu-tong-kuang-biao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
cMrDKn.emLmm9kiiOOF64ulDT4DRy6LK
content-encoding
gzip
via
1.1 varnish
date
Tue, 31 Oct 2023 14:54:24 GMT
x-amz-request-id
Y1PG8J215N22T8P1
age
69
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1758
x-amz-id-2
Uw5tFQx0SXBhUtt7LR3tzPg4AwJsLw0b0pfPCtMtj2dH9WxEQG/AKgaWCN1zlzUHI1DQ4s8JfL8=
x-served-by
cache-fra-eddf8230065-FRA
last-modified
Wed, 07 Feb 2018 11:15:52 GMT
server
AmazonS3
x-timer
S1698764065.758914,VS0,VE0
etag
"b8b410e4b18d45aa2f3d9bc09cd335fb"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
abp
67
cache-control
private,max-age=31536000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
104
556587337b958cc2d8ee19d93e12cfab.png
images.taboola.com/taboola/image/fetch/c_crop%2Cf_jpg%2Cq_auto%2Ce_sharpen%2Car_1.3333%2Cw_836%2Cx_218%2Cy_0/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		34 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/c_crop%2Cf_jpg%2Cq_auto%2Ce_sharpen%2Car_1.3333%2Cw_836%2Cx_218%2Cy_0/http%3A//cdn.taboola.com/libtrc/static/thumbnails/556587337b958cc2d8ee19d93e12cfab.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xiang-ti-sheng-nan-xing-mei-li-zhao-mie-liao-tian-lao-tong-xue-xu-jiu-gao-gu-tong-kuang-biao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
f485f11880adf3bcb0bd5025e93a41363914c293f82917983d75e6daa7819432

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Tue, 31 Oct 2023 14:54:24 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/c_crop%2Cf_jpg%2Cq_auto%2Ce_sharpen%2Car_1.3333%2Cw_836%2Cx_218%2Cy_0/http%3A//cdn.taboola.com/libtrc/static/thumbnails/556587337b958cc2d8ee19d93e12cfab.png
age
2159409
edge-cache-tag
571093611448702855819003728936478579448,569555699278174966562324432832402117191,29ecf9b93bbf306179626feeda1fab70
cache-tag
571093611448702855819003728936478579448,569555699278174966562324432832402117191,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, HIT, MISS, MISS, HIT
x-envoy-upstream-service-time
123
req-referer
https://food.walla.co.il/
content-length
34758
x-request-id
ec95cb838e8190016324b888f01d023c
x-backend-name
US_nlb102
x-served-by
cache-iad-kiad7000095-IAD, cache-iad-kjyo7100121-IAD, cache-iad-kcgs7200167-IAD, cache-fra-eddf8230065-FRA
last-modified
Fri, 06 Oct 2023 15:04:05 GMT
server
nginx
surrogate-reporting
width=836,height=627,bytes=55175,owidth=1200,oheight=627,obytes=878284
x-timer
S1698764065.809411,VS0,VE1
etag
"8aa92ab5e735c31af9fad865586ab0fa"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 0, 0, 1
556587337b958cc2d8ee19d93e12cfab.png
images.taboola.com/taboola/image/fetch/c_crop%2Cf_jpg%2Cq_auto%2Ce_sharpen%2Car_2%2Cw_1200%2Cx_0%2Cy_14/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		39 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/c_crop%2Cf_jpg%2Cq_auto%2Ce_sharpen%2Car_2%2Cw_1200%2Cx_0%2Cy_14/http%3A//cdn.taboola.com/libtrc/static/thumbnails/556587337b958cc2d8ee19d93e12cfab.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xiang-ti-sheng-nan-xing-mei-li-zhao-mie-liao-tian-lao-tong-xue-xu-jiu-gao-gu-tong-kuang-biao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
a9fc2af3b136e2e19f34559b99ef072c2cd8f225da94fc4941a0fc2e0f7111b6

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Tue, 31 Oct 2023 14:54:24 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/c_crop%2Cf_jpg%2Cq_auto%2Ce_sharpen%2Car_2%2Cw_1200%2Cx_0%2Cy_14/http%3A//cdn.taboola.com/libtrc/static/thumbnails/556587337b958cc2d8ee19d93e12cfab.png
age
1196591
edge-cache-tag
571093611448702855819003728936478579448,320250389758016356541734899280850199043,29ecf9b93bbf306179626feeda1fab70
cache-tag
571093611448702855819003728936478579448,320250389758016356541734899280850199043,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, MISS, MISS, HIT
x-envoy-upstream-service-time
566
req-referer
https://ads.taboola.com/
content-length
39890
x-request-id
7c528c426a81ebc2c6ba087518b24142
x-backend-name
US_nlb104
x-served-by
cache-iad-kiad7000026-IAD, cache-iad-kjyo7100064-IAD, cache-iad-kiad7000089-IAD, cache-fra-eddf8230065-FRA
last-modified
Fri, 06 Oct 2023 15:04:05 GMT
server
nginx
surrogate-reporting
width=1200,height=600,bytes=65878,owidth=1200,oheight=627,obytes=878284
x-timer
S1698764065.808791,VS0,VE1
etag
"a1821bbadff0d9aa0c7ca3933284b008"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 1
59dc2ff7d57394a42f2e1770eccf577d.jpg
images.taboola.com/taboola/image/fetch/h_256,w_460,c_fill,g_xy_center,x_526,y_397/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/h_256,w_460,c_fill,g_xy_center,x_526,y_397/http%3A//cdn.taboola.com/libtrc/static/thumbnails/59dc2ff7d57394a42f2e1770eccf577d.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xiang-ti-sheng-nan-xing-mei-li-zhao-mie-liao-tian-lao-tong-xue-xu-jiu-gao-gu-tong-kuang-biao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
c1046a7b5f56b3c23e1162005cfc50b1f0af39546ed1f194f63a1613acf2dea4

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Tue, 31 Oct 2023 14:54:24 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/h_256,w_460,c_fill,g_xy_center,x_526,y_397/http%3A//cdn.taboola.com/libtrc/static/thumbnails/59dc2ff7d57394a42f2e1770eccf577d.jpg
age
2461514
edge-cache-tag
553345370031307653688610699912439950752,547259280119040429728062571465126378377,29ecf9b93bbf306179626feeda1fab70
cache-tag
553345370031307653688610699912439950752,547259280119040429728062571465126378377,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
113
expiration
expiry-date="Fri, 01 Sep 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.tvmovie.de/
content-length
10060
x-backend-name
CH_nlb803
x-served-by
cache-iad-kiad7000160-IAD, cache-iad-kiad7000147-IAD, cache-iad-kcgs7200057-IAD, cache-fra-eddf8230065-FRA
last-modified
Tue, 01 Aug 2023 05:55:16 GMT
server
nginx
x-timer
S1698764065.839284,VS0,VE0
etag
"d5f7a809c5582096c3cb0ce65205e40b"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1083, 3
07dc2ca6c213ededa6e841d37d705337.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/07dc2ca6c213ededa6e841d37d705337.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xiang-ti-sheng-nan-xing-mei-li-zhao-mie-liao-tian-lao-tong-xue-xu-jiu-gao-gu-tong-kuang-biao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
a80bee4581430d3aacce9439e57e78ac2172de6b98d4bf097dc6f0c6e61787ad

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Tue, 31 Oct 2023 14:54:24 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/07dc2ca6c213ededa6e841d37d705337.png
age
367914
edge-cache-tag
420473731004065382862962842851473737520,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
cache-tag
420473731004065382862962842851473737520,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
457
req-referer
https://www.freenet.de/
content-length
8774
x-request-id
c769fecdf6912f73857b2dc3190743f8
x-backend-name
LA_nlb201
x-served-by
cache-iad-kjyo7100073-IAD, cache-iad-kcgs7200027-IAD, cache-lax-kwhp1940102-LAX, cache-iad-kcgs7200071-IAD, cache-fra-eddf8230065-FRA
last-modified
Thu, 26 Oct 2023 15:59:55 GMT
server
nginx
surrogate-reporting
width=460,height=256,bytes=15495,owidth=1200,oheight=800,obytes=1028888
x-timer
S1698764065.842503,VS0,VE1
etag
"af7979d1c878e7c4e41b78c0b5cf4ef3"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 1, 1
417e5ea51c1f49009f541bbdfeaa66fc.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/417e5ea51c1f49009f541bbdfeaa66fc.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xiang-ti-sheng-nan-xing-mei-li-zhao-mie-liao-tian-lao-tong-xue-xu-jiu-gao-gu-tong-kuang-biao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
56b2dbb7c2afde1b2aad1a71fedfa0dfcb9ec542de73e8859cee0a8a237d3d6c

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Tue, 31 Oct 2023 14:54:24 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/417e5ea51c1f49009f541bbdfeaa66fc.png
age
1196749
edge-cache-tag
312134382581287876598859566865354033279,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag
312134382581287876598859566865354033279,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, HIT, HIT, MISS, HIT
x-envoy-upstream-service-time
308
req-referer
https://sports.walla.co.il/
content-length
17032
x-request-id
61d97148655620ba6e8743b7b3fd58ae
x-backend-name
LA_nlb203
x-served-by
cache-iad-kjyo7100106-IAD, cache-iad-kiad7000127-IAD, cache-sna10733-LGB, cache-iad-kcgs7200043-IAD, cache-fra-eddf8230065-FRA
last-modified
Fri, 06 Oct 2023 15:01:33 GMT
server
nginx
surrogate-reporting
width=1200,height=600,bytes=46784,owidth=1200,oheight=627,obytes=599989
x-timer
S1698764065.867932,VS0,VE1
etag
"ecb9eb0da4a626f19dd8d744667c596a"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 4, 1, 0, 1
86574f591fba8b39df23e108d283f3eb.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/86574f591fba8b39df23e108d283f3eb.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xiang-ti-sheng-nan-xing-mei-li-zhao-mie-liao-tian-lao-tong-xue-xu-jiu-gao-gu-tong-kuang-biao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
0229b8f7cef98381e5f09831075229b0d2a1345e745a52ea7647af903df4c77a

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Tue, 31 Oct 2023 14:54:24 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/86574f591fba8b39df23e108d283f3eb.png
age
6774197
edge-cache-tag
412083265689155651703582395471601615704,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
412083265689155651703582395471601615704,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache
HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
162
expiration
expiry-date="Mon, 04 Sep 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.welingelichtekringen.nl/
content-length
15838
x-backend-name
CH_nlb803
x-served-by
cache-iad-kjyo7100026-IAD, cache-iad-kiad7000111-IAD, cache-iad-kiad7000026-IAD, cache-fra-eddf8230065-FRA
last-modified
Fri, 04 Aug 2023 13:06:08 GMT
server
nginx
x-timer
S1698764065.870705,VS0,VE0
etag
"31b3e1f176fa992927126e5c2f0323fb"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 3365, 2
43070a1e5ab7686fbead44200a6528f5.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/43070a1e5ab7686fbead44200a6528f5.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xiang-ti-sheng-nan-xing-mei-li-zhao-mie-liao-tian-lao-tong-xue-xu-jiu-gao-gu-tong-kuang-biao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
cdca4dd1b18840912f67f332e5fb77b74ac2e6895e26a8ac2b654a8860e6a965

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Tue, 31 Oct 2023 14:54:24 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/43070a1e5ab7686fbead44200a6528f5.png
age
446139
edge-cache-tag
384792350942377975241828705777100123573,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
384792350942377975241828705777100123573,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
98
req-referer
https://lankacnews.com/
content-length
9422
x-request-id
216dc36e4ccc15fbe024a4951532bb92
x-backend-name
LA_nlb202
x-served-by
cache-iad-kiad7000125-IAD, cache-iad-kjyo7100036-IAD, cache-lax-kwhp1940107-LAX, cache-iad-kjyo7100138-IAD, cache-fra-eddf8230065-FRA
last-modified
Thu, 26 Oct 2023 10:58:47 GMT
server
nginx
surrogate-reporting
width=1000,height=555,bytes=50587,owidth=1000,oheight=600,obytes=853223
x-timer
S1698764065.899208,VS0,VE0
etag
"1f26141cbe4c96da6bed78351420fe22"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 1, 2, 2
556587337b958cc2d8ee19d93e12cfab.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		33 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/556587337b958cc2d8ee19d93e12cfab.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xiang-ti-sheng-nan-xing-mei-li-zhao-mie-liao-tian-lao-tong-xue-xu-jiu-gao-gu-tong-kuang-biao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
a369fda3e1c07ddcdf6e095e9beee003a6746dd87b9aad098d1fcca7499b77f3

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Tue, 31 Oct 2023 14:54:24 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/556587337b958cc2d8ee19d93e12cfab.png
age
1198571
edge-cache-tag
571093611448702855819003728936478579448,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
571093611448702855819003728936478579448,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, HIT, HIT, MISS, HIT
x-envoy-upstream-service-time
353
req-referer
https://www.9tv.co.il/
content-length
34186
x-request-id
2cf082cb1217291e0423370943c24866
x-backend-name
CH_nlb803
x-served-by
cache-iad-kjyo7100166-IAD, cache-iad-kjyo7100093-IAD, cache-lga21977-LGA, cache-iad-kjyo7100078-IAD, cache-fra-eddf8230065-FRA
last-modified
Fri, 06 Oct 2023 15:04:05 GMT
server
nginx
surrogate-reporting
width=1128,height=627,bytes=61064,owidth=1200,oheight=627,obytes=878284
x-timer
S1698764065.899332,VS0,VE1
etag
"3d440aa16be4ebbbbfa1e9cdb4a82381"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 5, 1, 0, 1
59dc2ff7d57394a42f2e1770eccf577d.jpg
images.taboola.com/taboola/image/fetch/h_523,w_940,c_fill,g_xy_center,x_526,y_397/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/h_523,w_940,c_fill,g_xy_center,x_526,y_397/http%3A//cdn.taboola.com/libtrc/static/thumbnails/59dc2ff7d57394a42f2e1770eccf577d.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xiang-ti-sheng-nan-xing-mei-li-zhao-mie-liao-tian-lao-tong-xue-xu-jiu-gao-gu-tong-kuang-biao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
b8b237d6b17c68a05bc377ae355cdadc36ecc1cc37a1053bc79c2aa0e307b169

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
2
date
Tue, 31 Oct 2023 14:54:24 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/h_523,w_940,c_fill,g_xy_center,x_526,y_397/http%3A//cdn.taboola.com/libtrc/static/thumbnails/59dc2ff7d57394a42f2e1770eccf577d.jpg
age
2465355
edge-cache-tag
553345370031307653688610699912439950752,402479757437519981525365986995415241909,29ecf9b93bbf306179626feeda1fab70
cache-tag
553345370031307653688610699912439950752,402479757437519981525365986995415241909,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
269
expiration
expiry-date="Fri, 01 Sep 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.desired.de/
content-length
29394
x-backend-name
CH_nlb802
x-served-by
cache-iad-kcgs7200115-IAD, cache-iad-kjyo7100118-IAD, cache-iad-kcgs7200071-IAD, cache-fra-eddf8230065-FRA
last-modified
Tue, 01 Aug 2023 07:44:45 GMT
server
nginx
x-timer
S1698764065.933696,VS0,VE2
etag
"a8139c2d2ea8fa23ad77f4b509ad1b5b"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 72, 1
417e5ea51c1f49009f541bbdfeaa66fc.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/417e5ea51c1f49009f541bbdfeaa66fc.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xiang-ti-sheng-nan-xing-mei-li-zhao-mie-liao-tian-lao-tong-xue-xu-jiu-gao-gu-tong-kuang-biao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
1a7af48d2ba500b47a74510b60e7de2393049cab03c78d380573f25d99161bc2

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Tue, 31 Oct 2023 14:54:24 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/417e5ea51c1f49009f541bbdfeaa66fc.png
age
2159568
edge-cache-tag
312134382581287876598859566865354033279,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
312134382581287876598859566865354033279,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, HIT, MISS, MISS, HIT
x-envoy-upstream-service-time
256
req-referer
https://gameofglam.com/
content-length
18964
x-request-id
7ab731d23c265d32b21fb0ec53b0e10f
x-backend-name
US_nlb103
x-served-by
cache-iad-kcgs7200051-IAD, cache-iad-kjyo7100124-IAD, cache-ewr18156-EWR, cache-iad-kcgs7200144-IAD, cache-fra-eddf8230065-FRA
last-modified
Fri, 06 Oct 2023 15:01:33 GMT
server
nginx
surrogate-reporting
width=1128,height=627,bytes=48172,owidth=1200,oheight=627,obytes=599989
x-timer
S1698764065.933617,VS0,VE0
etag
"19f6178a71b10554d519c8499e57abcb"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 8, 0, 0, 2
07dc2ca6c213ededa6e841d37d705337.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		31 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/07dc2ca6c213ededa6e841d37d705337.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xiang-ti-sheng-nan-xing-mei-li-zhao-mie-liao-tian-lao-tong-xue-xu-jiu-gao-gu-tong-kuang-biao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
431919aa163afc4f5007d7f57f63c1169c466fc6877ba80b0dba40f2eb9c8c2c

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Tue, 31 Oct 2023 14:54:24 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/07dc2ca6c213ededa6e841d37d705337.png
age
426189
edge-cache-tag
420473731004065382862962842851473737520,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
420473731004065382862962842851473737520,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
209
req-referer
https://www.tag24.de/
content-length
31418
x-request-id
4b1d5b65ad5639fcf0aa8d7039412a92
x-backend-name
US_nlb102
x-served-by
cache-iad-kcgs7200128-IAD, cache-iad-kiad7000089-IAD, cache-iad-kiad7000031-IAD, cache-fra-eddf8230065-FRA
last-modified
Thu, 26 Oct 2023 15:59:55 GMT
server
nginx
surrogate-reporting
width=1200,height=666,bytes=61369,owidth=1200,oheight=800,obytes=1028888
x-timer
S1698764065.965053,VS0,VE1
etag
"90625b2cf60f81b149091c195455d509"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 1, 1
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20231031
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
27a91da912b7d55b674d7e51169624fba807e89df16c07fcd62ef55544abf77c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 31 Oct 2023 14:54:24 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
39208
x-jsd-version
1.0.1859
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230057-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"63f-4Riadzkv+h1VXHbM78JubGR5oDI"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9oZipwef78IX2%2FphUv00HUl1JhtYEf7cV8zNBGVMt5LQFAV8VhAxtYs4NvIFKPH8r%2FY%2Fzy581%2F3G0N%2FetatNEx7HeEZbwPzQwqZXdXCQR%2FwAX1EkJstsVDc9tDJ38RFT9s5SDkdyO5yKkZ0ElGg%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
81ecbbad68ea9c0d-FRA
cdb
bidder.criteo.com/ 		0
189 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=35&wv=7.48.0&cb=35775762555&lsavail=0
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.bg3.co
date
Tue, 31 Oct 2023 14:54:24 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
prebid
ib.adnxs.com/ut/v3/ 		34 KB
17 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
f7a397b5050ce15faf422776536b460ce298364935ebc77a8d488f7b3107d92b
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 31 Oct 2023 14:54:25 GMT
content-encoding
gzip
an-x-request-uuid
b9f434c0-7e89-4f06-bdfc-9ad17e25e112
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
vary
Accept-Encoding
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
195.206.105.130; 195.206.105.130; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
auction
tlx.3lift.com/header/ 		19 B
684 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=7.48.0&referrer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxiang-ti-sheng-nan-xing-mei-li-zhao-mie-liao-tian-lao-tong-xue-xu-jiu-gao-gu-tong-kuang-biao.html&tmax=2500
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.195.81.68 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-81-68.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 31 Oct 2023 14:54:24 GMT
accept-ch
user-agent,sec-ch-width,sec-ch-viewport-height,sec-ch-save-data,sec-ch-ect,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-device-memory,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-full-version,sec-ch-ua-arch,sec-ch-rtt,sec-ch-ua-mobile,sec-ch-viewport-width,sec-ch-downlink,sec-ch-ua-full-version-list,sec-ch-prefers-color-scheme,sec-ch-ua-platform,sec-ch-dpr
x-auction-status
29, 29, 29, 29, 29, 29, 29, 29, 29, 29
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
prebid-request
onetag-sys.com/ 		15 B
358 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://www.bg3.co
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
adreq
ads.servenobid.com/ 		592 B
668 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/adreq?cb=1785
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.213.237.149 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-213-237-149.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
0d7ca87f6e389a371dbcd1dd579bbdfe40bcc54e157c2f3aecde2722662bc5dd

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 31 Oct 2023 14:54:25 GMT
content-encoding
gzip
amp-access-control-allow-source-origin
*
vary
accept-encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
bid-request
a.teads.tv/hb/ 		16 B
493 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.21.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-21-51.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 31 Oct 2023 14:54:25 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Tue, 31 Oct 2023 14:54:25 GMT
v1
hb-api.omnitagjs.com/hb-api/prebid/ 		3 B
517 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxiang-ti-sheng-nan-xing-mei-li-zhao-mie-liao-tian-lao-tong-xue-xu-jiu-gao-gu-tong-kuang-biao.html&PageUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxiang-ti-sheng-nan-xing-mei-li-zhao-mie-liao-tian-lao-tong-xue-xu-jiu-gao-gu-tong-kuang-biao.html&PageReferrer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxiang-ti-sheng-nan-xing-mei-li-zhao-mie-liao-tian-lao-tong-xue-xu-jiu-gao-gu-tong-kuang-biao.html&CanonicalUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxiang-ti-sheng-nan-xing-mei-li-zhao-mie-liao-tian-lao-tong-xue-xu-jiu-gao-gu-tong-kuang-biao.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.241.26.2 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-241-26-2.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
37517e5f3dc66819f61f5a7bb8ace1921282415f10551d2defa5c3eb0985b570
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 31 Oct 2023 14:54:25 GMT
via
kong/2.8.4
x-content-type-options
nosniff
x-kong-proxy-latency
0
p3p
CP="CAO PSA OUR"
x-kong-upstream-latency
9
content-length
3
pragma
no-cache
access-control-max-age
3600
access-control-allow-methods
OPTIONS, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Accept-Encoding
access-control-allow-headers
Accept-Encoding, Content-Type
expires
0
pbjs
htlb.casalemedia.com/openrtb/ 		11 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=693656
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
255d064cf8686e4154dac32e6f6ba8143ec1ed434e203bdf341bc64ccee2f482

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 31 Oct 2023 14:54:25 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tIwdf2MSmqKnEUh5%2Bn4NY4OnC4CfSjcIp79J38uGk2NZ1IKx9noHphoq9BYCqvlRQ3vEQWLssGOM6muY7DNGUz%2BLnGNxSiBZCkKFWccWf%2FhJdiNYWqTIk7vhOgFVbMCWfRz5TdmK"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
81ecbbadcc154d94-FRA
alt-svc
h3=":443"; ma=86400
expires
0
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
305 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=693656
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
956101386f1e4f7c766aab85f2582fd4bc1761a2c66e426bfc847cd4d29dd137

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 31 Oct 2023 14:54:24 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cpM9yakNWOKHPOqAgfVRvjdCkwovt0Ic2x2tMOcF6aw0CaZ1qkhWy%2BTQu0FtmrAXB9XmDTh2m5s6BDrSXPDB4905aP48o4qabyraeJSBj6Qgofy5jDRKoDP0440O5HI6SDESgTZN"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
81ecbbadcc174d94-FRA
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
545 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=693656
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
956101386f1e4f7c766aab85f2582fd4bc1761a2c66e426bfc847cd4d29dd137

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 31 Oct 2023 14:54:24 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FYN25%2BCQZY9rzBL3YZFYagEBPkIVLHtPV%2Fnxdjf5YyiMIWVBHuyECRpq7WIrYeJ3MrYX3JQmE7l8jiwrnq43b36sDJCZWsul1HVz78FSW996gGklwb1JSmYqlDOVLuK5gH5M1gkI"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
81ecbbadcc124d94-FRA
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
prebid
prebid.media.net/rtb/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUPEPKI9
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
153.63.120.34.bc.googleusercontent.com
Software
envoy /
Resource Hash
a5842f0012f62a7afb70927bad232eb7038549e7e2fb2b8efeff9f3af4bc5d7c

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 31 Oct 2023 14:54:24 GMT
via
1.1 google
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
server
envoy
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
151
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 31 Oct 2023 14:54:24 GMT
/
prebid.smilewanted.com/ 		0
306 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 31 Oct 2023 14:54:24 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
81ecbbaddb8e9bb2-FRA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
/
prebid.smilewanted.com/ 		0
35 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 31 Oct 2023 14:54:24 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
81ecbbaddb919bb2-FRA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
c
prebid.a-mo.net/a/ 		0
274 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.97.66 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.bg3.co
date
Tue, 31 Oct 2023 14:54:24 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
10
server
envoy
vary
origin, Accept-Encoding
prebidjs
rtb.openx.net/openrtbb/ 		53 B
153 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
/
Resource Hash
fef1165b124fd1d0a4374137f7e1def786829e48dcc580b6e90e2cc364a08258

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 31 Oct 2023 14:54:24 GMT
content-encoding
gzip
via
1.1 google
vary
Origin
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77
prebidjs
rtb.openx.net/openrtbb/ 		0
41 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.bg3.co
date
Tue, 31 Oct 2023 14:54:24 GMT
via
1.1 google
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
vary
Origin
prebidjs
rtb.openx.net/openrtbb/ 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.bg3.co
date
Tue, 31 Oct 2023 14:54:24 GMT
via
1.1 google
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
vary
Origin
auction
prebid-server.rubiconproject.com/openrtb2/ 		184 B
466 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.173.144.137 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
504327d812a644280bb0e65ce52a752b6f04baa8de92778a8acfa23a96aa597b

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
content-encoding
gzip
x-prebid
pbs-java/2.1.0
Content-Type
application/json
access-control-allow-origin
https://www.bg3.co
Cache-Control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
173
Expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		28 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20616&site_id=395958&zone_id=2209398&size_id=15%3B2&alt_size_ids=2%2C1%2C13%2C14%2C19%2C43%2C44%2C117%3B1%2C43%2C44%2C55&rp_schain=1.0,1!adpushup.com,062d9a21f747ddee7c25d4297776e0aa,1,,,&eid_pubcid.org=6a9454b4-fd18-4756-98a3-7508aff95eb3%5E1&rf=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxiang-ti-sheng-nan-xing-mei-li-zhao-mie-liao-tian-lao-tong-xue-xu-jiu-gao-gu-tong-kuang-biao.html&kw=%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E%EF%BC%8C%E6%83%B3%E6%8F%90%E5%8D%87%E7%94%B7%E6%80%A7%E9%AD%85%E5%8A%9B%EF%BC%9F%E6%89%BE%E5%92%A9%E8%81%8A%E5%A4%A9%E3%80%81%E8%80%81%E5%90%8C%E5%AD%B8%E6%95%98%E8%88%8A...%E7%9D%BE%E5%9B%BA%E9%85%AE%E7%8B%82%E9%A3%86&tg_i.domain=bg3.co&tg_i.page=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxiang-ti-sheng-nan-xing-mei-li-zhao-mie-liao-tian-lao-tong-xue-xu-jiu-gao-gu-tong-kuang-biao.html&tk_flint=pbjs_lite_v7.48.0&x_source.tid=f2943337-ffec-4426-8b7e-3cc3aa2ee378%3Ba2282e02-d3b1-4723-8d26-193d98141fcb&l_pb_bid_id=7003b7cd017f1b%3B71ae0747d39af36&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=f2943337-ffec-4426-8b7e-3cc3aa2ee378%3Ba2282e02-d3b1-4723-8d26-193d98141fcb&rp_maxbids=1&slots=2&rand=0.0912533278352261
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
2184ab8caeec4854f105785f0bbf7ca0c91d0ce66b9c8324fedad90c872ca22c

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 31 Oct 2023 14:54:25 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
hbjson
grid.bidswitch.net/ 		24 B
361 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://grid.bidswitch.net/hbjson
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.72.190.56 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-72-190-56.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
bef3b38bc159405848cea8b379aa0be149b31321a55a59e434d85c5f4c5c4fb2

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 31 Oct 2023 14:54:25 GMT
Content-Encoding
gzip
Server
nginx
Content-Type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
49
next-up-widget.20231031-1-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/next-up-widget.20231031-1-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
79800f3b00da5826f662b804105879cd9a8013f90a89d825e6675c0a9abdfa8e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
nQ8Mnu27GlOP2a7CUIFCeVlBOn1sodKd
content-encoding
gzip
via
1.1 varnish
date
Tue, 31 Oct 2023 14:54:24 GMT
x-amz-request-id
HTN631S5KJY1SM1D
age
17811
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
4623
x-amz-id-2
2ZZHXmVgamu+Z24IhOdrzIITx/JaaUKhQFlroqtYlGIKSciMcCAhm7ziEIvsNWDI/1EUdY4tTPU=
x-served-by
cache-fra-eddf8230065-FRA
last-modified
Tue, 31 Oct 2023 09:57:32 GMT
server
AmazonS3
x-timer
S1698764065.893969,VS0,VE0
etag
"4bc27c456e0d1f594a8c90f73c6708a2"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
28
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
4316
impress
ad.vidverto.io/delivery/ 		56 KB
20 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/delivery/impress?ctype=div&width=720&height=405&tld=www.bg3.co&pzoneid=9799&in_iframe=&position=atf&screen_width=1600&screen_height=1200&top_domain=www.bg3.co&top_url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxiang-ti-sheng-nan-xing-mei-li-zhao-mie-liao-tian-lao-tong-xue-xu-jiu-gao-gu-tong-kuang-biao.html&domain=www.bg3.co&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxiang-ti-sheng-nan-xing-mei-li-zhao-mie-liao-tian-lao-tong-xue-xu-jiu-gao-gu-tong-kuang-biao.html&referrer=&async=1&uid=5598114363&gdpr=0&gdpr_consent=
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.165.240.175 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-165-240-175.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e07f6815d25792da1b4b3cd8a7d1b0705a2fbdf120d615f0b80c90a152d30fc2

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://www.bg3.co
date
Tue, 31 Oct 2023 14:54:24 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
application/json; charset=utf-8
rules-p-54Nt-1NAaEEe0.js
rules.quantcount.com/ 		160 B
634 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-54Nt-1NAaEEe0.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211a:de00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
edc30a0e05622f71d52d07a0b7b5e94e654ee06854f893be1954336730eb0db6

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 14:48:19 GMT
via
1.1 b0311c7e530c126dd286898583b59e4c.cloudfront.net (CloudFront)
x-amz-cf-pop
VIE50-C2
age
367
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
160
last-modified
Thu, 13 Oct 2022 15:29:19 GMT
server
AmazonS3
etag
"05b131079c67d484167fd1b1f6c79577"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
2D3anI_n7OzXDrYa-3r3n2G5KFKu7wmUYjQpH2mgKCDGK2DDYVJiLg==
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 6D7C 		24 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3c75025cc0d5b1810cdabbaea50b98c01ea6cab7d8578ae3def95c4b6116f512
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 14:54:25 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10062
x-xss-protection
0
server
cafe
etag
14442513850217767837
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 31 Oct 2023 14:54:25 GMT
cookieSyncIframe.html
cdn.aralego.net/ucfad/cookie/ Frame 6DB6 		714 B
786 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:467 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
47b193b0d3ac7fcb7bf22555b602c310145a0f6c1fd9acae397c121b22203f19

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
age
7568
alt-svc
h3=":443"; ma=86400
cache-control
max-age=14400
cf-cache-status
HIT
cf-ray
81ecbbadacea5b5c-FRA
content-encoding
br
content-type
text/html
date
Tue, 31 Oct 2023 14:54:24 GMT
last-modified
Wed, 09 Feb 2022 05:59:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5I%2FzrCvrHpYQMhCBrJOhMaz0kNBBWRueCdlRTtq1BABwh3byYKgImBW%2FKSfCvr%2FOcpHn%2BTgFTfoiSxPB%2B8FYcI34vkowexBkG8h0LC7tLkwPRXMSVaC9yP3bpxSiOFWmsJPTeiotngucKgy9Xw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 7218
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adiiix
  • https://eus.rubiconproject.com/usync.html?p=adiiix
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=adiiix
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.221.169.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-169-246.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 31 Oct 2023 14:54:25 GMT
ETag
"4014f-119-6051b805b8000"
Last-Modified
Mon, 11 Sep 2023 20:52:16 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Tue, 31 Oct 2023 14:54:25 GMT
location
https://eus.rubiconproject.com/usync.html?p=adiiix
server
AkamaiGHost
generic
match.adsrvr.org/track/cmf/
Redirect Chain
  • https://sync.aralego.com/idsync?euconsent-v2=${GDPR_CONSENT_607}&
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
70 B
149 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xiang-ti-sheng-nan-xing-mei-li-zhao-mie-liao-tian-lao-tong-xue-xu-jiu-gao-gu-tong-kuang-biao.html
Protocol
H2
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 14:54:25 GMT
server
Kestrel
content-length
70
content-type
image/gif

Redirect headers

Location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
Date
Tue, 31 Oct 2023 14:54:25 GMT
Connection
close
Content-Length
111
Vary
Accept, Accept-Encoding
Content-Type
text/plain; charset=utf-8
abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&tvi2=-2&tvi48=10143&tvi50=12238&lti=deflated&ri=fb4d4464b1ca4ff3b20b539a9a00df97&sd=v2_90e0f1320afd58808c5f36e5ad3e650f_7559baf7-a552-44c3-89bf-0808e36668dc-tuctc3a9aa0_1698764064_1698764064_CNawjgYQ2YJdGPyL6rG4MSABKAEwKziy0A1AzYgQSPGg3QNQ____________AVgAYABosa_ptcr9986tAXAA&ui=7559baf7-a552-44c3-89bf-0808e36668dc-tuctc3a9aa0&pi=/a/xiang-ti-sheng-nan-xing-mei-li-zhao-mie-liao-tian-lao-tong-xue-xu-jiu-gao-gu-tong-kuang-biao.html&wi=-5712192277976037390&pt=text&vi=1698764064252&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22taboola-vignette-script-loaded%22%2C%22type%22%3A%22%7B%5C%22timeFromLoad%5C%22%3A1492%7D%22%2C%22eventTime%22%3A1698764064901%7D&tim=15%3A54%3A24.901&id=1513&llvl=2&cv=20231031-1-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xiang-ti-sheng-nan-xing-mei-li-zhao-mie-liao-tian-lao-tong-xue-xu-jiu-gao-gu-tong-kuang-biao.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Tue, 31 Oct 2023 14:54:25 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&tvi2=-2&tvi48=10143&tvi50=12238&lti=deflated&ri=fb4d4464b1ca4ff3b20b539a9a00df97&sd=v2_90e0f1320afd58808c5f36e5ad3e650f_7559baf7-a552-44c3-89bf-0808e36668dc-tuctc3a9aa0_1698764064_1698764064_CNawjgYQ2YJdGPyL6rG4MSABKAEwKziy0A1AzYgQSPGg3QNQ____________AVgAYABosa_ptcr9986tAXAA&ui=7559baf7-a552-44c3-89bf-0808e36668dc-tuctc3a9aa0&pi=/a/xiang-ti-sheng-nan-xing-mei-li-zhao-mie-liao-tian-lao-tong-xue-xu-jiu-gao-gu-tong-kuang-biao.html&wi=-5712192277976037390&pt=text&vi=1698764064252&d=%7B%22event_type%22%3A%22distance_from_article%22%2C%22event_state%22%3A%22reported%22%2C%22event_value%22%3A%22304.0625%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=15%3A54%3A24.924&id=7251&llvl=2&cv=20231031-1-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xiang-ti-sheng-nan-xing-mei-li-zhao-mie-liao-tian-lao-tong-xue-xu-jiu-gao-gu-tong-kuang-biao.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Tue, 31 Oct 2023 14:54:24 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=15%3A54%3A24.933&type=warn&msg=TRC.TranslationsManager%20-%20missing%20feature%20in%20translationMap%3A%20userx.&llvl=2&id=6731&cv=20231031-1-RELEASE&lt=deflated&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xiang-ti-sheng-nan-xing-mei-li-zhao-mie-liao-tian-lao-tong-xue-xu-jiu-gao-gu-tong-kuang-biao.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 14:54:25 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
70353
css2
fonts.googleapis.com/ 		20 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231031-1-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a44f5d561cd3e602e092304c1356809a206492fa189be1c11d923e8e768b06b5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 31 Oct 2023 14:54:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 31 Oct 2023 13:53:53 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 31 Oct 2023 14:54:25 GMT
spa-detector.20231031-1-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/spa-detector.20231031-1-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9fe2e6ad5eed2376cb95ece090319a59757d866056ea4ccba0379125e3548a0c

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
Pffo2hXzvypDt2Au4UMY6gKL50ptJbAD
content-encoding
gzip
via
1.1 varnish
date
Tue, 31 Oct 2023 14:54:24 GMT
x-amz-request-id
G7989T4YPEJ3SVJN
age
17820
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
777
x-amz-id-2
ZzOuD6/F5yY3C0kvkz6QwzoEbUVwXliBj0hs8hxYaf6W6SRteTr/cT9pDcjkuldLpv+C1bl3DCo=
x-served-by
cache-fra-eddf8230065-FRA
last-modified
Tue, 31 Oct 2023 09:57:25 GMT
server
AmazonS3
x-timer
S1698764065.956066,VS0,VE0
etag
"390e81cf514f9fa4daeeaed87073757e"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
32
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
22906
supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&tvi2=-2&tvi48=10143&tvi50=12238&lti=deflated&ri=fb4d4464b1ca4ff3b20b539a9a00df97&sd=v2_90e0f1320afd58808c5f36e5ad3e650f_7559baf7-a552-44c3-89bf-0808e36668dc-tuctc3a9aa0_1698764064_1698764064_CNawjgYQ2YJdGPyL6rG4MSABKAEwKziy0A1AzYgQSPGg3QNQ____________AVgAYABosa_ptcr9986tAXAA&ui=7559baf7-a552-44c3-89bf-0808e36668dc-tuctc3a9aa0&pi=/a/xiang-ti-sheng-nan-xing-mei-li-zhao-mie-liao-tian-lao-tong-xue-xu-jiu-gao-gu-tong-kuang-biao.html&wi=-5712192277976037390&pt=text&vi=1698764064252&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22AVAILABLE%22%2C%22event_value%22%3A%22%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=15%3A54%3A24.934&id=2225&llvl=2&cv=20231031-1-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xiang-ti-sheng-nan-xing-mei-li-zhao-mie-liao-tian-lao-tong-xue-xu-jiu-gao-gu-tong-kuang-biao.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Tue, 31 Oct 2023 14:54:25 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&tvi2=-2&tvi48=10143&tvi50=12238&lti=deflated&ri=fb4d4464b1ca4ff3b20b539a9a00df97&sd=v2_90e0f1320afd58808c5f36e5ad3e650f_7559baf7-a552-44c3-89bf-0808e36668dc-tuctc3a9aa0_1698764064_1698764064_CNawjgYQ2YJdGPyL6rG4MSABKAEwKziy0A1AzYgQSPGg3QNQ____________AVgAYABosa_ptcr9986tAXAA&ui=7559baf7-a552-44c3-89bf-0808e36668dc-tuctc3a9aa0&pi=/a/xiang-ti-sheng-nan-xing-mei-li-zhao-mie-liao-tian-lao-tong-xue-xu-jiu-gao-gu-tong-kuang-biao.html&wi=-5712192277976037390&pt=text&vi=1698764064252&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22explore-more%22%2C%22type%22%3A%22header%20found%22%2C%22eventTime%22%3A1698764064939%7D&tim=15%3A54%3A24.939&id=8666&llvl=2&cv=20231031-1-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xiang-ti-sheng-nan-xing-mei-li-zhao-mie-liao-tian-lao-tong-xue-xu-jiu-gao-gu-tong-kuang-biao.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Tue, 31 Oct 2023 14:54:25 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&tvi2=-2&tvi48=10143&tvi50=12238&lti=deflated&ri=fb4d4464b1ca4ff3b20b539a9a00df97&sd=v2_90e0f1320afd58808c5f36e5ad3e650f_7559baf7-a552-44c3-89bf-0808e36668dc-tuctc3a9aa0_1698764064_1698764064_CNawjgYQ2YJdGPyL6rG4MSABKAEwKziy0A1AzYgQSPGg3QNQ____________AVgAYABosa_ptcr9986tAXAA&ui=7559baf7-a552-44c3-89bf-0808e36668dc-tuctc3a9aa0&pi=/a/xiang-ti-sheng-nan-xing-mei-li-zhao-mie-liao-tian-lao-tong-xue-xu-jiu-gao-gu-tong-kuang-biao.html&wi=-5712192277976037390&pt=text&vi=1698764064252&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22CLICKABLE%22%2C%22event_value%22%3A%22tblOriginalState%3A%20true%22%2C%22event_msg%22%3A%22back%20button%20enabled%2C%20history%20changed.%22%2C%22event_key%22%3A%22%22%7D&tim=15%3A54%3A24.941&id=3033&llvl=2&cv=20231031-1-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xiang-ti-sheng-nan-xing-mei-li-zhao-mie-liao-tian-lao-tong-xue-xu-jiu-gao-gu-tong-kuang-biao.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Tue, 31 Oct 2023 14:54:25 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&tvi2=-2&tvi48=10143&tvi50=12238&lti=deflated&ri=fb4d4464b1ca4ff3b20b539a9a00df97&sd=v2_90e0f1320afd58808c5f36e5ad3e650f_7559baf7-a552-44c3-89bf-0808e36668dc-tuctc3a9aa0_1698764064_1698764064_CNawjgYQ2YJdGPyL6rG4MSABKAEwKziy0A1AzYgQSPGg3QNQ____________AVgAYABosa_ptcr9986tAXAA&ui=7559baf7-a552-44c3-89bf-0808e36668dc-tuctc3a9aa0&pi=/a/xiang-ti-sheng-nan-xing-mei-li-zhao-mie-liao-tian-lao-tong-xue-xu-jiu-gao-gu-tong-kuang-biao.html&wi=-5712192277976037390&pt=text&vi=1698764064252&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22explore-more%22%2C%22type%22%3A%22explore-more-available%22%2C%22eventTime%22%3A1698764064942%7D&tim=15%3A54%3A24.942&id=7064&llvl=2&cv=20231031-1-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xiang-ti-sheng-nan-xing-mei-li-zhao-mie-liao-tian-lao-tong-xue-xu-jiu-gao-gu-tong-kuang-biao.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Tue, 31 Oct 2023 14:54:25 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 6DB6 		95 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
55d4cf75157fb705cc72e03673dddac908a23428acaa85d6e3357a48bd036d2d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 14:54:25 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29852
x-xss-protection
0
server
cafe
etag
779 / 19661 / 31079180 / config-hash: 14732226932962608853
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 31 Oct 2023 14:54:25 GMT
/
track.adform.net/adfserve/ 		35 B
519 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.adform.net/adfserve/?bn=68607215;1x1inv=1;srctype=3;ord=
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231031-1-RELEASE.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.237 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Oct 2023 14:54:24 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
content-type
image/gif
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
expires
-1
css2
fonts.googleapis.com/ Frame 0F10 		4 KB
744 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310230101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 31 Oct 2023 14:54:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 31 Oct 2023 13:47:20 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 31 Oct 2023 14:54:25 GMT
interstitial_ad_frame_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231026/r20110914/elements/html/ Frame 0F10 		20 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231026/r20110914/elements/html/interstitial_ad_frame_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310230101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5198b4b9434e8096a62ef0b08309a7835e40508875b5cb3f2daa929fe28757ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 19:42:13 GMT
content-encoding
br
x-content-type-options
nosniff
age
69132
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8600
x-xss-protection
0
server
cafe
etag
14061149270319446037
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 13 Nov 2023 19:42:13 GMT
/
onetag-sys.com/usync/ Frame B843 		2 KB
814 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
ima3.js
imasdk.googleapis.com/js/sdkloader/ 		362 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
44590d715648a4e9c3bba8238e611ba07c8469581e0beece4e0a773bc8745f3b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 14:54:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
127418
x-xss-protection
0
expires
Tue, 31 Oct 2023 14:54:25 GMT
inview.min.js
ad.vidverto.io/js/ima2/2/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/js/ima2/2/inview.min.js
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.165.240.175 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-165-240-175.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
2ebcdc45625d8bd6eb8cea62780c1128df28c86ef0e10a6369ec23c97d61d92c

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 14:54:25 GMT
content-encoding
gzip
last-modified
Wed, 10 Jun 2020 14:52:51 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"5ee0f3c3-1389"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600, public, max-age=3600
expires
Tue, 31 Oct 2023 15:54:25 GMT
vast-client.min.js
ad.vidverto.io/js/ima2/2/ 		60 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/js/ima2/2/vast-client.min.js
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.165.240.175 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-165-240-175.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
ccd7b25b5061d883c7bf728947fb876d6225f3d8cd4b23dd7a0fb575b6f08b3f

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 14:54:25 GMT
content-encoding
gzip
last-modified
Tue, 03 Oct 2023 13:43:37 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"651c1a89-ee50"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600, public, max-age=3600
expires
Tue, 31 Oct 2023 15:54:25 GMT
ima.min.js
ad.vidverto.io/js/ima2/2/ 		88 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/js/ima2/2/ima.min.js?correlator=a65ffb5a049947f9d2bf5b61acfcf769
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.165.240.175 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-165-240-175.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
f121de070aa6d63e0ddef92b4c326e46b64d2436539f434af422af53590f577c

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 14:54:25 GMT
content-encoding
gzip
last-modified
Mon, 23 Oct 2023 15:16:52 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"65368e64-16141"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600, public, max-age=3600
expires
Tue, 31 Oct 2023 15:54:25 GMT
vidvertoplayer.js
ad.vidverto.io/vidverto/player/ 		132 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/vidverto/player/vidvertoplayer.js
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.165.240.175 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-165-240-175.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
c697a9aaf58af71e6fc5bac290d6b036d189d672ee6f5c5f1c3404ca83f57be7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 14:54:25 GMT
content-encoding
gzip
last-modified
Mon, 30 Oct 2023 17:37:37 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"653fe9e1-20f54"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600, public, max-age=3600
expires
Tue, 31 Oct 2023 15:54:25 GMT
prebid.js
ad.vidverto.io/js/achernar/ 		293 KB
98 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/js/achernar/prebid.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xiang-ti-sheng-nan-xing-mei-li-zhao-mie-liao-tian-lao-tong-xue-xu-jiu-gao-gu-tong-kuang-biao.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.165.240.175 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-165-240-175.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
b2d20ef01157e938babf09976dc9371124204b5e7ffa9d9d9898cd99cdca0c5a

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 14:54:25 GMT
content-encoding
gzip
last-modified
Tue, 24 Oct 2023 15:09:23 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"6537de23-49456"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600, public, max-age=3600
expires
Tue, 31 Oct 2023 15:54:25 GMT
invocation.min.css
ad.vidverto.io/vidverto/ 		3 KB
850 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/vidverto/invocation.min.css
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.165.240.175 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-165-240-175.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
60f74110267d386c033ca330fc5bbd7d2472c972b63b33fa8000e87c8f815de6

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 14:54:25 GMT
content-encoding
gzip
last-modified
Wed, 11 Nov 2020 16:53:37 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"5fac1711-a0a"
vary
Accept-Encoding
content-type
text/css
sync
ad.vidverto.io/delivery/v2/
Redirect Chain
  • https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fad.vidverto.io%2Fdelivery%2Fv2%2Fsync%3Fuserid%3D%7Buser_id%7D%26p_id%3D23
  • https://ad.vidverto.io/delivery/v2/sync?userid=c0ecd9ed-b270-41a5-8fd9-076e26c977a5&p_id=23
0
151 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.vidverto.io/delivery/v2/sync?userid=c0ecd9ed-b270-41a5-8fd9-076e26c977a5&p_id=23
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xiang-ti-sheng-nan-xing-mei-li-zhao-mie-liao-tian-lao-tong-xue-xu-jiu-gao-gu-tong-kuang-biao.html
Protocol
H2
Server
185.165.240.175 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-165-240-175.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 14:54:25 GMT
content-length
0
server
nginx/1.14.0 (Ubuntu)

Redirect headers

location
https://ad.vidverto.io/delivery/v2/sync?userid=c0ecd9ed-b270-41a5-8fd9-076e26c977a5&p_id=23
date
Tue, 31 Oct 2023 14:54:25 GMT
cache-control
no-store no-transform
server
nginx
content-length
161
content-type
text/html; charset=utf-8
sync
ad.vidver.to/delivery/v2/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=prodoohmox&user_id=85136c70-477c-470d-8197-ff16ffd78f18&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=prodoohmox&user_id=85136c70-477c-470d-8197-ff16ffd78f18&gdpr=0&gdpr_consent=
  • https://dis.criteo.com/dis/usersync.aspx?r=25&p=52&dis=0&gdpr=0&gdpr_consent=&url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D462%26ssp%3Dprodoohmox%26user_id%3D%40%40CRITEO_USERID%40%40
  • https://x.bidswitch.net/sync?dsp_id=462&ssp=prodoohmox&user_id=k-IY2hAKtCQrZO7B5GJ7L-_xeUIV3R-uEJxUR-0w&gdpr=0&gdpr_consent=
  • https://ad.vidver.to/delivery/v2/sync?userid=9b45e93c-af27-4e01-ba3b-f5b8983d2c33&p_id=15
0
155 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.vidver.to/delivery/v2/sync?userid=9b45e93c-af27-4e01-ba3b-f5b8983d2c33&p_id=15
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xiang-ti-sheng-nan-xing-mei-li-zhao-mie-liao-tian-lao-tong-xue-xu-jiu-gao-gu-tong-kuang-biao.html
Protocol
H2
Server
190.2.150.148 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
190-2-150-148.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 14:54:25 GMT
content-length
0
server
nginx/1.14.0 (Ubuntu)

Redirect headers

location
//ad.vidver.to/delivery/v2/sync?userid=9b45e93c-af27-4e01-ba3b-f5b8983d2c33&p_id=15
date
Tue, 31 Oct 2023 14:54:25 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
favicon-16px.png
ad.vidverto.io/images/ 		900 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.vidverto.io/images/favicon-16px.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xiang-ti-sheng-nan-xing-mei-li-zhao-mie-liao-tian-lao-tong-xue-xu-jiu-gao-gu-tong-kuang-biao.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.165.240.175 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-165-240-175.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
42fe10d8382d3fb7f84308b95ae83c5959838f0aeff2cb1733bab9d394c5a2d7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 14:54:25 GMT
last-modified
Wed, 10 Jun 2020 14:52:51 GMT
server
nginx/1.14.0 (Ubuntu)
etag
"5ee0f3c3-384"
content-type
image/png
cache-control
max-age=604800, public, max-age=604800
accept-ranges
bytes
content-length
900
expires
Tue, 07 Nov 2023 14:54:25 GMT
556587337b958cc2d8ee19d93e12cfab.png
images.taboola.com/taboola/image/fetch/c_crop%2Cf_jpg%2Cq_auto%2Ce_sharpen%2Car_1.2%2Cw_752%2Cx_224%2Cy_0/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/c_crop%2Cf_jpg%2Cq_auto%2Ce_sharpen%2Car_1.2%2Cw_752%2Cx_224%2Cy_0/http%3A//cdn.taboola.com/libtrc/static/thumbnails/556587337b958cc2d8ee19d93e12cfab.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xiang-ti-sheng-nan-xing-mei-li-zhao-mie-liao-tian-lao-tong-xue-xu-jiu-gao-gu-tong-kuang-biao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
6df70a849c4a12e556e5aec07b3b843f61b25f07bb04bf0f2504c1de2ea015a6

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
2
date
Tue, 31 Oct 2023 14:54:25 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/c_crop%2Cf_jpg%2Cq_auto%2Ce_sharpen%2Car_1.2%2Cw_752%2Cx_224%2Cy_0/http%3A//cdn.taboola.com/libtrc/static/thumbnails/556587337b958cc2d8ee19d93e12cfab.png
age
2159400
edge-cache-tag
571093611448702855819003728936478579448,431484070463440938707379548412027809611,29ecf9b93bbf306179626feeda1fab70
cache-tag
571093611448702855819003728936478579448,431484070463440938707379548412027809611,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, MISS, MISS, HIT
x-envoy-upstream-service-time
561
req-referer
https://ads.taboola.com/
content-length
31376
x-request-id
8178d2af3518addfb778cd2e0876c3dd
x-backend-name
US_nlb101
x-served-by
cache-iad-kiad7000096-IAD, cache-iad-kjyo7100100-IAD, cache-iad-kjyo7100100-IAD, cache-fra-eddf8230065-FRA
last-modified
Fri, 06 Oct 2023 15:04:05 GMT
server
nginx
surrogate-reporting
width=752,height=627,bytes=49625,owidth=1200,oheight=627,obytes=878284
x-timer
S1698764065.052126,VS0,VE2
etag
"8012c1ed286ea18a11fdd09e3851c98d"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 1
59dc2ff7d57394a42f2e1770eccf577d.jpg
images.taboola.com/taboola/image/fetch/h_160,w_160,c_fill,g_xy_center,x_526,y_397/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/h_160,w_160,c_fill,g_xy_center,x_526,y_397/http%3A//cdn.taboola.com/libtrc/static/thumbnails/59dc2ff7d57394a42f2e1770eccf577d.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xiang-ti-sheng-nan-xing-mei-li-zhao-mie-liao-tian-lao-tong-xue-xu-jiu-gao-gu-tong-kuang-biao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
85a9ec88a119779e7632b1fdb3e841cc9ba8c128040ae142086325b230c12ce5

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Tue, 31 Oct 2023 14:54:25 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/h_160,w_160,c_fill,g_xy_center,x_526,y_397/http%3A//cdn.taboola.com/libtrc/static/thumbnails/59dc2ff7d57394a42f2e1770eccf577d.jpg
age
4047126
edge-cache-tag
553345370031307653688610699912439950752,560938299729802386461231437678133054091,29ecf9b93bbf306179626feeda1fab70
cache-tag
553345370031307653688610699912439950752,560938299729802386461231437678133054091,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time
92
req-referer
https://sportpirate.com/
content-length
3584
x-request-id
725be485230b85344a5c00a70f5b6983
x-backend-name
LA_nlb203
x-served-by
cache-iad-kiad7000157-IAD, cache-iad-kcgs7200132-IAD, cache-sna10732-LGB, cache-iad-kcgs7200147-IAD, cache-fra-eddf8230065-FRA
last-modified
Tue, 15 Aug 2023 21:13:47 GMT
server
nginx
x-timer
S1698764065.052428,VS0,VE0
etag
"e5c6d9c0f2aada11bf284ce428581f10"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 3, 0, 74, 3
07dc2ca6c213ededa6e841d37d705337.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/07dc2ca6c213ededa6e841d37d705337.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xiang-ti-sheng-nan-xing-mei-li-zhao-mie-liao-tian-lao-tong-xue-xu-jiu-gao-gu-tong-kuang-biao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
d8268330cae734d0a85d5fbaf4f799038853da356f3cf062fb643b848ff1787b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
2
date
Tue, 31 Oct 2023 14:54:25 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/07dc2ca6c213ededa6e841d37d705337.png
age
367391
edge-cache-tag
420473731004065382862962842851473737520,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
cache-tag
420473731004065382862962842851473737520,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, MISS, MISS, MISS, HIT
x-envoy-upstream-service-time
339
req-referer
https://wanderfreude.eu/
content-length
3674
x-request-id
33ef6b3895055718df60f7759b8a79d7
x-backend-name
LA_nlb202
x-served-by
cache-iad-kjyo7100100-IAD, cache-iad-kcgs7200102-IAD, cache-lax-kwhp1940066-LAX, cache-iad-kjyo7100118-IAD, cache-fra-eddf8230065-FRA
last-modified
Thu, 26 Oct 2023 15:59:55 GMT
server
nginx
surrogate-reporting
width=160,height=160,bytes=5674,owidth=1200,oheight=800,obytes=1028888
x-timer
S1698764065.052765,VS0,VE2
etag
"abfba2040016cfd4b7b7178bcada24eb"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 0, 1
a1550967.js
js.genieessp.com/t/550/967/ Frame 1A62 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.genieessp.com/t/550/967/a1550967.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xiang-ti-sheng-nan-xing-mei-li-zhao-mie-liao-tian-lao-tong-xue-xu-jiu-gao-gu-tong-kuang-biao.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
133.186.12.16 Yokohama, Japan, ASN10010 (TOKAI TOKAI Communications Corporation, JP),
Reverse DNS
p016.net133186012.broadline.ne.jp
Software
nginx /
Resource Hash
128161533312fa79a057e50dfaf61f7ab9b2d44c4be01fb22d125b1b2e3c23d9

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 14:54:26 GMT
content-encoding
gzip
last-modified
Wed, 13 Sep 2023 08:08:17 GMT
server
nginx
etag
W/"65016df1-2598"
content-type
application/javascript
cache-control
max-age=900, private
cross-origin-resource-policy
cross-origin
expires
Tue, 31 Oct 2023 15:09:26 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 1A62 		188 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xiang-ti-sheng-nan-xing-mei-li-zhao-mie-liao-tian-lao-tong-xue-xu-jiu-gao-gu-tong-kuang-biao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cfd86eed5b662601ed1effa05e0922030a1bbfb3111d160df9b4f71630198c37
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 14:54:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60393
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1698666127188353"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 31 Oct 2023 14:54:26 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame 6D7C 		146 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2a6c848d45a865f0a39d9b08c6f7b2e1b870d4edbf1955b67a78cda5ec6bc55a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 14:54:25 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51586
x-xss-protection
0
server
cafe
etag
10741155922731577899
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 31 Oct 2023 14:54:25 GMT
pixel;r=503188766;rf=0;a=p-54Nt-1NAaEEe0;url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxiang-ti-sheng-nan-xing-mei-li-zhao-mie-liao-tian-lao-tong-xue-xu-jiu-gao-gu-tong-kuang-biao.html;uh=e51ed67dfb8d91dc24b1...
pixel.quantserve.com/ 		35 B
371 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=503188766;rf=0;a=p-54Nt-1NAaEEe0;url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxiang-ti-sheng-nan-xing-mei-li-zhao-mie-liao-tian-lao-tong-xue-xu-jiu-gao-gu-tong-kuang-biao.html;uh=e51ed67dfb8d91dc24b15e2ace0c3bc33bc53c3e1dfb09200d6c2f8387d67ea6;uht=2;fpan=1;fpa=P0-1207789840-1698764064882;pbc=6a9454b4-fd18-4756-98a3-7508aff95eb3;ns=0;ce=1;qjs=1;qv=d48babbb-20231018122215;cm=;gdpr=0;ref=;d=bg3.co;dst=1;et=1698764065109;tzo=-60;ogl=;ses=0ec9ac14-7a19-4a88-8399-ba378e5da918;mdl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xiang-ti-sheng-nan-xing-mei-li-zhao-mie-liao-tian-lao-tong-xue-xu-jiu-gao-gu-tong-kuang-biao.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:5ed4:8d5d:fed7:f5ef , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Oct 2023 14:54:25 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310240101/ Frame 6DB6 		420 KB
132 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310240101/pubads_impl.js?cb=31079180
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
df83d1810776ea1effd8a536f0ad32f5a400168a2efaa48c97c1fcf57724900a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 12:53:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
7227
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
134989
x-xss-protection
0
server
cafe
etag
2612702921649259081
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Wed, 30 Oct 2024 12:53:58 GMT
usync.js
eus.rubiconproject.com/ Frame 7218 		40 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.221.169.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-169-246.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
9707d6e62a22e990a7f0c39c793fba66c4cb0f017f51103851dab68ea94b7d2d

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=adiiix
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 31 Oct 2023 14:54:25 GMT
Content-Encoding
gzip
Last-Modified
Tue, 31 Oct 2023 06:39:56 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=56738
Connection
keep-alive
Content-Length
11053
Expires
Wed, 01 Nov 2023 06:40:03 GMT
st
imprammp.taboola.com/ Frame EA44 		422 B
325 B 		Document
General
Check archive.org
Download Go to
Full URL
https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8FNMCLAb0wbEiL-jGhxHog2NFXtCNDysAAABgYID-AEnMXJvNcrRYqza-wVo0m9jWEsvIuFYulrONaTfbOFceIyCJmWuzWY4Wa9XGN1iLZhPbWmIZGdfKxXK2Me1mG-fKYwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ2aDodPte9Xvf73SU-z1zj9yv8wqfD7nOLnm7N0WX3ueUOu1v4tPvcapfTLXa6pUeH3612utxip8PvFj0ddrfY4XeL_nafW_h6uYWvt9TpeuscfrfO9Rb97T631vWw-9wSp8NvF5reZjsAAAAAePD___8PAQAAACACAAAAgAQAAAAACgEV_i0IXAAAAADA8P___68B4JkDwhgdbovZb_cHAAAAABAAAAAAJAAQ0A9LAMQY7534_________48xQJ95I-P_____hkEPgAcfAA9CAAAAPoYEwIFP2Z-Z0xIpOC7CCAAAAMCwc5rgkUk6QcWiyv__f78VgCsAAAGLhjqGr1l0ByXewgAAAAiMWaCHxe83O-wav9tl_v_________N_J_5RyO044GbBmi68EPNLyAAwJpfQAAANuoGAOCNAJygQ9CKwWB1AmJ2AAAAAO78____6wHJwcowc2wmg4XN5BoOB8ONa-aZrVwLk2dlWw1m3hPvPGh1_LV932dDWGa_76CgnJ4es8sgY7lMBvFBw7CcDIL5mbDFaDWZbJbD2XIxGQxHw9FofwRwOUATMVguJ5PFZLcarUab4W40GyyQQAwmiKJFg8lqNJosJsPVaLKaLRe73QZRtGo1G20Gw9VsMtvtVsPBcDkaoQlbjFaTyWY5nC0Xk8FwNByNhgjmVqvlxGHzrRWu1WQtGm08a-FyYnMLhoPhyjObzYYjj1v0-pg-noVz4TBskWAA314kT4t0oluMFsuZZTcYuRye5WqwsYxWlsFgM1uZXJaJyzURSzQni3Qiu-ybg5Vh5thMBgubyTUcDoYb18wzW7kWJs_KthrM_L3Vajlx2HxrhWs1WYtGG89auJzY3ILhYLjyzGaz4cjjFr0-po9n4Vw4DPvGbDnczUaD2WjfmC2Hu9loMBvtO3SG7-pzNirLKslHaJ5pkx9pzWlQuAwW70t9Og8LxoL67Dk6hR7Ps6gz-v1-v9_v9_v9fr9B6zmYDQrf8_AXTh_LczmcjR7EBoMilggu0ongYXY7TC-3xOfZ-C1iidJ0kU70Cr_w6bD73KKnW3N02X1uucPuFj7tPrfa5XSLnW7p0eF3q50ut9jp8LtFT4fdLXb43aK_3ecWvl5u4estdbreOoffrXO9RX-7z611Pew-t8Tp8NuFprfZIpYIThfpRPQyni7qP3qI5WouGczmisFqrtgMVgkAAAAAAAAAwBJMM90EAAAAwMmghpvhYrVOBzOZTQa71XIBXARl6QIGAQAAAAAAKNbYYw3wMLsdppdb4vNs_FYGIMGcx2yzzwhirVbLGgAAgAA2AACAAG668SZgJYr7____HwcAAEBGDj0AAAD6fUBYIUeuFHrh_ApiMtkM9w9AhVir1ep2Y61WK6DBrJajzW4C_____wE!&cmcv=&pix=undefined&cb=1698764065265&uv=3351&tms=1698764065265&abt=adxLoadDist7-out_vB!adxsub-out_vA!adxsub-out_vB!esv_vC!rbcatc_vA!ufm_vD!ufwfrtb_vA!unf_vA&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=1f533941-5c70-46b6-b2d8-9196c476c9ec&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.5.3/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
5249da1260da099cdc4e8e2b811d4c0cd740f47d662dd90ff2106e86f0e2c6f4

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-type
text/html;charset=ISO-8859-1
date
Tue, 31 Oct 2023 14:54:25 GMT
server
nginx
vary
Accept-Encoding
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-fra-eddf8230065-FRA
x-timer
S1698764065.286010,VS0,VE72
sync
am-match.taboola.com/ Frame F4C9 		577 B
672 B 		Document
General
Check archive.org
Download Go to
Full URL
https://am-match.taboola.com/sync?dast=V8FNMCLAb0wbEiL-jGhxHog2NFXtCNDysAAABgYID-AEnMXJvNcrRYqza-wVo0m9jWEsvIuFYulrONaTfbOFceIyCJmWuzWY4Wa9XGN1iLZhPbWmIZGdfKxXK2Me1mG-fKYwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ2aDodPte9Xvf73SU-z1zj9yv8wqfD7nOLnm7N0WX3ueUOu1v4tPvcapfTLXa6pUeH3612utxip8PvFj0ddrfY4XeL_nafW_h6uYWvt9TpeuscfrfO9Rb97T631vWw-9wSp8NvF5reZjsAAAAAePD___8PAQAAACACAAAAgAQAAAAACgEV_i0IXAAAAADA8P___68B4JkDwhgdbovZb_cHAAAAABAAAAAAJAAQ0A9LAMQY7534_________48xQJ95I-P_____hkEPgAcfAA9CAAAAPoYEwIFP2Z-Z0xIpOC7CCAAAAMCwc5rgkUk6QcWiyv__f78VgCsAAAGLhjqGr1l0ByXewgAAAAiMWaCHxe83O-wav9tl_v_________N_J_5RyO044GbBmi68EPNLyAAwJpfQAAANuoGAOCNAJygQ9CKwWB1AmJ2AAAAAO78____6wHJwcowc2wmg4XN5BoOB8ONa-aZrVwLk2dlWw1m3hPvPGh1_LV932dDWGa_76CgnJ4es8sgY7lMBvFBw7CcDIL5mbDFaDWZbJbD2XIxGQxHw9FofwRwOUATMVguJ5PFZLcarUab4W40GyyQQAwmiKJFg8lqNJosJsPVaLKaLRe73QZRtGo1G20Gw9VsMtvtVsPBcDkaoQlbjFaTyWY5nC0Xk8FwNByNhgjmVqvlxGHzrRWu1WQtGm08a-FyYnMLhoPhyjObzYYjj1v0-pg-noVz4TBskWAA314kT4t0oluMFsuZZTcYuRye5WqwsYxWlsFgM1uZXJaJyzURSzQni3Qiu-ybg5Vh5thMBgubyTUcDoYb18wzW7kWJs_KthrM_L3Vajlx2HxrhWs1WYtGG89auJzY3ILhYLjyzGaz4cjjFr0-po9n4Vw4DPvGbDnczUaD2WjfmC2Hu9loMBvtO3SG7-pzNirLKslHaJ5pkx9pzWlQuAwW70t9Og8LxoL67Dk6hR7Ps6gz-v1-v9_v9_v9fr9B6zmYDQrf8_AXTh_LczmcjR7EBoMilggu0ongYXY7TC-3xOfZ-C1iidJ0kU70Cr_w6bD73KKnW3N02X1uucPuFj7tPrfa5XSLnW7p0eF3q50ut9jp8LtFT4fdLXb43aK_3ecWvl5u4estdbreOoffrXO9RX-7z611Pew-t8Tp8NuFprfZIpYIThfpRPQyni7qP3qI5WouGczmisFqrtgMVgkAAAAAAAAAwBJMM90EAAAAwMmghpvhYrVOBzOZTQa71XIBXARl6QIGAQAAAAAAKNbYYw3wMLsdppdb4vNs_FYGIMGcx2yzzwhirVbLGgAAgAA2AACAAG668SZgJYr7____HwcAAEBGDj0AAAD6fUBYIUeuFHrh_ApiMtkM9w9AhVir1ep2Y61WK6DBrJajzW4C_____wE!&excid=22&docw=0&cijs=1&nlb=false
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.5.3/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
4f4ac785e6eea82163d9c1a34c24f5b2f671e0620e8aa30eb7b478a3ad559c55

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

content-type
text/html;charset=ISO-8859-1
date
Tue, 31 Oct 2023 14:54:25 GMT
machineid
3402
server
nginx
VideoBidRequestHandlerServlet
wf.taboola.com/ 		2 KB
792 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1698764065287&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=1&pv=1564&pt=-1602154770&tz=60&viewable=true&ddast=V8FNMCLAb0wbEiL-jGhxHog2NFXtCNDysAAABgYID-AEnMXJvNcrRYqza-wVo0m9jWEsvIuFYulrONaTfbOFceIyCJmWuzWY4Wa9XGN1iLZhPbWmIZGdfKxXK2Me1mG-fKYwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ2aDodPte9Xvf73SU-z1zj9yv8wqfD7nOLnm7N0WX3ueUOu1v4tPvcapfTLXa6pUeH3612utxip8PvFj0ddrfY4XeL_nafW_h6uYWvt9TpeuscfrfO9Rb97T631vWw-9wSp8NvF5reZjsAAAAAePD___8PAQAAACACAAAAgAQAAAAACgEV_i0IXAAAAADA8P___68B4JkDwhgdbovZb_cHAAAAABAAAAAAJAAQ0A9LAMQY7534_________48xQJ95I-P_____hkEPgAcfAA9CAAAAPoYEwIFP2Z-Z0xIpOC7CCAAAAMCwc5rgkUk6QcWiyv__f78VgCsAAAGLhjqGr1l0ByXewgAAAAiMWaCHxe83O-wav9tl_v_________N_J_5RyO044GbBmi68EPNLyAAwJpfQAAANuoGAOCNAJygQ9CKwWB1AmJ2AAAAAO78____6wHJwcowc2wmg4XN5BoOB8ONa-aZrVwLk2dlWw1m3hPvPGh1_LV932dDWGa_76CgnJ4es8sgY7lMBvFBw7CcDIL5mbDFaDWZbJbD2XIxGQxHw9FofwRwOUATMVguJ5PFZLcarUab4W40GyyQQAwmiKJFg8lqNJosJsPVaLKaLRe73QZRtGo1G20Gw9VsMtvtVsPBcDkaoQlbjFaTyWY5nC0Xk8FwNByNhgjmVqvlxGHzrRWu1WQtGm08a-FyYnMLhoPhyjObzYYjj1v0-pg-noVz4TBskWAA314kT4t0oluMFsuZZTcYuRye5WqwsYxWlsFgM1uZXJaJyzURSzQni3Qiu-ybg5Vh5thMBgubyTUcDoYb18wzW7kWJs_KthrM_L3Vajlx2HxrhWs1WYtGG89auJzY3ILhYLjyzGaz4cjjFr0-po9n4Vw4DPvGbDnczUaD2WjfmC2Hu9loMBvtO3SG7-pzNirLKslHaJ5pkx9pzWlQuAwW70t9Og8LxoL67Dk6hR7Ps6gz-v1-v9_v9_v9fr9B6zmYDQrf8_AXTh_LczmcjR7EBoMilggu0ongYXY7TC-3xOfZ-C1iidJ0kU70Cr_w6bD73KKnW3N02X1uucPuFj7tPrfa5XSLnW7p0eF3q50ut9jp8LtFT4fdLXb43aK_3ecWvl5u4estdbreOoffrXO9RX-7z611Pew-t8Tp8NuFprfZIpYIThfpRPQyni7qP3qI5WouGczmisFqrtgMVgkAAAAAAAAAwBJMM90EAAAAwMmghpvhYrVOBzOZTQa71XIBXARl6QIGAQAAAAAAKNbYYw3wMLsdppdb4vNs_FYGIMGcx2yzzwhirVbLGgAAgAA2AACAAG668SZgJYr7____HwcAAEBGDj0AAAD6fUBYIUeuFHrh_ApiMtkM9w9AhVir1ep2Y61WK6DBrJajzW4C_____wE!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=3262075&dpubid=583815&abtst=adxLoadDist7-out_vB!adxsub-out_vA!adxsub-out_vB!esv_vC!rbcatc_vA!ufm_vD!ufwfrtb_vA!unf_vA&mPre=0.033&cirf=https%3A%2F%2Fwww.bg3.co&en=1&subu=3
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.5.3/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
ccdbf5cfe041882c25b7d948da3608cf2f39d4d2a1c9d66eacf2e2029e427919

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
text/plain

Response headers

x-cache-hits
0
date
Tue, 31 Oct 2023 14:54:25 GMT
content-encoding
gzip
via
1.1 varnish
machineid
1463
x-cache
MISS
x-served-by
cache-fra-eddf8230065-FRA
pragma
no-cache
server
nginx
x-timer
S1698764065.313664,VS0,VE33
vary
Accept-Encoding
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
accept-ranges
bytes
expires
Sat, 26 Jul 1997 05:00:00 GMT
st
am-vid-events.taboola.com/ 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=66361655&crid=-1&dast=V8FNMCLAb0wbEiL-jGhxHog2NFXtCNDysAAABgYID-AEnMXJvNcrRYqza-wVo0m9jWEsvIuFYulrONaTfbOFceIyCJmWuzWY4Wa9XGN1iLZhPbWmIZGdfKxXK2Me1mG-fKYwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ2aDodPte9Xvf73SU-z1zj9yv8wqfD7nOLnm7N0WX3ueUOu1v4tPvcapfTLXa6pUeH3612utxip8PvFj0ddrfY4XeL_nafW_h6uYWvt9TpeuscfrfO9Rb97T631vWw-9wSp8NvF5reZjsAAAAAePD___8PAQAAACACAAAAgAQAAAAACgEV_i0IXAAAAADA8P___68B4JkDwhgdbovZb_cHAAAAABAAAAAAJAAQ0A9LAMQY7534_________48xQJ95I-P_____hkEPgAcfAA9CAAAAPoYEwIFP2Z-Z0xIpOC7CCAAAAMCwc5rgkUk6QcWiyv__f78VgCsAAAGLhjqGr1l0ByXewgAAAAiMWaCHxe83O-wav9tl_v_________N_J_5RyO044GbBmi68EPNLyAAwJpfQAAANuoGAOCNAJygQ9CKwWB1AmJ2AAAAAO78____6wHJwcowc2wmg4XN5BoOB8ONa-aZrVwLk2dlWw1m3hPvPGh1_LV932dDWGa_76CgnJ4es8sgY7lMBvFBw7CcDIL5mbDFaDWZbJbD2XIxGQxHw9FofwRwOUATMVguJ5PFZLcarUab4W40GyyQQAwmiKJFg8lqNJosJsPVaLKaLRe73QZRtGo1G20Gw9VsMtvtVsPBcDkaoQlbjFaTyWY5nC0Xk8FwNByNhgjmVqvlxGHzrRWu1WQtGm08a-FyYnMLhoPhyjObzYYjj1v0-pg-noVz4TBskWAA314kT4t0oluMFsuZZTcYuRye5WqwsYxWlsFgM1uZXJaJyzURSzQni3Qiu-ybg5Vh5thMBgubyTUcDoYb18wzW7kWJs_KthrM_L3Vajlx2HxrhWs1WYtGG89auJzY3ILhYLjyzGaz4cjjFr0-po9n4Vw4DPvGbDnczUaD2WjfmC2Hu9loMBvtO3SG7-pzNirLKslHaJ5pkx9pzWlQuAwW70t9Og8LxoL67Dk6hR7Ps6gz-v1-v9_v9_v9fr9B6zmYDQrf8_AXTh_LczmcjR7EBoMilggu0ongYXY7TC-3xOfZ-C1iidJ0kU70Cr_w6bD73KKnW3N02X1uucPuFj7tPrfa5XSLnW7p0eF3q50ut9jp8LtFT4fdLXb43aK_3ecWvl5u4estdbreOoffrXO9RX-7z611Pew-t8Tp8NuFprfZIpYIThfpRPQyni7qP3qI5WouGczmisFqrtgMVgkAAAAAAAAAwBJMM90EAAAAwMmghpvhYrVOBzOZTQa71XIBXARl6QIGAQAAAAAAKNbYYw3wMLsdppdb4vNs_FYGIMGcx2yzzwhirVbLGgAAgAA2AACAAG668SZgJYr7____HwcAAEBGDj0AAAD6fUBYIUeuFHrh_ApiMtkM9w9AhVir1ep2Y61WK6DBrJajzW4C_____wE!&cmcv=&pix=31589837&cb=1698764065265&uv=3351&tms=1698764065265&abt=adxLoadDist7-out_vB!adxsub-out_vA!adxsub-out_vB!esv_vC!rbcatc_vA!ufm_vD!ufwfrtb_vA!unf_vA&ft=0&su=3&unm=FEED_MANAGER&debug=pn:!sqg:!torgn:1698764061582!ts:1698764065265&mntl=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xiang-ti-sheng-nan-xing-mei-li-zhao-mie-liao-tian-lao-tong-xue-xu-jiu-gao-gu-tong-kuang-biao.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 14:54:25 GMT
content-length
0
server
nginx
khaos.json
token.rubiconproject.com/ Frame 7218 		7 B
778 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
f5982f4f9cc79eb2b489dda8b92e3144
Expires
0
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310250101/ Frame 6D7C 		396 KB
134 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310250101/show_ads_impl_fy2021.js?bust=31079177
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
33835e01945326ec06398086fa8580c6045acdf38f8aa21bad8c790282d63ff5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 14:54:25 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
137498
x-xss-protection
0
server
cafe
etag
8789845190507177199
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Tue, 31 Oct 2023 14:54:25 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20231026/r20190131/ Frame B1A4 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231026/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ad1270333ea16969313802add43789e0558cd75e2bf91e768bcf3937f091a001
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
46704
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4480
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 31 Oct 2023 01:56:01 GMT
etag
4569948109300706969
expires
Tue, 14 Nov 2023 01:56:01 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
adxprebid.1.2.aspx
inv-nets.admixer.net/ 		0
262 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://inv-nets.admixer.net/adxprebid.1.2.aspx
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/js/achernar/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
167.235.184.171 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.171.184.235.167.clients.your-server.de
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://www.bg3.co
date
Tue, 31 Oct 2023 14:54:25 GMT
access-control-allow-credentials
true
server
nginx
keep-alive
timeout=25
x-xss-protection
0
p3p
CP="NID DSP ALL COR"
prebid-request
onetag-sys.com/ 		15 B
357 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/js/achernar/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://www.bg3.co
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
cmTagFEED_MANAGER.js
vidstat.taboola.com/vpaid/units/33_5_1/infra/ 		813 KB
132 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/units/33_5_1/infra/cmTagFEED_MANAGER.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.5.3/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
8b5dcce5ae52a240d5e98a77a9825119634ec2edb925d279af19908b0371da47

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-meta-mtime
1698126162
date
Tue, 31 Oct 2023 14:54:25 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
2WEB5HRFKWNGVG4H
age
637597
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-meta-ctime
1698126163
x-amz-meta-mode
33188
content-length
134828
x-amz-id-2
ygRKTSuI30xjbVGQYgC6HPs4F4QQmo0E4dMLgNCxXPBpCxTi+7An+0J9x200fYOXsd7ZnxbmQb8=
x-served-by
cache-fra-eddf8230067-FRA
last-modified
Tue, 24 Oct 2023 05:42:44 GMT
server
AmazonS3-br
x-timer
S1698764066.506538,VS0,VE0
etag
"649ccbcf74339543c3d3a922074eb580"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
335005
cmOsUnit.css
vidstat.taboola.com/vpaid/units/33_5_1/assets/css/ 		60 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/units/33_5_1/assets/css/cmOsUnit.css
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.5.3/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
83ecdfb76c38605f0e3538a0a9de0f1e57a457a2dfebe0654ee2f9b13c49a2ec

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-meta-mtime
1698126181
date
Tue, 31 Oct 2023 14:54:25 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
DE47W2ZKZKPS5M4W
age
637597
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-meta-ctime
1698126181
x-amz-meta-mode
33188
content-length
7924
x-amz-id-2
1jkbc4sVUK5Jfq19URpsqgkSm7yM+pac41seZBKIu3TAfASADbX+2rw/FXF+zKHw+RVUQiMhKts=
x-served-by
cache-fra-eddf8230065-FRA
last-modified
Tue, 24 Oct 2023 05:43:02 GMT
server
AmazonS3-br
x-timer
S1698764066.508775,VS0,VE0
etag
"a6067988de416f653559cce5285c7c1b"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
39853
generic
match.adsrvr.org/track/cmf/ Frame EA44 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8FNMCLAb0wbEiL-jGhxHog2NFXtCNDysAAABgYID-AEnMXJvNcrRYqza-wVo0m9jWEsvIuFYulrONaTfbOFceIyCJmWuzWY4Wa9XGN1iLZhPbWmIZGdfKxXK2Me1mG-fKYwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ2aDodPte9Xvf73SU-z1zj9yv8wqfD7nOLnm7N0WX3ueUOu1v4tPvcapfTLXa6pUeH3612utxip8PvFj0ddrfY4XeL_nafW_h6uYWvt9TpeuscfrfO9Rb97T631vWw-9wSp8NvF5reZjsAAAAAePD___8PAQAAACACAAAAgAQAAAAACgEV_i0IXAAAAADA8P___68B4JkDwhgdbovZb_cHAAAAABAAAAAAJAAQ0A9LAMQY7534_________48xQJ95I-P_____hkEPgAcfAA9CAAAAPoYEwIFP2Z-Z0xIpOC7CCAAAAMCwc5rgkUk6QcWiyv__f78VgCsAAAGLhjqGr1l0ByXewgAAAAiMWaCHxe83O-wav9tl_v_________N_J_5RyO044GbBmi68EPNLyAAwJpfQAAANuoGAOCNAJygQ9CKwWB1AmJ2AAAAAO78____6wHJwcowc2wmg4XN5BoOB8ONa-aZrVwLk2dlWw1m3hPvPGh1_LV932dDWGa_76CgnJ4es8sgY7lMBvFBw7CcDIL5mbDFaDWZbJbD2XIxGQxHw9FofwRwOUATMVguJ5PFZLcarUab4W40GyyQQAwmiKJFg8lqNJosJsPVaLKaLRe73QZRtGo1G20Gw9VsMtvtVsPBcDkaoQlbjFaTyWY5nC0Xk8FwNByNhgjmVqvlxGHzrRWu1WQtGm08a-FyYnMLhoPhyjObzYYjj1v0-pg-noVz4TBskWAA314kT4t0oluMFsuZZTcYuRye5WqwsYxWlsFgM1uZXJaJyzURSzQni3Qiu-ybg5Vh5thMBgubyTUcDoYb18wzW7kWJs_KthrM_L3Vajlx2HxrhWs1WYtGG89auJzY3ILhYLjyzGaz4cjjFr0-po9n4Vw4DPvGbDnczUaD2WjfmC2Hu9loMBvtO3SG7-pzNirLKslHaJ5pkx9pzWlQuAwW70t9Og8LxoL67Dk6hR7Ps6gz-v1-v9_v9_v9fr9B6zmYDQrf8_AXTh_LczmcjR7EBoMilggu0ongYXY7TC-3xOfZ-C1iidJ0kU70Cr_w6bD73KKnW3N02X1uucPuFj7tPrfa5XSLnW7p0eF3q50ut9jp8LtFT4fdLXb43aK_3ecWvl5u4estdbreOoffrXO9RX-7z611Pew-t8Tp8NuFprfZIpYIThfpRPQyni7qP3qI5WouGczmisFqrtgMVgkAAAAAAAAAwBJMM90EAAAAwMmghpvhYrVOBzOZTQa71XIBXARl6QIGAQAAAAAAKNbYYw3wMLsdppdb4vNs_FYGIMGcx2yzzwhirVbLGgAAgAA2AACAAG668SZgJYr7____HwcAAEBGDj0AAAD6fUBYIUeuFHrh_ApiMtkM9w9AhVir1ep2Y61WK6DBrJajzW4C_____wE!&cmcv=&pix=undefined&cb=1698764065265&uv=3351&tms=1698764065265&abt=adxLoadDist7-out_vB!adxsub-out_vA!adxsub-out_vB!esv_vC!rbcatc_vA!ufm_vD!ufwfrtb_vA!unf_vA&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=1f533941-5c70-46b6-b2d8-9196c476c9ec&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 14:54:25 GMT
server
Kestrel
content-length
70
content-type
image/gif
7559baf7-a552-44c3-89bf-0808e36668dc-tuctc3a9aa0
pr-bh.ybp.yahoo.com/sync/taboola/ Frame EA44 		43 B
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/taboola/7559baf7-a552-44c3-89bf-0808e36668dc-tuctc3a9aa0?gdpr=1&us_privacy=1---
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8FNMCLAb0wbEiL-jGhxHog2NFXtCNDysAAABgYID-AEnMXJvNcrRYqza-wVo0m9jWEsvIuFYulrONaTfbOFceIyCJmWuzWY4Wa9XGN1iLZhPbWmIZGdfKxXK2Me1mG-fKYwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ2aDodPte9Xvf73SU-z1zj9yv8wqfD7nOLnm7N0WX3ueUOu1v4tPvcapfTLXa6pUeH3612utxip8PvFj0ddrfY4XeL_nafW_h6uYWvt9TpeuscfrfO9Rb97T631vWw-9wSp8NvF5reZjsAAAAAePD___8PAQAAACACAAAAgAQAAAAACgEV_i0IXAAAAADA8P___68B4JkDwhgdbovZb_cHAAAAABAAAAAAJAAQ0A9LAMQY7534_________48xQJ95I-P_____hkEPgAcfAA9CAAAAPoYEwIFP2Z-Z0xIpOC7CCAAAAMCwc5rgkUk6QcWiyv__f78VgCsAAAGLhjqGr1l0ByXewgAAAAiMWaCHxe83O-wav9tl_v_________N_J_5RyO044GbBmi68EPNLyAAwJpfQAAANuoGAOCNAJygQ9CKwWB1AmJ2AAAAAO78____6wHJwcowc2wmg4XN5BoOB8ONa-aZrVwLk2dlWw1m3hPvPGh1_LV932dDWGa_76CgnJ4es8sgY7lMBvFBw7CcDIL5mbDFaDWZbJbD2XIxGQxHw9FofwRwOUATMVguJ5PFZLcarUab4W40GyyQQAwmiKJFg8lqNJosJsPVaLKaLRe73QZRtGo1G20Gw9VsMtvtVsPBcDkaoQlbjFaTyWY5nC0Xk8FwNByNhgjmVqvlxGHzrRWu1WQtGm08a-FyYnMLhoPhyjObzYYjj1v0-pg-noVz4TBskWAA314kT4t0oluMFsuZZTcYuRye5WqwsYxWlsFgM1uZXJaJyzURSzQni3Qiu-ybg5Vh5thMBgubyTUcDoYb18wzW7kWJs_KthrM_L3Vajlx2HxrhWs1WYtGG89auJzY3ILhYLjyzGaz4cjjFr0-po9n4Vw4DPvGbDnczUaD2WjfmC2Hu9loMBvtO3SG7-pzNirLKslHaJ5pkx9pzWlQuAwW70t9Og8LxoL67Dk6hR7Ps6gz-v1-v9_v9_v9fr9B6zmYDQrf8_AXTh_LczmcjR7EBoMilggu0ongYXY7TC-3xOfZ-C1iidJ0kU70Cr_w6bD73KKnW3N02X1uucPuFj7tPrfa5XSLnW7p0eF3q50ut9jp8LtFT4fdLXb43aK_3ecWvl5u4estdbreOoffrXO9RX-7z611Pew-t8Tp8NuFprfZIpYIThfpRPQyni7qP3qI5WouGczmisFqrtgMVgkAAAAAAAAAwBJMM90EAAAAwMmghpvhYrVOBzOZTQa71XIBXARl6QIGAQAAAAAAKNbYYw3wMLsdppdb4vNs_FYGIMGcx2yzzwhirVbLGgAAgAA2AACAAG668SZgJYr7____HwcAAEBGDj0AAAD6fUBYIUeuFHrh_ApiMtkM9w9AhVir1ep2Y61WK6DBrJajzW4C_____wE!&cmcv=&pix=undefined&cb=1698764065265&uv=3351&tms=1698764065265&abt=adxLoadDist7-out_vB!adxsub-out_vA!adxsub-out_vB!esv_vC!rbcatc_vA!ufm_vD!ufwfrtb_vA!unf_vA&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=1f533941-5c70-46b6-b2d8-9196c476c9ec&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3602:b6d5:6b91:e46f:a747 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 14:54:25 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
sync
x.bidswitch.net/ Frame EA44 		43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8FNMCLAb0wbEiL-jGhxHog2NFXtCNDysAAABgYID-AEnMXJvNcrRYqza-wVo0m9jWEsvIuFYulrONaTfbOFceIyCJmWuzWY4Wa9XGN1iLZhPbWmIZGdfKxXK2Me1mG-fKYwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ2aDodPte9Xvf73SU-z1zj9yv8wqfD7nOLnm7N0WX3ueUOu1v4tPvcapfTLXa6pUeH3612utxip8PvFj0ddrfY4XeL_nafW_h6uYWvt9TpeuscfrfO9Rb97T631vWw-9wSp8NvF5reZjsAAAAAePD___8PAQAAACACAAAAgAQAAAAACgEV_i0IXAAAAADA8P___68B4JkDwhgdbovZb_cHAAAAABAAAAAAJAAQ0A9LAMQY7534_________48xQJ95I-P_____hkEPgAcfAA9CAAAAPoYEwIFP2Z-Z0xIpOC7CCAAAAMCwc5rgkUk6QcWiyv__f78VgCsAAAGLhjqGr1l0ByXewgAAAAiMWaCHxe83O-wav9tl_v_________N_J_5RyO044GbBmi68EPNLyAAwJpfQAAANuoGAOCNAJygQ9CKwWB1AmJ2AAAAAO78____6wHJwcowc2wmg4XN5BoOB8ONa-aZrVwLk2dlWw1m3hPvPGh1_LV932dDWGa_76CgnJ4es8sgY7lMBvFBw7CcDIL5mbDFaDWZbJbD2XIxGQxHw9FofwRwOUATMVguJ5PFZLcarUab4W40GyyQQAwmiKJFg8lqNJosJsPVaLKaLRe73QZRtGo1G20Gw9VsMtvtVsPBcDkaoQlbjFaTyWY5nC0Xk8FwNByNhgjmVqvlxGHzrRWu1WQtGm08a-FyYnMLhoPhyjObzYYjj1v0-pg-noVz4TBskWAA314kT4t0oluMFsuZZTcYuRye5WqwsYxWlsFgM1uZXJaJyzURSzQni3Qiu-ybg5Vh5thMBgubyTUcDoYb18wzW7kWJs_KthrM_L3Vajlx2HxrhWs1WYtGG89auJzY3ILhYLjyzGaz4cjjFr0-po9n4Vw4DPvGbDnczUaD2WjfmC2Hu9loMBvtO3SG7-pzNirLKslHaJ5pkx9pzWlQuAwW70t9Og8LxoL67Dk6hR7Ps6gz-v1-v9_v9_v9fr9B6zmYDQrf8_AXTh_LczmcjR7EBoMilggu0ongYXY7TC-3xOfZ-C1iidJ0kU70Cr_w6bD73KKnW3N02X1uucPuFj7tPrfa5XSLnW7p0eF3q50ut9jp8LtFT4fdLXb43aK_3ecWvl5u4estdbreOoffrXO9RX-7z611Pew-t8Tp8NuFprfZIpYIThfpRPQyni7qP3qI5WouGczmisFqrtgMVgkAAAAAAAAAwBJMM90EAAAAwMmghpvhYrVOBzOZTQa71XIBXARl6QIGAQAAAAAAKNbYYw3wMLsdppdb4vNs_FYGIMGcx2yzzwhirVbLGgAAgAA2AACAAG668SZgJYr7____HwcAAEBGDj0AAAD6fUBYIUeuFHrh_ApiMtkM9w9AhVir1ep2Y61WK6DBrJajzW4C_____wE!&cmcv=&pix=undefined&cb=1698764065265&uv=3351&tms=1698764065265&abt=adxLoadDist7-out_vB!adxsub-out_vA!adxsub-out_vB!esv_vC!rbcatc_vA!ufm_vD!ufwfrtb_vA!unf_vA&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=1f533941-5c70-46b6-b2d8-9196c476c9ec&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.93.103.174 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-93-103-174.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 14:54:25 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
generic
match.adsrvr.org/track/cmf/ Frame 7218
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=adiiix&khaos=LOEG9HJE-1C-LMHU
  • https://sync.aralego.com/idsync?ucf_nid=dsp-34BA74DB2DB8A36B0867EE4A76799A2&ucf_user_id=LOEG9HJE-1C-LMHU
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xiang-ti-sheng-nan-xing-mei-li-zhao-mie-liao-tian-lao-tong-xue-xu-jiu-gao-gu-tong-kuang-biao.html
Protocol
H2
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 14:54:26 GMT
server
Kestrel
content-length
70
content-type
image/gif

Redirect headers

Location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
Date
Tue, 31 Oct 2023 14:54:26 GMT
Connection
close
Content-Length
111
Vary
Accept, Accept-Encoding
Content-Type
text/plain; charset=utf-8
ads
securepubads.g.doubleclick.net/gampad/ Frame 6DB6 		492 B
263 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1669287961926291&correlator=2121239936077738&eid=31079304%2C31079180%2C21065725&output=ldjh&gdfp_req=1&vrg=202310240101&ptt=17&impl=fifs&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&sfv=1-0-40&sc=1&cdm=cdn.aralego.net&abxe=1&dt=1698764065524&lmt=1644382753&adxs=-12245933&adys=-12245933&biw=-12245933&bih=-12245933&scr_x=-12245933&scr_y=-12245933&ucis=6zljvbpyqmo4&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nhd=1&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2FcookieSyncIframe.html&ref=https%3A%2F%2Fwww.bg3.co%2F&top=https%3A%2F%2Fwww.bg3.co%2F&etu=AA-V4qP5cT44wSgi_5-rwFR7yuPMC9PW1r9pdZLbW6BaE-RPuX8FiSSWXvLx-OtPJZjDvbNjxDmHUNKRE09qgGmUf8Ll8psB2OhNbEyJg2Lit33Ukws6zk5UgJnsi3b7IiaB4uMKbWT05K4xtnofMZjPMDRSKsVgg78J39Pr443APgsTIu0gOG8yHHERIckXGeYZV3hA-pbXv94&vis=1&psz=0x0&msz=0x-1&fws=256&ohw=0&ea=0&ga_vid=1298620745.1698764066&ga_sid=1698764066&ga_hid=2127083569&ga_fc=false&dlt=1698764064965&idt=378&adks=64515409&frm=24
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310240101/pubads_impl.js?cb=31079180
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9383956d5154cc027fadd2e20f551d827afed83f3211fb7aaa7051be7bab62ad
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 14:54:25 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
234
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://cdn.aralego.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 6DB6 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202310240101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310240101/pubads_impl.js?cb=31079180
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7ff73b4711e890f88f94eaaf26b50889dafbdfd7d13b0e529a8f6fe6fda6e008
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 14:54:25 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12200
x-xss-protection
0
container.html
17e731cbde43e73ebd1ddb84bea4691d.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 0D97 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://17e731cbde43e73ebd1ddb84bea4691d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310240101/pubads_impl.js?cb=31079180
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 31 Oct 2023 14:54:25 GMT
expires
Wed, 30 Oct 2024 14:54:25 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
generic
match.adsrvr.org/track/cmf/ Frame F4C9 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8FNMCLAb0wbEiL-jGhxHog2NFXtCNDysAAABgYID-AEnMXJvNcrRYqza-wVo0m9jWEsvIuFYulrONaTfbOFceIyCJmWuzWY4Wa9XGN1iLZhPbWmIZGdfKxXK2Me1mG-fKYwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ2aDodPte9Xvf73SU-z1zj9yv8wqfD7nOLnm7N0WX3ueUOu1v4tPvcapfTLXa6pUeH3612utxip8PvFj0ddrfY4XeL_nafW_h6uYWvt9TpeuscfrfO9Rb97T631vWw-9wSp8NvF5reZjsAAAAAePD___8PAQAAACACAAAAgAQAAAAACgEV_i0IXAAAAADA8P___68B4JkDwhgdbovZb_cHAAAAABAAAAAAJAAQ0A9LAMQY7534_________48xQJ95I-P_____hkEPgAcfAA9CAAAAPoYEwIFP2Z-Z0xIpOC7CCAAAAMCwc5rgkUk6QcWiyv__f78VgCsAAAGLhjqGr1l0ByXewgAAAAiMWaCHxe83O-wav9tl_v_________N_J_5RyO044GbBmi68EPNLyAAwJpfQAAANuoGAOCNAJygQ9CKwWB1AmJ2AAAAAO78____6wHJwcowc2wmg4XN5BoOB8ONa-aZrVwLk2dlWw1m3hPvPGh1_LV932dDWGa_76CgnJ4es8sgY7lMBvFBw7CcDIL5mbDFaDWZbJbD2XIxGQxHw9FofwRwOUATMVguJ5PFZLcarUab4W40GyyQQAwmiKJFg8lqNJosJsPVaLKaLRe73QZRtGo1G20Gw9VsMtvtVsPBcDkaoQlbjFaTyWY5nC0Xk8FwNByNhgjmVqvlxGHzrRWu1WQtGm08a-FyYnMLhoPhyjObzYYjj1v0-pg-noVz4TBskWAA314kT4t0oluMFsuZZTcYuRye5WqwsYxWlsFgM1uZXJaJyzURSzQni3Qiu-ybg5Vh5thMBgubyTUcDoYb18wzW7kWJs_KthrM_L3Vajlx2HxrhWs1WYtGG89auJzY3ILhYLjyzGaz4cjjFr0-po9n4Vw4DPvGbDnczUaD2WjfmC2Hu9loMBvtO3SG7-pzNirLKslHaJ5pkx9pzWlQuAwW70t9Og8LxoL67Dk6hR7Ps6gz-v1-v9_v9_v9fr9B6zmYDQrf8_AXTh_LczmcjR7EBoMilggu0ongYXY7TC-3xOfZ-C1iidJ0kU70Cr_w6bD73KKnW3N02X1uucPuFj7tPrfa5XSLnW7p0eF3q50ut9jp8LtFT4fdLXb43aK_3ecWvl5u4estdbreOoffrXO9RX-7z611Pew-t8Tp8NuFprfZIpYIThfpRPQyni7qP3qI5WouGczmisFqrtgMVgkAAAAAAAAAwBJMM90EAAAAwMmghpvhYrVOBzOZTQa71XIBXARl6QIGAQAAAAAAKNbYYw3wMLsdppdb4vNs_FYGIMGcx2yzzwhirVbLGgAAgAA2AACAAG668SZgJYr7____HwcAAEBGDj0AAAD6fUBYIUeuFHrh_ApiMtkM9w9AhVir1ep2Y61WK6DBrJajzW4C_____wE!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 14:54:25 GMT
server
Kestrel
content-length
70
content-type
image/gif
7559baf7-a552-44c3-89bf-0808e36668dc-tuctc3a9aa0
pr-bh.ybp.yahoo.com/sync/taboola/ Frame F4C9 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/taboola/7559baf7-a552-44c3-89bf-0808e36668dc-tuctc3a9aa0?gdpr=1&us_privacy=1---
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8FNMCLAb0wbEiL-jGhxHog2NFXtCNDysAAABgYID-AEnMXJvNcrRYqza-wVo0m9jWEsvIuFYulrONaTfbOFceIyCJmWuzWY4Wa9XGN1iLZhPbWmIZGdfKxXK2Me1mG-fKYwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ2aDodPte9Xvf73SU-z1zj9yv8wqfD7nOLnm7N0WX3ueUOu1v4tPvcapfTLXa6pUeH3612utxip8PvFj0ddrfY4XeL_nafW_h6uYWvt9TpeuscfrfO9Rb97T631vWw-9wSp8NvF5reZjsAAAAAePD___8PAQAAACACAAAAgAQAAAAACgEV_i0IXAAAAADA8P___68B4JkDwhgdbovZb_cHAAAAABAAAAAAJAAQ0A9LAMQY7534_________48xQJ95I-P_____hkEPgAcfAA9CAAAAPoYEwIFP2Z-Z0xIpOC7CCAAAAMCwc5rgkUk6QcWiyv__f78VgCsAAAGLhjqGr1l0ByXewgAAAAiMWaCHxe83O-wav9tl_v_________N_J_5RyO044GbBmi68EPNLyAAwJpfQAAANuoGAOCNAJygQ9CKwWB1AmJ2AAAAAO78____6wHJwcowc2wmg4XN5BoOB8ONa-aZrVwLk2dlWw1m3hPvPGh1_LV932dDWGa_76CgnJ4es8sgY7lMBvFBw7CcDIL5mbDFaDWZbJbD2XIxGQxHw9FofwRwOUATMVguJ5PFZLcarUab4W40GyyQQAwmiKJFg8lqNJosJsPVaLKaLRe73QZRtGo1G20Gw9VsMtvtVsPBcDkaoQlbjFaTyWY5nC0Xk8FwNByNhgjmVqvlxGHzrRWu1WQtGm08a-FyYnMLhoPhyjObzYYjj1v0-pg-noVz4TBskWAA314kT4t0oluMFsuZZTcYuRye5WqwsYxWlsFgM1uZXJaJyzURSzQni3Qiu-ybg5Vh5thMBgubyTUcDoYb18wzW7kWJs_KthrM_L3Vajlx2HxrhWs1WYtGG89auJzY3ILhYLjyzGaz4cjjFr0-po9n4Vw4DPvGbDnczUaD2WjfmC2Hu9loMBvtO3SG7-pzNirLKslHaJ5pkx9pzWlQuAwW70t9Og8LxoL67Dk6hR7Ps6gz-v1-v9_v9_v9fr9B6zmYDQrf8_AXTh_LczmcjR7EBoMilggu0ongYXY7TC-3xOfZ-C1iidJ0kU70Cr_w6bD73KKnW3N02X1uucPuFj7tPrfa5XSLnW7p0eF3q50ut9jp8LtFT4fdLXb43aK_3ecWvl5u4estdbreOoffrXO9RX-7z611Pew-t8Tp8NuFprfZIpYIThfpRPQyni7qP3qI5WouGczmisFqrtgMVgkAAAAAAAAAwBJMM90EAAAAwMmghpvhYrVOBzOZTQa71XIBXARl6QIGAQAAAAAAKNbYYw3wMLsdppdb4vNs_FYGIMGcx2yzzwhirVbLGgAAgAA2AACAAG668SZgJYr7____HwcAAEBGDj0AAAD6fUBYIUeuFHrh_ApiMtkM9w9AhVir1ep2Y61WK6DBrJajzW4C_____wE!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3602:b6d5:6b91:e46f:a747 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 14:54:25 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
usync.html
eus.rubiconproject.com/ Frame DA11 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8FNMCLAb0wbEiL-jGhxHog2NFXtCNDysAAABgYID-AEnMXJvNcrRYqza-wVo0m9jWEsvIuFYulrONaTfbOFceIyCJmWuzWY4Wa9XGN1iLZhPbWmIZGdfKxXK2Me1mG-fKYwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ2aDodPte9Xvf73SU-z1zj9yv8wqfD7nOLnm7N0WX3ueUOu1v4tPvcapfTLXa6pUeH3612utxip8PvFj0ddrfY4XeL_nafW_h6uYWvt9TpeuscfrfO9Rb97T631vWw-9wSp8NvF5reZjsAAAAAePD___8PAQAAACACAAAAgAQAAAAACgEV_i0IXAAAAADA8P___68B4JkDwhgdbovZb_cHAAAAABAAAAAAJAAQ0A9LAMQY7534_________48xQJ95I-P_____hkEPgAcfAA9CAAAAPoYEwIFP2Z-Z0xIpOC7CCAAAAMCwc5rgkUk6QcWiyv__f78VgCsAAAGLhjqGr1l0ByXewgAAAAiMWaCHxe83O-wav9tl_v_________N_J_5RyO044GbBmi68EPNLyAAwJpfQAAANuoGAOCNAJygQ9CKwWB1AmJ2AAAAAO78____6wHJwcowc2wmg4XN5BoOB8ONa-aZrVwLk2dlWw1m3hPvPGh1_LV932dDWGa_76CgnJ4es8sgY7lMBvFBw7CcDIL5mbDFaDWZbJbD2XIxGQxHw9FofwRwOUATMVguJ5PFZLcarUab4W40GyyQQAwmiKJFg8lqNJosJsPVaLKaLRe73QZRtGo1G20Gw9VsMtvtVsPBcDkaoQlbjFaTyWY5nC0Xk8FwNByNhgjmVqvlxGHzrRWu1WQtGm08a-FyYnMLhoPhyjObzYYjj1v0-pg-noVz4TBskWAA314kT4t0oluMFsuZZTcYuRye5WqwsYxWlsFgM1uZXJaJyzURSzQni3Qiu-ybg5Vh5thMBgubyTUcDoYb18wzW7kWJs_KthrM_L3Vajlx2HxrhWs1WYtGG89auJzY3ILhYLjyzGaz4cjjFr0-po9n4Vw4DPvGbDnczUaD2WjfmC2Hu9loMBvtO3SG7-pzNirLKslHaJ5pkx9pzWlQuAwW70t9Og8LxoL67Dk6hR7Ps6gz-v1-v9_v9_v9fr9B6zmYDQrf8_AXTh_LczmcjR7EBoMilggu0ongYXY7TC-3xOfZ-C1iidJ0kU70Cr_w6bD73KKnW3N02X1uucPuFj7tPrfa5XSLnW7p0eF3q50ut9jp8LtFT4fdLXb43aK_3ecWvl5u4estdbreOoffrXO9RX-7z611Pew-t8Tp8NuFprfZIpYIThfpRPQyni7qP3qI5WouGczmisFqrtgMVgkAAAAAAAAAwBJMM90EAAAAwMmghpvhYrVOBzOZTQa71XIBXARl6QIGAQAAAAAAKNbYYw3wMLsdppdb4vNs_FYGIMGcx2yzzwhirVbLGgAAgAA2AACAAG668SZgJYr7____HwcAAEBGDj0AAAD6fUBYIUeuFHrh_ApiMtkM9w9AhVir1ep2Y61WK6DBrJajzW4C_____wE!&excid=22&docw=0&cijs=1&nlb=false
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.221.169.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-169-246.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://am-match.taboola.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 31 Oct 2023 14:54:25 GMT
ETag
"4014f-119-6051b805b8000"
Last-Modified
Mon, 11 Sep 2023 20:52:16 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
logs
http-intake.logs.datadoghq.com/api/v2/ 		2 B
253 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://http-intake.logs.datadoghq.com/api/v2/logs?dd-api-key=pub6b45632781dd758b20e9d8357c39efab&ddsource=nodejs&service=adpushup.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:24e6:b901:33b0:541:cb9a:ca14 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 31 Oct 2023 14:54:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
accept-encoding
identity,gzip,x-gzip,deflate,x-deflate,zstd
content-type
application/json
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
2
L2EveGlhbmctdGktc2hlbmctbmFuLXhpbmctbWVpLWxpLXpoYW8tbWllLWxpYW8tdGlhbi1sYW8tdG9uZy14dWUteHUtaml1LWdhby1ndS10b25nLWt1YW5nLWJpYW8uaHRtbA==.json
cdn.adpushup.com/42753/ 		555 B
245 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/42753/L2EveGlhbmctdGktc2hlbmctbmFuLXhpbmctbWVpLWxpLXpoYW8tbWllLWxpYW8tdGlhbi1sYW8tdG9uZy14dWUteHUtaml1LWdhby1ndS10b25nLWt1YW5nLWJpYW8uaHRtbA==.json
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
6d83b77c3d8c5c0ccc7078540a1fb0bd9fa43eeb82b89f83264d469aa100c088

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Wed, 30 Oct 2024 14:54:25 GMT
date
Tue, 31 Oct 2023 14:53:45 GMT
content-encoding
br
server
nginx/1.18.0
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
cache-control
max-age=31536000
x-client-device
desktop
x-client-geo
CH
setuid
px.ads.linkedin.com/ Frame 7218
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LOEG9HJE-1C-LMHU
0
647 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LOEG9HJE-1C-LMHU
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xiang-ti-sheng-nan-xing-mei-li-zhao-mie-liao-tian-lao-tong-xue-xu-jiu-gao-gu-tong-kuang-biao.html
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 14:54:25 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: B5F6E8DC051848E99A5AF24288FF8201 Ref B: ZRHEDGE1407 Ref C: 2023-10-31T14:54:25Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYJBFS0AdGVDOspDpxCVw==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LOEG9HJE-1C-LMHU
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
f5982f4f9cc79eb2b489dda8b92e3144
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
rubicon
match.adsrvr.org/track/cmf/ Frame 7218 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/rubicon
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xiang-ti-sheng-nan-xing-mei-li-zhao-mie-liao-tian-lao-tong-xue-xu-jiu-gao-gu-tong-kuang-biao.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 14:54:25 GMT
server
Kestrel
content-length
70
content-type
image/gif
pixel
cm.g.doubleclick.net/ Frame 7218
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TE9FRzlISkUtMUMtTE1IVQ==
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEBbJs4nATJLoE2GMBRGbv6g&google_cver=1
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE9FRzlISkUtMUMtTE1IVQ==&google_push=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE9FRzlISkUtMUMtTE1IVQ==&google_push=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xiang-ti-sheng-nan-xing-mei-li-zhao-mie-liao-tian-lao-tong-xue-xu-jiu-gao-gu-tong-kuang-biao.html
Protocol
H3
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f194.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Oct 2023 14:54:25 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE9FRzlISkUtMUMtTE1IVQ==&google_push=
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
402fba8a82f093def2459220061c8d31
Expires
0
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 7218
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=2hnRiMMoScaHj897ietwNA&rk=usync-other
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=2hnRiMMoScaHj897ietwNA
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=2hnRiMMoScaHj897ietwNA
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xiang-ti-sheng-nan-xing-mei-li-zhao-mie-liao-tian-lao-tong-xue-xu-jiu-gao-gu-tong-kuang-biao.html
Protocol
HTTP/1.1
Server
52.94.223.167 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 31 Oct 2023 14:54:26 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
X17M0HP6ZX2W3F26PM9M
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=2hnRiMMoScaHj897ietwNA
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
b71bced807741b20dd93dce6c2d26405
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 7218
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/riviOlqTweI9Rj-YXnlBbcn5EUdSAgOZEtemQ7w0kco?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-7Vsjx95E2oJ_JhsP_uWM70tggz3R18K98sz59w--~A
42 B
691 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-7Vsjx95E2oJ_JhsP_uWM70tggz3R18K98sz59w--~A
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xiang-ti-sheng-nan-xing-mei-li-zhao-mie-liao-tian-lao-tong-xue-xu-jiu-gao-gu-tong-kuang-biao.html
Protocol
HTTP/1.1
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
b71bced807741b20dd93dce6c2d26405
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Tue, 31 Oct 2023 14:54:25 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-7Vsjx95E2oJ_JhsP_uWM70tggz3R18K98sz59w--~A
content-length
0
ecm3
s.amazon-adsystem.com/ Frame 7218
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=2bWjgWsLRfuHyJv0h9Q4Tw&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=2bWjgWsLRfuHyJv0h9Q4Tw
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=2bWjgWsLRfuHyJv0h9Q4Tw
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xiang-ti-sheng-nan-xing-mei-li-zhao-mie-liao-tian-lao-tong-xue-xu-jiu-gao-gu-tong-kuang-biao.html
Protocol
HTTP/1.1
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 31 Oct 2023 14:54:26 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
D4M0Z4H9XS2J8R8228EP
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=2bWjgWsLRfuHyJv0h9Q4Tw
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
402fba8a82f093def2459220061c8d31
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 7218
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEKu9xCqesCbrxdDDHB5nEwg&google_cver=1
42 B
691 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEKu9xCqesCbrxdDDHB5nEwg&google_cver=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xiang-ti-sheng-nan-xing-mei-li-zhao-mie-liao-tian-lao-tong-xue-xu-jiu-gao-gu-tong-kuang-biao.html
Protocol
HTTP/1.1
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
402fba8a82f093def2459220061c8d31
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Tue, 31 Oct 2023 14:54:25 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEKu9xCqesCbrxdDDHB5nEwg&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 7218
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZjE0NGYxYTU0Y2ZjN2FkOTYzZjZmNDViMTc0NTFlMWEyZGE5ODdmMw
170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZjE0NGYxYTU0Y2ZjN2FkOTYzZjZmNDViMTc0NTFlMWEyZGE5ODdmMw
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xiang-ti-sheng-nan-xing-mei-li-zhao-mie-liao-tian-lao-tong-xue-xu-jiu-gao-gu-tong-kuang-biao.html
Protocol
H2
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f194.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Oct 2023 14:54:25 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZjE0NGYxYTU0Y2ZjN2FkOTYzZjZmNDViMTc0NTFlMWEyZGE5ODdmMw
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
402fba8a82f093def2459220061c8d31
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 7218
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&_bee_ppp=1
  • https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAC5dU7KgioAABfIVHASlA&expires=30
42 B
691 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAC5dU7KgioAABfIVHASlA&expires=30
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xiang-ti-sheng-nan-xing-mei-li-zhao-mie-liao-tian-lao-tong-xue-xu-jiu-gao-gu-tong-kuang-biao.html
Protocol
HTTP/1.1
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
b71bced807741b20dd93dce6c2d26405
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAC5dU7KgioAABfIVHASlA&expires=30
Date
Tue, 31 Oct 2023 14:54:25 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
magnite
prebid.a-mo.net/setuid/ Frame 7218
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx
  • https://prebid.a-mo.net/setuid/magnite?uid=LOEG9HJE-1C-LMHU
0
150 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid/magnite?uid=LOEG9HJE-1C-LMHU
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xiang-ti-sheng-nan-xing-mei-li-zhao-mie-liao-tian-lao-tong-xue-xu-jiu-gao-gu-tong-kuang-biao.html
Protocol
H2
Server
145.40.97.66 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 14:54:25 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
0
server
envoy
vary
Accept-Encoding

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://prebid.a-mo.net/setuid/magnite?uid=LOEG9HJE-1C-LMHU
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
402fba8a82f093def2459220061c8d31
Expires
0
setuid
ib.adnxs.com/prebid/ Frame 7218
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-apn
  • https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LOEG9HJE-1C-LMHU
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LOEG9HJE-1C-LMHU
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xiang-ti-sheng-nan-xing-mei-li-zhao-mie-liao-tian-lao-tong-xue-xu-jiu-gao-gu-tong-kuang-biao.html
Protocol
H2
Server
37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Oct 2023 14:54:25 GMT
an-x-request-uuid
8256faa9-b8a3-4124-8cbd-50dad0f4af85
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
195.206.105.130; 195.206.105.130; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LOEG9HJE-1C-LMHU
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
402fba8a82f093def2459220061c8d31
Expires
0
pixel
capi.connatix.com/us/ Frame 7218
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=19564
  • https://capi.connatix.com/us/pixel?puid=LOEG9HJE-1C-LMHU&pId=11&gdpr=&gdpr_consent=&us_privacy=
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://capi.connatix.com/us/pixel?puid=LOEG9HJE-1C-LMHU&pId=11&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xiang-ti-sheng-nan-xing-mei-li-zhao-mie-liao-tian-lao-tong-xue-xu-jiu-gao-gu-tong-kuang-biao.html
Protocol
H2
Server
172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://capi.connatix.com/us/pixel?puid=LOEG9HJE-1C-LMHU&pId=11&gdpr=&gdpr_consent=&us_privacy=
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
b71bced807741b20dd93dce6c2d26405
Expires
0
check
pixel.tapad.com/idsync/ex/receive/ Frame 7218
Redirect Chain
  • https://token.rubiconproject.com/token?pid=37556&a=1
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LOEG9HJE-1C-LMHU
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3355&partner_device_id=LOEG9HJE-1C-LMHU
95 B
436 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3355&partner_device_id=LOEG9HJE-1C-LMHU
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xiang-ti-sheng-nan-xing-mei-li-zhao-mie-liao-tian-lao-tong-xue-xu-jiu-gao-gu-tong-kuang-biao.html
Protocol
H2
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 14:54:26 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

date
Tue, 31 Oct 2023 14:54:26 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin
*
location
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3355&partner_device_id=LOEG9HJE-1C-LMHU
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
v1
match.sharethrough.com/sync/ Frame 7218
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=18694
  • https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LOEG9HJE-1C-LMHU
0
35 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LOEG9HJE-1C-LMHU
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xiang-ti-sheng-nan-xing-mei-li-zhao-mie-liao-tian-lao-tong-xue-xu-jiu-gao-gu-tong-kuang-biao.html
Protocol
H2
Server
3.67.250.230 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-67-250-230.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 14:54:26 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LOEG9HJE-1C-LMHU
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
b71bced807741b20dd93dce6c2d26405
Expires
0
tap.php
pixel.rubiconproject.com/ Frame 7218
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=${ADELPHIC_CUID}&expires=30
  • https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=d6a7516a-d2a5-410b-987c-9f507af44a7c&expires=30
42 B
691 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=d6a7516a-d2a5-410b-987c-9f507af44a7c&expires=30
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xiang-ti-sheng-nan-xing-mei-li-zhao-mie-liao-tian-lao-tong-xue-xu-jiu-gao-gu-tong-kuang-biao.html
Protocol
HTTP/1.1
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
402fba8a82f093def2459220061c8d31
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Location
https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=d6a7516a-d2a5-410b-987c-9f507af44a7c&expires=30
Date
Tue, 31 Oct 2023 14:54:26 GMT
Connection
keep-alive
X-CI-RTID
a9ca66f4-f98d-435e-866f-67f7f5b452bc
Content-Length
144
Content-Type
text/html; charset=utf-8
liveCS.php
live.primis.tech/live/ Frame 7218
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=primis
  • https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LOEG9HJE-1C-LMHU
0
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LOEG9HJE-1C-LMHU
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xiang-ti-sheng-nan-xing-mei-li-zhao-mie-liao-tian-lao-tong-xue-xu-jiu-gao-gu-tong-kuang-biao.html
Protocol
H2
Server
2600:9000:2251:8c00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Oct 2023 14:54:25 GMT
content-encoding
gzip
via
1.1 ca8cb14c76df16342491237cea8cfed6.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA60-P3
age
0
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/html; charset=utf-8
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store
x-amz-cf-id
8BwgD5h-XIh4jNHK9if4i7O2ZS-_nUdRhCOktm5uDbmhVFtYPDHu0A==

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LOEG9HJE-1C-LMHU
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
402fba8a82f093def2459220061c8d31
Expires
0
video_playlist.js
ad.vidverto.io/vidverto/player/ui/js/ 		112 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/vidverto/player/ui/js/video_playlist.js?v=1698683788
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/player/vidvertoplayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.165.240.175 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-165-240-175.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
1a1d718d37cfe41f443875b0e534554d59fc224d8ea838cfbfcb5d9d426a2a59

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 14:54:25 GMT
content-encoding
gzip
last-modified
Mon, 30 Oct 2023 17:37:37 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"653fe9e1-1bee3"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600, public, max-age=3600
expires
Tue, 31 Oct 2023 15:54:25 GMT
video_playlist.css
ad.vidverto.io/vidverto/player/ui/css/ 		61 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/vidverto/player/ui/css/video_playlist.css?v=1698683788
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/player/vidvertoplayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.165.240.175 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-165-240-175.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
79e5889c36479f99096a96a61cbfa92fc35ecf12d233635e0224b2c415859de1

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 14:54:25 GMT
content-encoding
gzip
last-modified
Sun, 28 Feb 2021 22:32:40 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"603c1a08-f52f"
vary
Accept-Encoding
content-type
text/css
bridge3.599.0_en.html
imasdk.googleapis.com/js/core/ Frame 35DF 		753 KB
242 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.599.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
889ce7128a1460ca45b5e8b4e22c950f46e1ba71f62b22c05e6553588be964dd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
306346
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
247375
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Sat, 28 Oct 2023 01:48:39 GMT
expires
Sun, 27 Oct 2024 01:48:39 GMT
last-modified
Fri, 27 Oct 2023 06:13:31 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/ 		44 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 14:54:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 31 Oct 2023 14:54:25 GMT
truncated
/ 		71 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a79afc8be38c66a19e0dcfce66ec28d53571f8aec65320785f790910cd068141

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame DF25 		40 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 13:58:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3385
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13893
x-xss-protection
0
last-modified
Wed, 09 Aug 2023 15:57:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Tue, 31 Oct 2023 14:58:00 GMT
video
ad.vidverto.io/delivery/rtb/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.vidverto.io/delivery/rtb/video?data=FQB7Hc2UwSnFYssdF1YmXYRf2jm9aszxMWH5hBqUyjKuTx5f0sCoAxDF1%2BbBJtOlKMTyD3xoFnsZFvD3GM5MxVQJRf%2FEKJIoztMbnLc46naG5I4yvVezo%2F7Jt9WqQ%2FJRTyCbkbhXMwWGKYeB5rBC53kCaQyGBuBSrBgvkATFz28wWCdkDDQ12g3cv7WIcqf1Ig5U3KDinvxcY%2FXElqfjTr5qeqidLXrFWKqEqLALCtth9wWRFaIxTZ3%2FmhN2i31fYopfETEp2bvO9nKcR5%2BUQd8nQ5j5jpgY3CdxAiMP0mFoXMXQQX2icNnh8WaEpSwq%2Fba14IddcTXJ9459ZgESYCa6yzA3qM7AjYNvGGBgCUfCdWSfVjXlc5S4yzrAuMji7jjnHjaGGn3VoAQ0bwepvzfhlPg9yWTqk4N95oEEj9ncbDfGPJQeIxFYyIw%2FOs5XE8jGyCDrkEykSMEnoB5ZQ7XezeKDv4K2nXGJU5nOVaZAi6aGm1eDGFHpqEPMnu2vlIZqD7rip1NRIppVdKXxsKJbTWfzzWkUYsxeYgwY2SW1MMRyHnYnWESdWalSDM6ffezDRquLuR%2B2pWU159m%2Bww%3D%3D
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xiang-ti-sheng-nan-xing-mei-li-zhao-mie-liao-tian-lao-tong-xue-xu-jiu-gao-gu-tong-kuang-biao.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.165.240.175 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-165-240-175.hosted-by-worldstream.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
usync.js
eus.rubiconproject.com/ Frame DA11 		40 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.221.169.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-169-246.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
9707d6e62a22e990a7f0c39c793fba66c4cb0f017f51103851dab68ea94b7d2d

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 31 Oct 2023 14:54:25 GMT
Content-Encoding
gzip
Last-Modified
Tue, 31 Oct 2023 06:39:56 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=56738
Connection
keep-alive
Content-Length
11053
Expires
Wed, 01 Nov 2023 06:40:03 GMT
480_650.mp4
cdn.vidverto.io/secured2/5yo4VCLdu0EGWaOQA4HJ_Q:1698767664/1327/video/1813/ 		164 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.vidverto.io/secured2/5yo4VCLdu0EGWaOQA4HJ_Q:1698767664/1327/video/1813/480_650.mp4
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xiang-ti-sheng-nan-xing-mei-li-zhao-mie-liao-tian-lao-tong-xue-xu-jiu-gao-gu-tong-kuang-biao.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
190.2.151.7 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
190-2-151-7.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash

Request headers

Referer
https://www.bg3.co/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

Date
Tue, 31 Oct 2023 14:54:25 GMT
Last-Modified
Thu, 02 Sep 2021 16:35:03 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"6130fd37-1069ee0"
Content-Type
video/mp4
Access-Control-Allow-Origin
*
Content-Range
bytes 0-17211103/17211104
Connection
keep-alive
Content-Length
17211104
auctionData
e3.adpushup.com/AdPushupFeedbackWebService/feedback/aphb/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/aphb/auctionData?data=eyJzaXRlSWQiOjQyNzUzLCJ1cmwiOiJodHRwczovL3d3dy5iZzMuY28vYS94aWFuZy10aS1zaGVuZy1uYW4teGluZy1tZWktbGktemhhby1taWUtbGlhby10aWFuLWxhby10b25nLXh1ZS14dS1qaXUtZ2FvLWd1LXRvbmcta3VhbmctYmlhby5odG1sIiwic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInBsYXRmb3JtIjoiREVTS1RPUCIsInBhY2tldElkIjoiMDAwMEE3MDEtMmY1N2RiMTAtMjM5Mi00ZjYyLTgzMjEtNTg5ODUwNmZiNGNhIiwicGFnZUdyb3VwIjoiQVJUSUNMRSIsInBhZ2VWYXJpYXRpb25JZCI6Ijk2NzUwMTI1LWI5MGMtNDk3YS04Njk5LTczMTcxZjdiNDkzNSIsInBhZ2VWYXJpYXRpb25OYW1lIjoiQWRQdXNodXAiLCJwYWdlVmFyaWF0aW9uVHlwZSI6MSwic2VjdGlvbnMiOlt7InNlY3Rpb25JZCI6ImQxYzEwYTcyLTI3YjQtNDkzMS04Y2U3LTk5YTE4ZWJiZGJhZSIsInNlY3Rpb25OYW1lIjoiQVBfSV9EX0FSVElDTEVfNzI4WDkwX2QxYzEwIiwicGxhY2VtZW50IjoxLCJyZWZyZXNoQ291bnQiOjAsInByZWJpZEF1Y3Rpb25JZCI6IjI3NGQ2YTU3LTg4OTUtNDIzNS04OGJiLTAzZDAwNmVmNWY2MCIsInRpbWVPZkF1Y3Rpb24iOjE2OTg3NjQwNjQ4MjIsImJpZHMiOlt7ImNwbSI6MC4wMzc2ODcsImFkSWQiOiI3N2QyOGUxYmY1ZWVhNjYiLCJvcmlnaW5hbENwbSI6MC4wMzc2ODcsImJpZGRlciI6ImFwcG5leHVzIiwicmV2ZW51ZSI6MC4wMDAwMzc2ODcsImZvcm1hdFR5cGUiOiJuYXRpdmUiLCJyZXNwb25zZVRpbWUiOjMwMCwidGltZU9mQmlkUmVjZWl2ZWQiOjE2OTg3NjQwNjUxMzJ9LHsiY3BtIjowLjAzLCJhZElkIjoiODFmZDc3MGIyY2Q3YjBmIiwib3JpZ2luYWxDcG0iOjAuMDMsImJpZGRlciI6InJ1Ymljb24iLCJyZXZlbnVlIjowLjAwMDAyOTk5OTk5OTk5OTk5OTk5NywiZm9ybWF0VHlwZSI6ImJhbm5lciIsInJlc3BvbnNlVGltZSI6NDQ3LCJ0aW1lT2ZCaWRSZWNlaXZlZCI6MTY5ODc2NDA2NTMwMX1dLCJ0aW1lZE91dEJpZGRlcnMiOltdLCJyZXF1ZXN0ZWRGb3JtYXRzIjpbImRpc3BsYXkiLCJ2aWRlbyIsIm5hdGl2ZSJdLCJwcmViaWRXaW5uZXIiOiJhcHBuZXh1cyIsInByZWJpZFdpbm5lckFkVW5pdElkIjoiNzdkMjhlMWJmNWVlYTY2IiwicHJlYmlkV2lubmVyQ3BtIjowLjAwMDAzNzY4N30seyJzZWN0aW9uSWQiOiI3N2E5YzIyZi1hYzAyLTQ1ZGQtOTZiYy1iMDg5NmE4YTdkNWEiLCJzZWN0aW9uTmFtZSI6IkFQX0xfRF9BUlRJQ0xFXzcyOFgyNTBfNzdhOWMiLCJwbGFjZW1lbnQiOjEsInJlZnJlc2hDb3VudCI6MCwicHJlYmlkQXVjdGlvbklkIjoiMjc0ZDZhNTctODg5NS00MjM1LTg4YmItMDNkMDA2ZWY1ZjYwIiwidGltZU9mQXVjdGlvbiI6MTY5ODc2NDA2NDgyMiwiYmlkcyI6W3siY3BtIjowLjExLCJhZElkIjoiNzU0ODhkODBhNWE4ODQ0Iiwib3JpZ2luYWxDcG0iOjAuMTEsImJpZGRlciI6Iml4IiwicmV2ZW51ZSI6MC4wMDAxMSwiZm9ybWF0VHlwZSI6ImJhbm5lciIsInJlc3BvbnNlVGltZSI6MjUxLCJ0aW1lT2ZCaWRSZWNlaXZlZCI6MTY5ODc2NDA2NTA5M30seyJjcG0iOjAuMDU0MzA2LCJhZElkIjoiNzYxMzg1NDZjMWU5Y2JkIiwib3JpZ2luYWxDcG0iOjAuMDU0MzA2LCJiaWRkZXIiOiJhcHBuZXh1cyIsInJldmVudWUiOjAuMDAwMDU0MzA2LCJmb3JtYXRUeXBlIjoibmF0aXZlIiwicmVzcG9uc2VUaW1lIjoyOTksInRpbWVPZkJpZFJlY2VpdmVkIjoxNjk4NzY0MDY1MTMxfSx7ImNwbSI6MC4xNSwiYWRJZCI6IjgwMWI0Y2IwYjZlM2NmZSIsIm9yaWdpbmFsQ3BtIjowLjE1LCJiaWRkZXIiOiJydWJpY29uIiwicmV2ZW51ZSI6MC4wMDAxNSwiZm9ybWF0VHlwZSI6ImJhbm5lciIsInJlc3BvbnNlVGltZSI6NDQ2LCJ0aW1lT2ZCaWRSZWNlaXZlZCI6MTY5ODc2NDA2NTMwMH1dLCJ0aW1lZE91dEJpZGRlcnMiOltdLCJyZXF1ZXN0ZWRGb3JtYXRzIjpbImRpc3BsYXkiLCJ2aWRlbyIsIm5hdGl2ZSJdLCJwcmViaWRXaW5uZXIiOiJydWJpY29uIiwicHJlYmlkV2lubmVyQWRVbml0SWQiOiI4MDFiNGNiMGI2ZTNjZmUiLCJwcmViaWRXaW5uZXJDcG0iOjAuMDAwMTV9XSwiY291bnRyeSI6IkNIIn0%3D&c_b=4168.5
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xiang-ti-sheng-nan-xing-mei-li-zhao-mie-liao-tian-lao-tong-xue-xu-jiu-gao-gu-tong-kuang-biao.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Oct 2023 14:54:25 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 6DB6 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310240101/pubads_impl.js?cb=31079180
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 14:54:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 31 Oct 2023 14:54:25 GMT
content_v3.js
vidstat.taboola.com/ 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/content_v3.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/33_5_1/infra/cmTagFEED_MANAGER.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
12af7975664854ca36da674714083fa05297940fce71e42dabf688e2eb19a0f1

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 14:54:25 GMT
via
1.1 857b0dca772798c338c78a1be69c955c.cloudfront.net (CloudFront), 1.1 varnish
content-encoding
gzip
x-amz-cf-pop
FRA60-P1
age
1326671
x-cache
Hit from cloudfront, HIT
content-length
4839
x-served-by
cache-fra-eddf8230065-FRA
last-modified
Wed, 20 Jul 2022 13:23:50 GMT
server
AmazonS3
x-timer
S1698764066.858508,VS0,VE0
etag
"f7533e747bb02a8eb527ada4f2749620"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
WPQDSHjI0-yBKHiRyp0A6R83yvp_1Crbueri-3T9dZgaMPkT7wTTlA==
x-cache-hits
5681
OvaMediaPlayer.js
vidstat.taboola.com/vpaid/vPlayer/player/v15.6.4/ 		426 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/vPlayer/player/v15.6.4/OvaMediaPlayer.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/33_5_1/infra/cmTagFEED_MANAGER.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
5af0dc859041c89bf851237f7f3a1e5ecacf33d3ca6b639b56c5ec08e6e9add5

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-meta-mtime
1698483664
date
Tue, 31 Oct 2023 14:54:25 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
WFFAARTPCHM85DGR
age
280331
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-meta-ctime
1698483676
x-amz-meta-mode
33188
content-length
81953
x-amz-id-2
INdxtVTjYreA7ajvgcqaYb1g/H0J7t6XlnAVLUZPdSOwOZwj3YvZd9Idm5LlHtGcqXNGGh4MAug=
x-served-by
cache-fra-eddf8230067-FRA
last-modified
Sat, 28 Oct 2023 09:01:17 GMT
server
AmazonS3-br
x-timer
S1698764066.917217,VS0,VE0
etag
"046e2210e98a96b334df701c991c6569"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
273803
sync
am-match.taboola.com/ Frame 35E4 		439 B
524 B 		Document
General
Check archive.org
Download Go to
Full URL
https://am-match.taboola.com/sync?dast=V8FNMCLAb0wbEiL-jGhxHog2NFXtCNDysAAABgYID-AEnMXJvNcrRYqza-wVo0m9jWEsvIuFYulrONaTfbOFceIyCJmWuzWY4Wa9XGN1iLZhPbWmIZGdfKxXK2Me1mG-fKYwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ2aDodPte9Xvf73SU-z1zj9yv8wqfD7nOLnm7N0WX3ueUOu1v4tPvcapfTLXa6pUeH3612utxip8PvFj0ddrfY4XeL_nafW_h6uYWvt9TpeuscfrfO9Rb97T631vWw-9wSp8NvF5reZjsAAAAAePD___8PAQAAACACAAAAgAQAAAAACgEV_i0IXAAAAADA8P___68B4JkDwhgdbovZb_cHAAAAABAAAAAAJAAQ0A9LAMQY7534_________48xQJ95I-P_____hkEPgAcfAA9CAAAAPoYEwIFP2Z-Z0xIpOC7CCAAAAMCwc5rgkUk6QcWiyv__f78VgCsAAAGLhjqGr1l0ByXewgAAAAiMWaCHxe83O-wav9tl_v_________N_J_5RyO044GbBmi68EPNLyAAwJpfQAAANuoGAOCNAJygQ9CKwWB1AmJ2AAAAAO78____6wHJwcowc2wmg4XN5BoOB8ONa-aZrVwLk2dlWw1m3hPvPGh1_LV932dDWGa_76CgnJ4es8sgY7lMBvFBw7CcDIL5mbDFaDWZbJbD2XIxGQxHw9FofwRwOUATMVguJ5PFZLcarUab4W40GyyQQAwmiKJFg8lqNJosJsPVaLKaLRe73QZRtGo1G20Gw9VsMtvtVsPBcDkaoQlbjFaTyWY5nC0Xk8FwNByNhgjmVqvlxGHzrRWu1WQtGm08a-FyYnMLhoPhyjObzYYjj1v0-pg-noVz4TBskWAA314kT4t0oluMFsuZZTcYuRye5WqwsYxWlsFgM1uZXJaJyzURSzQni3Qiu-ybg5Vh5thMBgubyTUcDoYb18wzW7kWJs_KthrM_L3Vajlx2HxrhWs1WYtGG89auJzY3ILhYLjyzGaz4cjjFr0-po9n4Vw4DPvGbDnczUaD2WjfmC2Hu9loMBvtO3SG7-pzNirLKslHaJ5pkx9pzWlQuAwW70t9Og8LxoL67Dk6hR7Ps6gz-v1-v9_v9_v9fr9B6zmYDQrf8_AXTh_LczmcjR7EBoMilggu0ongYXY7TC-3xOfZ-C1iidJ0kU70Cr_w6bD73KKnW3N02X1uucPuFj7tPrfa5XSLnW7p0eF3q50ut9jp8LtFT4fdLXb43aK_3ecWvl5u4estdbreOoffrXO9RX-7z611Pew-t8Tp8NuFprfZIpYIThfpRPQyni7qP3qI5WouGczmisFqrtgMVgkAAAAAAAAAwBJMM90EAAAAwMmghpvhYrVOBzOZTQa71XIBXARl6QIGAQAAAAAAKNbYYw3wMLsdppdb4vNs_FYGIMGcx2yzzwhirVbLGgAAgAA2AACAAG668SZgJYr7____HwcAAEBGDj0AAAD6fUBYIUeuFHrh_ApiMtkM9w9AhVir1ep2Y61WK6DBrJajzW4C_____wE!&excid=22&docw=0&cijs=1&nlb=false
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/33_5_1/infra/cmTagFEED_MANAGER.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
2964c170ea0c2506aa35751385943bc7fbf32641578c66f94365bc3025e8c142

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

content-type
text/html;charset=ISO-8859-1
date
Tue, 31 Oct 2023 14:54:25 GMT
machineid
3402
server
nginx
st
am-vid-events.taboola.com/ 		0
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=16&cisd=convusmp&cipid=66361655&crid=-1&dast=V8FNMCLAb0wbEiL-jGhxHog2NFXtCNDysAAABgYID-AEnMXJvNcrRYqza-wVo0m9jWEsvIuFYulrONaTfbOFceIyCJmWuzWY4Wa9XGN1iLZhPbWmIZGdfKxXK2Me1mG-fKYwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ2aDodPte9Xvf73SU-z1zj9yv8wqfD7nOLnm7N0WX3ueUOu1v4tPvcapfTLXa6pUeH3612utxip8PvFj0ddrfY4XeL_nafW_h6uYWvt9TpeuscfrfO9Rb97T631vWw-9wSp8NvF5reZjsAAAAAePD___8PAQAAACACAAAAgAQAAAAACgEV_i0IXAAAAADA8P___68B4JkDwhgdbovZb_cHAAAAABAAAAAAJAAQ0A9LAMQY7534_________48xQJ95I-P_____hkEPgAcfAA9CAAAAPoYEwIFP2Z-Z0xIpOC7CCAAAAMCwc5rgkUk6QcWiyv__f78VgCsAAAGLhjqGr1l0ByXewgAAAAiMWaCHxe83O-wav9tl_v_________N_J_5RyO044GbBmi68EPNLyAAwJpfQAAANuoGAOCNAJygQ9CKwWB1AmJ2AAAAAO78____6wHJwcowc2wmg4XN5BoOB8ONa-aZrVwLk2dlWw1m3hPvPGh1_LV932dDWGa_76CgnJ4es8sgY7lMBvFBw7CcDIL5mbDFaDWZbJbD2XIxGQxHw9FofwRwOUATMVguJ5PFZLcarUab4W40GyyQQAwmiKJFg8lqNJosJsPVaLKaLRe73QZRtGo1G20Gw9VsMtvtVsPBcDkaoQlbjFaTyWY5nC0Xk8FwNByNhgjmVqvlxGHzrRWu1WQtGm08a-FyYnMLhoPhyjObzYYjj1v0-pg-noVz4TBskWAA314kT4t0oluMFsuZZTcYuRye5WqwsYxWlsFgM1uZXJaJyzURSzQni3Qiu-ybg5Vh5thMBgubyTUcDoYb18wzW7kWJs_KthrM_L3Vajlx2HxrhWs1WYtGG89auJzY3ILhYLjyzGaz4cjjFr0-po9n4Vw4DPvGbDnczUaD2WjfmC2Hu9loMBvtO3SG7-pzNirLKslHaJ5pkx9pzWlQuAwW70t9Og8LxoL67Dk6hR7Ps6gz-v1-v9_v9_v9fr9B6zmYDQrf8_AXTh_LczmcjR7EBoMilggu0ongYXY7TC-3xOfZ-C1iidJ0kU70Cr_w6bD73KKnW3N02X1uucPuFj7tPrfa5XSLnW7p0eF3q50ut9jp8LtFT4fdLXb43aK_3ecWvl5u4estdbreOoffrXO9RX-7z611Pew-t8Tp8NuFprfZIpYIThfpRPQyni7qP3qI5WouGczmisFqrtgMVgkAAAAAAAAAwBJMM90EAAAAwMmghpvhYrVOBzOZTQa71XIBXARl6QIGAQAAAAAAKNbYYw3wMLsdppdb4vNs_FYGIMGcx2yzzwhirVbLGgAAgAA2AACAAG668SZgJYr7____HwcAAEBGDj0AAAD6fUBYIUeuFHrh_ApiMtkM9w9AhVir1ep2Y61WK6DBrJajzW4C_____wE!&cmcv=&pix=31579697&cb=1698764065911&uv=3351&tms=1698764065911&su=3&abt=adxLoadDist7-out_vB!adxsub-out_vA!adxsub-out_vB!esv_vC!rbcatc_vA!ufm_vG!ufwfrtb_vA!unf_vA&ft=0&unm=FEED_MANAGER&su=3&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xiang-ti-sheng-nan-xing-mei-li-zhao-mie-liao-tian-lao-tong-xue-xu-jiu-gao-gu-tong-kuang-biao.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 14:54:25 GMT
content-length
0
server
nginx
GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html
adx.holmesmind.com/adx-file/20230617/ Frame 061C
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=16987...
  • https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html
459 B
870 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310250101/show_ads_impl_fy2021.js?bust=31079177
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:4800:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
eae438576c20d429574bb39337c98179423e0ec301675c2ba564e15fd2e0ae0c

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
187
content-length
459
content-type
text/html
date
Tue, 31 Oct 2023 14:51:20 GMT
etag
"b488597db51c4a25cc169c0690d8eea0"
last-modified
Sat, 17 Jun 2023 07:13:44 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 03249875678629095a5ec311a6f1a298.cloudfront.net (CloudFront)
x-amz-cf-id
E_R9d9trUnoVlMA9Spuus2ANtErfTMUAWgqrNoIHoqOEfZFOiItn_Q==
x-amz-cf-pop
FRA60-P2
x-amz-server-side-encryption
AES256
x-amz-version-id
YJSjBgr7qtGU8YTUZxdm49TPP59hJ0a5
x-cache
Hit from cloudfront

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 31 Oct 2023 14:54:26 GMT
location
https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		27 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3035925322168159&correlator=3475215047300125&eid=31079240&output=ldjh&gdfp_req=1&vrg=202310230101&ptt=17&impl=fif&iu_parts=103512698%3A22574853003%2C22477626096&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C728x250%7C728x90%7C690x90%7C690x250%7C675x90%7C675x250%7C670x90%7C670x250%7C650x90%7C650x250%7C650x150%7C630x90%7C630x250%7C602x100%7C600x90%7C600x250%7C580x90%7C570x90%7C550x150%7C468x60%7C320x50%7C320x100%7C300x50%7C300x100%7C300x75%7C300x250%7C250x250%7C200x200&fluid=height&ifi=3&sfv=1-0-40&eri=1&sc=1&cookie=ID%3Db9006376001d9785%3AT%3D1698764064%3ART%3D1698764064%3AS%3DALNI_MYqwA0M6cyUwPLq-7_IJqS8H0YPPQ&gpic=UID%3D00000caf8311e983%3AT%3D1698764064%3ART%3D1698764064%3AS%3DALNI_MZgOXJZPjiP8Dpzft0WXyqThEUK6A&arp=1&abxe=1&dt=1698764066003&lmt=1698760466&adxs=236&adys=60&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxiang-ti-sheng-nan-xing-mei-li-zhao-mie-liao-tian-lao-tong-xue-xu-jiu-gao-gu-tong-kuang-biao.html&vis=1&psz=728x-1&msz=728x-1&fws=4&ohw=728&psts=AOrYGsk-tyJ05tWsZQE4I8U0R5byXkwPsFbrIFX2Latprnk1TwNKWF_CzlxBJSJPj3bObKpopmHBp2styrc8Laz_LXg&ga_vid=941611089.1698764064&ga_sid=1698764064&ga_hid=335915574&ga_fc=true&dlt=1698764063412&idt=901&prev_scp=stopUnfilledRefresh3%3Dd_g0_u0%26adpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D1%26fluid%3D0%26vacant_variation%3Dexperiment_bp_0%26vacant_RCA%3DE_0%26refreshcount%3D0%26refreshrate%3D27%26control_reporting%3Dchrome_DESKTOP_7_0%26cluster_reporting%3Dchrome_DESKTOP_7_1_active_0%26refresh27Split%3Drefresh_experiment_2_pv%26ap_refresh_type%3DAV_1%26hb_ap_format%3Dbanner%26hb_ap_pb%3D0.15%26hb_ap_adid%3D801b4cb0b6e3cfe%26hb_ap_bidder%3Drubicon%26hb_native_linkurl_ap%3Dhb_native_linkurl%253A76138546c1e9cbd%26hb_native_image_appn%3Dhb_native_image%253A76138546c1e9cbd%26hb_native_body_appne%3Dhb_native_body%253A76138546c1e9cbd%26hb_native_title_appn%3Dhb_native_title%253A76138546c1e9cbd%26fcEnabled%3D0&cust_params=da%3Dadx%26outbrain%3Dtrue%26ap_product%3Dadpushup%26pubmatic_eb_disable%3Dfalse%26faid%3Dfalse%26adro%3Dv8_c&adks=2102018513&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310230101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a1e97835a44625b2df57c62bc417fabd53851bf006164fdb549ef8a5cf8024d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 14:54:26 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12122
x-xss-protection
0
google-lineitem-id
5221339627
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138441539650
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		24 KB
11 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3035925322168159&correlator=3475215047300125&eid=31079240&output=ldjh&gdfp_req=1&vrg=202310230101&ptt=17&impl=fif&iu_parts=103512698%3A22574853003%2C22479095528&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C970x90%7C900x90%7C728x90%7C690x90%7C675x90%7C670x90%7C650x90%7C630x90%7C600x90%7C580x90%7C570x90%7C468x60%7C320x50%7C300x50%7C300x75&fluid=height&ifi=4&sfv=1-0-40&eri=1&sc=1&cookie=ID%3Db9006376001d9785%3AT%3D1698764064%3ART%3D1698764064%3AS%3DALNI_MYqwA0M6cyUwPLq-7_IJqS8H0YPPQ&gpic=UID%3D00000caf8311e983%3AT%3D1698764064%3ART%3D1698764064%3AS%3DALNI_MZgOXJZPjiP8Dpzft0WXyqThEUK6A&arp=1&abxe=1&dt=1698764066008&lmt=1698760466&adxs=315&adys=1110&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxiang-ti-sheng-nan-xing-mei-li-zhao-mie-liao-tian-lao-tong-xue-xu-jiu-gao-gu-tong-kuang-biao.html&vis=1&psz=970x-1&msz=970x-1&fws=516&ohw=1600&psts=AOrYGsk-tyJ05tWsZQE4I8U0R5byXkwPsFbrIFX2Latprnk1TwNKWF_CzlxBJSJPj3bObKpopmHBp2styrc8Laz_LXg&ga_vid=941611089.1698764064&ga_sid=1698764064&ga_hid=335915574&ga_fc=true&dlt=1698764063412&idt=901&prev_scp=stopUnfilledRefresh3%3Dd_g0_u0%26adpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D1%26fluid%3D0%26vacant_variation%3Dexperiment_bp_0%26vacant_RCA%3DE_0%26refreshcount%3D0%26refreshrate%3D30%26control_reporting%3Dchrome_DESKTOP_7_0%26cluster_reporting%3Dchrome_DESKTOP_7_1_active_0%26ap_refresh_type%3DAV_3%26hb_native_image%3Dhb_native_image%253A77d28e1bf5eea66%26hb_native_linkurl%3Dhb_native_linkurl%253A77d28e1bf5eea66%26hb_native_body%3Dhb_native_body%253A77d28e1bf5eea66%26hb_native_title%3Dhb_native_title%253A77d28e1bf5eea66%26hb_ap_format%3Dnative%26hb_ap_pb%3D0.03%26hb_ap_adid%3D77d28e1bf5eea66%26hb_ap_bidder%3Dappnexus%26hb_native_linkurl_ap%3Dhb_native_linkurl%253A77d28e1bf5eea66%26hb_native_image_appn%3Dhb_native_image%253A77d28e1bf5eea66%26hb_native_body_appne%3Dhb_native_body%253A77d28e1bf5eea66%26hb_native_title_appn%3Dhb_native_title%253A77d28e1bf5eea66%26fcEnabled%3D0&cust_params=da%3Dadx%26outbrain%3Dtrue%26ap_product%3Dadpushup%26pubmatic_eb_disable%3Dfalse%26faid%3Dfalse%26adro%3Dv8_c&adks=3374688892&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310230101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
45216dba89e6a2e7582cf2330c6644e9734fa99fef1866c32fc23a7a04dbaf72
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 14:54:26 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11391
x-xss-protection
0
google-lineitem-id
5317549578
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138305001114
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
blackScreen5.mp4
vidstatb.taboola.com/vid/ 		89 KB
89 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://vidstatb.taboola.com/vid/blackScreen5.mp4
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xiang-ti-sheng-nan-xing-mei-li-zhao-mie-liao-tian-lao-tong-xue-xu-jiu-gao-gu-tong-kuang-biao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0407dafc112212a135d1aa4dd9b40ba0208c6bb6b1959f5535af093254189d66

Request headers

Referer
https://www.bg3.co/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

x-amz-meta-mtime
1497790207
date
Tue, 31 Oct 2023 14:54:26 GMT
via
1.1 795296520f6c881b9bc43c02feb87e9a.cloudfront.net (CloudFront), 1.1 varnish
x-amz-cf-pop
WAW51-P3
age
3215411
x-cache
Hit from cloudfront, HIT
Content-Range
bytes 0-90783/90784
x-amz-meta-mode
33188
Content-Length
90784
x-served-by
cache-fra-eddf8230065-FRA
last-modified
Sun, 02 Jul 2017 20:40:57 GMT
server
AmazonS3
x-timer
S1698764066.087841,VS0,VE0
etag
"b2b087fe4ae638c533731c347fcd4df8"
x-amz-meta-uid
0
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
video/mp4
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
xtvdtXdg65Tse6z_ZJhus8xqGCETujMuNl_HaJqQ-1vnBjJJMisxCQ==
x-cache-hits
40348
bulk
trc.taboola.com/palmate-bg3co/log/3/ 		0
327 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/palmate-bg3co/log/3/bulk?tvi2=-2&tvi48=10143&tvi50=12238&route=AM%3AIL%3AV&lti=deflated&bulkSize=12
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231031-1-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
77
date
Tue, 31 Oct 2023 14:54:26 GMT
via
1.1 varnish
x-fastly-to-nlb-rtt
59146
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-fra-eddf8230065-FRA
pragma
no-cache
server
nginx
x-timer
S1698764066.087862,VS0,VE77
content-type
image/gif
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ 		254 B
754 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xiang-ti-sheng-nan-xing-mei-li-zhao-mie-liao-tian-lao-tong-xue-xu-jiu-gao-gu-tong-kuang-biao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
date
Tue, 31 Oct 2023 14:54:26 GMT
via
1.1 varnish
x-amz-request-id
1V3H9VCVPBG1B2M0
age
17213
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
254
x-amz-id-2
ecEkqIT2UiXx3kNvrYZW8vzeO4j3+ukvjDCTHGC9cb5Y1awQ9zHumBitHqhNLm54Y/VcUMLqVJ0=
x-served-by
cache-fra-eddf8230065-FRA
last-modified
Wed, 24 Jun 2015 07:14:11 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer
S1698764066.087859,VS0,VE0
etag
"dfa7b52c86e56bd67fa4002f6ed19854"
content-type
image/png
abp
32
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
13659
generic
match.adsrvr.org/track/cmf/ Frame 35E4 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8FNMCLAb0wbEiL-jGhxHog2NFXtCNDysAAABgYID-AEnMXJvNcrRYqza-wVo0m9jWEsvIuFYulrONaTfbOFceIyCJmWuzWY4Wa9XGN1iLZhPbWmIZGdfKxXK2Me1mG-fKYwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ2aDodPte9Xvf73SU-z1zj9yv8wqfD7nOLnm7N0WX3ueUOu1v4tPvcapfTLXa6pUeH3612utxip8PvFj0ddrfY4XeL_nafW_h6uYWvt9TpeuscfrfO9Rb97T631vWw-9wSp8NvF5reZjsAAAAAePD___8PAQAAACACAAAAgAQAAAAACgEV_i0IXAAAAADA8P___68B4JkDwhgdbovZb_cHAAAAABAAAAAAJAAQ0A9LAMQY7534_________48xQJ95I-P_____hkEPgAcfAA9CAAAAPoYEwIFP2Z-Z0xIpOC7CCAAAAMCwc5rgkUk6QcWiyv__f78VgCsAAAGLhjqGr1l0ByXewgAAAAiMWaCHxe83O-wav9tl_v_________N_J_5RyO044GbBmi68EPNLyAAwJpfQAAANuoGAOCNAJygQ9CKwWB1AmJ2AAAAAO78____6wHJwcowc2wmg4XN5BoOB8ONa-aZrVwLk2dlWw1m3hPvPGh1_LV932dDWGa_76CgnJ4es8sgY7lMBvFBw7CcDIL5mbDFaDWZbJbD2XIxGQxHw9FofwRwOUATMVguJ5PFZLcarUab4W40GyyQQAwmiKJFg8lqNJosJsPVaLKaLRe73QZRtGo1G20Gw9VsMtvtVsPBcDkaoQlbjFaTyWY5nC0Xk8FwNByNhgjmVqvlxGHzrRWu1WQtGm08a-FyYnMLhoPhyjObzYYjj1v0-pg-noVz4TBskWAA314kT4t0oluMFsuZZTcYuRye5WqwsYxWlsFgM1uZXJaJyzURSzQni3Qiu-ybg5Vh5thMBgubyTUcDoYb18wzW7kWJs_KthrM_L3Vajlx2HxrhWs1WYtGG89auJzY3ILhYLjyzGaz4cjjFr0-po9n4Vw4DPvGbDnczUaD2WjfmC2Hu9loMBvtO3SG7-pzNirLKslHaJ5pkx9pzWlQuAwW70t9Og8LxoL67Dk6hR7Ps6gz-v1-v9_v9_v9fr9B6zmYDQrf8_AXTh_LczmcjR7EBoMilggu0ongYXY7TC-3xOfZ-C1iidJ0kU70Cr_w6bD73KKnW3N02X1uucPuFj7tPrfa5XSLnW7p0eF3q50ut9jp8LtFT4fdLXb43aK_3ecWvl5u4estdbreOoffrXO9RX-7z611Pew-t8Tp8NuFprfZIpYIThfpRPQyni7qP3qI5WouGczmisFqrtgMVgkAAAAAAAAAwBJMM90EAAAAwMmghpvhYrVOBzOZTQa71XIBXARl6QIGAQAAAAAAKNbYYw3wMLsdppdb4vNs_FYGIMGcx2yzzwhirVbLGgAAgAA2AACAAG668SZgJYr7____HwcAAEBGDj0AAAD6fUBYIUeuFHrh_ApiMtkM9w9AhVir1ep2Y61WK6DBrJajzW4C_____wE!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 14:54:26 GMT
server
Kestrel
content-length
70
content-type
image/gif
/
sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/ Frame 35E4
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/taboola/7559baf7-a552-44c3-89bf-0808e36668dc-tuctc3a9aa0?gdpr=1&us_privacy=1---
  • https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-wYJZAspE2oSKW.53xYwFeX2BTPpjHwaPJz36Vw--~A
0
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-wYJZAspE2oSKW.53xYwFeX2BTPpjHwaPJz36Vw--~A
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8FNMCLAb0wbEiL-jGhxHog2NFXtCNDysAAABgYID-AEnMXJvNcrRYqza-wVo0m9jWEsvIuFYulrONaTfbOFceIyCJmWuzWY4Wa9XGN1iLZhPbWmIZGdfKxXK2Me1mG-fKYwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ2aDodPte9Xvf73SU-z1zj9yv8wqfD7nOLnm7N0WX3ueUOu1v4tPvcapfTLXa6pUeH3612utxip8PvFj0ddrfY4XeL_nafW_h6uYWvt9TpeuscfrfO9Rb97T631vWw-9wSp8NvF5reZjsAAAAAePD___8PAQAAACACAAAAgAQAAAAACgEV_i0IXAAAAADA8P___68B4JkDwhgdbovZb_cHAAAAABAAAAAAJAAQ0A9LAMQY7534_________48xQJ95I-P_____hkEPgAcfAA9CAAAAPoYEwIFP2Z-Z0xIpOC7CCAAAAMCwc5rgkUk6QcWiyv__f78VgCsAAAGLhjqGr1l0ByXewgAAAAiMWaCHxe83O-wav9tl_v_________N_J_5RyO044GbBmi68EPNLyAAwJpfQAAANuoGAOCNAJygQ9CKwWB1AmJ2AAAAAO78____6wHJwcowc2wmg4XN5BoOB8ONa-aZrVwLk2dlWw1m3hPvPGh1_LV932dDWGa_76CgnJ4es8sgY7lMBvFBw7CcDIL5mbDFaDWZbJbD2XIxGQxHw9FofwRwOUATMVguJ5PFZLcarUab4W40GyyQQAwmiKJFg8lqNJosJsPVaLKaLRe73QZRtGo1G20Gw9VsMtvtVsPBcDkaoQlbjFaTyWY5nC0Xk8FwNByNhgjmVqvlxGHzrRWu1WQtGm08a-FyYnMLhoPhyjObzYYjj1v0-pg-noVz4TBskWAA314kT4t0oluMFsuZZTcYuRye5WqwsYxWlsFgM1uZXJaJyzURSzQni3Qiu-ybg5Vh5thMBgubyTUcDoYb18wzW7kWJs_KthrM_L3Vajlx2HxrhWs1WYtGG89auJzY3ILhYLjyzGaz4cjjFr0-po9n4Vw4DPvGbDnczUaD2WjfmC2Hu9loMBvtO3SG7-pzNirLKslHaJ5pkx9pzWlQuAwW70t9Og8LxoL67Dk6hR7Ps6gz-v1-v9_v9_v9fr9B6zmYDQrf8_AXTh_LczmcjR7EBoMilggu0ongYXY7TC-3xOfZ-C1iidJ0kU70Cr_w6bD73KKnW3N02X1uucPuFj7tPrfa5XSLnW7p0eF3q50ut9jp8LtFT4fdLXb43aK_3ecWvl5u4estdbreOoffrXO9RX-7z611Pew-t8Tp8NuFprfZIpYIThfpRPQyni7qP3qI5WouGczmisFqrtgMVgkAAAAAAAAAwBJMM90EAAAAwMmghpvhYrVOBzOZTQa71XIBXARl6QIGAQAAAAAAKNbYYw3wMLsdppdb4vNs_FYGIMGcx2yzzwhirVbLGgAAgAA2AACAAG668SZgJYr7____HwcAAEBGDj0AAAD6fUBYIUeuFHrh_ApiMtkM9w9AhVir1ep2Y61WK6DBrJajzW4C_____wE!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 14:54:26 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
38723

Redirect headers

date
Tue, 31 Oct 2023 14:54:26 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-wYJZAspE2oSKW.53xYwFeX2BTPpjHwaPJz36Vw--~A
content-length
0
sync
ups.analytics.yahoo.com/ups/58785/ Frame 35E4 		0
125 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58785/sync?redir=true&gdpr=1&us_privacy=1---
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8FNMCLAb0wbEiL-jGhxHog2NFXtCNDysAAABgYID-AEnMXJvNcrRYqza-wVo0m9jWEsvIuFYulrONaTfbOFceIyCJmWuzWY4Wa9XGN1iLZhPbWmIZGdfKxXK2Me1mG-fKYwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ2aDodPte9Xvf73SU-z1zj9yv8wqfD7nOLnm7N0WX3ueUOu1v4tPvcapfTLXa6pUeH3612utxip8PvFj0ddrfY4XeL_nafW_h6uYWvt9TpeuscfrfO9Rb97T631vWw-9wSp8NvF5reZjsAAAAAePD___8PAQAAACACAAAAgAQAAAAACgEV_i0IXAAAAADA8P___68B4JkDwhgdbovZb_cHAAAAABAAAAAAJAAQ0A9LAMQY7534_________48xQJ95I-P_____hkEPgAcfAA9CAAAAPoYEwIFP2Z-Z0xIpOC7CCAAAAMCwc5rgkUk6QcWiyv__f78VgCsAAAGLhjqGr1l0ByXewgAAAAiMWaCHxe83O-wav9tl_v_________N_J_5RyO044GbBmi68EPNLyAAwJpfQAAANuoGAOCNAJygQ9CKwWB1AmJ2AAAAAO78____6wHJwcowc2wmg4XN5BoOB8ONa-aZrVwLk2dlWw1m3hPvPGh1_LV932dDWGa_76CgnJ4es8sgY7lMBvFBw7CcDIL5mbDFaDWZbJbD2XIxGQxHw9FofwRwOUATMVguJ5PFZLcarUab4W40GyyQQAwmiKJFg8lqNJosJsPVaLKaLRe73QZRtGo1G20Gw9VsMtvtVsPBcDkaoQlbjFaTyWY5nC0Xk8FwNByNhgjmVqvlxGHzrRWu1WQtGm08a-FyYnMLhoPhyjObzYYjj1v0-pg-noVz4TBskWAA314kT4t0oluMFsuZZTcYuRye5WqwsYxWlsFgM1uZXJaJyzURSzQni3Qiu-ybg5Vh5thMBgubyTUcDoYb18wzW7kWJs_KthrM_L3Vajlx2HxrhWs1WYtGG89auJzY3ILhYLjyzGaz4cjjFr0-po9n4Vw4DPvGbDnczUaD2WjfmC2Hu9loMBvtO3SG7-pzNirLKslHaJ5pkx9pzWlQuAwW70t9Og8LxoL67Dk6hR7Ps6gz-v1-v9_v9_v9fr9B6zmYDQrf8_AXTh_LczmcjR7EBoMilggu0ongYXY7TC-3xOfZ-C1iidJ0kU70Cr_w6bD73KKnW3N02X1uucPuFj7tPrfa5XSLnW7p0eF3q50ut9jp8LtFT4fdLXb43aK_3ecWvl5u4estdbreOoffrXO9RX-7z611Pew-t8Tp8NuFprfZIpYIThfpRPQyni7qP3qI5WouGczmisFqrtgMVgkAAAAAAAAAwBJMM90EAAAAwMmghpvhYrVOBzOZTQa71XIBXARl6QIGAQAAAAAAKNbYYw3wMLsdppdb4vNs_FYGIMGcx2yzzwhirVbLGgAAgAA2AACAAG668SZgJYr7____HwcAAEBGDj0AAAD6fUBYIUeuFHrh_ApiMtkM9w9AhVir1ep2Y61WK6DBrJajzW4C_____wE!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-75-62-37.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.87 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 14:54:26 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
js
www.googletagmanager.com/gtag/ 		270 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JLX4K2W8JS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
56cc71004ff508068962d6cc538685227b648aa0b5f225a72b1d8c5cb66b5bd2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 14:54:26 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
91415
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 31 Oct 2023 14:54:26 GMT
khaos.json
token.rubiconproject.com/ Frame DA11 		7 B
380 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?gdpr=1&us_privacy=1---&khaos=LOEG9HJE-1C-LMHU
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
e8e3ec71b160ae7345e4e302cc752a77
Expires
0
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v12/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v12/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/player/ui/css/video_playlist.css?v=1698683788
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4ab7918478793ceb022d3f5449e401b44b78d87bc4429058ebb8b64163640da2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ad.vidverto.io/
Origin
https://www.bg3.co
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 28 Oct 2023 06:17:50 GMT
x-content-type-options
nosniff
age
290196
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18684
x-xss-protection
0
last-modified
Tue, 07 Nov 2017 15:24:32 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 27 Oct 2024 06:17:50 GMT
JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v12/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v12/JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/player/ui/css/video_playlist.css?v=1698683788
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
746589ecfb4406519933a6aea5f1149224afcba81e3c3ef0541e7ad6c8111b7e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ad.vidverto.io/
Origin
https://www.bg3.co
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 28 Oct 2023 04:55:47 GMT
x-content-type-options
nosniff
age
295119
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18956
x-xss-protection
0
last-modified
Tue, 07 Nov 2017 15:27:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 27 Oct 2024 04:55:47 GMT
logo.svg
ad.vidverto.io/vidverto/player/ 		414 B
551 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.vidverto.io/vidverto/player/logo.svg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xiang-ti-sheng-nan-xing-mei-li-zhao-mie-liao-tian-lao-tong-xue-xu-jiu-gao-gu-tong-kuang-biao.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.165.240.175 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-165-240-175.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
8d5d4d2769bdb28802f4309747ef6a358007eeb37daadc66a78ba0ca81cd4bce

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 14:54:26 GMT
last-modified
Wed, 04 May 2022 14:39:21 GMT
server
nginx/1.14.0 (Ubuntu)
accept-ranges
bytes
etag
"62729019-19e"
content-length
414
content-type
image/svg+xml
ima3.js
imasdk.googleapis.com/js/sdkloader/ 		362 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/player/vidvertoplayer.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
44590d715648a4e9c3bba8238e611ba07c8469581e0beece4e0a773bc8745f3b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 14:54:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
127418
x-xss-protection
0
expires
Tue, 31 Oct 2023 14:54:26 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 3E74 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
14189
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 31 Oct 2023 10:57:57 GMT
expires
Wed, 30 Oct 2024 10:57:57 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 1F26 		829 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
932ff4ef67b5c172b0b040d097309bc8cda91badd8494bfd1d7f225dcdff2a9f
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-EgY1xmW-wBBXYpGkJS4_aQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-EgY1xmW-wBBXYpGkJS4_aQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 31 Oct 2023 14:54:26 GMT
expires
Tue, 31 Oct 2023 14:54:26 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
jsk
ialaddin.genieesspv.jp/yie/ld/ Frame 1A62 		724 B
643 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ialaddin.genieesspv.jp/yie/ld/jsk?zoneid=1550967&cb=30360248442&charset=UTF-8&loc=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxiang-ti-sheng-nan-xing-mei-li-zhao-mie-liao-tian-lao-tong-xue-xu-jiu-gao-gu-tong-kuang-biao.html&sw=1200&sh=1600&topframe=0
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xiang-ti-sheng-nan-xing-mei-li-zhao-mie-liao-tian-lao-tong-xue-xu-jiu-gao-gu-tong-kuang-biao.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
222.230.178.132 Hadano, Japan, ASN2519 (VECTANT ARTERIA Networks Corporation, JP),
Reverse DNS
Software
/
Resource Hash
f37bbc7351a147c46e39abbc29083386e848eb80396410db8bf3257732926c5d

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Oct 2023 14:54:27 GMT
content-encoding
gzip
content-type
text/javascript; charset=UTF-8
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
cross-origin-resource-policy
cross-origin
expires
Mon, 26 Jul 1997 05:00:00 GMT
im-uid-hook.js
dmp.im-apps.net/scripts/ Frame 1A62 		633 B
597 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dmp.im-apps.net/scripts/im-uid-hook.js?cid=3929
Requested by
Host: js.genieessp.com
URL: https://js.genieessp.com/t/550/967/a1550967.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:c6::210:6568 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
21bd977042a76480805895c3bc4371d79fe7da93c8cf7af08687e0b58f4e39ad

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 14:54:26 GMT
content-encoding
gzip
vary
Accept-Encoding
p3p
CP="NOI PSD OTR"
content-type
text/javascript
cache-control
private, max-age=3600
content-length
445
expires
Tue, 31 Oct 2023 15:54:26 GMT
480_650.mp4
cdn.vidverto.io/secured2/5yo4VCLdu0EGWaOQA4HJ_Q:1698767664/1327/video/1813/ 		232 KB
232 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.vidverto.io/secured2/5yo4VCLdu0EGWaOQA4HJ_Q:1698767664/1327/video/1813/480_650.mp4
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xiang-ti-sheng-nan-xing-mei-li-zhao-mie-liao-tian-lao-tong-xue-xu-jiu-gao-gu-tong-kuang-biao.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
190.2.151.7 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
190-2-151-7.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
beb2664a5d83399cbee87a2893eaf95a7cc8ce025afe188ea91934eb73669776

Request headers

Referer
https://www.bg3.co/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=16973824-

Response headers

Date
Tue, 31 Oct 2023 14:54:26 GMT
Last-Modified
Thu, 02 Sep 2021 16:35:03 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"6130fd37-1069ee0"
Content-Type
video/mp4
Access-Control-Allow-Origin
*
Content-Range
bytes 16973824-17211103/17211104
Connection
keep-alive
Content-Length
237280
480_650.mp4
cdn.vidverto.io/secured2/5yo4VCLdu0EGWaOQA4HJ_Q:1698767664/1327/video/1813/ 		88 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.vidverto.io/secured2/5yo4VCLdu0EGWaOQA4HJ_Q:1698767664/1327/video/1813/480_650.mp4
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xiang-ti-sheng-nan-xing-mei-li-zhao-mie-liao-tian-lao-tong-xue-xu-jiu-gao-gu-tong-kuang-biao.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
190.2.151.7 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
190-2-151-7.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash

Request headers

Referer
https://www.bg3.co/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

Date
Tue, 31 Oct 2023 14:54:26 GMT
Last-Modified
Thu, 02 Sep 2021 16:35:03 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"6130fd37-1069ee0"
Content-Type
video/mp4
Access-Control-Allow-Origin
*
Content-Range
bytes 0-17211103/17211104
Connection
keep-alive
Content-Length
17211104
truncated
/ Frame BCAF 		219 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c6360527bc3a4b8a71c25a967de4b6a09040154b8854988d390cc967b7e31d9e

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame BCAF 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvxdXpK5DygRj4PgiBM_tDr-PiRAgkusVCgm1UH1lx2M30F1Ig0W7O5MMrCEzFOt201P9bY86-3ioQEd4VOpgtN5Ao14bagdhcmLReuUuKXPaMlXjyjvw8Ygb0rNnFsktbKwXb7dgikdM6a-PyFwq98t9ZZEP9y6LSq49s6u0EVdbNGsSg0ZbY3cWVrtIqW7BwUzgkK3irvCmZcTOLSICZ83IGNYcvmpKM7Tw0CHUT7b0Q1KEIhvIP5JNrrTVn4dLFkS81AFIiR1u5YKG0n7u4h7P-bihQ7YUAkQNqmWy3fzZUV__pHTdm5E25khSxpiNCYtpQ4&sai=AMfl-YQEVhwQp9cNwoXLJx9JnyhrvX0PDhxzLCW-iUvIxDtwMKMu1mHYb-v2wROURvgrkLsbhRBc7nWTA_PzMzgz1q426o0e8J75vfLqDgjwa2HYF2SAOis_06p3JwEmc6sqi-3Yjw50YBCZkC3TATLL&sig=Cg0ArKJSzHZIH929YioZEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 14:54:26 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 31 Oct 2023 14:54:26 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 17E7 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstNz-OHvgLMmKnMv-T0pvRZkIf1b4yHSBqCEJV5AU9CuctJVzLpm6WBmbX_GxLU59Ih3Hv7gW-_Fw_mX6ZGaDUwbqFIq61jYZwg_1CSXnIGuc0PKg-kDAtoLnSGC1aa3HWk3828E4cc1hl1zorcQa6-lzd2szxz3ESZJW653ifkeLGn9PTb0TRRFZTUdRbc9AZ0k-2ZHmaGTmbOa391S6P2ZAsM2owEL2jT1BjRhQ2lixt05ctdJGN5KOk8mfmq0WiTq0cDKeR4NjK3UqBH8fs2X7jLQ1lff2vi4w2IYRKdqA9BHEGC-3zSzq73p964A21k7CbbbEcDmeKPaaVXa6g-6vNlpX-3ew&sai=AMfl-YRhB8qEV3DUoAX844ShShVu-XAEGmxvcfEeJe1ttNBaMxhO70uCLM9OSrIXCV8wl2WtJy9yheXasTrQCOH128iBvrgNeEevET6q1Ddg3ySRDT2iUACXXgNSOn0VIgk&sig=Cg0ArKJSzM08cD5Qlr4MEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xiang-ti-sheng-nan-xing-mei-li-zhao-mie-liao-tian-lao-tong-xue-xu-jiu-gao-gu-tong-kuang-biao.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 14:54:26 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
logs
http-intake.logs.datadoghq.com/api/v2/ 		2 B
252 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://http-intake.logs.datadoghq.com/api/v2/logs?dd-api-key=pub6b45632781dd758b20e9d8357c39efab&ddsource=nodejs&service=adpushup.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:24e6:b901:33b0:541:cb9a:ca14 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 31 Oct 2023 14:54:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
accept-encoding
identity,gzip,x-gzip,deflate,x-deflate,zstd
content-type
application/json
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
2
pixel
googleads.g.doubleclick.net/xbbe/ Frame 05B7 		267 B
121 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CICSjpAFEL_Xk7MFGNn-0_oBMAE&v=APEucNW16ik6LFxyLfHrGKBVzZ1RyR-TVJDxg2dKgfxCR2RlNH2UcRcnrOH2x_1UeHlZZs-j9B_erUv1jn4liMaj8P2tPM69Gw
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xiang-ti-sheng-nan-xing-mei-li-zhao-mie-liao-tian-lao-tong-xue-xu-jiu-gao-gu-tong-kuang-biao.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
85fc6174ce4620ca01e50174ef4cb0317d5e8574a634bf1924b63dac85d8ef9e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
101
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 31 Oct 2023 14:54:26 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 17E7 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xiang-ti-sheng-nan-xing-mei-li-zhao-mie-liao-tian-lao-tong-xue-xu-jiu-gao-gu-tong-kuang-biao.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 14:54:26 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31491
x-xss-protection
0
server
cafe
etag
6167930392490353973
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Tue, 31 Oct 2023 14:54:26 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 17E7 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-C6Uy4qUTeKIHUgYkMacwteL7rfkgBx8F8L5Qma-9bmftIhT2OdU2Rc92hfNFmnHjRggLsWBkhsqpD6eqnud_17BzyEJg-kaa1Idb5jV5W_KFoBAeg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xiang-ti-sheng-nan-xing-mei-li-zhao-mie-liao-tian-lao-tong-xue-xu-jiu-gao-gu-tong-kuang-biao.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Oct 2023 14:54:26 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 17E7 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=17682563001064296701&x=8&ct=76
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xiang-ti-sheng-nan-xing-mei-li-zhao-mie-liao-tian-lao-tong-xue-xu-jiu-gao-gu-tong-kuang-biao.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Oct 2023 14:54:26 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
06809c97-3569-4f30-9403-498eac215c74
beacon-ams3.rubiconproject.com/beacon/d/ Frame 17E7 		43 B
227 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon-ams3.rubiconproject.com/beacon/d/06809c97-3569-4f30-9403-498eac215c74?oo=0&accountId=20616&siteId=395958&zoneId=2209398&sizeId=2&e=6A1E40E384DA563B9820FAD9BA717E7750FB9084226231E3461BF8A3BBB030E8DABE7F120511C3F3E248B3CBF7B305D0DCFC19BA47F6673C9A5F88A7DBC2AB9D716FB01A2F5063609D433DB3EBF167A62E5027D981BA1AD7B9ADE0D51AD6B48D2D46BA1B6E6556D7DBC23C59662CCB0021E9EF11F093D0298E05D30D24191AC84E6FC96756E5E571C875344222AB52E3813652DE9AE1D8A985D8F0DCE50E93FF67E37E258B7FE78879F8EB678271C9EA1FD5EC0A0A883D65CDA10306204D320B
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xiang-ti-sheng-nan-xing-mei-li-zhao-mie-liao-tian-lao-tong-xue-xu-jiu-gao-gu-tong-kuang-biao.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::67 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Oct 2023 14:54:26 GMT
x-content-type-options
nosniff
x-frame-options
DENY
content-type
image/avif
cache-control
private, max-age=0, no-cache
content-length
43
x-xss-protection
1; mode=block
expires
01 Jan 1970 10:00:00 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 17E7 		188 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310230101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cfd86eed5b662601ed1effa05e0922030a1bbfb3111d160df9b4f71630198c37
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 14:54:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60393
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1698666127188353"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 31 Oct 2023 14:54:26 GMT
aphb
e3.adpushup.com/AdPushupFeedbackWebService/feedback/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/aphb?data=eyJzaXRlSWQiOjQyNzUzLCJ1cmwiOiJodHRwczovL3d3dy5iZzMuY28vYS94aWFuZy10aS1zaGVuZy1uYW4teGluZy1tZWktbGktemhhby1taWUtbGlhby10aWFuLWxhby10b25nLXh1ZS14dS1qaXUtZ2FvLWd1LXRvbmcta3VhbmctYmlhby5odG1sIiwic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInBsYXRmb3JtIjoiREVTS1RPUCIsInBhY2tldElkIjoiMDAwMEE3MDEtMmY1N2RiMTAtMjM5Mi00ZjYyLTgzMjEtNTg5ODUwNmZiNGNhIiwicGFnZUdyb3VwIjoiQVJUSUNMRSIsInBhZ2VWYXJpYXRpb25JZCI6Ijk2NzUwMTI1LWI5MGMtNDk3YS04Njk5LTczMTcxZjdiNDkzNSIsInBhZ2VWYXJpYXRpb25OYW1lIjoiQWRQdXNodXAiLCJwYWdlVmFyaWF0aW9uVHlwZSI6MSwiYmlkcyI6W3siYmlkZGVyIjoicnViaWNvbiIsInJldmVudWUiOjAuMDAwMTUsInJlc3BvbnNlVGltZSI6NDQ2LCJuZXR3b3JrUmVsYXRpb24iOjF9XSwibW9kZSI6MSwiZXJyb3JDb2RlIjoxLCJ3aW5uZXIiOiJydWJpY29uIiwid2lubmVyTmV0d29ya1JlbGF0aW9uIjoxLCJ3aW5uaW5nUmV2ZW51ZSI6MC4wMDAxNSwid2lubmVyQWRVbml0SWQiOiI4MDFiNGNiMGI2ZTNjZmUiLCJ0aW1lZE91dEJpZGRlcnMiOltdLCJzZXJ2aWNlcyI6WzEsM10sInNlY3Rpb25JZCI6Ijc3YTljMjJmLWFjMDItNDVkZC05NmJjLWIwODk2YThhN2Q1YSIsInNlY3Rpb25OYW1lIjoiQVBfTF9EX0FSVElDTEVfNzI4WDI1MF83N2E5YyIsImZvcm1hdFR5cGUiOiJiYW5uZXIiLCJyZWZyZXNoQ291bnQiOjAsInBsYWNlbWVudCI6MSwicmVuZGVyZWRBZFNpemUiOiI3Mjh4OTAiLCJwcmViaWRBdWN0aW9uSWQiOiIyNzRkNmE1Ny04ODk1LTQyMzUtODhiYi0wM2QwMDZlZjVmNjAiLCJoZWFkZXJCaWRkaW5nVHlwZSI6MSwiY291bnRyeSI6IkNIIn0%3D&c_b=4910.599998474121
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xiang-ti-sheng-nan-xing-mei-li-zhao-mie-liao-tian-lao-tong-xue-xu-jiu-gao-gu-tong-kuang-biao.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Oct 2023 14:54:26 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
BmAHiiaA1YYFrPfhVKXM8l5usLvMlATWWUByOfNawoj6jyQhr9t2MfLTYavR%2B%2F7ez7jtOVo7ZNNbqt8w5rLwaVYu7jc99jbLaQ79jFF9C94d9M1Ad8Vyfl7lWBsU3QgQH2xs4Xy19y9giHmRTcduhMPvLble0pwPW8P9%2Bln%2B7A34HIz1otfPci9FRp%2F...
ad.vidverto.io/delivery/video/pod/ Frame 35DF 		52 KB
22 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/delivery/video/pod/BmAHiiaA1YYFrPfhVKXM8l5usLvMlATWWUByOfNawoj6jyQhr9t2MfLTYavR%2B%2F7ez7jtOVo7ZNNbqt8w5rLwaVYu7jc99jbLaQ79jFF9C94d9M1Ad8Vyfl7lWBsU3QgQH2xs4Xy19y9giHmRTcduhMPvLble0pwPW8P9%2Bln%2B7A34HIz1otfPci9FRp%2FeSviycTwMoq1f6b%2FCXUmDh9SDhj4gfsxcASdJbDDov4voas09TPatL0zg%2BmZbNyiM2rejCkWI3HEaOFgYYgdizIGx4vht18I3x8zbJCYreFd%2BC7hfIfGsMwmw%2BSYaF0OwOX4jPhviBUXX6EyLYFQTPGg%2BMOyKTzRRAi%2FXYVBGWpmp%2BAwTmMJ7PjshVs%2B4vZl%2FPx69p0aPelYimM52wBePjI%2Buzmj6Cg1qgTcw1mienxGocEe26d%2F%2FsZVQSi0%2BeBi21uOMVL4Wsu3K5Y4stzhVenFvYVlqYzWoEPwfOSr9p4KGV2gJZuQjcjeXrBb7SiJlhaEDzo406OQYuQ%2B9KNvV9rX2vUg%2FoktB1g0MISgGspHp04ZThwZk6jnVMmvjT6yGjN9w0f2YgZIiXDx7oAyY6nCENyLC0OopaqNQfh3gxNM7B42J%2F9qcxUHWlvnUS%2B35fwoSeRtk4bJv1wdB0zizJumkE3NtUduakaF0PFbGG%2BvKzPYc%2Bu%2FCnhFK4GOgTrIhbB8QxiDpwtSrOV98oh3DGUFyLslIvh3AjMKsaSTsxwDcxuBbFVTG4SDD3wiTarU4HEPy83ZZs9r6jpgpjoct%2BHYK4YPIxJ385%2FkrnJ6daqBHc7kYrO8WO3kBAuFWKN%2Bu%2Fzkn?bids=%7B%7D
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.599.0_en.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.165.240.175 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-165-240-175.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
41dd8c49076ba5c73db693c6f14c1c3fb3013105556201a7a6d8218496802945

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://imasdk.googleapis.com
date
Tue, 31 Oct 2023 14:54:26 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/xml;charset=UTF-8
collect
region1.google-analytics.com/g/ 		0
45 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-Z0TZ7TDHS1&gtm=45je3ap0v886690812&_p=335915574&gcd=11l1l1l1l1&cid=941611089.1698764064&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1698764066&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxiang-ti-sheng-nan-xing-mei-li-zhao-mie-liao-tian-lao-tong-xue-xu-jiu-gao-gu-tong-kuang-biao.html&dt=%E6%83%B3%E6%8F%90%E5%8D%87%E7%94%B7%E6%80%A7%E9%AD%85%E5%8A%9B%EF%BC%9F%E6%89%BE%E5%92%A9%E8%81%8A%E5%A4%A9%E3%80%81%E8%80%81%E5%90%8C%E5%AD%B8%E6%95%98%E8%88%8A...%E7%9D%BE%E5%9B%BA%E9%85%AE%E7%8B%82%E9%A3%86%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&en=link_preview&_fv=1&_ss=1&_ee=1&epn.value=1&epn.siteid=42753&ep.error_msg=no_mapping_success
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Oct 2023 14:54:26 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
generic
match.adsrvr.org/track/cmf/ Frame 05B7
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=smartstreamtv_dbm&google_cm&google_dbm
  • https://ads.smartstream.tv/cm/?cmsrc=dcm&google_gid=CAESEOMzE050TmBN0Wo4vEQrMm0&google_cver=1
  • https://cm.adsafety.net/?_cmsrc=dcm&testmidt=1&testdid=CAESEOMzE050TmBN0Wo4vEQrMm0&idt=0&did=0&data[stv][midt]=100&data[stv][mdid]=1758f9500c97766912b06a3c40ff96ce&uid=1758f9500c97766912b06a3c40ff9...
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=admans&ttd_tpi=1&gdpr=1&gdpr_consent=
70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=admans&ttd_tpi=1&gdpr=1&gdpr_consent=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CICSjpAFEL_Xk7MFGNn-0_oBMAE&v=APEucNW16ik6LFxyLfHrGKBVzZ1RyR-TVJDxg2dKgfxCR2RlNH2UcRcnrOH2x_1UeHlZZs-j9B_erUv1jn4liMaj8P2tPM69Gw
Protocol
H2
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 14:54:26 GMT
server
Kestrel
content-length
70
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Tue, 31 Oct 2023 14:54:26 GMT
Last-Modified
Tue, 31 Oct 2023 14:54:26 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
*
Location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=admans&ttd_tpi=1&gdpr=1&gdpr_consent=
Cache-Control
must-revalidate, no-cache, no-store, post-check=0, pre-check=0, private
Connection
keep-alive
Expires
Mon, 28 Jul 1997 05:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 05B7 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_dbm
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CICSjpAFEL_Xk7MFGNn-0_oBMAE&v=APEucNW16ik6LFxyLfHrGKBVzZ1RyR-TVJDxg2dKgfxCR2RlNH2UcRcnrOH2x_1UeHlZZs-j9B_erUv1jn4liMaj8P2tPM69Gw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f194.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Oct 2023 14:54:26 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 35DF 		0
234 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~loeg9if7&c=3439827716239&slotId=1719913858119.5&eee=missing-element&bi=missing-id&vast_v=3.0&lima_p_ich=0&lima_p_icu=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.599.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2800:3f0:4001:831::2003 São Paulo, Brazil, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Oct 2023 14:54:27 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
34ea2439be446e598bd03737d8924673.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame ACA7 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://34ea2439be446e598bd03737d8924673.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310230101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 31 Oct 2023 14:54:24 GMT
expires
Wed, 30 Oct 2024 14:54:24 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ysm_bg3.js
ad.sitemaji.com/ Frame 061C 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.sitemaji.com/ysm_bg3.js
Requested by
Host: adx.holmesmind.com
URL: https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.215.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
140.215.186.35.bc.googleusercontent.com
Software
nginx/1.12.1 (Ubuntu) /
Resource Hash
287077b1aeaca25ca5387fa4bccd16aa0f098f48ab4630152689426db2d97470

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 13:56:17 GMT
content-encoding
br
via
1.1 google
last-modified
Mon, 26 Jun 2023 06:28:33 GMT
server
nginx/1.12.1 (Ubuntu)
age
3489
etag
W/"64993011-7b8f"
vary
Accept-Encoding,Accept-Encoding
content-type
application/javascript
cache-control
max-age=86400,public
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9956
expires
Wed, 01 Nov 2023 13:56:17 GMT
bridge3.599.0_en.html
imasdk.googleapis.com/js/core/ Frame D740 		753 KB
242 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.599.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
889ce7128a1460ca45b5e8b4e22c950f46e1ba71f62b22c05e6553588be964dd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
306347
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
247375
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Sat, 28 Oct 2023 01:48:39 GMT
expires
Sun, 27 Oct 2024 01:48:39 GMT
last-modified
Fri, 27 Oct 2023 06:13:31 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame E5C4 		40 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 13:58:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3386
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13893
x-xss-protection
0
last-modified
Wed, 09 Aug 2023 15:57:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Tue, 31 Oct 2023 14:58:00 GMT
im-uid.js
dmp.im-apps.net/sdk/ Frame 1A62 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dmp.im-apps.net/sdk/im-uid.js
Requested by
Host: dmp.im-apps.net
URL: https://dmp.im-apps.net/scripts/im-uid-hook.js?cid=3929
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:c6::210:6568 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
957135063edbb7272a9f5247b887095262f77644fa42419381bf7ca2b0622bb8

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
Ewv0cV5pGNUFzf4cpCFpusOmzbO5pqOY
content-encoding
gzip
date
Tue, 31 Oct 2023 14:54:26 GMT
last-modified
Fri, 21 Apr 2023 06:05:08 GMT
etag
"14ccaf76e8933bdcf899015e943cd2df"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript
p3p
CP="NOI PSD OTR"
cache-control
max-age=10800
x-amz-replication-status
COMPLETED
accept-ranges
bytes
content-length
2434
gen_204
pagead2.googlesyndication.com/pagead/ Frame 17E7 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=8863667725159&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Oct 2023 14:54:26 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 17E7 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=8863667725159&version=m202309260101&ct=76&x=8&cor=17682563001064296000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Oct 2023 14:54:26 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 17E7 		92 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AkDMtiRpBw9PJn6D7LZhYiYY-V4TmTfvVZzRqTJdOi-sBcLN5avNAdKrQXl06jM2N_dEDH1ov8fMDzag77sVS_Pj0lbGNHoXf5NKjfmKiKqBdTK9qBaqWF4KZvWsix0T5tc0JU063xHVyebbxYK63pZA6QFkrKL-b_DZrgUlHMraqg4Fc&dbm_d=AKAmf-CWcRf4rZvqQScPm3vIB2abxf0bUQFmQDCHMpo6XDOzIbsmTIBgbM4Pji5uB_Uk8LV6Qw92zkpTBCjnCZuDc7c2VoVrgfBu7cm10I88FwbLpKaYEoIuS8-Mj85GkYihRDBPJxtfg3ugwhYKPjmn5k5-39fUdUSXpfOrAMFG17rf_H4Q9cu9w9_XHJ07gp8UgUVcaXvewCBgDxr9-KCwfQWtfWeYipP48hmj5s0kyYdjJFvgzy5ulA8QRJSpdmKVdlHydKDJK0MKy77mf4EFPP6IfUk3jROrgTAlL03A0SfeSvDYWqyHJGltLW6tTamYBE0O5JwFanPbJ9KVgnJEfuasfbRYktDV-wo4kBsGDgagXPE6E16-jPXi7dBpsMJqgS_ogqfBYnCNcQgCFhS5bVVXqStJVavGnee-sxLSGbqoEmY3zUhbesDIX1AkjjrneTWRXtB3bjnv2hqJvK2qkP_Ybu7I2iXtN-qxlH5KiBIE9tfzNqm-1Qv5ZGnRlBwehRUyGT0Z-2QVZLvuHGt5QxmM9dMuphXCXTgQYIDvG6MWHjLwhyvuSIjcg2DFqobpq8xnrdSiQbcwTXXdF5hEAKeCSJ_GFBqn3RGEGBf4ktbec5sGugD6ZoJwzPeuOs9dhgCfwF6U9Xate_ia5Cl-fF_4qLRbjjhMXjR0zfezLAO3JL4e9jslU2PjZL1SX8CTg5HKGbBqzqzCI9_JEzcIEI-b0f-qOOD35luN8j_HcI8dEtg7TtaOLy9Zewj8_KcXhIkQX-UbY_ntfuX90S2aDWfow_dMAmGU3YOFp_M9W6e-EUBonX_BxmMCYTenD2tEHdDz0TiIv_fQ7QyqqD2iLuLrZ5NuLwlEwODYDtWrR5t_6hhpDG6HrXOtMh6EnORjP3NQ5bw66_p_7wZ0Qklv7eJ5exwbCjTVZ0VOzxKO0reUdVioHTKNFmxn-kKEhPjhe266tIyOrjPXWyDfeMvDisBI72ufNjsCdXy2L0S8peotOY3qViZNBMHY32nFRKHuP0mrzkD9ge62UZzWA0cUAuYQNSyYpK2r1_r78yP2WZF9kDWHkg4wpKR_bRTi-Hc49eVTwsicjxu45LFZ1HKsauMtx8qYgGmQZ4kpScT66Zsyi_te-37lqgM6KF_j537l49nJWYPEQo6ZMkO8ZRKPtF6r8u2hEdNcjMcpedaCa2j48NnZpkdzpUzrox2-eIcGSuEtkpT7p2d5_624ci5qM4RdyxMZpogn6o1jbb2aN3i19B5_frYdevt8MC8rv0qF_Wn8YmFji2jyOveO7r_LqrVGmhLqb4tfJBUQ_7caW86p8cZUHXkIJb4-tc_HB_vHwkJALgG6prRn6VaQP2WPqMA1eg4s4OQl7xfH_WnvF7u4JqFhccMnjwHmXP91LMX8pYVkIlvGO2XuZRBXuznbi4dOWSfx_kkqjaoh6SPfUkDHXKDnK761JdyPW12mNkvr8RZQ0uDrT8886E_yG71Qg10XZmBd9vSJYfB-GHruL0BcY9m_Zw5pTKbvbNOndgstZKh3q-kGH_8tOMCrtkO38TdN29XPBEHWu88hW3TCQnbU7gYrniBdV1q08zLyX-snUNWOJA_kZAWoliXSGcCm3IBQ4Hr3ovfdyrp1e0IZXReAqLhdCKGbGEXrtrIynP33jBB6VHIMgrRdgWsexVuJZgev-l1Qs9Fh0McLLxjsf-LLwR3FcNTbZC2ufM47ObrwAropaj5-BEJ2p_YERnOTvXAswOyKeQg04cyKeoiJdf4jn87qyBVSICoH2sa4OHJRHQ1Lr-RXk4qRunIXS246frrtY34tTzGqdgrs5kUCh9uzDWx_YtICh2-pFcPZaOM9y7PHPlpS4aOR7Sk-BcuPvSV5pHWpNnMlyUTfEUAnhgwcsyl3ojRA8WXAb8rd2-mAhAbBbhFFxvLwGeJJifX_-rz3Xoip3oYa0v0wIheg-TLyEo3ICtNJ0rBVUQRDqnRInjL44idYaSNI-Iq54tTCfitvuM1jb4xRBricc4SA4zBv7RHdOouvP0g-hAL_iu6NZjpvG04rRUt3QmhhKCKEeyZfTMn8dYsx6wpw9HzBlY9VScyxqYP4COnFKKU5YwLVxIC6qklnbiJzE22pj6dzb1MqL__0FkCRTJcbA_HyLNXbjdMBhfUR8mSvW9uN0CH4AnHGC8TNo1YlIOAvuMQgpZQPaGrxd4KVFSTFkZBIFdByt86PeUgOBbUQCtSMqI1WdEqHB_jv9rEL69G9dxbQXtWPEzau9c4jvSLUS44XPgkpTf3o0msHM1eftik90Bh0kiShUqNzg6-DjwTnA7ppCChF8WSg_LXtrER-LKi0KWzvAuwF-UpSZ6JSHMXDaZEpgJ7LvhtTORh-7EQtuZpvZksazOL6iztfHyYtiDmg8DwaiS4GMD5npgTJfw0etm3Tesieg2HRmxCRfmBAQ-K1dBCEhJznwEoB5GW7qEORFDAIerZYfjY1RBky0A_033RHzWaUZsYBhkaJ9yvXVxmefUcerT56smmALLs2TtprtR-LgdPrZtyeE-X4EcVdWLrQZ78KJbukTbtamhEyy9vDZ_dgS_yJSy1jz2udLLWwk_FyrWsxA7xGpOLk4ZJQJkCCVcfdUb4pY2b9sm3bBG-d81LUV361yHqTs28geRc3YDHIxsrP0pwnzu8P5_vXl7eP1eXkCToOmUKq7yJIAPiaC1K9ViTNNp_6jGi34qm7bJPlhtKU6mP3Wz-FTAbTyI3RaVCubXaBBoJIGasGqYJbd9lRflUfn9aJq7HXcPba5vss1E3DVf1ZnlODBPg_V2WnuHEeFeGdZVf_zg4N5sRAqLEDxFR_e6K4zEP6iA01cpSQanN3tu-BGRUf-oUzduQE-Aryh27Z3uwNvqmK3Y59VHXCVvdvL6srK7f0kQiMcc_Vy-HbqzgPh0P1xVRUCIo1iKurFZWdHv2rCyy1Os0qNNm-QTGKJZcyRyTVradzUr3y7h_2lDK6ig2JHXhpeG2-peaJfoMihqCAjJISfuiydCw_qEB5exdTB6OlOkVIQAB21AIbNSMlnSSyXJfOuVlplsSnrKOkpDaI_dHrjtD0YVlabS1QKj5fWqIMCkweLgk1nap84CcPdEZ81TFtCnx2yrMIBG19Sk-Q_fau0UTM0h6nGSuk1v8RWHvVrkhUdj_B010ikBf1xkyCyrK8PwTDfgXKAznSkRqoOR20RhWFTiVIW_7Bgm6gMlMJUKxlqD7lhGsXFUe3W8G_qZPoGF7UBn7K1SHwslPaomArsR5DByWCGqYAy6AzcDNtxFBfeJkuD3SAOAHi2oiUqFHrmO0O0I1Hn16hollvLk_0QNBm4yr05Mkm5MyVaVVhH_5lycOgvoD5Q8Vq0d2RN14FbH7pOp2NexSdhNI9hvNc8J7UJpa4rS2erOjxxuHsvkav93r1pQKM2_VQmU61HcTNMHQfjuumphSnO5TIWlKlhwD2sQS0YL_t-58NBh7CHRVGDP8FRfFMyjPh07IiR9fyF_ba4z9eMqd1uyBpQb-bcSDwkH9w1wZIA5UYhhk6jG5qxFyTr4FWzsdVuIlzbl6rOhcfpYpyOw5Au1KrXarO9DKLcTuTaE8RZ0GLZKAS9RZqOnM55fNzu5pe1YMz8LImqEqagZ6KimMZRaj0Jy0w5Evr40dOMWY7z_0QqrE7mG5oKaz4NEeudiUXoxLY641T9b9D5qDmURFizSe6kFNtXnCQB-Mlz4f6mXt7QCwfHPgoEysVFveD7mlcT_9bc9lojqKOogMJ7uoS&pr=8%3ACB0CB3C65C13E4CE&cid=CAQSMgDICaaNdetl9TNoWlJUP6DJ62jJYLYiU-TgaEgwW2I13NCQeJCseuW43gqOUmCtXRpQGAE&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxiang-ti-sheng-nan-xing-mei-li-zhao-mie-liao-tian-lao-tong-xue-xu-jiu-gao-gu-tong-kuang-biao.html&ds=l&xdt=0&iif=1&cor=17682563001064296000&adk=390354101&idt=77&cac=0&dtd=59
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
04736547cedcfa3017ab9590abd5d0db741085ed9d45231d250355d3e910f73f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Oct 2023 14:54:26 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39368
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 1F26 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202310240101&jk=1669287961926291&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xiang-ti-sheng-nan-xing-mei-li-zhao-mie-liao-tian-lao-tong-xue-xu-jiu-gao-gu-tong-kuang-biao.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
/
adx3.adform.net/adx/ Frame 35DF 		65 B
748 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx3.adform.net/adx/?mid=1743473&t=2
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.599.0_en.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.84.60.23 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
cecd140859fded0e3056368fb89485ec9b8a63ea24c6a8dfb3d18f6a5f407772
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 14:54:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma
no-cache
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary
Accept-Encoding
access-control-allow-methods
GET,OPTIONS
content-type
text/xml
access-control-allow-origin
https://imasdk.googleapis.com
access-control-max-age
86400
access-control-allow-credentials
true
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
ads
pubads.g.doubleclick.net/gampad/ Frame 35DF 		156 B
186 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F52555387%2C22574853003%2Fbg3.co_video_preroll&description_url=https%3A%2F%2Fbg3.co&tfcd=0&npa=0&sz=400x300%7C640x480&max_ad_duration=30000&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=2691732793690263&sdkv=h.3.599.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=vidvertoplayer&mpv=1.0.0&sdki=445&ptt=20&adk=2251205480&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.599.0&media_url=https%3A%2F%2Fcdn.vidverto.io%2Fsecured2%2F5yo4VCLdu0EGWaOQA4HJ_Q%3A1698767664%2F1327%2Fvideo%2F1813%2F480_650.mp4&sid=84E5CB24-E0AA-4C7E-86AA-1275013B2903&nel=0&eid=44733246%2C44772139%2C44777649%2C44781409%2C44802463&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxiang-ti-sheng-nan-xing-mei-li-zhao-mie-liao-tian-lao-tong-xue-xu-jiu-gao-gu-tong-kuang-biao.html&dt=1698764066824&cookie=ID%3Db9006376001d9785%3AT%3D1698764064%3ART%3D1698764064%3AS%3DALNI_MYqwA0M6cyUwPLq-7_IJqS8H0YPPQ&gpic=UID%3D00000caf8311e983%3AT%3D1698764064%3ART%3D1698764064%3AS%3DALNI_MZgOXJZPjiP8Dpzft0WXyqThEUK6A&scor=264980189324870&ged=ve4_td4_tt1_pd4_la4000_er741.400.742.800_vi0.0.1200.1600_vp100_ts0_eb24171
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.599.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 14:54:27 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/live/ Frame 35DF 		156 B
260 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/live/ads?iu=%2F21986089839%2C22574853003%2Fivm_video%2Fivm_bg3.co_video&description_url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxiang-ti-sheng-nan-xing-mei-li-zhao-mie-liao-tian-lao-tong-xue-xu-jiu-gao-gu-tong-kuang-biao.html&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxiang-ti-sheng-nan-xing-mei-li-zhao-mie-liao-tian-lao-tong-xue-xu-jiu-gao-gu-tong-kuang-biao.html&tfcd=0&npa=0&sz=1x1%7C300x250%7C320x480%7C400x300%7C480x320%7C480x360%7C600x338%7C640x480%7C720x405&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=2691732793690263&cust_params=mt_fln%3D1.5&sdkv=h.3.599.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=vidvertoplayer&mpv=1.0.0&sdki=445&ptt=20&adk=2251205480&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.599.0&media_url=https%3A%2F%2Fcdn.vidverto.io%2Fsecured2%2F5yo4VCLdu0EGWaOQA4HJ_Q%3A1698767664%2F1327%2Fvideo%2F1813%2F480_650.mp4&sid=84E5CB24-E0AA-4C7E-86AA-1275013B2903&nel=0&eid=44733246%2C44772139%2C44777649%2C44781409%2C44802463&top=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxiang-ti-sheng-nan-xing-mei-li-zhao-mie-liao-tian-lao-tong-xue-xu-jiu-gao-gu-tong-kuang-biao.html&loc=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxiang-ti-sheng-nan-xing-mei-li-zhao-mie-liao-tian-lao-tong-xue-xu-jiu-gao-gu-tong-kuang-biao.html&dt=1698764066828&cookie=ID%3Db9006376001d9785%3AT%3D1698764064%3ART%3D1698764064%3AS%3DALNI_MYqwA0M6cyUwPLq-7_IJqS8H0YPPQ&gpic=UID%3D00000caf8311e983%3AT%3D1698764064%3ART%3D1698764064%3AS%3DALNI_MZgOXJZPjiP8Dpzft0WXyqThEUK6A&scor=264980189324870&ged=ve4_td4_tt1_pd4_la4000_er741.400.742.800_vi0.0.1200.1600_vp100_ts0_eb24171
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.599.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ltt /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 14:54:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
153
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
ltt
google-mediationtag-id
-2
google-creative-id
-2
x-frame-options
SAMEORIGIN
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/live/ Frame 35DF 		156 B
227 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/live/ads?iu=%2F21679382043%2C22574853003%2Fmt_video_NPR%2Fmt_bg3.co_video&description_url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxiang-ti-sheng-nan-xing-mei-li-zhao-mie-liao-tian-lao-tong-xue-xu-jiu-gao-gu-tong-kuang-biao.html&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxiang-ti-sheng-nan-xing-mei-li-zhao-mie-liao-tian-lao-tong-xue-xu-jiu-gao-gu-tong-kuang-biao.html&tfcd=0&npa=0&sz=1x1%7C300x250%7C320x480%7C400x300%7C480x320%7C480x360%7C600x338%7C640x480%7C720x405&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=2691732793690263&cust_params=mt_fln%3D1.3&sdkv=h.3.599.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=vidvertoplayer&mpv=1.0.0&sdki=445&ptt=20&adk=2251205480&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.599.0&media_url=https%3A%2F%2Fcdn.vidverto.io%2Fsecured2%2F5yo4VCLdu0EGWaOQA4HJ_Q%3A1698767664%2F1327%2Fvideo%2F1813%2F480_650.mp4&sid=84E5CB24-E0AA-4C7E-86AA-1275013B2903&nel=0&eid=44733246%2C44772139%2C44777649%2C44781409%2C44802463&top=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxiang-ti-sheng-nan-xing-mei-li-zhao-mie-liao-tian-lao-tong-xue-xu-jiu-gao-gu-tong-kuang-biao.html&loc=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxiang-ti-sheng-nan-xing-mei-li-zhao-mie-liao-tian-lao-tong-xue-xu-jiu-gao-gu-tong-kuang-biao.html&dt=1698764066836&cookie=ID%3Db9006376001d9785%3AT%3D1698764064%3ART%3D1698764064%3AS%3DALNI_MYqwA0M6cyUwPLq-7_IJqS8H0YPPQ&gpic=UID%3D00000caf8311e983%3AT%3D1698764064%3ART%3D1698764064%3AS%3DALNI_MZgOXJZPjiP8Dpzft0WXyqThEUK6A&scor=264980189324870&ged=ve4_td4_tt1_pd4_la4000_er741.400.742.800_vi0.0.1200.1600_vp100_ts0_eb24171
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.599.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ltt /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 14:54:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
153
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
ltt
google-mediationtag-id
-2
google-creative-id
-2
x-frame-options
SAMEORIGIN
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame 35DF 		156 B
186 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21830442390%2C22574853003%2Fbg3.co%2Fvast_1.0&description_url=http%3A%2F%2Fbg3.co&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=2691732793690263&sdkv=h.3.599.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=vidvertoplayer&mpv=1.0.0&sdki=445&ptt=20&adk=2251205480&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.599.0&media_url=https%3A%2F%2Fcdn.vidverto.io%2Fsecured2%2F5yo4VCLdu0EGWaOQA4HJ_Q%3A1698767664%2F1327%2Fvideo%2F1813%2F480_650.mp4&sid=84E5CB24-E0AA-4C7E-86AA-1275013B2903&nel=0&eid=44733246%2C44772139%2C44777649%2C44781409%2C44802463&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxiang-ti-sheng-nan-xing-mei-li-zhao-mie-liao-tian-lao-tong-xue-xu-jiu-gao-gu-tong-kuang-biao.html&dt=1698764066839&cookie=ID%3Db9006376001d9785%3AT%3D1698764064%3ART%3D1698764064%3AS%3DALNI_MYqwA0M6cyUwPLq-7_IJqS8H0YPPQ&gpic=UID%3D00000caf8311e983%3AT%3D1698764064%3ART%3D1698764064%3AS%3DALNI_MZgOXJZPjiP8Dpzft0WXyqThEUK6A&scor=264980189324870&ged=ve4_td4_tt1_pd4_la4000_er741.400.742.800_vi0.0.1200.1600_vp100_ts0_eb24171
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.599.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 14:54:27 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame 35DF 		156 B
676 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21830442390%2C22574853003%2Fbg3.co%2Fvast_0.7&description_url=https%3A%2F%2Fbg3.co&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=2691732793690263&sdkv=h.3.599.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=vidvertoplayer&mpv=1.0.0&sdki=445&ptt=20&adk=2251205480&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.599.0&media_url=https%3A%2F%2Fcdn.vidverto.io%2Fsecured2%2F5yo4VCLdu0EGWaOQA4HJ_Q%3A1698767664%2F1327%2Fvideo%2F1813%2F480_650.mp4&sid=84E5CB24-E0AA-4C7E-86AA-1275013B2903&nel=0&eid=44733246%2C44772139%2C44777649%2C44781409%2C44802463&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxiang-ti-sheng-nan-xing-mei-li-zhao-mie-liao-tian-lao-tong-xue-xu-jiu-gao-gu-tong-kuang-biao.html&dt=1698764066842&cookie=ID%3Db9006376001d9785%3AT%3D1698764064%3ART%3D1698764064%3AS%3DALNI_MYqwA0M6cyUwPLq-7_IJqS8H0YPPQ&gpic=UID%3D00000caf8311e983%3AT%3D1698764064%3ART%3D1698764064%3AS%3DALNI_MZgOXJZPjiP8Dpzft0WXyqThEUK6A&scor=264980189324870&ged=ve4_td4_tt1_pd4_la4000_er741.400.742.800_vi0.0.1200.1600_vp100_ts0_eb24171
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.599.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 14:54:27 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/live/ Frame 35DF 		156 B
227 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/live/ads?iu=%2F21679382043%2C22574853003%2Fmt_video_NPR%2Fmt_bg3.co_video&description_url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxiang-ti-sheng-nan-xing-mei-li-zhao-mie-liao-tian-lao-tong-xue-xu-jiu-gao-gu-tong-kuang-biao.html&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxiang-ti-sheng-nan-xing-mei-li-zhao-mie-liao-tian-lao-tong-xue-xu-jiu-gao-gu-tong-kuang-biao.html&tfcd=0&npa=0&sz=1x1%7C300x250%7C320x480%7C400x300%7C480x320%7C480x360%7C600x338%7C640x480%7C720x405&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=2691732793690263&cust_params=mt_fln%3D0.8&sdkv=h.3.599.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=vidvertoplayer&mpv=1.0.0&sdki=445&ptt=20&adk=2251205480&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.599.0&media_url=https%3A%2F%2Fcdn.vidverto.io%2Fsecured2%2F5yo4VCLdu0EGWaOQA4HJ_Q%3A1698767664%2F1327%2Fvideo%2F1813%2F480_650.mp4&sid=84E5CB24-E0AA-4C7E-86AA-1275013B2903&nel=0&eid=44733246%2C44772139%2C44777649%2C44781409%2C44802463&top=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxiang-ti-sheng-nan-xing-mei-li-zhao-mie-liao-tian-lao-tong-xue-xu-jiu-gao-gu-tong-kuang-biao.html&loc=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxiang-ti-sheng-nan-xing-mei-li-zhao-mie-liao-tian-lao-tong-xue-xu-jiu-gao-gu-tong-kuang-biao.html&dt=1698764066844&cookie=ID%3Db9006376001d9785%3AT%3D1698764064%3ART%3D1698764064%3AS%3DALNI_MYqwA0M6cyUwPLq-7_IJqS8H0YPPQ&gpic=UID%3D00000caf8311e983%3AT%3D1698764064%3ART%3D1698764064%3AS%3DALNI_MZgOXJZPjiP8Dpzft0WXyqThEUK6A&scor=264980189324870&ged=ve4_td4_tt1_pd4_la4000_er741.400.742.800_vi0.0.1200.1600_vp100_ts0_eb24171
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.599.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ltt /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 14:54:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
153
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
ltt
google-mediationtag-id
-2
google-creative-id
-2
x-frame-options
SAMEORIGIN
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/live/ Frame 35DF 		156 B
227 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/live/ads?iu=%2F21679382043%2C22574853003%2Fmt_video_NPR%2Fmt_bg3.co_video&description_url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxiang-ti-sheng-nan-xing-mei-li-zhao-mie-liao-tian-lao-tong-xue-xu-jiu-gao-gu-tong-kuang-biao.html&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxiang-ti-sheng-nan-xing-mei-li-zhao-mie-liao-tian-lao-tong-xue-xu-jiu-gao-gu-tong-kuang-biao.html&tfcd=0&npa=0&sz=1x1%7C300x250%7C320x480%7C400x300%7C480x320%7C480x360%7C600x338%7C640x480%7C720x405&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=2691732793690263&cust_params=target%3D0.5&sdkv=h.3.599.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=vidvertoplayer&mpv=1.0.0&sdki=445&ptt=20&adk=2251205480&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.599.0&media_url=https%3A%2F%2Fcdn.vidverto.io%2Fsecured2%2F5yo4VCLdu0EGWaOQA4HJ_Q%3A1698767664%2F1327%2Fvideo%2F1813%2F480_650.mp4&sid=84E5CB24-E0AA-4C7E-86AA-1275013B2903&nel=0&eid=44733246%2C44772139%2C44777649%2C44781409%2C44802463&top=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxiang-ti-sheng-nan-xing-mei-li-zhao-mie-liao-tian-lao-tong-xue-xu-jiu-gao-gu-tong-kuang-biao.html&loc=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxiang-ti-sheng-nan-xing-mei-li-zhao-mie-liao-tian-lao-tong-xue-xu-jiu-gao-gu-tong-kuang-biao.html&dt=1698764066846&cookie=ID%3Db9006376001d9785%3AT%3D1698764064%3ART%3D1698764064%3AS%3DALNI_MYqwA0M6cyUwPLq-7_IJqS8H0YPPQ&gpic=UID%3D00000caf8311e983%3AT%3D1698764064%3ART%3D1698764064%3AS%3DALNI_MZgOXJZPjiP8Dpzft0WXyqThEUK6A&scor=264980189324870&ged=ve4_td4_tt1_pd4_la4000_er741.400.742.800_vi0.0.1200.1600_vp100_ts0_eb24171
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.599.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ltt /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 14:54:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
153
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
ltt
google-mediationtag-id
-2
google-creative-id
-2
x-frame-options
SAMEORIGIN
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame ACA7 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 34ea2439be446e598bd03737d8924673.safeframe.googlesyndication.com
URL: https://34ea2439be446e598bd03737d8924673.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://34ea2439be446e598bd03737d8924673.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 06:34:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
375617
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 26 Oct 2024 06:34:09 GMT
native-trk.js
cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/ Frame ACA7 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/native-trk.js
Requested by
Host: 34ea2439be446e598bd03737d8924673.safeframe.googlesyndication.com
URL: https://34ea2439be446e598bd03737d8924673.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e7f82c6dfd3fe1bc4eef0b0facc251264f2193ac0233bdfb87cf9d75aba8e8a8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://34ea2439be446e598bd03737d8924673.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 14:54:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
20040
x-jsd-version
1.16.0
content-encoding
br
x-cache
HIT, MISS
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-etou8220045-FRA, cache-yyz4554-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"2fce-wjD8EdtI/0k7sSEjTK6kjYlWuRs"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4jTFMyaC4UuMvaZ0rEPNLVH8lqpnlodPp4nZ0vVQz%2FoFQgigYyiQW9S%2Fn01N49ngviK1I0R69HqPCk0KkVl%2F6LhiBcKCXT5aOcWPwGhw7AThqe5n6SuaLhqKu21BUZeUwHzx39d8XdY90PDc52M%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
81ecbbba292b30ee-FRA
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame ACA7 		188 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 34ea2439be446e598bd03737d8924673.safeframe.googlesyndication.com
URL: https://34ea2439be446e598bd03737d8924673.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cfd86eed5b662601ed1effa05e0922030a1bbfb3111d160df9b4f71630198c37
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://34ea2439be446e598bd03737d8924673.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 14:54:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60393
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1698666127188353"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 31 Oct 2023 14:54:26 GMT
mSNSQAl__hw8z5PwJ1hA32amL2zkBniEArBt9BN1XWc.js
pagead2.googlesyndication.com/bg/ Frame 3E74 		38 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/mSNSQAl__hw8z5PwJ1hA32amL2zkBniEArBt9BN1XWc.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
99235240097ffe1c3ccf93f0275840df66a62f6ce406788402b06df413755d67
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 10:57:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
14224
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15010
x-xss-protection
0
last-modified
Tue, 24 Oct 2023 11:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 30 Oct 2024 10:57:22 GMT
sdk
cdn.aralego.net/ucfad/sdk/us-east/ Frame 061C
Redirect Chain
  • https://agent.aralego.com/sdk
  • https://cdn.aralego.net/ucfad/sdk/us-east/sdk
39 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Requested by
Host: adx.holmesmind.com
URL: https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html
Protocol
H3
Server
2606:4700:20::681a:467 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb7942f135ce5b7b6bcb9becd335aac30ed761972e48d73197a287ae13b7565b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 14:54:27 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
12886
alt-svc
h3=":443"; ma=86400
content-length
40188
last-modified
Mon, 28 Aug 2023 06:02:11 GMT
server
cloudflare
etag
"64ec3863-9cfc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hJsbao8B83gYfm5Oof0iujhV%2FN5N7WQ4nDX7N8upKKqe9sQtoL%2By6zXFTcxl%2FpQ45vaC7tpLfJbTp4dp%2F1wxlXp2wGuQT2c4x0jn9kc1QUjW%2Bw59v5S0ZPS6lZUMeURyoZ9s3n0qA7aM7idWuQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
max-age=14400
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
81ecbbbdff6a5b5c-FRA

Redirect headers

Location
https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Connection
close
Content-length
0
get
audiencedata.im-apps.net/imuid/ Frame 1A62 		10 B
180 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://audiencedata.im-apps.net/imuid/get?cid=3929&vid=01HE33N4AP30A3SNG1MZM79HFM
Requested by
Host: dmp.im-apps.net
URL: https://dmp.im-apps.net/sdk/im-uid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:e207:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
/
Resource Hash
bb54369234516c2f2469a9989fce0f73145879defec57a2b276b5b1e0bf92336

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://www.bg3.co
date
Tue, 31 Oct 2023 14:54:27 GMT
via
1.1 google
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10
content-type
application/json
express_html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame 17E7 		111 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xiang-ti-sheng-nan-xing-mei-li-zhao-mie-liao-tian-lao-tong-xue-xu-jiu-gao-gu-tong-kuang-biao.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 02:22:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
45125
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39806
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:44:05 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 01 Nov 2023 02:22:22 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20231026/r20110914/elements/html/ Frame 17E7 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231026/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AkDMtiRpBw9PJn6D7LZhYiYY-V4TmTfvVZzRqTJdOi-sBcLN5avNAdKrQXl06jM2N_dEDH1ov8fMDzag77sVS_Pj0lbGNHoXf5NKjfmKiKqBdTK9qBaqWF4KZvWsix0T5tc0JU063xHVyebbxYK63pZA6QFkrKL-b_DZrgUlHMraqg4Fc&dbm_d=AKAmf-CWcRf4rZvqQScPm3vIB2abxf0bUQFmQDCHMpo6XDOzIbsmTIBgbM4Pji5uB_Uk8LV6Qw92zkpTBCjnCZuDc7c2VoVrgfBu7cm10I88FwbLpKaYEoIuS8-Mj85GkYihRDBPJxtfg3ugwhYKPjmn5k5-39fUdUSXpfOrAMFG17rf_H4Q9cu9w9_XHJ07gp8UgUVcaXvewCBgDxr9-KCwfQWtfWeYipP48hmj5s0kyYdjJFvgzy5ulA8QRJSpdmKVdlHydKDJK0MKy77mf4EFPP6IfUk3jROrgTAlL03A0SfeSvDYWqyHJGltLW6tTamYBE0O5JwFanPbJ9KVgnJEfuasfbRYktDV-wo4kBsGDgagXPE6E16-jPXi7dBpsMJqgS_ogqfBYnCNcQgCFhS5bVVXqStJVavGnee-sxLSGbqoEmY3zUhbesDIX1AkjjrneTWRXtB3bjnv2hqJvK2qkP_Ybu7I2iXtN-qxlH5KiBIE9tfzNqm-1Qv5ZGnRlBwehRUyGT0Z-2QVZLvuHGt5QxmM9dMuphXCXTgQYIDvG6MWHjLwhyvuSIjcg2DFqobpq8xnrdSiQbcwTXXdF5hEAKeCSJ_GFBqn3RGEGBf4ktbec5sGugD6ZoJwzPeuOs9dhgCfwF6U9Xate_ia5Cl-fF_4qLRbjjhMXjR0zfezLAO3JL4e9jslU2PjZL1SX8CTg5HKGbBqzqzCI9_JEzcIEI-b0f-qOOD35luN8j_HcI8dEtg7TtaOLy9Zewj8_KcXhIkQX-UbY_ntfuX90S2aDWfow_dMAmGU3YOFp_M9W6e-EUBonX_BxmMCYTenD2tEHdDz0TiIv_fQ7QyqqD2iLuLrZ5NuLwlEwODYDtWrR5t_6hhpDG6HrXOtMh6EnORjP3NQ5bw66_p_7wZ0Qklv7eJ5exwbCjTVZ0VOzxKO0reUdVioHTKNFmxn-kKEhPjhe266tIyOrjPXWyDfeMvDisBI72ufNjsCdXy2L0S8peotOY3qViZNBMHY32nFRKHuP0mrzkD9ge62UZzWA0cUAuYQNSyYpK2r1_r78yP2WZF9kDWHkg4wpKR_bRTi-Hc49eVTwsicjxu45LFZ1HKsauMtx8qYgGmQZ4kpScT66Zsyi_te-37lqgM6KF_j537l49nJWYPEQo6ZMkO8ZRKPtF6r8u2hEdNcjMcpedaCa2j48NnZpkdzpUzrox2-eIcGSuEtkpT7p2d5_624ci5qM4RdyxMZpogn6o1jbb2aN3i19B5_frYdevt8MC8rv0qF_Wn8YmFji2jyOveO7r_LqrVGmhLqb4tfJBUQ_7caW86p8cZUHXkIJb4-tc_HB_vHwkJALgG6prRn6VaQP2WPqMA1eg4s4OQl7xfH_WnvF7u4JqFhccMnjwHmXP91LMX8pYVkIlvGO2XuZRBXuznbi4dOWSfx_kkqjaoh6SPfUkDHXKDnK761JdyPW12mNkvr8RZQ0uDrT8886E_yG71Qg10XZmBd9vSJYfB-GHruL0BcY9m_Zw5pTKbvbNOndgstZKh3q-kGH_8tOMCrtkO38TdN29XPBEHWu88hW3TCQnbU7gYrniBdV1q08zLyX-snUNWOJA_kZAWoliXSGcCm3IBQ4Hr3ovfdyrp1e0IZXReAqLhdCKGbGEXrtrIynP33jBB6VHIMgrRdgWsexVuJZgev-l1Qs9Fh0McLLxjsf-LLwR3FcNTbZC2ufM47ObrwAropaj5-BEJ2p_YERnOTvXAswOyKeQg04cyKeoiJdf4jn87qyBVSICoH2sa4OHJRHQ1Lr-RXk4qRunIXS246frrtY34tTzGqdgrs5kUCh9uzDWx_YtICh2-pFcPZaOM9y7PHPlpS4aOR7Sk-BcuPvSV5pHWpNnMlyUTfEUAnhgwcsyl3ojRA8WXAb8rd2-mAhAbBbhFFxvLwGeJJifX_-rz3Xoip3oYa0v0wIheg-TLyEo3ICtNJ0rBVUQRDqnRInjL44idYaSNI-Iq54tTCfitvuM1jb4xRBricc4SA4zBv7RHdOouvP0g-hAL_iu6NZjpvG04rRUt3QmhhKCKEeyZfTMn8dYsx6wpw9HzBlY9VScyxqYP4COnFKKU5YwLVxIC6qklnbiJzE22pj6dzb1MqL__0FkCRTJcbA_HyLNXbjdMBhfUR8mSvW9uN0CH4AnHGC8TNo1YlIOAvuMQgpZQPaGrxd4KVFSTFkZBIFdByt86PeUgOBbUQCtSMqI1WdEqHB_jv9rEL69G9dxbQXtWPEzau9c4jvSLUS44XPgkpTf3o0msHM1eftik90Bh0kiShUqNzg6-DjwTnA7ppCChF8WSg_LXtrER-LKi0KWzvAuwF-UpSZ6JSHMXDaZEpgJ7LvhtTORh-7EQtuZpvZksazOL6iztfHyYtiDmg8DwaiS4GMD5npgTJfw0etm3Tesieg2HRmxCRfmBAQ-K1dBCEhJznwEoB5GW7qEORFDAIerZYfjY1RBky0A_033RHzWaUZsYBhkaJ9yvXVxmefUcerT56smmALLs2TtprtR-LgdPrZtyeE-X4EcVdWLrQZ78KJbukTbtamhEyy9vDZ_dgS_yJSy1jz2udLLWwk_FyrWsxA7xGpOLk4ZJQJkCCVcfdUb4pY2b9sm3bBG-d81LUV361yHqTs28geRc3YDHIxsrP0pwnzu8P5_vXl7eP1eXkCToOmUKq7yJIAPiaC1K9ViTNNp_6jGi34qm7bJPlhtKU6mP3Wz-FTAbTyI3RaVCubXaBBoJIGasGqYJbd9lRflUfn9aJq7HXcPba5vss1E3DVf1ZnlODBPg_V2WnuHEeFeGdZVf_zg4N5sRAqLEDxFR_e6K4zEP6iA01cpSQanN3tu-BGRUf-oUzduQE-Aryh27Z3uwNvqmK3Y59VHXCVvdvL6srK7f0kQiMcc_Vy-HbqzgPh0P1xVRUCIo1iKurFZWdHv2rCyy1Os0qNNm-QTGKJZcyRyTVradzUr3y7h_2lDK6ig2JHXhpeG2-peaJfoMihqCAjJISfuiydCw_qEB5exdTB6OlOkVIQAB21AIbNSMlnSSyXJfOuVlplsSnrKOkpDaI_dHrjtD0YVlabS1QKj5fWqIMCkweLgk1nap84CcPdEZ81TFtCnx2yrMIBG19Sk-Q_fau0UTM0h6nGSuk1v8RWHvVrkhUdj_B010ikBf1xkyCyrK8PwTDfgXKAznSkRqoOR20RhWFTiVIW_7Bgm6gMlMJUKxlqD7lhGsXFUe3W8G_qZPoGF7UBn7K1SHwslPaomArsR5DByWCGqYAy6AzcDNtxFBfeJkuD3SAOAHi2oiUqFHrmO0O0I1Hn16hollvLk_0QNBm4yr05Mkm5MyVaVVhH_5lycOgvoD5Q8Vq0d2RN14FbH7pOp2NexSdhNI9hvNc8J7UJpa4rS2erOjxxuHsvkav93r1pQKM2_VQmU61HcTNMHQfjuumphSnO5TIWlKlhwD2sQS0YL_t-58NBh7CHRVGDP8FRfFMyjPh07IiR9fyF_ba4z9eMqd1uyBpQb-bcSDwkH9w1wZIA5UYhhk6jG5qxFyTr4FWzsdVuIlzbl6rOhcfpYpyOw5Au1KrXarO9DKLcTuTaE8RZ0GLZKAS9RZqOnM55fNzu5pe1YMz8LImqEqagZ6KimMZRaj0Jy0w5Evr40dOMWY7z_0QqrE7mG5oKaz4NEeudiUXoxLY641T9b9D5qDmURFizSe6kFNtXnCQB-Mlz4f6mXt7QCwfHPgoEysVFveD7mlcT_9bc9lojqKOogMJ7uoS&pr=8%3ACB0CB3C65C13E4CE&cid=CAQSMgDICaaNdetl9TNoWlJUP6DJ62jJYLYiU-TgaEgwW2I13NCQeJCseuW43gqOUmCtXRpQGAE&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxiang-ti-sheng-nan-xing-mei-li-zhao-mie-liao-tian-lao-tong-xue-xu-jiu-gao-gu-tong-kuang-biao.html&ds=l&xdt=0&iif=1&cor=17682563001064296000&adk=390354101&idt=77&cac=0&dtd=59
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 19:21:02 GMT
content-encoding
br
x-content-type-options
nosniff
age
70405
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4206
x-xss-protection
0
server
cafe
etag
17947678125179771625
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 13 Nov 2023 19:21:02 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20231026/r20110914/ Frame 17E7 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231026/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AkDMtiRpBw9PJn6D7LZhYiYY-V4TmTfvVZzRqTJdOi-sBcLN5avNAdKrQXl06jM2N_dEDH1ov8fMDzag77sVS_Pj0lbGNHoXf5NKjfmKiKqBdTK9qBaqWF4KZvWsix0T5tc0JU063xHVyebbxYK63pZA6QFkrKL-b_DZrgUlHMraqg4Fc&dbm_d=AKAmf-CWcRf4rZvqQScPm3vIB2abxf0bUQFmQDCHMpo6XDOzIbsmTIBgbM4Pji5uB_Uk8LV6Qw92zkpTBCjnCZuDc7c2VoVrgfBu7cm10I88FwbLpKaYEoIuS8-Mj85GkYihRDBPJxtfg3ugwhYKPjmn5k5-39fUdUSXpfOrAMFG17rf_H4Q9cu9w9_XHJ07gp8UgUVcaXvewCBgDxr9-KCwfQWtfWeYipP48hmj5s0kyYdjJFvgzy5ulA8QRJSpdmKVdlHydKDJK0MKy77mf4EFPP6IfUk3jROrgTAlL03A0SfeSvDYWqyHJGltLW6tTamYBE0O5JwFanPbJ9KVgnJEfuasfbRYktDV-wo4kBsGDgagXPE6E16-jPXi7dBpsMJqgS_ogqfBYnCNcQgCFhS5bVVXqStJVavGnee-sxLSGbqoEmY3zUhbesDIX1AkjjrneTWRXtB3bjnv2hqJvK2qkP_Ybu7I2iXtN-qxlH5KiBIE9tfzNqm-1Qv5ZGnRlBwehRUyGT0Z-2QVZLvuHGt5QxmM9dMuphXCXTgQYIDvG6MWHjLwhyvuSIjcg2DFqobpq8xnrdSiQbcwTXXdF5hEAKeCSJ_GFBqn3RGEGBf4ktbec5sGugD6ZoJwzPeuOs9dhgCfwF6U9Xate_ia5Cl-fF_4qLRbjjhMXjR0zfezLAO3JL4e9jslU2PjZL1SX8CTg5HKGbBqzqzCI9_JEzcIEI-b0f-qOOD35luN8j_HcI8dEtg7TtaOLy9Zewj8_KcXhIkQX-UbY_ntfuX90S2aDWfow_dMAmGU3YOFp_M9W6e-EUBonX_BxmMCYTenD2tEHdDz0TiIv_fQ7QyqqD2iLuLrZ5NuLwlEwODYDtWrR5t_6hhpDG6HrXOtMh6EnORjP3NQ5bw66_p_7wZ0Qklv7eJ5exwbCjTVZ0VOzxKO0reUdVioHTKNFmxn-kKEhPjhe266tIyOrjPXWyDfeMvDisBI72ufNjsCdXy2L0S8peotOY3qViZNBMHY32nFRKHuP0mrzkD9ge62UZzWA0cUAuYQNSyYpK2r1_r78yP2WZF9kDWHkg4wpKR_bRTi-Hc49eVTwsicjxu45LFZ1HKsauMtx8qYgGmQZ4kpScT66Zsyi_te-37lqgM6KF_j537l49nJWYPEQo6ZMkO8ZRKPtF6r8u2hEdNcjMcpedaCa2j48NnZpkdzpUzrox2-eIcGSuEtkpT7p2d5_624ci5qM4RdyxMZpogn6o1jbb2aN3i19B5_frYdevt8MC8rv0qF_Wn8YmFji2jyOveO7r_LqrVGmhLqb4tfJBUQ_7caW86p8cZUHXkIJb4-tc_HB_vHwkJALgG6prRn6VaQP2WPqMA1eg4s4OQl7xfH_WnvF7u4JqFhccMnjwHmXP91LMX8pYVkIlvGO2XuZRBXuznbi4dOWSfx_kkqjaoh6SPfUkDHXKDnK761JdyPW12mNkvr8RZQ0uDrT8886E_yG71Qg10XZmBd9vSJYfB-GHruL0BcY9m_Zw5pTKbvbNOndgstZKh3q-kGH_8tOMCrtkO38TdN29XPBEHWu88hW3TCQnbU7gYrniBdV1q08zLyX-snUNWOJA_kZAWoliXSGcCm3IBQ4Hr3ovfdyrp1e0IZXReAqLhdCKGbGEXrtrIynP33jBB6VHIMgrRdgWsexVuJZgev-l1Qs9Fh0McLLxjsf-LLwR3FcNTbZC2ufM47ObrwAropaj5-BEJ2p_YERnOTvXAswOyKeQg04cyKeoiJdf4jn87qyBVSICoH2sa4OHJRHQ1Lr-RXk4qRunIXS246frrtY34tTzGqdgrs5kUCh9uzDWx_YtICh2-pFcPZaOM9y7PHPlpS4aOR7Sk-BcuPvSV5pHWpNnMlyUTfEUAnhgwcsyl3ojRA8WXAb8rd2-mAhAbBbhFFxvLwGeJJifX_-rz3Xoip3oYa0v0wIheg-TLyEo3ICtNJ0rBVUQRDqnRInjL44idYaSNI-Iq54tTCfitvuM1jb4xRBricc4SA4zBv7RHdOouvP0g-hAL_iu6NZjpvG04rRUt3QmhhKCKEeyZfTMn8dYsx6wpw9HzBlY9VScyxqYP4COnFKKU5YwLVxIC6qklnbiJzE22pj6dzb1MqL__0FkCRTJcbA_HyLNXbjdMBhfUR8mSvW9uN0CH4AnHGC8TNo1YlIOAvuMQgpZQPaGrxd4KVFSTFkZBIFdByt86PeUgOBbUQCtSMqI1WdEqHB_jv9rEL69G9dxbQXtWPEzau9c4jvSLUS44XPgkpTf3o0msHM1eftik90Bh0kiShUqNzg6-DjwTnA7ppCChF8WSg_LXtrER-LKi0KWzvAuwF-UpSZ6JSHMXDaZEpgJ7LvhtTORh-7EQtuZpvZksazOL6iztfHyYtiDmg8DwaiS4GMD5npgTJfw0etm3Tesieg2HRmxCRfmBAQ-K1dBCEhJznwEoB5GW7qEORFDAIerZYfjY1RBky0A_033RHzWaUZsYBhkaJ9yvXVxmefUcerT56smmALLs2TtprtR-LgdPrZtyeE-X4EcVdWLrQZ78KJbukTbtamhEyy9vDZ_dgS_yJSy1jz2udLLWwk_FyrWsxA7xGpOLk4ZJQJkCCVcfdUb4pY2b9sm3bBG-d81LUV361yHqTs28geRc3YDHIxsrP0pwnzu8P5_vXl7eP1eXkCToOmUKq7yJIAPiaC1K9ViTNNp_6jGi34qm7bJPlhtKU6mP3Wz-FTAbTyI3RaVCubXaBBoJIGasGqYJbd9lRflUfn9aJq7HXcPba5vss1E3DVf1ZnlODBPg_V2WnuHEeFeGdZVf_zg4N5sRAqLEDxFR_e6K4zEP6iA01cpSQanN3tu-BGRUf-oUzduQE-Aryh27Z3uwNvqmK3Y59VHXCVvdvL6srK7f0kQiMcc_Vy-HbqzgPh0P1xVRUCIo1iKurFZWdHv2rCyy1Os0qNNm-QTGKJZcyRyTVradzUr3y7h_2lDK6ig2JHXhpeG2-peaJfoMihqCAjJISfuiydCw_qEB5exdTB6OlOkVIQAB21AIbNSMlnSSyXJfOuVlplsSnrKOkpDaI_dHrjtD0YVlabS1QKj5fWqIMCkweLgk1nap84CcPdEZ81TFtCnx2yrMIBG19Sk-Q_fau0UTM0h6nGSuk1v8RWHvVrkhUdj_B010ikBf1xkyCyrK8PwTDfgXKAznSkRqoOR20RhWFTiVIW_7Bgm6gMlMJUKxlqD7lhGsXFUe3W8G_qZPoGF7UBn7K1SHwslPaomArsR5DByWCGqYAy6AzcDNtxFBfeJkuD3SAOAHi2oiUqFHrmO0O0I1Hn16hollvLk_0QNBm4yr05Mkm5MyVaVVhH_5lycOgvoD5Q8Vq0d2RN14FbH7pOp2NexSdhNI9hvNc8J7UJpa4rS2erOjxxuHsvkav93r1pQKM2_VQmU61HcTNMHQfjuumphSnO5TIWlKlhwD2sQS0YL_t-58NBh7CHRVGDP8FRfFMyjPh07IiR9fyF_ba4z9eMqd1uyBpQb-bcSDwkH9w1wZIA5UYhhk6jG5qxFyTr4FWzsdVuIlzbl6rOhcfpYpyOw5Au1KrXarO9DKLcTuTaE8RZ0GLZKAS9RZqOnM55fNzu5pe1YMz8LImqEqagZ6KimMZRaj0Jy0w5Evr40dOMWY7z_0QqrE7mG5oKaz4NEeudiUXoxLY641T9b9D5qDmURFizSe6kFNtXnCQB-Mlz4f6mXt7QCwfHPgoEysVFveD7mlcT_9bc9lojqKOogMJ7uoS&pr=8%3ACB0CB3C65C13E4CE&cid=CAQSMgDICaaNdetl9TNoWlJUP6DJ62jJYLYiU-TgaEgwW2I13NCQeJCseuW43gqOUmCtXRpQGAE&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxiang-ti-sheng-nan-xing-mei-li-zhao-mie-liao-tian-lao-tong-xue-xu-jiu-gao-gu-tong-kuang-biao.html&ds=l&xdt=0&iif=1&cor=17682563001064296000&adk=390354101&idt=77&cac=0&dtd=59
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1d2e8de8d05446a49a58d8b8af9bc4698dbd4a63c4083d893ec232b1f3b0defe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 19:20:57 GMT
content-encoding
br
x-content-type-options
nosniff
age
70410
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11597
x-xss-protection
0
server
cafe
etag
8023538936332676572
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 13 Nov 2023 19:20:57 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame 17E7 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xiang-ti-sheng-nan-xing-mei-li-zhao-mie-liao-tian-lao-tong-xue-xu-jiu-gao-gu-tong-kuang-biao.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 14:17:59 GMT
content-encoding
br
x-content-type-options
nosniff
age
347788
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 26 Oct 2024 14:17:59 GMT
usync.html
eus.rubiconproject.com/ Frame 1026 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&geo=eu&co=ch
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xiang-ti-sheng-nan-xing-mei-li-zhao-mie-liao-tian-lao-tong-xue-xu-jiu-gao-gu-tong-kuang-biao.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.221.169.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-169-246.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 31 Oct 2023 14:54:27 GMT
ETag
"4014f-119-6051b805b8000"
Last-Modified
Mon, 11 Sep 2023 20:52:16 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
view
securepubads.g.doubleclick.net/pcs/ Frame 17E7 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvEMy4a41ay4QSSXBUKHXLXYhp2qD1vQa1oIucUJPP9yVVxsD3A-IhRPXNH11-ARiSiHJwqSwI_0Kh-gkTPCFzAw2ybREGoDQM8j_4Hmf_3VyTegb6DYo3aNXPoSyPKjRLY03gFFybBvShUM0BJTFLOXt6XNv8gd4DWxVwj2xsaKl9tQkscBJwlOvM9AlMDyguIUJF65K67YopZwJJ_i4ckGeijLvEyQCNa5jBwsPPOtOXiQBSRxWvKRWnGY8e3J62iisS1qdHsXTaEu7aU0mDnJPRNU9qL6Thus1Qza0JLNtn5Lp8a0_HA8cRs7uhErp_txP-Hf4Wd5bxHKv3GVvlLouafeZRTWSsQ&sai=AMfl-YQvWiaH6Wsv4TXXzrcJjZlM_K2UCox0L1XzqZm7rfH-ElLV9QM1AiFGKKMLCfmYgzQiPrjxgqkrEg2A9YswtKsMuXpiAaCOQQXcnkpqZhVxujp_5m-m8iQsothZ0DA&sig=Cg0ArKJSzJm4nILQkTlCEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 14:54:27 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 31 Oct 2023 14:54:27 GMT
truncated
/ Frame 17E7 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
99b46238d6583f6e5f580d46f54f6501132d0de0088e58fcafbd785d4887d873

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
csi
csi.gstatic.com/ Frame 35DF 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~loeg9irt&c=3439827716239&slotId=1719913858119.5&ghmsh_eids=44733246%2C44772139%2C44777649%2C44781409%2C44802463&vast_v=4.0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.599.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2800:3f0:4001:831::2003 São Paulo, Brazil, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Oct 2023 14:54:27 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel.gif
ad.vidverto.io/vidverto/test/ Frame 35DF 		42 B
175 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/vidverto/test/pixel.gif
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.599.0_en.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.165.240.175 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-165-240-175.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 14:54:27 GMT
last-modified
Mon, 26 Oct 2020 16:14:05 GMT
server
nginx/1.14.0 (Ubuntu)
accept-ranges
bytes
etag
"5f96f5cd-2a"
content-length
42
content-type
image/gif
usync.js
eus.rubiconproject.com/ Frame 1026 		40 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&geo=eu&co=ch
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.221.169.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-169-246.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
9707d6e62a22e990a7f0c39c793fba66c4cb0f017f51103851dab68ea94b7d2d

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&geo=eu&co=ch
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 31 Oct 2023 14:54:27 GMT
Content-Encoding
gzip
Last-Modified
Tue, 31 Oct 2023 06:39:56 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=56736
Connection
keep-alive
Content-Length
11053
Expires
Wed, 01 Nov 2023 06:40:03 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame ACA7 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvfnKMYxdU9m-jux8OLIgq1Ym0_pAh1Uy-c2MQBeeS6guEyzjtFy6-sWE_IN8by_Y1reBOTqoFYtiwPSYXyo4qZ0JcQcfXkpm0Mn_Ui-3hd_VjC6eSA_-Lq05fyruHxe0t0ipA7kOU7tvdP0qzsR439KVV_GDZcKT_2AR7ChKdtWAcyHZu0ABYJ80B7auJH9_cICtL9f8K-E_E30J2wRJek8SsSlalA7uNVoSAD-NGINSt5DwWV2xh7pB0pFFyXN42_bSVObWFLNouDuitgW3fUtgM7dBIPtIY0Ry68udDSY0COGRtchYWi9tEYcCxI2ZNyCse1KQUKKg1OjR44TR6OfHluIO32LWTu&sai=AMfl-YQ_3UQUtJPvLdcgdOolp_pazt2MMgHVqEiJx4B-5vGPH2UJXeBgu-ynYpkZDyU1MKKSFIYrXULjTtbyRPeZ9jyjQeN_RjIexr6H1u3xkTXXx5yqdhtCvaGRrLRFIPo&sig=Cg0ArKJSzKumdq9RSvBFEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: 34ea2439be446e598bd03737d8924673.safeframe.googlesyndication.com
URL: https://34ea2439be446e598bd03737d8924673.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://34ea2439be446e598bd03737d8924673.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 14:54:27 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
csi
csi.gstatic.com/ Frame 35DF 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=3~loeg9j8f&c=3439827716239&slotId=1719913858119.5&faa=1
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.599.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2800:3f0:4001:831::2003 São Paulo, Brazil, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Oct 2023 14:54:27 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel.gif
ad.vidverto.io/vidverto/test/ Frame 35DF 		42 B
174 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/vidverto/test/pixel.gif
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.599.0_en.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.165.240.175 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-165-240-175.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 14:54:27 GMT
last-modified
Mon, 26 Oct 2020 16:14:05 GMT
server
nginx/1.14.0 (Ubuntu)
accept-ranges
bytes
etag
"5f96f5cd-2a"
content-length
42
content-type
image/gif
pixel.gif
ad.vidverto.io/vidverto/test/ Frame 35DF 		42 B
174 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/vidverto/test/pixel.gif
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.599.0_en.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.165.240.175 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-165-240-175.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 14:54:27 GMT
last-modified
Mon, 26 Oct 2020 16:14:05 GMT
server
nginx/1.14.0 (Ubuntu)
accept-ranges
bytes
etag
"5f96f5cd-2a"
content-length
42
content-type
image/gif
hb_native_image:77d28e1bf5eea66
34ea2439be446e598bd03737d8924673.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame ACA7 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://34ea2439be446e598bd03737d8924673.safeframe.googlesyndication.com/safeframe/1-0-40/html/hb_native_image:77d28e1bf5eea66
Requested by
Host: 34ea2439be446e598bd03737d8924673.safeframe.googlesyndication.com
URL: https://34ea2439be446e598bd03737d8924673.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
27cec687542bed4488663d01cce652836eb85f2f5fa769c0d997454350cc6b2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://34ea2439be446e598bd03737d8924673.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 14:54:27 GMT
x-content-type-options
nosniff
server
sffe
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1614
x-xss-protection
0
pixel.gif
ad.vidverto.io/vidverto/test/ Frame 35DF 		42 B
174 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/vidverto/test/pixel.gif
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.599.0_en.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.165.240.175 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-165-240-175.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 14:54:27 GMT
last-modified
Mon, 26 Oct 2020 16:14:05 GMT
server
nginx/1.14.0 (Ubuntu)
accept-ranges
bytes
etag
"5f96f5cd-2a"
content-length
42
content-type
image/gif
pixel.gif
ad.vidverto.io/vidverto/test/ Frame 35DF 		42 B
174 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/vidverto/test/pixel.gif
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.599.0_en.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.165.240.175 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-165-240-175.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 14:54:27 GMT
last-modified
Mon, 26 Oct 2020 16:14:05 GMT
server
nginx/1.14.0 (Ubuntu)
accept-ranges
bytes
etag
"5f96f5cd-2a"
content-length
42
content-type
image/gif
pixel.gif
ad.vidverto.io/vidverto/test/ Frame 35DF 		42 B
174 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/vidverto/test/pixel.gif
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.599.0_en.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.165.240.175 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-165-240-175.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 14:54:27 GMT
last-modified
Mon, 26 Oct 2020 16:14:05 GMT
server
nginx/1.14.0 (Ubuntu)
accept-ranges
bytes
etag
"5f96f5cd-2a"
content-length
42
content-type
image/gif
pixel.gif
ad.vidverto.io/vidverto/test/ Frame 35DF 		42 B
174 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/vidverto/test/pixel.gif
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.599.0_en.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.165.240.175 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-165-240-175.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 14:54:27 GMT
last-modified
Mon, 26 Oct 2020 16:14:05 GMT
server
nginx/1.14.0 (Ubuntu)
accept-ranges
bytes
etag
"5f96f5cd-2a"
content-length
42
content-type
image/gif
publishertag.prebid.135.js
static.criteo.net/js/ld/ 		89 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.135.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
20678c305b50c0988193d64cb34f41e2dcb6f2fa48353106436ea301e07ce70a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 14:54:27 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 24 Feb 2023 07:57:32 GMT
server
nginx
etag
W/"63f86dec-16386"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 01 Nov 2023 14:54:27 GMT
csi
csi.gstatic.com/ Frame 35DF 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=4~loeg9j9s&c=3439827716239&slotId=1719913858119.5&fas=1
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.599.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2800:3f0:4001:831::2003 São Paulo, Brazil, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Oct 2023 14:54:27 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame ACA7 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1d5689bea7fef395b56ca5de0d36d6d081214da4703970c9e547a3ed0b84b445

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
view
googleads4.g.doubleclick.net/pcs/ Frame 17E7 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssclU1A7AgBaCuXD0TL6VsnS9s1NYcLPF4nR_4NT-2MnrBOrmbtA02rIB4DHmuwWUiOktmtTpSL6JVu6SmetIsILnjTh8l5VwlOCa9EsgLf9nDqznD5nVi2XFiqL6LHm-43MYrL6ZHmWeNkkXEyCq-DTOiKC15uRS6YZv5zaU9pqspdDodJk7dA8ekQJQ-5qiydjG-SAeG4imS4HgGP3ibCAzUMITH5rWcj2JbLcOkOwEiN4rbV_egMEU11irdqyM0fvnJpDTn17zoi0TkE1rPgtP6Sgh4PEE3VL_aE6Hb9UA_auWuLRvl6eZIQMTxabCxja1ZdGTnckafuJel_IQnIqtQ8le4esTplve2kGT-uOPH6SjqeEP3H4GYtkvKf3k_FasZUuf9ry-DpLSxqogA4e0JKvhJWABTaXCdUkP2b5sADMOrpJVW-TqRiY76qhpCAc6EVhENJYLIfKf2Z6aUYhhTmOcYnK8hFfnDQ2SXWALS-JSPZgadcghscadp1C79A9UfGGtMd3NMd-zYr-T-Bdjp_gSYBmLxUee13hIIsMjd9pJQRBmmlENHmjbwzz-wwwVEunp1zgNY22ldxam-apQvtoEdLoiLQW0lQd1OXyK6RvzhEB5iagdcg2cCGvo8E9mmXuqPq-ik9hUm-qX0KNl2X-rB7ehYUSORDbIuNaM4r0bMJ4X54MEoaofhnyvENRb_bQ3_HsCWczMT-fBS_29uONi4VmJoOwa7WxeUD3BBb3QXIaBDGFhj5g1FM8olX1mXm1bzKjmrCzynr47KPV9SPlrUCF5ysxcIhL7NcMFV1oyNyrLxrOnfPq5JRtjvLbIeO0lW9MUYl_8SOMKxhBZmf50y5f6HGzve1rBwqSJBXiskwPwDZl8C7b7ZmDStY4ZwLffXRlsCsnQwJzI1dWWxsKhs_-AMthn0vR-8XRm-QkqfcaJbrbCl0KKfZ8v5Ikk7f3FAtTbUfrE919SNJKb_jDhIquTikujCLbZVko9WZJJOeE1lXFy-AuHpNnHB4BfmPI_3R-1XFsrYf6muGdwS7qne8hfN1TeRKKzOuQC_pjqiscFefSUNNH_TmM4aL6j_L91WYQkUtfTq1gtJK_K9ZdggJ4nbQkcfK7jHypU_nzSzDNfC6YoZ5ypBHdpr79XwK4R9YlBVBDiic1uj2gCCO41lD3TtaapnzjGnBEHtVZDCQ2lSRfF3sg7sIeKlKya5sA0_CkBEUPhcoBEZd7V6nIicEEZRrfBDMsNTtOHrnKrpeaxyWG6RHPGC4Zqb-ZKmOaBu3NzUm5xFxXEwKrTfsDAc1vOJeQuOF2SIrd0CWAs-Fdgh0ZHGx_K4HrI0lhpvkcUr7cK7cVidA957vA3xW_GULoIWlTPGkGgq8U1fJATsLH8YF-0qKtuc-vA&sai=AMfl-YT3l_HJ0lcc_IOynk26cZHHsL5hUOgHPRLNVQ6EOx_G4kpbHL7itefmmWwodUyrHlpbwIFmSKJ9VAe6ZUtwAi5zrnpiSY_H-e6neMXjCyl8lEA1xb-f2blPLHvEsr2YOAb1YBpRRklpPWGO8RDmgVrd_U51wRMqLRy3sBNe-wPKze6D7MJNkXsqBriIYmhXqMo2VNiCsI9lBo9qRfgzS23GO_Xm6fUe_y2wvKmU_5vsVjzghFdHOmZgOFJ3nENAluwfTbxmTXNg7RQVg873UA&sig=Cg0ArKJSzHk-INoZtSIiEAE&uach_m=[UACH]&pr=8:CB0CB3C65C13E4CE&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=246&cbvp=1&cisv=r20231026.09023&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xiang-ti-sheng-nan-xing-mei-li-zhao-mie-liao-tian-lao-tong-xue-xu-jiu-gao-gu-tong-kuang-biao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Tue, 31 Oct 2023 14:54:27 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
13418204214378222500
s0.2mdn.net/simgad/ Frame 17E7 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/13418204214378222500
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xiang-ti-sheng-nan-xing-mei-li-zhao-mie-liao-tian-lao-tong-xue-xu-jiu-gao-gu-tong-kuang-biao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b585b5dfd5686ec81f8ce1e1b59feef59e251978b28fd3be530f019f7a91425f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 16:53:57 GMT
x-content-type-options
nosniff
age
597630
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11616
x-xss-protection
0
last-modified
Mon, 16 Oct 2023 09:15:27 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 23 Oct 2024 16:53:57 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame ACA7 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuZky0L4yPd_kShCV6i8FRjtsjoDUVadHIDe5PTi507XLi_INyKWipg8mNuylnohQiNLJtHMnbIGTccnVGlUe8GTVzQcxfgY51IeaQD_XOGmkhp7VWrRf8qGZYQVE8apEitQMdgsFpmRNvMFSeNcenlLZD9vqt8u_tbaZed7Jqb3n7g1UsSq8qW5y4EZBfLva8Me0QtOF4XXy319HXfiwwdmMpgltRRF2tGOJ2DpqgwroI05S-PJgbIi2lK3QrRtg-NTMSaLtnTzl1Rubw674Taf17Az2hpkn5gA1njAVftXT7U8lFGyDzfRsHLw1_EridSiXMjLBgXJbaSCjPTKNyNxS0h4Av9Yk9saJw&sai=AMfl-YRnkyjR7HOETyubx3EDdBk8AJADejhrLYsYeSFf1ylk7MpTNpdW-XhvhaSuO8ns7s5WwAa8ywu-SQzlc1lvemUbkj9Lw0TwtTknfMW8vVlbpExFco1iEM28BA__4gs&sig=Cg0ArKJSzHBoZFXilarwEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://34ea2439be446e598bd03737d8924673.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 14:54:27 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 31 Oct 2023 14:54:27 GMT
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame F2F8 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
347766
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 27 Oct 2023 14:18:21 GMT
expires
Sat, 26 Oct 2024 14:18:21 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 17E7 		188 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cfd86eed5b662601ed1effa05e0922030a1bbfb3111d160df9b4f71630198c37
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 14:54:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60393
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1698666127188353"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 31 Oct 2023 14:54:27 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 17E7 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssclU1A7AgBaCuXD0TL6VsnS9s1NYcLPF4nR_4NT-2MnrBOrmbtA02rIB4DHmuwWUiOktmtTpSL6JVu6SmetIsILnjTh8l5VwlOCa9EsgLf9nDqznD5nVi2XFiqL6LHm-43MYrL6ZHmWeNkkXEyCq-DTOiKC15uRS6YZv5zaU9pqspdDodJk7dA8ekQJQ-5qiydjG-SAeG4imS4HgGP3ibCAzUMITH5rWcj2JbLcOkOwEiN4rbV_egMEU11irdqyM0fvnJpDTn17zoi0TkE1rPgtP6Sgh4PEE3VL_aE6Hb9UA_auWuLRvl6eZIQMTxabCxja1ZdGTnckafuJel_IQnIqtQ8le4esTplve2kGT-uOPH6SjqeEP3H4GYtkvKf3k_FasZUuf9ry-DpLSxqogA4e0JKvhJWABTaXCdUkP2b5sADMOrpJVW-TqRiY76qhpCAc6EVhENJYLIfKf2Z6aUYhhTmOcYnK8hFfnDQ2SXWALS-JSPZgadcghscadp1C79A9UfGGtMd3NMd-zYr-T-Bdjp_gSYBmLxUee13hIIsMjd9pJQRBmmlENHmjbwzz-wwwVEunp1zgNY22ldxam-apQvtoEdLoiLQW0lQd1OXyK6RvzhEB5iagdcg2cCGvo8E9mmXuqPq-ik9hUm-qX0KNl2X-rB7ehYUSORDbIuNaM4r0bMJ4X54MEoaofhnyvENRb_bQ3_HsCWczMT-fBS_29uONi4VmJoOwa7WxeUD3BBb3QXIaBDGFhj5g1FM8olX1mXm1bzKjmrCzynr47KPV9SPlrUCF5ysxcIhL7NcMFV1oyNyrLxrOnfPq5JRtjvLbIeO0lW9MUYl_8SOMKxhBZmf50y5f6HGzve1rBwqSJBXiskwPwDZl8C7b7ZmDStY4ZwLffXRlsCsnQwJzI1dWWxsKhs_-AMthn0vR-8XRm-QkqfcaJbrbCl0KKfZ8v5Ikk7f3FAtTbUfrE919SNJKb_jDhIquTikujCLbZVko9WZJJOeE1lXFy-AuHpNnHB4BfmPI_3R-1XFsrYf6muGdwS7qne8hfN1TeRKKzOuQC_pjqiscFefSUNNH_TmM4aL6j_L91WYQkUtfTq1gtJK_K9ZdggJ4nbQkcfK7jHypU_nzSzDNfC6YoZ5ypBHdpr79XwK4R9YlBVBDiic1uj2gCCO41lD3TtaapnzjGnBEHtVZDCQ2lSRfF3sg7sIeKlKya5sA0_CkBEUPhcoBEZd7V6nIicEEZRrfBDMsNTtOHrnKrpeaxyWG6RHPGC4Zqb-ZKmOaBu3NzUm5xFxXEwKrTfsDAc1vOJeQuOF2SIrd0CWAs-Fdgh0ZHGx_K4HrI0lhpvkcUr7cK7cVidA957vA3xW_GULoIWlTPGkGgq8U1fJATsLH8YF-0qKtuc-vA&sai=AMfl-YT3l_HJ0lcc_IOynk26cZHHsL5hUOgHPRLNVQ6EOx_G4kpbHL7itefmmWwodUyrHlpbwIFmSKJ9VAe6ZUtwAi5zrnpiSY_H-e6neMXjCyl8lEA1xb-f2blPLHvEsr2YOAb1YBpRRklpPWGO8RDmgVrd_U51wRMqLRy3sBNe-wPKze6D7MJNkXsqBriIYmhXqMo2VNiCsI9lBo9qRfgzS23GO_Xm6fUe_y2wvKmU_5vsVjzghFdHOmZgOFJ3nENAluwfTbxmTXNg7RQVg873UA&sig=Cg0ArKJSzHk-INoZtSIiEAE&uach_m=[UACH]&pr=8:CB0CB3C65C13E4CE&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=339&vt=11&dtpt=93&dett=3&cstd=333&cisv=r20231026.09023&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xiang-ti-sheng-nan-xing-mei-li-zhao-mie-liao-tian-lao-tong-xue-xu-jiu-gao-gu-tong-kuang-biao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 14:54:27 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
CH-DE_interest_rate-1-DECH-728x90-638330445206768758-a8731108-9fa3-40c3-89dc-1ceef44a5f3f.html
s0.2mdn.net/sadbundle/2424957407877660672/ Frame 9ADD 		4 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/2424957407877660672/CH-DE_interest_rate-1-DECH-728x90-638330445206768758-a8731108-9fa3-40c3-89dc-1ceef44a5f3f.html?ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
16451b410da7e2e5795bc39384f40bb5da9c5049519689afeb4b936a4ec7f6b0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
32160
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
1418
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Tue, 31 Oct 2023 05:58:27 GMT
expires
Wed, 30 Oct 2024 05:58:27 GMT
last-modified
Mon, 16 Oct 2023 09:15:27 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
mSNSQAl__hw8z5PwJ1hA32amL2zkBniEArBt9BN1XWc.js
pagead2.googlesyndication.com/bg/ Frame F2F8 		38 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/mSNSQAl__hw8z5PwJ1hA32amL2zkBniEArBt9BN1XWc.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
99235240097ffe1c3ccf93f0275840df66a62f6ce406788402b06df413755d67
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 10:57:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
14225
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15010
x-xss-protection
0
last-modified
Tue, 24 Oct 2023 11:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 30 Oct 2024 10:57:22 GMT
pixel.gif
ad.vidverto.io/vidverto/test/ Frame 35DF 		42 B
174 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/vidverto/test/pixel.gif
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.599.0_en.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.165.240.175 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-165-240-175.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 14:54:27 GMT
last-modified
Mon, 26 Oct 2020 16:14:05 GMT
server
nginx/1.14.0 (Ubuntu)
accept-ranges
bytes
etag
"5f96f5cd-2a"
content-length
42
content-type
image/gif
bridge3.599.0_en.html
imasdk.googleapis.com/js/core/ Frame C25E 		753 KB
242 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.599.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
889ce7128a1460ca45b5e8b4e22c950f46e1ba71f62b22c05e6553588be964dd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
306348
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
247375
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Sat, 28 Oct 2023 01:48:39 GMT
expires
Sun, 27 Oct 2024 01:48:39 GMT
last-modified
Fri, 27 Oct 2023 06:13:31 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 9DDE 		40 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 13:58:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3387
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13893
x-xss-protection
0
last-modified
Wed, 09 Aug 2023 15:57:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Tue, 31 Oct 2023 14:58:00 GMT
480_650.mp4
cdn.vidverto.io/secured2/5yo4VCLdu0EGWaOQA4HJ_Q:1698767664/1327/video/1813/ 		140 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.vidverto.io/secured2/5yo4VCLdu0EGWaOQA4HJ_Q:1698767664/1327/video/1813/480_650.mp4
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xiang-ti-sheng-nan-xing-mei-li-zhao-mie-liao-tian-lao-tong-xue-xu-jiu-gao-gu-tong-kuang-biao.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
190.2.151.7 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
190-2-151-7.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash

Request headers

Referer
https://www.bg3.co/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

Date
Tue, 31 Oct 2023 14:54:27 GMT
Last-Modified
Thu, 02 Sep 2021 16:35:03 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"6130fd37-1069ee0"
Content-Type
video/mp4
Access-Control-Allow-Origin
*
Content-Range
bytes 0-17211103/17211104
Connection
keep-alive
Content-Length
17211104
publishertag.prebid.js
static.criteo.net/js/ld/ 		96 KB
31 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.135.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
66776998b10e583a72f8fd29391a50e2c80eb3bc9a65b0dafe97e576d7d88507
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 14:54:27 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 27 Oct 2023 06:43:26 GMT
server
nginx
etag
W/"653b5c0e-1811e"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 01 Nov 2023 14:54:27 GMT
ucfad-formats.css
cdn.aralego.net/css/dev/ Frame 061C 		975 B
763 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by
Host: agent.aralego.com
URL: https://agent.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:467 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 14:54:27 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1584
cf-polished
origSize=1191
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 16 Mar 2018 07:19:46 GMT
server
cloudflare
etag
W/"5aab7012-4a7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZGe4iQwNm0CfiveFGQJo2LUh5p0iDTT%2BLBHSmEGZ6BJkbNzOAaBgT5952jBk0Nf86B3cNRyRPXJNE3f%2Fo48tu49Nm2NaIL2LP%2FCrB1215SCjTsXOa%2BqQKvrQjljz4yItaylcxhdJrg%2FWuwkqSw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
access-control-allow-credentials
true
cf-ray
81ecbbbf48465b5c-FRA
ad_request
ads.aralego.com/ Frame 061C 		661 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=1&bl=en-US&je=1&dnt=0&host=adx.holmesmind.com&u=https%3A%2F%2Fwww.bg3.co%2F&adid=ad-D23E94E4EBE8E97E1A2434368A94EA6&w=300&h=250&ver=UCX_WEB-20200113&pos=1&seq=undefined&cb=0.36694591214001737&ao=https%3A%2F%2Fwww.bg3.co&uaMobile=%3F0
Requested by
Host: agent.aralego.com
URL: https://agent.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.96.203.13 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
5a42323e0b1c4e0d4d08124e092838d317dec3536cedfeb797380f02c1ebc132

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 31 Oct 2023 14:54:28 GMT
X-Width
300
X-Height
250
X-AdStyle
banner
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://adx.holmesmind.com
Access-Control-Expose-Headers
X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
Vary
Accept-Encoding
Access-Control-Allow-Credentials
true
X-AdSource
PSA
X-SspId
d113ab74-8d0b-38ac-957a-7d347521fe17
X-Adtype
html
Connection
close
Content-Length
661
generate_204
tpc.googlesyndication.com/ Frame 3E74 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?6OHPuQ
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xiang-ti-sheng-nan-xing-mei-li-zhao-mie-liao-tian-lao-tong-xue-xu-jiu-gao-gu-tong-kuang-biao.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 14:54:27 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
VideoBidRequestHandlerServlet
wf.taboola.com/ 		2 KB
707 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1698764067896&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=2&pv=1564&pt=64456775&tz=60&viewable=true&ddast=V8FNMCLAb0wbEiL-jGhxHog2NFXtCNDysAAABgYID-AEnMXJvNcrRYqza-wVo0m9jWEsvIuFYulrONaTfbOFceIyCJmWuzWY4Wa9XGN1iLZhPbWmIZGdfKxXK2Me1mG-fKYwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ2aDodPte9Xvf73SU-z1zj9yv8wqfD7nOLnm7N0WX3ueUOu1v4tPvcapfTLXa6pUeH3612utxip8PvFj0ddrfY4XeL_nafW_h6uYWvt9TpeuscfrfO9Rb97T631vWw-9wSp8NvF5reZjsAAAAAePD___8PAQAAACACAAAAgAQAAAAACgEV_i0IXAAAAADA8P___68B4JkDwhgdbovZb_cHAAAAABAAAAAAJAAQ0A9LAMQY7534_________48xQJ95I-P_____hkEPgAcfAA9CAAAAPoYEwIFP2Z-Z0xIpOC7CCAAAAMCwc5rgkUk6QcWiyv__f78VgCsAAAGLhjqGr1l0ByXewgAAAAiMWaCHxe83O-wav9tl_v_________N_J_5RyO044GbBmi68EPNLyAAwJpfQAAANuoGAOCNAJygQ9CKwWB1AmJ2AAAAAO78____6wHJwcowc2wmg4XN5BoOB8ONa-aZrVwLk2dlWw1m3hPvPGh1_LV932dDWGa_76CgnJ4es8sgY7lMBvFBw7CcDIL5mbDFaDWZbJbD2XIxGQxHw9FofwRwOUATMVguJ5PFZLcarUab4W40GyyQQAwmiKJFg8lqNJosJsPVaLKaLRe73QZRtGo1G20Gw9VsMtvtVsPBcDkaoQlbjFaTyWY5nC0Xk8FwNByNhgjmVqvlxGHzrRWu1WQtGm08a-FyYnMLhoPhyjObzYYjj1v0-pg-noVz4TBskWAA314kT4t0oluMFsuZZTcYuRye5WqwsYxWlsFgM1uZXJaJyzURSzQni3Qiu-ybg5Vh5thMBgubyTUcDoYb18wzW7kWJs_KthrM_L3Vajlx2HxrhWs1WYtGG89auJzY3ILhYLjyzGaz4cjjFr0-po9n4Vw4DPvGbDnczUaD2WjfmC2Hu9loMBvtO3SG7-pzNirLKslHaJ5pkx9pzWlQuAwW70t9Og8LxoL67Dk6hR7Ps6gz-v1-v9_v9_v9fr9B6zmYDQrf8_AXTh_LczmcjR7EBoMilggu0ongYXY7TC-3xOfZ-C1iidJ0kU70Cr_w6bD73KKnW3N02X1uucPuFj7tPrfa5XSLnW7p0eF3q50ut9jp8LtFT4fdLXb43aK_3ecWvl5u4estdbreOoffrXO9RX-7z611Pew-t8Tp8NuFprfZIpYIThfpRPQyni7qP3qI5WouGczmisFqrtgMVgkAAAAAAAAAwBJMM90EAAAAwMmghpvhYrVOBzOZTQa71XIBXARl6QIGAQAAAAAAKNbYYw3wMLsdppdb4vNs_FYGIMGcx2yzzwhirVbLGgAAgAA2AACAAG668SZgJYr7____HwcAAEBGDj0AAAD6fUBYIUeuFHrh_ApiMtkM9w9AhVir1ep2Y61WK6DBrJajzW4C_____wE!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=1&dtagid=3262075&dpubid=583815&abtst=adxLoadDist7-out_vB!adxsub-out_vA!adxsub-out_vB!esv_vC!rbcatc_vA!ufm_vG!ufwfrtb_vA!unf_vA&mPre=0.033&cirf=https%3A%2F%2Fwww.bg3.co&en=1&subu=3
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.5.3/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
ccdbf5cfe041882c25b7d948da3608cf2f39d4d2a1c9d66eacf2e2029e427919

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
text/plain

Response headers

x-cache-hits
0
date
Tue, 31 Oct 2023 14:54:27 GMT
content-encoding
gzip
via
1.1 varnish
machineid
1437
x-cache
MISS
x-served-by
cache-fra-eddf8230065-FRA
pragma
no-cache
server
nginx
x-timer
S1698764068.910844,VS0,VE35
vary
Accept-Encoding
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
accept-ranges
bytes
expires
Sat, 26 Jul 1997 05:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 6D7C 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231026&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310250101/show_ads_impl_fy2021.js?bust=31079177
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fdbc49323e8cd37fc1c120e0a7b52b8575b4a05ffebc7b8309ef4b64cb6cb54b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 14:54:27 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12074
x-xss-protection
0
652cf45a843eb9eeda7667d0
c.bannerflow.net/a/ Frame 9ADD 		71 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.bannerflow.net/a/652cf45a843eb9eeda7667d0?did=5ced17d285b1c200019c3fe1&&redirecturl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjss1vGr2GKpXeleam55Ar3Enlv8Wos5aR2bFv6HfB2xuNgalPiNEBbRGSQtL-KSKRalYOTNrcxzN_Nt5yo3eSFPVQ8cPfeWYkwlLDXh1Mt9hM2VoTm0xnOpwhQrpyOIeJBcpxj-L9dx-hJpNymRYtsbx-G5mFBuURQVK1KJPVWf7GNVP0wtBHQsUfC9wHBU4gnEwwT-4ibWBfEu2sUTdakRt9vwjqRsZi8t-qSnUUBjI_DKryQkpTxOL4_xkCAyUFpW9LY-JlCuDOHwLheOAm8Wz0ZmfZzaXIsK0gmtPwv09PyX04UqD_BdE61GvF4X_81_TK442IfLke50ZcwDtTiHcnl0GyyVNsmQWc8QtNcbPGcCAMaSGXOVsL9bXHallnd5_sy3OQNI70Y9PSe5yLdcF-Z-vzEV_LnmrPPb8e7I1t8WPCZNoSXYXEwkhNBQ-B1tjwtb3lfsgSMvAnbE_Y0aZ9JjTpFt2LVxR1STzMBdkS3J1Bcod2MIVzWLFtuLEBo-PZmPCy3oqmTx_-xWCJi25l0je-p3Bal4jEmn9pBaEVcdFay3LEBT-B9fSHERui65JhTWfAuTQge8tnvGzPgXURrauujOHcWAt8x-c8remLd7YL8F16HwUE-taLgEpsJjULfd6T3E5to5zdJISnwJjrIys0Mgf9wjwfHFYExkw0BKtArendN3D_KNcx4oxl84UxpLwy9UDBZi3RdMXVfD92bPJ7KBgfAVn80Vzd6LZ8BCrBIeMsETo59JjBT1yMyM3n6QEfNqXZ4KpTEU4tXBtdAwZmmL0W0dyRs2JNXHb6L3tFqMZ-bLEPXTgrzb5Nb-pFwc6JwN4Bwk9NisXlOo_jjQgbGrdUk0TV7D-tRhUdEY_Xkh0ZY_WfV15QM51hJWGJh7m0VM44r58RdVsUq25uwu9up_7P0aPNXOfbHbjFGiNdOd9VD9BlBi6pITqWoU_pYGKf3edskB_7pnERxcQGq5hZrZpQlP_ezSGkW3lt2sdq4-9aVoSy5Fr5miEaRO6OkW7jxjVG2vivNb-Hbhqrwug1JW-xZqnoP4ODOKVjnG8WV-46_qhJOEUOPe7JQMbRLhnt_7qgZI_0n-pgA84UjV1hrZBUv-kkutteNwOBpRoF3cH8v0MD8Uo1ma8RNqydhC6f4H_1-wALwWjyN8hGzVsSzi7ZXFk2p7LfObZNX0DtcgLcMlAnTlm-0Y8UOcXLrKdbgdjy6r_T0bQ1bt3XD-cxtnrg1qjFyPHibHewvU9hVx2mlP_t9bBMWA4S_1aXS0UMtjhDrKTVYP1wwA8WceBMh3AVHrA_InyuEDnqrBeB44aMFnDr4aBjf7OgtFlAiDYVhNbbQlxYN6n4yeTKz85oExTWmomEcwjsqE8BIjWBqwJyQXFPS2WaimEBlvaF32JcshPeW3Fze1Ij7VbtVgEzkFKugbLphs%26sai%3DAMfl-YRWn-HwNczslmKAWjNCN2upFGOSYN94eBZhdy3lcInIqTaNuMWcpl_baJEaKm5w9Dl06edHN57o4l8inYtamGHxYrYaXc10L78tePJtkMHOFLb6rcq_-5cX1p9U09SjSqzO2tFc-sb6cHiIWLNtIQXwjRhkQzWJ0qOxtuzV7cSYVM77Eiw_TQqdGx_fzvrqO4g4KMXfrDALfUROfiZwDWmpDt0831zIdpjzZ2BwXgvg2qUZ6zMhaFfEY6MWj_kJ0-bDwT74cApvlFm7uIhx7ezxx04hNjcl%26sig%3DCg0ArKJSzL8_MIWlG8A6EAE%26pr%3D8%3ACB0CB3C65C13E4CE%26cry%3D1%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26rm_eid%3D5362262%26adurl%3Dhttps%253A%252F%252Fwww.home.saxo%252Fde-ch%252Fcampaigns%252Finterest-rates-cal%253Fdclid%253D%2525edclid!%2526cmpid%253Ddisp_cm_1014485535_20667285299_525664089
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2424957407877660672/CH-DE_interest_rate-1-DECH-728x90-638330445206768758-a8731108-9fa3-40c3-89dc-1ceef44a5f3f.html?ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:c96e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e690b007a72c30a72e0eb7618678874d0b3fce48c83af10e6f974d4e9e6a0754

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 14:54:28 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 31 Oct 2023 14:54:28 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, s-maxage=10
cf-ray
81ecbbc15a2a9043-FRA
request-context
appId=cid-v1:1a5f66bd-0229-467a-a946-b3753e659ecb
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202310230101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310230101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4d7d664bdd0d9e9c6dccf6ca99899d0e3e4cd1fea23ec834bc6ef5577c98bdb5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 14:54:28 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12367
x-xss-protection
0
syncframe
gum.criteo.com/ Frame A1D7 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.bg3.co
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.135.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 31 Oct 2023 14:54:28 GMT
server
Kestrel
server-processing-duration-in-ticks
968247
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
ads
pubads.g.doubleclick.net/gampad/live/ Frame C25E 		125 KB
24 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/live/ads?iu=%2F21986089839%2C22574853003%2Fivm_video%2Fivm_bg3.co_video&description_url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxiang-ti-sheng-nan-xing-mei-li-zhao-mie-liao-tian-lao-tong-xue-xu-jiu-gao-gu-tong-kuang-biao.html&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxiang-ti-sheng-nan-xing-mei-li-zhao-mie-liao-tian-lao-tong-xue-xu-jiu-gao-gu-tong-kuang-biao.html&tfcd=0&npa=0&sz=1x1%7C300x250%7C320x480%7C400x300%7C480x320%7C480x360%7C600x338%7C640x480%7C720x405&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=2706349030180104&sdkv=h.3.599.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=vidvertoplayer&mpv=1.0.0&sdki=445&ptt=20&adk=3132361577&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.599.0&media_url=https%3A%2F%2Fcdn.vidverto.io%2Fsecured2%2F5yo4VCLdu0EGWaOQA4HJ_Q%3A1698767664%2F1327%2Fvideo%2F1813%2F480_650.mp4&sid=D543492C-1AAE-4C4A-AD49-853A6D82E388&nel=0&eid=44752657%2C44772139%2C44777649%2C44781409%2C44802463&top=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxiang-ti-sheng-nan-xing-mei-li-zhao-mie-liao-tian-lao-tong-xue-xu-jiu-gao-gu-tong-kuang-biao.html&loc=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxiang-ti-sheng-nan-xing-mei-li-zhao-mie-liao-tian-lao-tong-xue-xu-jiu-gao-gu-tong-kuang-biao.html&dt=1698764068008&cookie=ID%3Db9006376001d9785%3AT%3D1698764064%3ART%3D1698764064%3AS%3DALNI_MYqwA0M6cyUwPLq-7_IJqS8H0YPPQ&gpic=UID%3D00000caf8311e983%3AT%3D1698764064%3ART%3D1698764064%3AS%3DALNI_MZgOXJZPjiP8Dpzft0WXyqThEUK6A&scor=131094054279811&ged=ve4_td5_tt2_pd5_la5000_er742.400.743.800_vi0.0.1200.1600_vp100_eb24171
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.599.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ltt /
Resource Hash
2b7e24f8e24d7e050c4c2cc70e84d1c0348f3df7a1262f080e3488c5800d154a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 14:54:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24244
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
ltt
google-creative-id
-1
x-frame-options
SAMEORIGIN
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 6D7C 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310250101/show_ads_impl_fy2021.js?bust=31079177
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 14:54:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 31 Oct 2023 14:54:28 GMT
sid
mug.criteo.com/ Frame A1D7
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=bg3.co&sn=ChromeSyncframe&so=0&topUrl=www.bg3.co&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=N7hEBnx0bDNiYWR0WC9pdlJRVHpwR09KUjJsaWlDdVNpaVlhSzdoT3NSVlh2aFNVTnAxa0VZejl6aGd2QjdBMVp5eWUrb0YwZGxFeE1pcDZpZGdHdmd4dVRHcm1NZTdLZ3VaRjdNREVPMlh6TTEvWGdJcHo3eFNYbW8wNU...
438 B
655 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=N7hEBnx0bDNiYWR0WC9pdlJRVHpwR09KUjJsaWlDdVNpaVlhSzdoT3NSVlh2aFNVTnAxa0VZejl6aGd2QjdBMVp5eWUrb0YwZGxFeE1pcDZpZGdHdmd4dVRHcm1NZTdLZ3VaRjdNREVPMlh6TTEvWGdJcHo3eFNYbW8wNUsvSnJSc2IrTUJWVzF1Y0N6NGNHcWxzVk9RSlRyazYyNEI4cUdVZnExeWxRdFUxalpuMUNjU3kxMzhmdmg1U1VBZmwzYUhBTmdGakpBbUdnVllxd2h2WU93N3VTb0RIV0ZQZXNuVTdJRUZMNVFwVkhXYXJXY014NHdUdHJ4VncvbDY1OXV2Wkhia2orNG9penZUalA4dUVOWlBZcnRSZz09fA&cppv=2
Protocol
H2
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e4b719f1a67c14180f1c37221dc5487bef4a6bcc7d6838f69dedb1c99f0a905f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Oct 2023 14:54:27 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
718524
expires
0

Redirect headers

pragma
no-cache
date
Tue, 31 Oct 2023 14:54:27 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=N7hEBnx0bDNiYWR0WC9pdlJRVHpwR09KUjJsaWlDdVNpaVlhSzdoT3NSVlh2aFNVTnAxa0VZejl6aGd2QjdBMVp5eWUrb0YwZGxFeE1pcDZpZGdHdmd4dVRHcm1NZTdLZ3VaRjdNREVPMlh6TTEvWGdJcHo3eFNYbW8wNUsvSnJSc2IrTUJWVzF1Y0N6NGNHcWxzVk9RSlRyazYyNEI4cUdVZnExeWxRdFUxalpuMUNjU3kxMzhmdmg1U1VBZmwzYUhBTmdGakpBbUdnVllxd2h2WU93N3VTb0RIV0ZQZXNuVTdJRUZMNVFwVkhXYXJXY014NHdUdHJ4VncvbDY1OXV2Wkhia2orNG9penZUalA4dUVOWlBZcnRSZz09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
246743
content-length
0
expires
0
480_650.mp4
cdn.vidverto.io/secured2/5yo4VCLdu0EGWaOQA4HJ_Q:1698767664/1327/video/1813/ 		88 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.vidverto.io/secured2/5yo4VCLdu0EGWaOQA4HJ_Q:1698767664/1327/video/1813/480_650.mp4
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
190.2.151.7 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
190-2-151-7.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash

Request headers

Referer
https://www.bg3.co/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=163840-

Response headers

Date
Tue, 31 Oct 2023 14:54:28 GMT
Last-Modified
Thu, 02 Sep 2021 16:35:03 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"6130fd37-1069ee0"
Content-Type
video/mp4
Access-Control-Allow-Origin
*
Content-Range
bytes 163840-17211103/17211104
Connection
keep-alive
Content-Length
17047264
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310230101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 14:54:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 31 Oct 2023 14:54:28 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame B298 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
14191
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 31 Oct 2023 10:57:57 GMT
expires
Wed, 30 Oct 2024 10:57:57 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 2311 		829 B
795 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
cdabd3d1aead86fd01ac4eae13ea72552b3e8870bcd4ed2f0e8d34d160a7a549
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-1fcODX239D4Pj9ZF0FICWA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-1fcODX239D4Pj9ZF0FICWA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 31 Oct 2023 14:54:28 GMT
expires
Tue, 31 Oct 2023 14:54:28 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
widget.73803a8d9d4f3ba312b4.js
c.bannerflow.net/scripts/ Frame 9ADD 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.bannerflow.net/scripts/widget.73803a8d9d4f3ba312b4.js
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/652cf45a843eb9eeda7667d0?did=5ced17d285b1c200019c3fe1&&redirecturl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjss1vGr2GKpXeleam55Ar3Enlv8Wos5aR2bFv6HfB2xuNgalPiNEBbRGSQtL-KSKRalYOTNrcxzN_Nt5yo3eSFPVQ8cPfeWYkwlLDXh1Mt9hM2VoTm0xnOpwhQrpyOIeJBcpxj-L9dx-hJpNymRYtsbx-G5mFBuURQVK1KJPVWf7GNVP0wtBHQsUfC9wHBU4gnEwwT-4ibWBfEu2sUTdakRt9vwjqRsZi8t-qSnUUBjI_DKryQkpTxOL4_xkCAyUFpW9LY-JlCuDOHwLheOAm8Wz0ZmfZzaXIsK0gmtPwv09PyX04UqD_BdE61GvF4X_81_TK442IfLke50ZcwDtTiHcnl0GyyVNsmQWc8QtNcbPGcCAMaSGXOVsL9bXHallnd5_sy3OQNI70Y9PSe5yLdcF-Z-vzEV_LnmrPPb8e7I1t8WPCZNoSXYXEwkhNBQ-B1tjwtb3lfsgSMvAnbE_Y0aZ9JjTpFt2LVxR1STzMBdkS3J1Bcod2MIVzWLFtuLEBo-PZmPCy3oqmTx_-xWCJi25l0je-p3Bal4jEmn9pBaEVcdFay3LEBT-B9fSHERui65JhTWfAuTQge8tnvGzPgXURrauujOHcWAt8x-c8remLd7YL8F16HwUE-taLgEpsJjULfd6T3E5to5zdJISnwJjrIys0Mgf9wjwfHFYExkw0BKtArendN3D_KNcx4oxl84UxpLwy9UDBZi3RdMXVfD92bPJ7KBgfAVn80Vzd6LZ8BCrBIeMsETo59JjBT1yMyM3n6QEfNqXZ4KpTEU4tXBtdAwZmmL0W0dyRs2JNXHb6L3tFqMZ-bLEPXTgrzb5Nb-pFwc6JwN4Bwk9NisXlOo_jjQgbGrdUk0TV7D-tRhUdEY_Xkh0ZY_WfV15QM51hJWGJh7m0VM44r58RdVsUq25uwu9up_7P0aPNXOfbHbjFGiNdOd9VD9BlBi6pITqWoU_pYGKf3edskB_7pnERxcQGq5hZrZpQlP_ezSGkW3lt2sdq4-9aVoSy5Fr5miEaRO6OkW7jxjVG2vivNb-Hbhqrwug1JW-xZqnoP4ODOKVjnG8WV-46_qhJOEUOPe7JQMbRLhnt_7qgZI_0n-pgA84UjV1hrZBUv-kkutteNwOBpRoF3cH8v0MD8Uo1ma8RNqydhC6f4H_1-wALwWjyN8hGzVsSzi7ZXFk2p7LfObZNX0DtcgLcMlAnTlm-0Y8UOcXLrKdbgdjy6r_T0bQ1bt3XD-cxtnrg1qjFyPHibHewvU9hVx2mlP_t9bBMWA4S_1aXS0UMtjhDrKTVYP1wwA8WceBMh3AVHrA_InyuEDnqrBeB44aMFnDr4aBjf7OgtFlAiDYVhNbbQlxYN6n4yeTKz85oExTWmomEcwjsqE8BIjWBqwJyQXFPS2WaimEBlvaF32JcshPeW3Fze1Ij7VbtVgEzkFKugbLphs%26sai%3DAMfl-YRWn-HwNczslmKAWjNCN2upFGOSYN94eBZhdy3lcInIqTaNuMWcpl_baJEaKm5w9Dl06edHN57o4l8inYtamGHxYrYaXc10L78tePJtkMHOFLb6rcq_-5cX1p9U09SjSqzO2tFc-sb6cHiIWLNtIQXwjRhkQzWJ0qOxtuzV7cSYVM77Eiw_TQqdGx_fzvrqO4g4KMXfrDALfUROfiZwDWmpDt0831zIdpjzZ2BwXgvg2qUZ6zMhaFfEY6MWj_kJ0-bDwT74cApvlFm7uIhx7ezxx04hNjcl%26sig%3DCg0ArKJSzL8_MIWlG8A6EAE%26pr%3D8%3ACB0CB3C65C13E4CE%26cry%3D1%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26rm_eid%3D5362262%26adurl%3Dhttps%253A%252F%252Fwww.home.saxo%252Fde-ch%252Fcampaigns%252Finterest-rates-cal%253Fdclid%253D%2525edclid!%2526cmpid%253Ddisp_cm_1014485535_20667285299_525664089
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:c96e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8bdb773cc106f613774d2d67d669a1328d3a2eccee2ebae9d548b9dbe2b925ff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 31 Oct 2023 14:54:28 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
kV2TaSme3zjoMC7eKEPqvg==
age
18079056
cf-polished
origSize=20123
x-ms-lease-status
unlocked
cf-bgj
minify
last-modified
Wed, 05 Apr 2023 08:06:09 GMT
server
cloudflare
etag
W/"0x8DB35AC9D3707B1"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
4ce488c6-401e-0097-1c9c-67bb2b000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control
public,max-age=31536000,immutable
x-ms-version
2011-08-18
cf-ray
81ecbbc1daa69043-FRA
document.000000113A6B2E.js
c.bannerflow.net/accounts/saxo-bank/5a0d3b1088665f7354f5da6c/published/4195010/5405215/ Frame 9ADD 		59 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.bannerflow.net/accounts/saxo-bank/5a0d3b1088665f7354f5da6c/published/4195010/5405215/document.000000113A6B2E.js
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/652cf45a843eb9eeda7667d0?did=5ced17d285b1c200019c3fe1&&redirecturl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjss1vGr2GKpXeleam55Ar3Enlv8Wos5aR2bFv6HfB2xuNgalPiNEBbRGSQtL-KSKRalYOTNrcxzN_Nt5yo3eSFPVQ8cPfeWYkwlLDXh1Mt9hM2VoTm0xnOpwhQrpyOIeJBcpxj-L9dx-hJpNymRYtsbx-G5mFBuURQVK1KJPVWf7GNVP0wtBHQsUfC9wHBU4gnEwwT-4ibWBfEu2sUTdakRt9vwjqRsZi8t-qSnUUBjI_DKryQkpTxOL4_xkCAyUFpW9LY-JlCuDOHwLheOAm8Wz0ZmfZzaXIsK0gmtPwv09PyX04UqD_BdE61GvF4X_81_TK442IfLke50ZcwDtTiHcnl0GyyVNsmQWc8QtNcbPGcCAMaSGXOVsL9bXHallnd5_sy3OQNI70Y9PSe5yLdcF-Z-vzEV_LnmrPPb8e7I1t8WPCZNoSXYXEwkhNBQ-B1tjwtb3lfsgSMvAnbE_Y0aZ9JjTpFt2LVxR1STzMBdkS3J1Bcod2MIVzWLFtuLEBo-PZmPCy3oqmTx_-xWCJi25l0je-p3Bal4jEmn9pBaEVcdFay3LEBT-B9fSHERui65JhTWfAuTQge8tnvGzPgXURrauujOHcWAt8x-c8remLd7YL8F16HwUE-taLgEpsJjULfd6T3E5to5zdJISnwJjrIys0Mgf9wjwfHFYExkw0BKtArendN3D_KNcx4oxl84UxpLwy9UDBZi3RdMXVfD92bPJ7KBgfAVn80Vzd6LZ8BCrBIeMsETo59JjBT1yMyM3n6QEfNqXZ4KpTEU4tXBtdAwZmmL0W0dyRs2JNXHb6L3tFqMZ-bLEPXTgrzb5Nb-pFwc6JwN4Bwk9NisXlOo_jjQgbGrdUk0TV7D-tRhUdEY_Xkh0ZY_WfV15QM51hJWGJh7m0VM44r58RdVsUq25uwu9up_7P0aPNXOfbHbjFGiNdOd9VD9BlBi6pITqWoU_pYGKf3edskB_7pnERxcQGq5hZrZpQlP_ezSGkW3lt2sdq4-9aVoSy5Fr5miEaRO6OkW7jxjVG2vivNb-Hbhqrwug1JW-xZqnoP4ODOKVjnG8WV-46_qhJOEUOPe7JQMbRLhnt_7qgZI_0n-pgA84UjV1hrZBUv-kkutteNwOBpRoF3cH8v0MD8Uo1ma8RNqydhC6f4H_1-wALwWjyN8hGzVsSzi7ZXFk2p7LfObZNX0DtcgLcMlAnTlm-0Y8UOcXLrKdbgdjy6r_T0bQ1bt3XD-cxtnrg1qjFyPHibHewvU9hVx2mlP_t9bBMWA4S_1aXS0UMtjhDrKTVYP1wwA8WceBMh3AVHrA_InyuEDnqrBeB44aMFnDr4aBjf7OgtFlAiDYVhNbbQlxYN6n4yeTKz85oExTWmomEcwjsqE8BIjWBqwJyQXFPS2WaimEBlvaF32JcshPeW3Fze1Ij7VbtVgEzkFKugbLphs%26sai%3DAMfl-YRWn-HwNczslmKAWjNCN2upFGOSYN94eBZhdy3lcInIqTaNuMWcpl_baJEaKm5w9Dl06edHN57o4l8inYtamGHxYrYaXc10L78tePJtkMHOFLb6rcq_-5cX1p9U09SjSqzO2tFc-sb6cHiIWLNtIQXwjRhkQzWJ0qOxtuzV7cSYVM77Eiw_TQqdGx_fzvrqO4g4KMXfrDALfUROfiZwDWmpDt0831zIdpjzZ2BwXgvg2qUZ6zMhaFfEY6MWj_kJ0-bDwT74cApvlFm7uIhx7ezxx04hNjcl%26sig%3DCg0ArKJSzL8_MIWlG8A6EAE%26pr%3D8%3ACB0CB3C65C13E4CE%26cry%3D1%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26rm_eid%3D5362262%26adurl%3Dhttps%253A%252F%252Fwww.home.saxo%252Fde-ch%252Fcampaigns%252Finterest-rates-cal%253Fdclid%253D%2525edclid!%2526cmpid%253Ddisp_cm_1014485535_20667285299_525664089
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:c96e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
954b3fda838a7666e6e9df9d3f856f317e0ac130bf5e8778b12ba575fdebf729

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 31 Oct 2023 14:54:28 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
fj9TKMb8k2zUCJKOQvRd2Q==
age
21270
cf-polished
origSize=64303
x-ms-lease-status
unlocked
cf-bgj
minify
last-modified
Mon, 17 Apr 2023 10:52:51 GMT
server
cloudflare
etag
W/"0x8DB3F31E413B058"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
dd14a88b-f01e-0049-06d8-0bafcd000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control
public,max-age=31536000,immutable
x-ms-version
2011-08-18
cf-ray
81ecbbc1daaa9043-FRA
animated-creative.a3eb65849827099c4ed2.js
c.bannerflow.net/scripts/ Frame 9ADD 		156 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.bannerflow.net/scripts/animated-creative.a3eb65849827099c4ed2.js
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/652cf45a843eb9eeda7667d0?did=5ced17d285b1c200019c3fe1&&redirecturl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjss1vGr2GKpXeleam55Ar3Enlv8Wos5aR2bFv6HfB2xuNgalPiNEBbRGSQtL-KSKRalYOTNrcxzN_Nt5yo3eSFPVQ8cPfeWYkwlLDXh1Mt9hM2VoTm0xnOpwhQrpyOIeJBcpxj-L9dx-hJpNymRYtsbx-G5mFBuURQVK1KJPVWf7GNVP0wtBHQsUfC9wHBU4gnEwwT-4ibWBfEu2sUTdakRt9vwjqRsZi8t-qSnUUBjI_DKryQkpTxOL4_xkCAyUFpW9LY-JlCuDOHwLheOAm8Wz0ZmfZzaXIsK0gmtPwv09PyX04UqD_BdE61GvF4X_81_TK442IfLke50ZcwDtTiHcnl0GyyVNsmQWc8QtNcbPGcCAMaSGXOVsL9bXHallnd5_sy3OQNI70Y9PSe5yLdcF-Z-vzEV_LnmrPPb8e7I1t8WPCZNoSXYXEwkhNBQ-B1tjwtb3lfsgSMvAnbE_Y0aZ9JjTpFt2LVxR1STzMBdkS3J1Bcod2MIVzWLFtuLEBo-PZmPCy3oqmTx_-xWCJi25l0je-p3Bal4jEmn9pBaEVcdFay3LEBT-B9fSHERui65JhTWfAuTQge8tnvGzPgXURrauujOHcWAt8x-c8remLd7YL8F16HwUE-taLgEpsJjULfd6T3E5to5zdJISnwJjrIys0Mgf9wjwfHFYExkw0BKtArendN3D_KNcx4oxl84UxpLwy9UDBZi3RdMXVfD92bPJ7KBgfAVn80Vzd6LZ8BCrBIeMsETo59JjBT1yMyM3n6QEfNqXZ4KpTEU4tXBtdAwZmmL0W0dyRs2JNXHb6L3tFqMZ-bLEPXTgrzb5Nb-pFwc6JwN4Bwk9NisXlOo_jjQgbGrdUk0TV7D-tRhUdEY_Xkh0ZY_WfV15QM51hJWGJh7m0VM44r58RdVsUq25uwu9up_7P0aPNXOfbHbjFGiNdOd9VD9BlBi6pITqWoU_pYGKf3edskB_7pnERxcQGq5hZrZpQlP_ezSGkW3lt2sdq4-9aVoSy5Fr5miEaRO6OkW7jxjVG2vivNb-Hbhqrwug1JW-xZqnoP4ODOKVjnG8WV-46_qhJOEUOPe7JQMbRLhnt_7qgZI_0n-pgA84UjV1hrZBUv-kkutteNwOBpRoF3cH8v0MD8Uo1ma8RNqydhC6f4H_1-wALwWjyN8hGzVsSzi7ZXFk2p7LfObZNX0DtcgLcMlAnTlm-0Y8UOcXLrKdbgdjy6r_T0bQ1bt3XD-cxtnrg1qjFyPHibHewvU9hVx2mlP_t9bBMWA4S_1aXS0UMtjhDrKTVYP1wwA8WceBMh3AVHrA_InyuEDnqrBeB44aMFnDr4aBjf7OgtFlAiDYVhNbbQlxYN6n4yeTKz85oExTWmomEcwjsqE8BIjWBqwJyQXFPS2WaimEBlvaF32JcshPeW3Fze1Ij7VbtVgEzkFKugbLphs%26sai%3DAMfl-YRWn-HwNczslmKAWjNCN2upFGOSYN94eBZhdy3lcInIqTaNuMWcpl_baJEaKm5w9Dl06edHN57o4l8inYtamGHxYrYaXc10L78tePJtkMHOFLb6rcq_-5cX1p9U09SjSqzO2tFc-sb6cHiIWLNtIQXwjRhkQzWJ0qOxtuzV7cSYVM77Eiw_TQqdGx_fzvrqO4g4KMXfrDALfUROfiZwDWmpDt0831zIdpjzZ2BwXgvg2qUZ6zMhaFfEY6MWj_kJ0-bDwT74cApvlFm7uIhx7ezxx04hNjcl%26sig%3DCg0ArKJSzL8_MIWlG8A6EAE%26pr%3D8%3ACB0CB3C65C13E4CE%26cry%3D1%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26rm_eid%3D5362262%26adurl%3Dhttps%253A%252F%252Fwww.home.saxo%252Fde-ch%252Fcampaigns%252Finterest-rates-cal%253Fdclid%253D%2525edclid!%2526cmpid%253Ddisp_cm_1014485535_20667285299_525664089
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:c96e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9145a1b5941a698cff3ad558184cd813710a61ea765201ee9465fd2cd8cae663

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 31 Oct 2023 14:54:28 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
Js5dw7R7Itopo9K+HMhbDQ==
age
15795864
cf-polished
origSize=159709
x-ms-lease-status
unlocked
cf-bgj
minify
last-modified
Thu, 13 Apr 2023 09:04:44 GMT
server
cloudflare
etag
W/"0x8DB3BFE201FAE72"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
66fb7da0-c01e-000f-1860-7c9b4a000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control
public,max-age=31536000,immutable
x-ms-version
2011-08-18
cf-ray
81ecbbc1eaab9043-FRA
gen_204
pagead2.googlesyndication.com/pagead/ Frame F2F8 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BDswKIhVBZcWzL5WRjuwP0b-XyAwAAAAAOAHgBAI&bg=!OjmlOXbNAAbo5yKYyOc7ADQBe5WfOLVyVh1giWmKRbQzud0EN2VZnkueapJxMWWQnHtHsHVGiTWGowKUrpPGaICe0uvpAgAAAPxSAAAAA2gBB5kC1KMc-GU-k5vvGINk4DjunSGxMAz-_hNDgHtc4xzAtweBlpKgKL6FVxbcQEpN45YxriVxyCd7TOopJ10TtzkeI_tjTAMbgZvzJriUNcQgBMQuHBhS4HMWAgXYh1kkI13tbeO87_zuKwij0W69KW5L80RlfEszWmxyRpKNQ1BvmF_IGPIgZsgY847qxxqTR8nGFlCNn3B0GYsntjQjRpxW49I6CpejxoebUgunInxU6DUbdjmPu19LnOopy8739UFQ8FMjjtOa0IQxj5LZM-k1We30F54eZPlZUCGUlugBL3LAd4iZTWxl8xVte7uM8TUPbtkZDLWmF5PeBfK7GEHAgkLEj_eyiu7GezF1xr7ZtYH_PYNRiN8MknXN8f8hppBwZ-KOyt7-tS2sj-D_PvPUd2nG8nYXV05Yr-W8duNq5L4C8Oo1PHXE81VFcuOQgq9hiE1KCyf6Vb_AJkUzdSyUprqGzHLVtOfBSU2aJ4_TE6aG993tXbIn8furCFo469AlSJaBGEo4O_Upz1pRZU7_B8xB6xF-x8YYWlD23d727_Mdil7mgP5HZCr0fJQnLY15BQTJUT7XN-ZTlWXDtCK3pJcCCfsnvPeRCT9poJi8T2SdsLC2fVqGW5vEUIgAblozKMEc6Kyhu_VuHHigwkboPDaO1EPHKTFvOjlstVHBlXYMPbNzRiU2hhJ0qmQ25Qd9BsOlMzO4ounsqtQq9RLeGSAAP4jkS9iG3RYNFGkH1h9soFF6FtQaTX2_iacAjHe1ErOGzFN1czrUlUJYH0nZIUcqHbXKIgVvxEnvpcbf3dilgIcp8CO_0CJvNlNG_GFWTFnMKjDW4e4Eh300LoiCXRctGeIzb5P5X19CwPGBs7-4WPHy8m2XSrhdkvpGH6rFYNymdIeSGx4sM9OoZd287P6mitKW_UnWfXlCm7QjNEiHtqJH3ZopkLh7HVH5SDDZCa6IXUc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Oct 2023 14:54:28 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 6B3B 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
14191
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 31 Oct 2023 10:57:57 GMT
expires
Wed, 30 Oct 2024 10:57:57 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 25CC 		829 B
559 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
91350f2450625bc2f97cd9e3f9bf41e6670b7f88b05f7e38c21c25f9c4e4dcee
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-dc4FKWhb1xqO9w1EroDtYA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-dc4FKWhb1xqO9w1EroDtYA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 31 Oct 2023 14:54:28 GMT
expires
Tue, 31 Oct 2023 14:54:28 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
sodar
pagead2.googlesyndication.com/pagead/ Frame 2311 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231026&jk=1818925047080155&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
mSNSQAl__hw8z5PwJ1hA32amL2zkBniEArBt9BN1XWc.js
pagead2.googlesyndication.com/bg/ Frame B298 		38 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/mSNSQAl__hw8z5PwJ1hA32amL2zkBniEArBt9BN1XWc.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
99235240097ffe1c3ccf93f0275840df66a62f6ce406788402b06df413755d67
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 10:57:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
14226
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15010
x-xss-protection
0
last-modified
Tue, 24 Oct 2023 11:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 30 Oct 2024 10:57:22 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 17E7 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuk0Cl3WcqH_rEzQcJKKMV33iIiqFGKy4P0U53ku0mAHc2YliR4Tn-RUQfuoPejLee-ArWjnjNHYhcbEz5bMkHezTKBdiLQ58HukaOPB74erCG50Lmbxm2rCOivHNrN&sig=Cg0ArKJSzOSux1t_uf6kEAE&id=lidar2&mcvt=1019&p=60,236,150,964&mtos=1019,1019,1019,1019,1019&tos=1019,0,0,0,0&v=20231030&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=2102018513&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1698764066482&rpt=721&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Oct 2023 14:54:28 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 25CC 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202310230101&jk=3035925322168159&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame DB97 		98 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: agent.aralego.com
URL: https://agent.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
effa793c576058fea09ab3ed24b66f51608539794804942af8652908b8526759
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 14:54:28 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30742
x-xss-protection
0
server
cafe
etag
263 / 19661 / 31079291 / config-hash: 14732226932962608853
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 31 Oct 2023 14:54:28 GMT
mSNSQAl__hw8z5PwJ1hA32amL2zkBniEArBt9BN1XWc.js
pagead2.googlesyndication.com/bg/ Frame 6B3B 		38 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/mSNSQAl__hw8z5PwJ1hA32amL2zkBniEArBt9BN1XWc.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
99235240097ffe1c3ccf93f0275840df66a62f6ce406788402b06df413755d67
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 10:57:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
14226
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15010
x-xss-protection
0
last-modified
Tue, 24 Oct 2023 11:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 30 Oct 2024 10:57:22 GMT
generate_204
tpc.googlesyndication.com/ Frame B298 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?vLuiFA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 14:54:28 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
csi
csi.gstatic.com/ Frame C25E 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~loeg9jor&c=3439827716239&slotId=1719913858119.5&eee=missing-element&bi=missing-id&vast_v=4.0&icc=1&icrh=0&icri=0&icrs=1&icru=0&icp=GoogleWhyThisAd&icdi=18x18&vmfc=3&vhc=0&wta=1&ytext_viu=0&ytext_hd=1&hghme=1&lima_p_ich=0&lima_p_icu=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.599.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2800:3f0:4001:831::2003 São Paulo, Brazil, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Oct 2023 14:54:28 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame 9ADD 		66 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b71c20271d9c80d1a71aa0ab9935281c4fa8ac404533f1a0747d7fb03fc68e79

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/webp
2d7de2f6-431a-4c83-9653-5e82085482e6
https://s0.2mdn.net/ Frame 0346 		668 B
0 		Script
General
Check archive.org
Download Go to
Full URL
blob:https://s0.2mdn.net/2d7de2f6-431a-4c83-9653-5e82085482e6
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/scripts/animated-creative.a3eb65849827099c4ed2.js
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cda3c421b62828768ee2741a35bef36bcfdb1199ee3eb987269f7d1ce2dd8876

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length
668
Content-Type
truncated
/ 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f94611f7a8ded4e97166e42539e2559b0ed5b4454f6dc1a0f0ef29410e54c20c

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
csi
csi.gstatic.com/ Frame C25E 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~loeg9k53&c=3439827716239&slotId=1719913858119.5&qqid=CPDg16bFoIIDFfxLHQkd6-MGVQ&gqid=JBVBZaLFA8O2bMagjuAF&fb=ima_html5-lima&sdkv=h.3.599.0&ppt=vidvertoplayer&ppv=1.0.0&mrd=4&aab=1&itv=1&ghmsh_eids=44752657%2C44772139%2C44777649%2C44781409%2C44802463&met.4=ghmsh_s.loeg9k58~ghmsh_s.loeg9k5a&ghmsh_hd=1&ghmsh_mi=22%2C18%2C&ghmsh_vi=134%2C136%2C243%2C247%2C&ghmsh_ai=139%2C140%2C250%2C&ghmsh_gvt=0&ams=1&vs=1280x720&vc=avc1.64001F&mt=video%2Fmp4&vsrc=youtube&bit=22&cpn=cLskeZJEBZZoVM3P
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.599.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2800:3f0:4001:831::2003 São Paulo, Brazil, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Oct 2023 14:54:28 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame C25E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?evt=start&format=TRUEVIEW&lid=143&sdkv=h.3.599.0&e=44752657%2C44772139%2C44777649%2C44781409%2C44802463&id=ima_html5&c=493570768877889&domain=www.bg3.co
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.599.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Oct 2023 14:54:28 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
help_outline_white_24dp_with_3px_trbl_padding.png
imasdk.googleapis.com/formats/wta/ Frame C25E 		453 B
478 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imasdk.googleapis.com/formats/wta/help_outline_white_24dp_with_3px_trbl_padding.png?wp=ca-video-pub-1290995901905588
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e519cc4b7b8fdc64a7aaafc1b808cde266a234205aac0d6c55589c12446d565e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/js/core/bridge3.599.0_en.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 14:15:46 GMT
x-content-type-options
nosniff
age
2322
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
453
x-xss-protection
0
last-modified
Wed, 13 Oct 2021 14:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
image/png
cache-control
public, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 31 Oct 2023 15:05:46 GMT
NgWzJI1veXayI3g7AHwoGfytYC_okEnYED_J6v8SKICoSEHTnI22Ox2rtiZK9CNUSgQ2zfR7IMM=s48-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ Frame C25E 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yt3.ggpht.com/NgWzJI1veXayI3g7AHwoGfytYC_okEnYED_J6v8SKICoSEHTnI22Ox2rtiZK9CNUSgQ2zfR7IMM=s48-c-k-c0x00ffffff-no-rj
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
e798cfbe560a371c76254f3f81d53af136450768d2971b5849c49a0134b919d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 14:54:28 GMT
x-content-type-options
nosniff
age
0
content-disposition
inline;filename="channels4_profile.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1390
x-xss-protection
0
server
fife
etag
"v1"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Wed, 01 Nov 2023 14:54:28 GMT
/
googleads.g.doubleclick.net/pagead/live/interaction/ Frame C25E 		42 B
65 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/live/interaction/?ai=CQhjoJBVBZfC-BfyX9fgP68ebqAXZj_Lkc6-_wPXqEfjbm9bcExABIIDP1Hxg9ZXOgeAEoAG7terWAcgBBakC-HUkfi3LST7gAgCoAwGYBACqBO0DT9CpTTJ_uZzIg7OYSRRDLewb14miYmpFbE528OK0eWXWzJmLSJS8s2RSo06nciA4LGgaXTSZL8LgDEDZyRziotlVIhj7IZJ5I7OymOCPoyRkFvyL1Tt_FgoZUoo6OEFeZsri3yAggSL_ZwwuMiQ6u9E1BvxLg0dPvg9Qij8mVFkKXtYHtarnYDfe9M-ps4CqyW49QcXti_qvN5h2nlvWsucainPbOxof-nl9lChbgqdXgsBa8sVCwyqAKYEAyZKiSknWJC4rdd2sN2FxLJLn7md6eErJZhu0wes9Ptxws6ilPrsyaRtLlWo6QdwPnBbYCZ6UX-kkNswSXv4bt4XbyUujCpXFpMB5UuXeUQ_v_WIpMDTM3fXWgJzaTOhLpJPaIHgqalVtKXoNhphgOCDi7p8EZ9d0nvmwaoNpmAIGouyTGokZZcp0Y7NvXHH1eXq9ltax6QqKy1DQXNL17kxLis3jetufWTeYQ3JyF8tK0LFxdFVAD7KpqcX81-P8zC6LEd8nlLdM5q1bflFAwIvx0-W2ykSkIyQ2JbLqykKngEV34vVlVr0e6mbV-IlO-7p1rp4gIcZBJjrfcyNGv30cAyhQjV3q5_1ORk-YpCPwT0QbJ3GPa-BOp6F0JysNLjtOQex5SKHsve6DK2nDZcAE-qLyqcsE4AQBiAWV1LqxOaAGVIAHrcqVqQKoB9m2sQKoB47OG6gHk9gbqAec3BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwGoCAHSCBQIgGEQARgdMgKKAjoCgEBIvf3BOrEJeDlwHAd40I2ACgOYCwHICwHQCw-iDAwqCgoI5LSxAu61sQKaDQEPqg0CQ0jIDQHiDRMInOrWpsWgggMV_EsdCR3r4wZV2BMC0BUBmBYB-BYBgBcB&sigh=75Ut3XE6Cy4&label=show_ad
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ltt /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Oct 2023 14:54:28 GMT
x-content-type-options
nosniff
server
ltt
x-frame-options
SAMEORIGIN
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
pubads.g.doubleclick.net/gampad/live/ Frame C25E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubads.g.doubleclick.net/gampad/live/adview?ai=Cq566JBVBZfC-BfyX9fgP68ebqAXZj_Lkc6-_wPXqEfjbm9bcExABIIDP1Hxg9ZXOgeAEoAG7terWAcgBBakC-HUkfi3LST7gAgCoAwGYBACqBOoDT9CpTTJ_uZzIg7OYSRRDLewb14miYmpFbE528OK0eWXWzJmLSJS8s2RSo06nciA4LGgaXTSZL8LgDEDZyRziotlVIhj7IZJ5I7OymOCPoyRkFvyL1Tt_FgoZUoo6OEFeZsri3yAggSL_ZwwuMiQ6u9E1BvxLg0dPvg9Qij8mVFkKXtYHtarnYDfe9M-ps4CqyW49QcXti_qvN5h2nlvWsucainPbOxof-nl9lChbgqdXgsBa8sVCwyqAKYEAyZKiSknWJC4rdd2sN2FxLJLn7md6eErJZhu0wes9Ptxws6ilPrsyaRtLlWo6QdwPnBbYCZ6UX-kkNswSXv4bt4XbyUujCpXFpMB5UuXeUQ_v_WIpMDTM3fXWgJzaTOhLpJPaIHgqalVtKXoNhphgOCDi7p8EZ9d0nvmwaoNpmAIGouyTGokZZcp0Y7NvXHH1eXq9ltax6QqKy1DQXNL17kxLis3jetufWTeYQ3JyF8tK0LFxdFVAD7KpqcX81-P8zC6LEd8nlLdM5q1bflFAwIvx0-W2ykSkIyQ2JbLqykKngEV34vVlVr0e6mbV-IlO-7otrww9EszWL6gxn_w0RqJnuZUkN-C-B2Igpvj2gyk1Rm8DwuwqH1rRNo9aP8fW6Um3vHJXZLkpfWnty8AE-qLyqcsE4AQBiAWV1LqxOZIFEAgSEAUYDzCIqo_P0abakx6gBlSAB63KlakCqAfZtrECqAeOzhuoB5PYG6gHnNwbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBC12wOoCAHSCBQIgGEQARgdMgKKAjoCgEBIvf3BOpoJMGh0dHBzOi8veW91dHUuYmUvSGlkcE5SbmoxUWc_c2k9UTBLRncybi1CVFVEeXRUVYAKA8gLAaIMDCoKCgjktLEC7rWxAtoMEQoLENDc2eDG25n2_wESAgED4g0TCJzq1qbFoIIDFfxLHQkd6-MGVcITBhi7terWAdgTAtAVAZgWAYAXAbIXHgocCAASFHB1Yi01ODU1MTQ5OTk4OTAzOTc2GLuJdg&sigh=fD7PCwU8QRI&cmd=Ch1jYS12aWRlby1wdWItMTI5MDk5NTkwMTkwNTU4OBAAGAI&uach_m=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&ase=2&nis=4&cid=CAQSPADICaaNT8frnTnqTVf18c9bA9bYjO7r3PsnaNGT8ZxHKPOshRs1qN57IkRp72sCp1U6VPb7HJNXQkIslRgB&vt=10
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
font
c.bannerflow.net/fs/api/v2/ Frame 9ADD 		28 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://c.bannerflow.net/fs/api/v2/font?u=https%3A%2F%2Ffontmanagerstorage.blob.core.windows.net%2Ffontmanagerfonts%2F5a0d39df4b0d911948f0e725%2F80e96a5f-eddf-4121-a75c-0206e164272c.woff&t=%20%21%25.089ACDEFHIMSVZabcdefghiklmnorstuwxz%C3%B6%C3%BC
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2424957407877660672/CH-DE_interest_rate-1-DECH-728x90-638330445206768758-a8731108-9fa3-40c3-89dc-1ceef44a5f3f.html?ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:c96e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
86ce935f11b9666dfbce05e803455602d2e671f93f151ca85bc12c73047e9a8c

Request headers

Referer
https://s0.2mdn.net/
Origin
https://s0.2mdn.net
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 14:54:28 GMT
cf-cache-status
HIT
last-modified
Thu, 19 Oct 2023 04:14:56 GMT
server
cloudflare
age
1075172
vary
Accept-Encoding
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=31536000, stale-if-error=86400, stale-while-revalidate=86400
content-disposition
attachment; filename=80e96a5f-eddf-4121-a75c-0206e164272c-subset.woff
cf-ray
81ecbbc4bc7d1c07-FRA
expires
Fri, 18 Oct 2024 04:14:56 GMT
csi
csi.gstatic.com/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&top=1&puid=1~loeg9ism&c=3439827716239&slotId=1719913858119.5&eee=missing-element&bi=missing-id
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2800:3f0:4001:831::2003 São Paulo, Brazil, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Oct 2023 14:54:28 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame ACA7 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssgobeXDNeZC5saVKza5sioB7dkZG7QKchwt720wRJov5dheJF7PwbLNYM8RRtaUF_fixN6SzUg16sIjQWg2vCBScOqFQMJEMPCN5pGdmBIaiHnXxSW843eA158077Y&sig=Cg0ArKJSzJR_1sPrNft8EAE&id=lidar2&mcvt=1085&p=1110,315,1207,1285&mtos=0,1085,1085,1085,1085&tos=0,1085,0,0,0&v=20231030&bin=7&avms=nio&bs=0,0&mc=0.93&if=1&vu=1&app=0&itpl=7&adk=3374688892&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1698764066650&rpt=774&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://34ea2439be446e598bd03737d8924673.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Oct 2023 14:54:28 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310300101/ Frame DB97 		424 KB
133 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310300101/pubads_impl.js?cb=31079291
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a6082257fe9e807fd65d06b71d533e90481bce2e163e0f25b36ab36a552bc6fe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 11:36:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
11867
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
136180
x-xss-protection
0
server
cafe
etag
6663949485869648659
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Wed, 30 Oct 2024 11:36:41 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 17E7 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=8863667725159&version=m202309260101&ct=76&x=8&cor=17682563001064296000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Oct 2023 14:54:28 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
videoplayback
rr1---sn-1gieen7e.googlevideo.com/ 		6 MB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://rr1---sn-1gieen7e.googlevideo.com/videoplayback?expire=1698792868&ei=JBVBZeWXD7Gop-oPou6loA4&ip=2001:ac8:28:5e:2f6::1&id=1e27693519e3d508&itag=22&source=youtube&requiressl=yes&xpc=Eghovf3BOnoBAQ==&mh=Kb&mm=31&mn=sn-1gieen7e&ms=au&mv=m&mvi=1&pl=48&susc=gvp&acao=yes&ctier=L&mime=video/mp4&vprv=1&dur=954.827&lmt=1697398993975646&mt=1698763517&cpn=cLskeZJEBZZoVM3P&txp=5318224&sparams=expire,ei,ip,id,itag,source,requiressl,xpc,susc,acao,ctier,mime,vprv,dur,lmt&sig=AGM4YrMwRgIhAPz1UICNuBm3A4XujRXS3hdQdS-wL1RzdY0NulwhduTrAiEAzsOTa3PUP6MlqebbE6XBHvlIebrWrxmmWC4-EpirfEw=&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AK1ks_kwRQIgc_k9wx6S_PP_SYrWOCt1ma-vUXkmI9roA0ih2sL1LBACIQDwb1usrDU68z8UPPGWnqjP2jtDnxpJEiutfyvRt4KyUA==
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400a:8::6 Zurich, Switzerland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

Date
Tue, 31 Oct 2023 14:54:28 GMT
X-Content-Type-Options
nosniff
Last-Modified
Sun, 15 Oct 2023 19:43:13 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
video/mp4
Content-Range
bytes 0-182878678/182878679
Cache-Control
private, max-age=28500
Cross-Origin-Resource-Policy
cross-origin
Connection
close
Accept-Ranges
bytes
Alt-Svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length
182878679
Expires
Tue, 31 Oct 2023 14:54:28 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 6DB6 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202310240101&jk=1669287961926291&bg=!cHOlczzNAAbo5yKYyOc7ADQBe5WfOFjiWxIxM4fXGcI0JvwWrRcdLPhHnOaOkDYUTLHH_TURW9Cq-faJN4JeiNnbg63xAgAAAwFSAAAABWgBB5kCyCBQLY48QMbeBL9mkEZPjGJOUqmC1MRaBdTqgil65ShYJLCKiVFFRki2lnC2wSTrzUYKbceM9vbZ-yUABz696BU31W7EcyGrSM1jMGiZhPEBT-hA-cSZzliOKfmZoDBaddtQ1Zq-sMULWk5kFswwtCGGxsQVbSME154R6csH56TXjmdowqsGX58rKQ2Y2259sQL-IwkLyFyng0kbYGDg0YzzTB3KcCD6obw2mRlpR4vf6XWZ6UPzlOvUUTj5OX9Ylkx-x5_I7vt6ukmB4yaAD_nzi4-UW_gbxV-Hv-NAPwSLHhdqV-ingfpS_bdVvo7RMpxca84c-P6K3oMjBDdL-TE86GNt2HO_nOKL-ArXnUwbRYRTc0kLQKhBn2Kw49voewqWAwJaiKQEHjztLGCgSv0AtUt-srvavAvCLAF30LzXvBlKEAKpHK6D24VotSO2rvlV7XLs-9frgMNsYeRl9hcKU2msVhW-QGl4q5OAjmsrRmZ9pVMc_pD0B9YT-M7E_07xMTusikkxRb1vyyjJOdsei_Y8V4eB18MiOXNx9kaTMl_xKZpxVPJsHpqPzUT7X3R65IDiW4c1GkP7b9yqapXn_IjFl45ZpONpNu9Wr1gxcjsVHXpbw7SgnKKsbKNkwOzTsbj4pJtVpVdwHxD9Hv9_p1KORJbwYJe860dmwrckS4VTrxpwaQrV_90AkmC0COIxIns8Rsok3WInICUpMSXCIpcxDkRcMfh87jkFml1uQJ34qr_StWeM9z_LueSJgXXpN4gFXBA67Y7TTsBJFBflhHjL_GsGaCAdFfxwvwILJOKBNrVn9XbWy7aDtvVfQs3OKU504ZIZvnsgZO8Vu2S78l1F6Dy6kHBEw4dBFEMEjwHcgcyvpo-zPNZZ2-LffJaIPytpG0dqCJTEIww4w0uYOZSkzZ0I8jDpWkra_YYTvuhwh-EILAM
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
9385cbed-00ad-4793-94f1-014c2e89e9b8.svg
c.bannerflow.net/accounts/saxo-bank/5a0d3b1088665f7354f5da6c/images/ Frame 36B2 		217 B
448 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bannerflow.net/accounts/saxo-bank/5a0d3b1088665f7354f5da6c/images/9385cbed-00ad-4793-94f1-014c2e89e9b8.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:c96e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
58550bfbd57abaa8f64bf8a14889e10a3726eaea36bf0c08a9f613fc29916c17

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 31 Oct 2023 14:54:28 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
jWK2YKDGtOC5ylmcMWhtkw==
age
5788
x-ms-lease-status
unlocked
last-modified
Thu, 22 Sep 2022 09:21:09 GMT
server
cloudflare
etag
W/"0x8DA9C7BC8F9699C"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
45342fac-201e-0075-38ea-24860a000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
x-ms-version
2011-08-18
cf-ray
81ecbbc53d9f9043-FRA
064f98af-9ba7-4244-940f-43207ce3a2fb.svg
c.bannerflow.net/accounts/saxo-bank/5a0d3b1088665f7354f5da6c/images/ Frame 36B2 		272 B
325 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bannerflow.net/accounts/saxo-bank/5a0d3b1088665f7354f5da6c/images/064f98af-9ba7-4244-940f-43207ce3a2fb.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:c96e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e93769d2227f72b6ff0536b3f5ecfe10874f386201eade7c6753fb2ad5cd1041

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 31 Oct 2023 14:54:28 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
C50rliIMDPE8SiFZGvsxQQ==
age
1020
x-ms-lease-status
unlocked
last-modified
Wed, 14 Dec 2022 14:52:58 GMT
server
cloudflare
etag
W/"0x8DADDE2E4532F74"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
c47f7a08-901e-003d-3eaf-049b3d000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
x-ms-version
2011-08-18
cf-ray
81ecbbc54dab9043-FRA
d6a4e0be-dff8-41be-ba0e-a1e6185b7d2e.svg
c.bannerflow.net/accounts/saxo-bank/5a0d3b1088665f7354f5da6c/images/ Frame 36B2 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bannerflow.net/accounts/saxo-bank/5a0d3b1088665f7354f5da6c/images/d6a4e0be-dff8-41be-ba0e-a1e6185b7d2e.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:c96e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
55cf3f05f0e211dd54b171882d3ec539b9e4ceb35757e6d24b453d34de6647d6

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 31 Oct 2023 14:54:28 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
o8BlfxpL6pDvDJmSY4p8ew==
age
5759
x-ms-lease-status
unlocked
last-modified
Wed, 05 Oct 2022 10:56:08 GMT
server
cloudflare
etag
W/"0x8DAA6C03538AA86"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
ef601683-a01e-0054-7690-0ba271000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
x-ms-version
2011-08-18
cf-ray
81ecbbc54daf9043-FRA
c2f6d710-3a0d-40d3-a375-4220db4191bd.svg
c.bannerflow.net/accounts/saxo-bank/5a0d3b1088665f7354f5da6c/images/ Frame 36B2 		151 B
282 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bannerflow.net/accounts/saxo-bank/5a0d3b1088665f7354f5da6c/images/c2f6d710-3a0d-40d3-a375-4220db4191bd.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:c96e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
42f3bf00b98db3a1546c6738ebebcc11ce41bffa2e1f24c022c2f9392938d597

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 31 Oct 2023 14:54:28 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
w+egTtB742SWTpq1qkS5Mw==
age
5302
x-ms-lease-status
unlocked
last-modified
Tue, 13 Dec 2022 11:43:57 GMT
server
cloudflare
etag
W/"0x8DADCFF51C6E2BD"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
5f5113e4-501e-0050-0cb9-fe2f76000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
x-ms-version
2011-08-18
cf-ray
81ecbbc54db59043-FRA
lottie.min.js
shared.bannerflow.com/libs/lottie/ Frame 1C17 		245 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://shared.bannerflow.com/libs/lottie/lottie.min.js
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/scripts/widget.73803a8d9d4f3ba312b4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:407e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
67a3b833bb6acc2b54e00118653dfe9a87b1caa15d7b9bd93646bf81c6a2c5ad

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 31 Oct 2023 14:54:28 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
3jN+4HvsftV/jNd4P/RFbA==
age
286
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Tue, 03 Dec 2019 09:22:06 GMT
server
cloudflare
etag
W/"0x8D777D243C9FCFD"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
74f6373f-101e-006f-4c73-6918f1000000
x-ms-version
2014-02-14
cf-ray
81ecbbc689cc18df-FRA
generate_204
tpc.googlesyndication.com/ Frame 6B3B 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?ZMvwWw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 14:54:28 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
/
onetag-sys.com/usync/ 		0
52 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/usync/?tag=img
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-cache, no-transform
activeview
pagead2.googlesyndication.com/pcs/ Frame 17E7 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssn7pzGGMxli7Xlo7FfEKLAzJEIMrOkKYU7Zp-5cqk7B6RShqUaAB1HqO_8c_gld0s9_9uLW8SKz1oZaiOmIfR95J3l7RrBxjHvUDkrgGWaWxXc9Cqu-Y_A1Cnt&sig=Cg0ArKJSzJKMRynLuFxuEAE&id=lidar2&mcvt=1033&p=0,0,90,728&mtos=1033,1033,1033,1033,1033&tos=1033,0,0,0,0&v=20231030&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=34&adk=0&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1698764066482&rpt=1224&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Oct 2023 14:54:28 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame DB97 		28 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2609265270235839&correlator=4003566700192951&eid=31079301%2C31079291&output=ldjh&gdfp_req=1&vrg=202310300101&ptt=17&impl=fif&iu_parts=22670248360%2Cbg3_300x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=1&sfv=1-0-40&sc=1&abxe=1&dt=1698764068757&lmt=1698760468&adxs=0&adys=125&biw=-12245933&bih=-12245933&isw=300&ish=250&scr_x=-12245933&scr_y=-12245933&ucis=gz9sbwc8xf5&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nhd=3&url=https%3A%2F%2Fadx.holmesmind.com%2Fadx-file%2F20230617%2FGeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html&ref=https%3A%2F%2Fadx.holmesmind.com%2Fadx-file%2F20230617%2FGeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html&top=https%3A%2F%2Fwww.bg3.co%2F&etu=AA-V4qP5cT44wSgi_5-rwFR7yuPMC9PW1r9pdZLbW6BaE-RPuX8FiSSWXvLx-OtPJZjDvbNjxDmHUNKRE09qgGmUf8Ll8psB2OhNbEyJg2Lit33Ukws6zk5UgJnsi3b7IiaB4uMKbWT05K4xtnofMZjPMDRSKsVgg78J39Pr443APgsTIu0gOG8yHHERIckXGeYZV3hA-pbXv94&vis=1&psz=300x250&msz=300x0&fws=260&ohw=300&ea=0&ga_vid=647651812.1698764069&ga_sid=1698764069&ga_hid=374390882&ga_fc=false&dlt=1698764067721&idt=981&adks=1911528252&frm=8
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310300101/pubads_impl.js?cb=31079291
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
46bada42c52a43d863522d51939052e4aeebf83dd89011785b5738b3534aa706
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 14:54:29 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12176
x-xss-protection
0
google-lineitem-id
6336189971
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138437415221
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://adx.holmesmind.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame DB97 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202310300101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310300101/pubads_impl.js?cb=31079291
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7392d9a331bcae6600820deede9b2762a9c4b1938cf8098f70658cf6a1dd388b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 14:54:28 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12305
x-xss-protection
0
container.html
4eef6f00ceaed3acf2e359b9bcdfe3a9.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 9282 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://4eef6f00ceaed3acf2e359b9bcdfe3a9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310300101/pubads_impl.js?cb=31079291
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adx.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 31 Oct 2023 14:54:28 GMT
expires
Wed, 30 Oct 2024 14:54:28 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.bg3.co%2F&domain=www.bg3.co&cw=1&pbt=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.bg3.co
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Tue, 31 Oct 2023 14:54:28 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
205485
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
json
gum.criteo.com/sid/ 		2 B
368 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.bg3.co%2F&domain=www.bg3.co&cw=1&pbt=1&lsw=1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Tue, 31 Oct 2023 14:54:28 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
247193
expires
0
rid
match.adsrvr.org/track/ 		63 B
419 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
aeef1e373026da00565ca401cc7f9689fa90b6327cf97910d056ce9521451caf

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 31 Oct 2023 14:54:28 GMT
content-encoding
gzip
server
Kestrel
vary
Origin, Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
expires
Thu, 30 Nov 2023 14:54:28 GMT
isyn
prebid.a-mo.net/ Frame C540 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=&gpp=&gpp_sid=
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.97.66 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
max-age=0, private, must-revalidate
date
Tue, 31 Oct 2023 14:54:28 GMT
server
envoy
vary
Accept-Encoding
x-envoy-upstream-service-time
0
usync.html
eus.rubiconproject.com/ Frame 3935 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.221.169.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-169-246.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 31 Oct 2023 14:54:28 GMT
ETag
"4014f-119-6051b805b8000"
Last-Modified
Mon, 11 Sep 2023 20:52:16 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
sync.html
public.servenobid.com/ Frame 5CDC 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://public.servenobid.com/sync.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-7.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1c20d54555b098aef8269b6fa89b316fa731aac67e6926c1203c27edf8cf9dbd

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
25836
cache-control
max-age=86400
content-encoding
br
content-type
text/html
date
Tue, 31 Oct 2023 07:43:53 GMT
etag
W/"ea81456e0a6e1fca0e7a864b1d3121aa"
last-modified
Mon, 02 Oct 2023 23:54:30 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 3d58896f901dbeed449603f5d2b4d9f0.cloudfront.net (CloudFront)
x-amz-cf-id
6tt8s_3_1sBzmtac-Zp5kCQQf_ZzzLuhsZAi_tGw7CAMywh91ChPnA==
x-amz-cf-pop
FRA56-C2
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:us-east-1:559734745816:build/adserver-public-prod:58584356-ee8f-4de0-abcc-b50f847fba2c
x-amz-meta-codebuild-content-md5
d3f9c0952d74faa30fada14e06b377b0
x-amz-meta-codebuild-content-sha256
8aa4841af9e8588faa6f0e126d94acab1f39eb0115dfa16eac2daccf149690d0
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
pd
adpushup-d.openx.net/w/1.0/ Frame 10B3
Redirect Chain
  • https://adpushup-d.openx.net/w/1.0/pd
  • https://adpushup-d.openx.net/w/1.0/pd?cc=1
653 B
431 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adpushup-d.openx.net/w/1.0/pd?cc=1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
0541f15849954a50d8cef68ee82bf556c7746c867cf18350237b438557b18a3e

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
412
content-type
text/html
date
Tue, 31 Oct 2023 14:54:30 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Tue, 31 Oct 2023 14:54:30 GMT
location
https://adpushup-d.openx.net/w/1.0/pd?cc=1
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
via
1.1 google
/
onetag-sys.com/usync/ Frame D7B0 		2 KB
814 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1698764064962
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
/
csync.smilewanted.com/ Frame 0F9C 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
15c5ab257f685e66dbabf646aeb10b4e616dc155b17d8e1b170aa5c1cd8fe32b

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
81ecbbc68bb89bb2-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 31 Oct 2023 14:54:28 GMT
server
cloudflare
vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 1998 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
17893
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Tue, 31 Oct 2023 14:54:28 GMT
ETag
W/"623de86a-cf34"
Expires
Thu, 19 Oct 2023 09:55:51 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
1928, 153796
X-Served-By
cache-lga13626-LGA, cache-fra-eddf8230087-FRA
X-Timer
S1698764069.962769,VS0,VE0
ixmatch.html
js-sec.indexww.com/um/ Frame 0B2C 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.38.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
943
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
81ecbbc70eda65a4-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 31 Oct 2023 14:54:28 GMT
expires
Tue, 31 Oct 2023 18:54:28 GMT
last-modified
Mon, 25 Jul 2022 19:18:19 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
sync
eb2.3lift.com/ Frame F57C 		37 B
140 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
date
Tue, 31 Oct 2023 14:54:28 GMT
checksync.php
contextual.media.net/ Frame 1027 		24 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C2045%2C3012%2C2043%2C2040%2C244%2C2039%2C3007%2C246%2C4%2C203%2C446%2C9%2C2055%2C2099%2C173%2C294%2C251%2C175%2C450%2C132%2C374%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C459%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C461%2C222%2C345%2C468%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.20.22 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-22.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
104fcc2fd6e3915827dd461fe6e067382a7603215b7dad6db6a7ad41028d76f3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
8514
content-type
text/html; charset=UTF-8
date
Tue, 31 Oct 2023 14:54:28 GMT
expires
Thu, 02 Nov 2023 14:54:28 GMT
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
sodar2.js
tpc.googlesyndication.com/sodar/ Frame DB97 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310300101/pubads_impl.js?cb=31079291
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 14:54:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 31 Oct 2023 14:54:28 GMT
usync.js
eus.rubiconproject.com/ Frame 3935 		40 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.221.169.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-169-246.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
9707d6e62a22e990a7f0c39c793fba66c4cb0f017f51103851dab68ea94b7d2d

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 31 Oct 2023 14:54:28 GMT
Content-Encoding
gzip
Last-Modified
Tue, 31 Oct 2023 06:39:56 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=56735
Connection
keep-alive
Content-Length
11053
Expires
Wed, 01 Nov 2023 06:40:03 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 6D7C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231026&jk=1818925047080155&bg=!oqGloe7NAAbo5yKYyOc7ADQBe5WfOMwmiKAHEWt_QhSN-0id4PgPP78ySAflGyfdJ89xSPdVvng6iXo1TuvhQ7tWiCNSAgAAAK9SAAAABGgBBwoAff79SXXcHctQTBt75UO1ASYLCbLpQhp9kw_ZhYTVkR0xieO4PMJ1X0BQaTPL8tEy8tWs8CQrafCEjZg7lgcpLQalgaGQ8Q7icXzeT7IkUKIO7aCpEmLwOOZRiUPRtHnucEo4Gxm1fml6Yc9D6_dbWGRQj3X1Dna2MPd2V-2RmQLGXIbAEXkQ51J5rj-IPm-mePgahLYpzaRxaROeCkaDvt63upNCO6tcpf7Dcqx6luMb2aH4muHD3C5BIbNt9WdiJuvKPldRJhjp5slsIAhXgkx0v-qV3Edj_p5VQ7m-NdpFN50JJuAcO4IVuGljN19iLRPThUTcq_R5g4L4Bne9MuXraEarZBx_WqWEfS5xCu1fTrK-jhEpcxbpTkd-5xcr8qGEtpnRZsnof4I7NfrhY9ALyoARuWQcnGyZXHJ6uSvYGhJu1dV72rq5gogqVupB6p3PnKS5O0I6Ih3cvx6g2_oKf6O0qad7jAHTP0TNNprM34klQQLNkpHkAssIlhtjF2El0-F1XLiQV1F5vIQUCCEDm7p2GKn9UIR_3-q5kbTwNDj9qUIT5F8Z22OXBgV5sUDW6uSxNIpneT6hFFq8GkhTTCwFiPQaCFlDFY5spAFJOGs0aApmBIp1_NCPGLvjOISGSE7Y_ZJzr6CWRE_QHu2QNCFJyr_IVbw3DuCyaIBjZbGpm7bqZwgdJT_M7GpXKGB-2d4NVwN-KsSyPrywbC-W2ieTP6Lq_7-EaMMcX24vHfUf-YGejvbZI2_jkDmxrtdH1W83JgErtVREYN6G1-5YApFDYThmmTiCGUivilrT-5W4KzzfCGnfbzRa7VdujqlL3E08nr0FsHPXC4Z1Em014B56UE0HIQVtNpfY24nw9weGkB5iXRm3ZijjlgrEamKgHo79b_H13pmOpF4j7YW9NkF1SF2h4XxYE9UKWAMr74P78BboknKfAGSy5LtSSnkLN-aj-PW4juoHmG12TAbmjB4uaWtlGfqt3S7iaoRAcgiRZngE2uU1Vc4K0mQwkRSKS_bIYgIFiFyReOXZTh0Ik5Gni-cQRY2leHfdMIvMAQ04fCLjW--vNgEs0RmnZ7uDiugHN8qqtAUFgRi_nVUGdQ8yBCc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
csi
csi.gstatic.com/ Frame C25E 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=3~loeg9k6o&c=3439827716239&slotId=1719913858119.5&qqid=CPDg16bFoIIDFfxLHQkd6-MGVQ&gqid=JBVBZaLFA8O2bMagjuAF&fb=ima_html5-lima&sdkv=h.3.599.0&ppt=vidvertoplayer&ppv=1.0.0&mrd=4&aab=1&itv=1&ua_e=1&met.4=ghmsh_s.loeg9k6r&faa=1&fas=1
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.599.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2800:3f0:4001:831::2003 São Paulo, Brazil, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Oct 2023 14:54:29 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 929A 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adx.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
14192
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 31 Oct 2023 10:57:57 GMT
expires
Wed, 30 Oct 2024 10:57:57 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 6819 		829 B
559 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
f1c8f6ff1e61b42b3bc44b62301146d05b82f66b4179284d06f761229e7bc382
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-a-tYW8hVhUUo02za6M5V9g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://adx.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-a-tYW8hVhUUo02za6M5V9g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 31 Oct 2023 14:54:29 GMT
expires
Tue, 31 Oct 2023 14:54:29 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
/
c.bannerflow.net/tr/v2/pixel/ Frame 9ADD 		0
123 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://c.bannerflow.net/tr/v2/pixel/
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/652cf45a843eb9eeda7667d0?did=5ced17d285b1c200019c3fe1&&redirecturl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjss1vGr2GKpXeleam55Ar3Enlv8Wos5aR2bFv6HfB2xuNgalPiNEBbRGSQtL-KSKRalYOTNrcxzN_Nt5yo3eSFPVQ8cPfeWYkwlLDXh1Mt9hM2VoTm0xnOpwhQrpyOIeJBcpxj-L9dx-hJpNymRYtsbx-G5mFBuURQVK1KJPVWf7GNVP0wtBHQsUfC9wHBU4gnEwwT-4ibWBfEu2sUTdakRt9vwjqRsZi8t-qSnUUBjI_DKryQkpTxOL4_xkCAyUFpW9LY-JlCuDOHwLheOAm8Wz0ZmfZzaXIsK0gmtPwv09PyX04UqD_BdE61GvF4X_81_TK442IfLke50ZcwDtTiHcnl0GyyVNsmQWc8QtNcbPGcCAMaSGXOVsL9bXHallnd5_sy3OQNI70Y9PSe5yLdcF-Z-vzEV_LnmrPPb8e7I1t8WPCZNoSXYXEwkhNBQ-B1tjwtb3lfsgSMvAnbE_Y0aZ9JjTpFt2LVxR1STzMBdkS3J1Bcod2MIVzWLFtuLEBo-PZmPCy3oqmTx_-xWCJi25l0je-p3Bal4jEmn9pBaEVcdFay3LEBT-B9fSHERui65JhTWfAuTQge8tnvGzPgXURrauujOHcWAt8x-c8remLd7YL8F16HwUE-taLgEpsJjULfd6T3E5to5zdJISnwJjrIys0Mgf9wjwfHFYExkw0BKtArendN3D_KNcx4oxl84UxpLwy9UDBZi3RdMXVfD92bPJ7KBgfAVn80Vzd6LZ8BCrBIeMsETo59JjBT1yMyM3n6QEfNqXZ4KpTEU4tXBtdAwZmmL0W0dyRs2JNXHb6L3tFqMZ-bLEPXTgrzb5Nb-pFwc6JwN4Bwk9NisXlOo_jjQgbGrdUk0TV7D-tRhUdEY_Xkh0ZY_WfV15QM51hJWGJh7m0VM44r58RdVsUq25uwu9up_7P0aPNXOfbHbjFGiNdOd9VD9BlBi6pITqWoU_pYGKf3edskB_7pnERxcQGq5hZrZpQlP_ezSGkW3lt2sdq4-9aVoSy5Fr5miEaRO6OkW7jxjVG2vivNb-Hbhqrwug1JW-xZqnoP4ODOKVjnG8WV-46_qhJOEUOPe7JQMbRLhnt_7qgZI_0n-pgA84UjV1hrZBUv-kkutteNwOBpRoF3cH8v0MD8Uo1ma8RNqydhC6f4H_1-wALwWjyN8hGzVsSzi7ZXFk2p7LfObZNX0DtcgLcMlAnTlm-0Y8UOcXLrKdbgdjy6r_T0bQ1bt3XD-cxtnrg1qjFyPHibHewvU9hVx2mlP_t9bBMWA4S_1aXS0UMtjhDrKTVYP1wwA8WceBMh3AVHrA_InyuEDnqrBeB44aMFnDr4aBjf7OgtFlAiDYVhNbbQlxYN6n4yeTKz85oExTWmomEcwjsqE8BIjWBqwJyQXFPS2WaimEBlvaF32JcshPeW3Fze1Ij7VbtVgEzkFKugbLphs%26sai%3DAMfl-YRWn-HwNczslmKAWjNCN2upFGOSYN94eBZhdy3lcInIqTaNuMWcpl_baJEaKm5w9Dl06edHN57o4l8inYtamGHxYrYaXc10L78tePJtkMHOFLb6rcq_-5cX1p9U09SjSqzO2tFc-sb6cHiIWLNtIQXwjRhkQzWJ0qOxtuzV7cSYVM77Eiw_TQqdGx_fzvrqO4g4KMXfrDALfUROfiZwDWmpDt0831zIdpjzZ2BwXgvg2qUZ6zMhaFfEY6MWj_kJ0-bDwT74cApvlFm7uIhx7ezxx04hNjcl%26sig%3DCg0ArKJSzL8_MIWlG8A6EAE%26pr%3D8%3ACB0CB3C65C13E4CE%26cry%3D1%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26rm_eid%3D5362262%26adurl%3Dhttps%253A%252F%252Fwww.home.saxo%252Fde-ch%252Fcampaigns%252Finterest-rates-cal%253Fdclid%253D%2525edclid!%2526cmpid%253Ddisp_cm_1014485535_20667285299_525664089
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:c96e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://s0.2mdn.net/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 31 Oct 2023 14:54:29 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
81ecbbc7bfa69043-FRA
content-length
0
request-context
appId=cid-v1:1d9bcaa3-5ddc-4e5d-973c-949d7ceab63e
async_usersync
ib.adnxs.com/ Frame 1998 		0
598 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Oct 2023 14:54:29 GMT
an-x-request-uuid
f79e027a-d231-4847-ae2a-06043470236f
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
195.206.105.130; 195.206.105.130; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
13926
g2.gumgum.com/usync/ Frame 2260 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.73.51.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-73-51-1.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
9d7f55e2839c038c487bacb31a0ce00e33b9639832552f982925e3de7d735ee2

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Tue, 31 Oct 2023 14:54:29 GMT
etag
W/"0cd3af68771d353a2d72e28022b13f322"
server
nginx
timing-allow-origin
*
/
onetag-sys.com/usync/ Frame BB8B 		2 KB
814 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
sync
ssbsync.smartadserver.com/api/ Frame 9599 		746 B
950 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.149.192.76 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
3f3cc4594d1a5d86f9744e69a83224e4fb501d8a09ef18d4824b58f94ebe46e2

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

content-length
746
content-type
text/html
date
Tue, 31 Oct 2023 14:54:28 GMT
usermatch
ssum-sec.casalemedia.com/ Frame C190
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
2 KB
858 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7eb814d1aa98f935061661cc64e9d2b7fb33abc57d95584fa341167014d47b51

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
81ecbbc8587d4d94-FRA
content-encoding
br
content-type
text/html
date
Tue, 31 Oct 2023 14:54:29 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Bv1HBmOLV2pAkXFqpY6LMDU%2F%2BoPfI4mKJ%2BkGIHk22RuhxyMmoapjJjqcYkAIsauSx9TF5spiahtyNjhXMSD2UgwCq8EBCaKIWdOrEciocAjU%2Bm9ep8Xg6p4dVDDVYBST0%2F%2BBfnA91RuBfA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
81ecbbc808264d94-FRA
content-length
0
date
Tue, 31 Oct 2023 14:54:29 GMT
expires
0
location
/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D1YTivJTMjuSimBleAAdhAkVIoSxbLJRCcjmA6EtnXtmel9JOUIfOWCtSfW%2BZ6nVTpbJ9zmcF%2F7TmEDJmzs%2F4BpCBQ0gWzoBPFuRbondEHBv3zqvu70e%2B1Md3%2FNjEu2eXDC4O0a%2BiWbJkA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 65AB
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.221.169.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-169-246.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 31 Oct 2023 14:54:29 GMT
ETag
"4014f-119-6051b805b8000"
Last-Modified
Mon, 11 Sep 2023 20:52:16 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Tue, 31 Oct 2023 14:54:29 GMT
location
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
server
AkamaiGHost
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 931A 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.211.9.91 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-211-9-91.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=55918
content-encoding
gzip
content-length
5606
content-type
text/html
date
Tue, 31 Oct 2023 14:54:29 GMT
expires
Wed, 01 Nov 2023 06:26:27 GMT
last-modified
Fri, 01 Sep 2023 11:18:33 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
sync-iframe
cs-rtb.minutemedia-prebid.com/ Frame 45E5 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21dd:e200:1f:4c18:bd40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
3775f3cc2872758f7bd29c856a60d4e55a35aebdfe51f3cf9645fc7ee3049328

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://public.servenobid.com/
content-length
1500
content-type
text/html
date
Tue, 31 Oct 2023 14:54:29 GMT
server
istio-envoy
via
1.1 ef8392d3895fa7368e6a67a055402788.cloudfront.net (CloudFront)
x-amz-cf-id
s-JN7ymmC57tfnAyAXsNzZ4iswHWncwey5G8KDmADrt67Njv1-_MDQ==
x-amz-cf-pop
EWR53-C2
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
2
user-sync
sync.adkernel.com/ Frame ECB4 		0
160 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adkernel.com/user-sync?zone=181225&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D152%26uid%3D%7BUID%7D&gdpr=0&gdpr_consent=&us_privacy=1YN-&
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.245.57.72 , United States, ASN36057 (WEBAIR-INTERNET-MTL, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Age
0
Cache-Control
no-store
Connection
close
Content-Length
0
Date
Tue, 31 Oct 2023 14:54:29 GMT
Pragma
no-cache
Server
nginx
sync-iframe
cs-server-s2s.yellowblue.io/ Frame 1509 		557 B
1012 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
52.205.208.143 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-205-208-143.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
bd4fe49491624ed17ab1e31a5a5a1b6a44adcc14e7eed96929ce62cf299ad386

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://public.servenobid.com/
content-length
557
content-type
text/html
date
Tue, 31 Oct 2023 14:54:29 GMT
server
istio-envoy
x-envoy-upstream-service-time
2
sync
ads.servenobid.com/ Frame 5CDC
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID
  • https://ads.servenobid.com/sync?pid=312&uid=2447243403012636083
0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=312&uid=2447243403012636083
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.213.237.149 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-213-237-149.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 14:54:29 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

pragma
no-cache
date
Tue, 31 Oct 2023 14:54:29 GMT
an-x-request-uuid
6a066d6a-f953-47a3-98df-290dccb38a12
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://ads.servenobid.com/sync?pid=312&uid=2447243403012636083
x-proxy-origin
195.206.105.130; 195.206.105.130; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
ads.servenobid.com/ Frame 5CDC
Redirect Chain
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1
  • https://ads.servenobid.com/sync?pid=310&uid=HlBevRZHFUfbqa7HQBikmzIX
0
351 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=310&uid=HlBevRZHFUfbqa7HQBikmzIX
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.213.237.149 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-213-237-149.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 14:54:29 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Pragma
no-cache
Date
Tue, 31 Oct 2023 14:54:29 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Location
https://ads.servenobid.com/sync?pid=310&uid=HlBevRZHFUfbqa7HQBikmzIX
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap7ams1
Content-Length
0
Expires
Fri, 20 Mar 2009 00:00:00 GMT
pixel
ap.lijit.com/ Frame 5CDC 		0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.6 New York, United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 31 Oct 2023 14:54:29 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
sync
ads.servenobid.com/ Frame 5CDC
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&zcc=1&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D&cb=1698764069233
  • https://ad.turn.com/r/cs?pid=45&rndcb=3106374019
  • https://sync.1rx.io/usersync/turn/3376923166007774755?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-1e5f4efd-420e-44fb-a41e-0d169105e820-003?redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3DRX-1e5f4efd-420e-44fb-a41e-0d169105e820-003
  • https://ads.servenobid.com/sync?pid=321&uid=RX-1e5f4efd-420e-44fb-a41e-0d169105e820-003
0
361 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=321&uid=RX-1e5f4efd-420e-44fb-a41e-0d169105e820-003
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.213.237.149 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-213-237-149.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 14:54:29 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=321&uid=RX-1e5f4efd-420e-44fb-a41e-0d169105e820-003
date
Tue, 31 Oct 2023 14:54:29 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX1e5f4efd420e44fba41e0d169105e820003
content-type
text/html
sync
ads.servenobid.com/ Frame 5CDC
Redirect Chain
  • https://p.rfihub.com/cm?pub=44007&in=1
  • https://ads.servenobid.com/sync?pid=324&uid=5140084928013254505
0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=324&uid=5140084928013254505
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.213.237.149 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-213-237-149.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 14:54:29 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Location
https://ads.servenobid.com/sync?pid=324&uid=5140084928013254505
Date
Tue, 31 Oct 2023 14:54:29 GMT
Server
Jetty(9.4.51.v20230217)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
sync
ads.servenobid.com/ Frame 5CDC
Redirect Chain
  • https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D332%26uid%3D
  • https://ads.servenobid.com/sync?pid=332&uid=2bf8ccb3-b355-488e-bda3-83693e025ff1
0
357 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=332&uid=2bf8ccb3-b355-488e-bda3-83693e025ff1
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.213.237.149 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-213-237-149.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 14:54:29 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

pragma
no-cache
date
Tue, 31 Oct 2023 14:54:29 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-53
content-type
text/plain; charset=utf8
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://ads.servenobid.com/sync?pid=332&uid=2bf8ccb3-b355-488e-bda3-83693e025ff1
cache-control
no-cache, no-store, private
tcn
Choice
content-length
0
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
sync
ads.servenobid.com/ Frame 5CDC
Redirect Chain
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D
  • https://ads.servenobid.com/sync?pid=327&uid=&us_privacy=1YN-&gdpr=0
0
252 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=327&uid=&us_privacy=1YN-&gdpr=0
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.213.237.149 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-213-237-149.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 14:54:29 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=327&uid=&us_privacy=1YN-&gdpr=0
date
Tue, 31 Oct 2023 14:54:29 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
0
server
envoy
content-length
0
sync
ads.servenobid.com/ Frame 5CDC
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58559/occ
  • https://ads.servenobid.com/sync?pid=337&uid=y-QQo7zT1E2uHGLDhgpVk8MaAc.__DlhjAwQe68sA-~A
0
366 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=337&uid=y-QQo7zT1E2uHGLDhgpVk8MaAc.__DlhjAwQe68sA-~A
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.213.237.149 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-213-237-149.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 14:54:29 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=337&uid=y-QQo7zT1E2uHGLDhgpVk8MaAc.__DlhjAwQe68sA-~A
date
Tue, 31 Oct 2023 14:54:29 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sync
ads.servenobid.com/ Frame 5CDC
Redirect Chain
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID
  • https://prebid.a-mo.net/cchain/0?gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D6%26r%3DCid1YS0wYmE0NTM4ZS04Y2E0LTM4YjQtOTA4NS1jYmIwYmU3NmE5MTYQ____________ASpTa...
  • https://ssp.disqus.com/match?bidder=6&r=Cid1YS0wYmE0NTM4ZS04Y2E0LTM4YjQtOTA4NS1jYmIwYmU3NmE5MTYQ____________ASpTaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzQ2JnVpZD11YS0wYmE0NTM4ZS04Y2E0LTM4Y...
  • https://ads.betweendigital.com/match?bidder_id=45188&callback_url=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D32%26buyeruid%3D%24%7BUSER_ID%7D%26r%3DCid1YS0wYmE0NTM4ZS04Y2E0LTM4YjQtOTA4NS1jYmIw...
  • https://ads.betweendigital.com/match?bidder_id=45188&callback_url=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D32%26buyeruid%3D%24%7BUSER_ID%7D%26r%3DCid1YS0wYmE0NTM4ZS04Y2E0LTM4YjQtOTA4NS1jYmIw...
  • https://ssp.disqus.com/match?bidder=32&buyeruid=48237484-3cf0-5230-bbe4-d491dea5c1b4&r=Cid1YS0wYmE0NTM4ZS04Y2E0LTM4YjQtOTA4NS1jYmIwYmU3NmE5MTYQ____________ASpTaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3...
  • https://ads.servenobid.com/sync?pid=346&uid=ua-0ba4538e-8ca4-38b4-9085-cbb0be76a916
0
359 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=346&uid=ua-0ba4538e-8ca4-38b4-9085-cbb0be76a916
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.213.237.149 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-213-237-149.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 14:54:30 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=346&uid=ua-0ba4538e-8ca4-38b4-9085-cbb0be76a916
pragma
no-cache
date
Tue, 31 Oct 2023 14:54:30 GMT
cache-control
no-store
content-length
0
expires
0
sync
ads.servenobid.com/ Frame 5CDC
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58632/occ
  • https://ads.servenobid.com/sync?pid=339&uid=y-QQo7zT1E2uHGLDhgpVk8MaAc.__DlhjAwQe68sA-~A
0
366 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=339&uid=y-QQo7zT1E2uHGLDhgpVk8MaAc.__DlhjAwQe68sA-~A
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.213.237.149 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-213-237-149.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 14:54:29 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=339&uid=y-QQo7zT1E2uHGLDhgpVk8MaAc.__DlhjAwQe68sA-~A
date
Tue, 31 Oct 2023 14:54:29 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
v1
match.sharethrough.com/universal/ Frame 5CDC 		0
34 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/universal/v1?supply_id=KW3eSFMR&gdpr=0&gdpr_consent=&us_privacy=1YN-&
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.67.250.230 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-67-250-230.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 14:54:29 GMT
sync
ads.servenobid.com/ Frame 5CDC
Redirect Chain
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D353%26uid%3D%3Cvsid%3E
  • https://ads.servenobid.com/sync?pid=353&uid=0000EEA
0
336 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=353&uid=0000EEA
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.213.237.149 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-213-237-149.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 14:54:29 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

pragma
no-cache
strict-transport-security
max-age=86400 ; includeSubDomains, max-age=604800
date
Tue, 31 Oct 2023 14:54:29 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
location
https://ads.servenobid.com/sync?pid=353&uid=0000EEA
content-type
text/html
cache-control
max-age=0, no-cache, no-store
content-length
154
x-mnet-hl2
E
expires
Tue, 31 Oct 2023 14:54:29 GMT
decode_consent.js
static.smilewanted.com/js/decode_consent/ Frame 0F9C 		48 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.smilewanted.com/js/decode_consent/decode_consent.js
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://csync.smilewanted.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 14:54:29 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
age
1582385
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Thu, 15 Apr 2021 17:11:55 GMT
server
cloudflare
etag
W/"607873db-c1ce"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
cf-ray
81ecbbc82d649bb2-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 6A93
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
2 KB
965 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
77bb103ff778fd363368a2973e28d69c46911b17d6bcb65bf0d126e893031966

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
81ecbbc868944d94-FRA
content-encoding
br
content-type
text/html
date
Tue, 31 Oct 2023 14:54:29 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mkYVMYo3qMjVg%2BoaunuYMrEcDlS23guj3NCsVM4tLx4hyKjj8UK%2BaRRV07HojeqkgxeaQMZioRYdf0j7yPn9QbWp3pujzocrQ6BalqjOIcQeKla0nHmUxodqGYTACIQHmWkgejefJGbTOg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
81ecbbc8284c4d94-FRA
content-length
0
date
Tue, 31 Oct 2023 14:54:29 GMT
expires
0
location
/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qFhwnf46jGnlNqIDl2wivk%2FuLG5LZjl2Lz8fPsQ9X86%2FAw8Ag8q%2FbmkkBP9dyJt2CZYQ1MjVXS%2FvJBYkms1PCq93gj%2FXe1wWx7Z3XzMrHIcp7ZEmb1UfubK6qXjoKSInkrWGnBApVet6Sg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
csi
csi.gstatic.com/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&top=1&puid=2~loeg9k97&c=3439827716239&slotId=1719913858119.5&met.4=hvd_lc.loeg9k97~hvd_ad.loeg9k97~hvd_mad.loeg9k97~hvd_admu.loeg9k98~hvd_src.loeg9k98
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2800:3f0:4001:831::2003 São Paulo, Brazil, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Oct 2023 14:54:29 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 6D01 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssp9dAM4_pV9m-OH-NxBrPABIfXvrJlC-61kpBcWkPLkI1jUnXCvijdOHxM6SjKXCrbwWHkQfZUoO1FhLVvg49--wB4uuzLePtfcyfthavFQhykzd7bkrf8QhxKah-z7Cxfa0Ql-65BT0zQLZrSq4uP3YOlu88BQMzaM4KZzmx0Cwo5v202ZBL7ogsGVftYhhZRRG6Z-jXxI0eX5XcV_EaXHLQy7N1iuxybU-iS97PBBp3bgrAhPA-pcpYVYV4guij5lCUZJ0Tykz9l-_sDWdlWvXsqynMdOTpDgGtv1lNcgrZEeRdlfiQ3BcTJN1n4EvECoTWDckSn2pyCwu2Xj7t-ezogqdPpvKnf988H3hPEnQ&sai=AMfl-YRCiw7n6na8iyxxiplbHz1-p7EU4O7oqm3a8IkSItGaHGCRebjV4ZEmtP1m4j_KIHcnpqaoTXK1C4wUMBEF_PgQBSRYLnuTUdwMAQ&sig=Cg0ArKJSzGJNFWVZ1njJEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xiang-ti-sheng-nan-xing-mei-li-zhao-mie-liao-tian-lao-tong-xue-xu-jiu-gao-gu-tong-kuang-biao.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 14:54:29 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
ysm_bg3.js
ad.sitemaji.com/ Frame 6D01 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.sitemaji.com/ysm_bg3.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310300101/pubads_impl.js?cb=31079291
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.215.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
140.215.186.35.bc.googleusercontent.com
Software
nginx/1.12.1 (Ubuntu) /
Resource Hash
287077b1aeaca25ca5387fa4bccd16aa0f098f48ab4630152689426db2d97470

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 13:56:17 GMT
content-encoding
br
via
1.1 google
last-modified
Mon, 26 Jun 2023 06:28:33 GMT
server
nginx/1.12.1 (Ubuntu)
age
3492
etag
W/"64993011-7b8f"
vary
Accept-Encoding,Accept-Encoding
content-type
application/javascript
cache-control
max-age=86400,public
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9956
expires
Wed, 01 Nov 2023 13:56:17 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 6D01 		188 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310300101/pubads_impl.js?cb=31079291
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cfd86eed5b662601ed1effa05e0922030a1bbfb3111d160df9b4f71630198c37
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 14:54:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60393
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1698666127188353"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 31 Oct 2023 14:54:29 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame C190
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZUEVJfR4DtR-Kbmzt7gnpAAAFA4AAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEIWMbjriYOYq3QoK6fjqxkE&google_cver=1
43 B
770 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEIWMbjriYOYq3QoK6fjqxkE&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Oct 2023 14:54:29 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iBdQmyza%2F4lmSgx%2BSgY8kmrmVOxhDl1Ld78wtifO6dIGYwO%2FLittDk1Lzd63BTXS0OKr4TyyXU6nYWCvXrmPxTh2Pejmcrpwz64DFhThEBXDARSr7gQMw8nP6rHeghsDHrgv7pCVtIy9fA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
81ecbbc9199b2c3a-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 31 Oct 2023 14:54:29 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEIWMbjriYOYq3QoK6fjqxkE&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame C190
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZUEVJUQS5JXaHCYGXqdF4wAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEDCeKgPdVMwBurct-0LC97o&google_cver=1
43 B
737 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEDCeKgPdVMwBurct-0LC97o&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Oct 2023 14:54:29 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G%2FP%2FIokN%2FiGgPanKC1IzxgxgbAlMZ5r1sDFKvKeEVz03KWk%2BbbCB8DFawMt6yLO3sCLxRZmF89HWbE0%2BFObar1ZysT3bZA7b5Rp15JAXYDDkt7W3Kkw2nkAJiZnO8iUoNcjiNPEtQfK9Ng%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
81ecbbc979e92c3a-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 31 Oct 2023 14:54:29 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEDCeKgPdVMwBurct-0LC97o&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
generic
match.adsrvr.org/track/cmf/ Frame C190
Redirect Chain
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZUEVJfR4DtR.Kbmzt7gnpAAA%265134&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
  • https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZUEVJfR4DtR.Kbmzt7gnpAAA%265134&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=d04c8cdf01d74d1284361104ea40cac3
  • https://d.turn.com/r/dd/id/L21rdC8xOTcxL2NpZC8xNzQ5ODczMjc1L3QvMg/url/https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=$!%7BTURN_UUID%7D
  • https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=3376923166007774755
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=liveintent&ttd_tpi=1&gdpr=0
70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=liveintent&ttd_tpi=1&gdpr=0
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol
H2
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 14:54:30 GMT
server
Kestrel
content-length
70
content-type
image/gif

Redirect headers

Location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=liveintent&ttd_tpi=1&gdpr=0
Date
Tue, 31 Oct 2023 14:54:30 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
0
Request-Time
4
dcm
s.amazon-adsystem.com/ Frame C190 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZUEVJfR4DtR-Kbmzt7gnpAAAFA4AAAAB&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 31 Oct 2023 14:54:29 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
RVAST4RXD8GTMDR9WF9P
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
rum
dsum.casalemedia.com/ Frame C190
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=index
  • https://sonata-notifications.taptapnetworks.com/web/cookie/bidswitch/sync?bidswitch_ssp_id=index&bsw_custom_parameter=9b45e93c-af27-4e01-ba3b-f5b8983d2c33&gdpr=&gdpr_consent=&gdpr_pd=
  • https://x.bidswitch.net/sync?dsp_id=413&ssp=index&user_id=csonata_1c872633-0ef4-413a-858e-87b62aa39aa0&bsw_param=9b45e93c-af27-4e01-ba3b-f5b8983d2c33&expires=10&gdpr=&gdpr_consent=&gdpr_pd=
  • https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=9b45e93c-af27-4e01-ba3b-f5b8983d2c33&gdpr=&gdpr_consent=&us_privacy=
43 B
728 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=9b45e93c-af27-4e01-ba3b-f5b8983d2c33&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Oct 2023 14:54:29 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8JBK66TNtco9quR0Hrnk5V4vD01%2BTykzpQZACZUwOvl03kRATXy7LjLN%2FcmSvzDwXOYJjpbacnZYljSS2Sg6w1Rf5LezuC1ACXlkhuyitPgUEi%2BsXad6FB%2BORk9zP5ysAZ%2FwNmCp"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
81ecbbca5a952c3a-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
//dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=9b45e93c-af27-4e01-ba3b-f5b8983d2c33&gdpr=&gdpr_consent=&us_privacy=
date
Tue, 31 Oct 2023 14:54:29 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
ZUEVJfR4DtR-Kbmzt7gnpAAAFA4AAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame C190
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZUEVJfR4DtR-Kbmzt7gnpAAAFA4AAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://pr-bh.ybp.yahoo.com/sync/casale/ZUEVJfR4DtR-Kbmzt7gnpAAAFA4AAAAB
43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/ZUEVJfR4DtR-Kbmzt7gnpAAAFA4AAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol
H2
Server
2a05:d018:d29:3602:b6d5:6b91:e46f:a747 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 14:54:29 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43

Redirect headers

location
https://pr-bh.ybp.yahoo.com/sync/casale/ZUEVJfR4DtR-Kbmzt7gnpAAAFA4AAAAB
date
Tue, 31 Oct 2023 14:54:29 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
crum
dsum.casalemedia.com/ Frame C190
Redirect Chain
  • https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID
  • https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=2447243403012636083
43 B
356 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=2447243403012636083
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol
H2
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Oct 2023 14:54:29 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EFlvw%2FOr5t7XbkLYswGUfqAwRpGPSeVRecLcf%2BAdTJgpJTMQyiMCAINGJTuwSCqX8Jn8VBIXrI%2B0US2m17czXvYh%2FZc%2FiM4vfUtBd4ByRBJR1Py9T1%2B3xR6mlQAWEmBTxOxcRSBy"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
81ecbbc969a24d94-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 31 Oct 2023 14:54:29 GMT
an-x-request-uuid
a7f83d87-b724-4297-bc0f-4e70ca3903db
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=2447243403012636083
x-proxy-origin
195.206.105.130; 195.206.105.130; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame C190
Redirect Chain
  • https://cm.ctnsnet.com/int/cm?exc=19
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=e992795b38b5450cbf7a9471e0b1c6d9&expiration=1701356069
43 B
738 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=e992795b38b5450cbf7a9471e0b1c6d9&expiration=1701356069
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Oct 2023 14:54:29 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nEhElij%2BEdnB65kNntMdJgmeAFzewF5TnmTJMSn1TPZ2EGz5pVqkgzCxkAUb8MAmNM4peQj1y5ar3sLsQc3eR4%2FDVQDnEqE%2BXT1rjR67xUdN5Rj%2BS5RjHc%2FUYMXdjPpoyPEC%2FT2e3zF3OQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
81ecbbc9ca2c2c3a-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 31 Oct 2023 14:54:29 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NOI DSP COR NID CUR OUR NOR"
status
302
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=e992795b38b5450cbf7a9471e0b1c6d9&expiration=1701356069
content-type
text/html;charset=UTF-8
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
ads.servenobid.com/ Frame C190 		0
356 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=333&uid=ZUEVJfR4DtR-Kbmzt7gnpAAAFA4AAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.213.237.149 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-213-237-149.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 14:54:29 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
362358.gif
idsync.rlcdn.com/ Frame 6A93
Redirect Chain
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZUEVJUQS5JXaHCYGXqdF4wAA%265293&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
  • https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZUEVJUQS5JXaHCYGXqdF4wAA%265293&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=33876c72972345c4944ba937d75e249f
  • https://d.turn.com/r/dd/id/L21rdC8xOTcxL2NpZC8xNzQ5ODczMjc1L3QvMg/url/https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=$!%7BTURN_UUID%7D
  • https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=3376923166007774755
  • https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=33876c72-9723-45c4-944b-a937d75e249f
  • https://p.rfihub.com/cm?pub=39342&in=1&userid=febba5ac-38b2-4c04-8156-fea2350cb746%3A1698764070.429616&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3Dfebba5ac-38b2-4c04-8156-fea2350c...
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5140084928013254505&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3Dfebba5ac-38b2-4c04-81...
  • https://idsync.rlcdn.com/501709.gif?partner_uid=febba5ac-38b2-4c04-8156-fea2350cb746%3A1698764070.429616&_=1698764070.4317338
  • https://idsync.rlcdn.com/1000.gif?memo=CM3PHhJACjwIARAFGjZmZWJiYTVhYy0zOGIyLTRjMDQtODE1Ni1mZWEyMzUwY2I3NDY6MTY5ODc2NDA3MC40Mjk2MTYQABoNCKaqhKoGEgUI6AcQAEIASgA
  • https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm
  • https://idsync.rlcdn.com/362358.gif?google_gid=CAESEL8argvBwO-joRcqbCtLiQY&google_cver=1
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/362358.gif?google_gid=CAESEL8argvBwO-joRcqbCtLiQY&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H3
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 14:54:30 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

pragma
no-cache
date
Tue, 31 Oct 2023 14:54:30 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://idsync.rlcdn.com/362358.gif?google_gid=CAESEL8argvBwO-joRcqbCtLiQY&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
289
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 6A93 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZUEVJUQS5JXaHCYGXqdF4wAAFK0AAAIB&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 31 Oct 2023 14:54:29 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
NHTDR1546XR4Z0AMZJ3X
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame 6A93 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 14:54:29 GMT
server
Kestrel
content-length
70
content-type
image/gif
usermatchredir
ssum-sec.casalemedia.com/ Frame 6A93
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZUEVJUQS5JXaHCYGXqdF4wAAFK0AAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEIWMbjriYOYq3QoK6fjqxkE&google_cver=1
43 B
731 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEIWMbjriYOYq3QoK6fjqxkE&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Oct 2023 14:54:29 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aoD4SrId7iyK1grGlHyUbUIje4hrsdI88FlpRs1bcJNHyOp%2Ff5JfwogvM78aEt82EoYF3jytQvb76gUsUBTKIDa%2BmQbzDrjQkFaXLUybUmsinYe2LVZrCxTufp4o8kz2apHIBtvPmV8QGQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
81ecbbc959d32c3a-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 31 Oct 2023 14:54:29 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEIWMbjriYOYq3QoK6fjqxkE&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
demconf.jpg
dpm.demdex.net/ Frame 6A93
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=23728&dpuuid=ZUEVJUQS5JXaHCYGXqdF4wAA%265293?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=ZUEVJUQS5JXaHCYGXqdF4wAA%265293
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=ZUEVJUQS5JXaHCYGXqdF4wAA%265293
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
34.255.45.168 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-255-45-168.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS
dcs-prod-irl1-2-v053-0691d8984.edge-irl1.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
7TVrixkDTqU=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-irl1-2-v053-0cfa35329.edge-irl1.demdex.com 0 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
p04pPEkcRIA=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=ZUEVJUQS5JXaHCYGXqdF4wAA%265293
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
crum
dsum-sec.casalemedia.com/ Frame 6A93
Redirect Chain
  • https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=
43 B
737 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Oct 2023 14:54:29 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NPRomqZDh4CvbjW%2B7UmcXUzS1Tmi94vKJO8GT%2B78ovF9DNpMWbATrLQDJIZJjt6umLI0kQtMOSmLGz%2BnB6AETE%2BlLNoyYgcwUxZu7zt6Eadg1GJ%2FptOWGQ7BcRBH5TNcceXujB5smmtvHg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
81ecbbcc8c722c3a-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=
Pragma
no-cache
Date
Tue, 31 Oct 2023 14:54:29 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Content-Length
95
Content-Type
text/html; charset=utf-8
crum
dsum-sec.casalemedia.com/ Frame 6A93
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZUEVJUQS5JXaHCYGXqdF4wAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEDCeKgPdVMwBurct-0LC97o&google_cver=1
43 B
734 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEDCeKgPdVMwBurct-0LC97o&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Oct 2023 14:54:29 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5J2pPgWbvHpAxlk81lUAj536pcwj%2FdSUgFpTZfmzpZxtGhaVgyHAW5uWHuze%2FTuTWAZ0u%2BC%2BLb2RcAAA8T3CREZIsuuiJ2xky%2FtN1bmJ0COidf9mriPhK23eQ2hzkQGMaZSMlGeaJlCI9A%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
81ecbbc9ca2d2c3a-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 31 Oct 2023 14:54:29 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEDCeKgPdVMwBurct-0LC97o&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 6A93
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZUEVJUQS5JXaHCYGXqdF4wAA%265293
  • https://creativecdn.com/cm-notify?pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZUEVJUQS5JXaHCYGXqdF4wAA%265293&tc=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=133&external_user_id=RmUd31MLs7eUvNzo6Awi&pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZUEVJUQS5JXaHCYGXqdF4wAA%265293&tc=1
43 B
735 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=133&external_user_id=RmUd31MLs7eUvNzo6Awi&pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZUEVJUQS5JXaHCYGXqdF4wAA%265293&tc=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Oct 2023 14:54:29 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FkftNf0FWQleCVxYJiKqIklRVjeBPnUfeImQtza%2FAsy0OZeZpDqdbgFFGv3OxcUMuBiOMSmaBy%2FjZFFLpVLjlyA7H8udBHDCWX43oCGHqEiBEMXmub7GJ3o1dDrvSJlHc3xxS6usHpQaeQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
81ecbbca5a972c3a-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=133&external_user_id=RmUd31MLs7eUvNzo6Awi&pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZUEVJUQS5JXaHCYGXqdF4wAA%265293&tc=1
pragma
no-cache
date
Tue, 31 Oct 2023 14:54:29 GMT, Tue, 31 Oct 2023 14:54:29 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
htw-pixel.gif
cdn.indexww.com/ht/ Frame 6A93 		43 B
252 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?ZUEVJUQS5JXaHCYGXqdF4wAA%265293
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.38.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 14:54:29 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
22260
etag
"761e21-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
81ecbbc928ea65a4-FRA
content-length
43
expires
Wed, 01 Nov 2023 14:54:29 GMT
/
googleads.g.doubleclick.net/pagead/live/interaction/ Frame C25E 		42 B
65 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/live/interaction/?ai=CQhjoJBVBZfC-BfyX9fgP68ebqAXZj_Lkc6-_wPXqEfjbm9bcExABIIDP1Hxg9ZXOgeAEoAG7terWAcgBBakC-HUkfi3LST7gAgCoAwGYBACqBO0DT9CpTTJ_uZzIg7OYSRRDLewb14miYmpFbE528OK0eWXWzJmLSJS8s2RSo06nciA4LGgaXTSZL8LgDEDZyRziotlVIhj7IZJ5I7OymOCPoyRkFvyL1Tt_FgoZUoo6OEFeZsri3yAggSL_ZwwuMiQ6u9E1BvxLg0dPvg9Qij8mVFkKXtYHtarnYDfe9M-ps4CqyW49QcXti_qvN5h2nlvWsucainPbOxof-nl9lChbgqdXgsBa8sVCwyqAKYEAyZKiSknWJC4rdd2sN2FxLJLn7md6eErJZhu0wes9Ptxws6ilPrsyaRtLlWo6QdwPnBbYCZ6UX-kkNswSXv4bt4XbyUujCpXFpMB5UuXeUQ_v_WIpMDTM3fXWgJzaTOhLpJPaIHgqalVtKXoNhphgOCDi7p8EZ9d0nvmwaoNpmAIGouyTGokZZcp0Y7NvXHH1eXq9ltax6QqKy1DQXNL17kxLis3jetufWTeYQ3JyF8tK0LFxdFVAD7KpqcX81-P8zC6LEd8nlLdM5q1bflFAwIvx0-W2ykSkIyQ2JbLqykKngEV34vVlVr0e6mbV-IlO-7p1rp4gIcZBJjrfcyNGv30cAyhQjV3q5_1ORk-YpCPwT0QbJ3GPa-BOp6F0JysNLjtOQex5SKHsve6DK2nDZcAE-qLyqcsE4AQBiAWV1LqxOaAGVIAHrcqVqQKoB9m2sQKoB47OG6gHk9gbqAec3BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwGoCAHSCBQIgGEQARgdMgKKAjoCgEBIvf3BOrEJeDlwHAd40I2ACgOYCwHICwHQCw-iDAwqCgoI5LSxAu61sQKaDQEPqg0CQ0jIDQHiDRMInOrWpsWgggMV_EsdCR3r4wZV2BMC0BUBmBYB-BYBgBcB&sigh=75Ut3XE6Cy4&label=video_ad_loaded
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ltt /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Oct 2023 14:54:29 GMT
x-content-type-options
nosniff
server
ltt
x-frame-options
SAMEORIGIN
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 6819 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202310300101&jk=2609265270235839&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
usersync
usersync.gumgum.com/ Frame 2260
Redirect Chain
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID
  • https://usersync.gumgum.com/usersync?b=apn&i=2447243403012636083
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=apn&i=2447243403012636083
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Tue, 31 Oct 2023 14:54:29 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

pragma
no-cache
date
Tue, 31 Oct 2023 14:54:29 GMT
an-x-request-uuid
efe9533a-d9fc-41c3-a65f-32ca549323ce
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://usersync.gumgum.com/usersync?b=apn&i=2447243403012636083
x-proxy-origin
195.206.105.130; 195.206.105.130; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame 2260
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_6f3a892e-7476-413d-8bb9-64234d4d8185&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://u.ipw.metadsp.co.uk/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2&bsw_user_id=${BSW_USER_UD}&bsw_param=9b45e93c-af27-4e01-ba3b-f5b8983d2c33&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=1---
  • https://u.ipw.metadsp.co.uk/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2&bsw_user_id=${BSW_USER_UD}&bsw_param=9b45e93c-af27-4e01-ba3b-f5b8983d2c33&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=1---
  • https://x.bidswitch.net/sync?dsp_id=339&expires=14&gdpr=0&gdpr_consent=&user_group=1&user_id=7b44d321-9916-49e6-832f-875b04695654&ssp=gumgum2&bsw_param=9b45e93c-af27-4e01-ba3b-f5b8983d2c33
  • https://usersync.gumgum.com/usersync?b=bsw&i=9b45e93c-af27-4e01-ba3b-f5b8983d2c33&gdpr=0&gdpr_consent=&us_privacy=
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=bsw&i=9b45e93c-af27-4e01-ba3b-f5b8983d2c33&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Tue, 31 Oct 2023 14:54:29 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
//usersync.gumgum.com/usersync?b=bsw&i=9b45e93c-af27-4e01-ba3b-f5b8983d2c33&gdpr=0&gdpr_consent=&us_privacy=
date
Tue, 31 Oct 2023 14:54:29 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
usersync
usersync.gumgum.com/ Frame 2260
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://us-u.openx.net/w/1.0/cm?cc=1&_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://usersync.gumgum.com/usersync?b=opx&i=d5e25f35-3b73-4b86-bc76-6ba1d73afb09
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=opx&i=d5e25f35-3b73-4b86-bc76-6ba1d73afb09
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Tue, 31 Oct 2023 14:54:29 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Tue, 31 Oct 2023 14:54:29 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://usersync.gumgum.com/usersync?b=opx&i=d5e25f35-3b73-4b86-bc76-6ba1d73afb09
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
usersync
usersync.gumgum.com/ Frame 2260
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sta&i=0-92700a2f-2a32-5f4b-73cb-76eb9b3cac48$ip$195.206.105.130
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sta&i=0-92700a2f-2a32-5f4b-73cb-76eb9b3cac48$ip$195.206.105.130
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Tue, 31 Oct 2023 14:54:30 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=sta&i=0-92700a2f-2a32-5f4b-73cb-76eb9b3cac48$ip$195.206.105.130
Date
Tue, 31 Oct 2023 14:54:29 GMT
Connection
keep-alive
Content-Length
129
Content-Type
text/html; charset=utf-8
usersync
usersync.gumgum.com/ Frame 2260
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=oth&i=y-NYjMk6JE2pfpHmxXkvc8aUg0bShFoIe3T4VK~A
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=oth&i=y-NYjMk6JE2pfpHmxXkvc8aUg0bShFoIe3T4VK~A
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Tue, 31 Oct 2023 14:54:29 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Tue, 31 Oct 2023 14:54:29 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://usersync.gumgum.com/usersync?b=oth&i=y-NYjMk6JE2pfpHmxXkvc8aUg0bShFoIe3T4VK~A
content-length
0
usersync
usersync.gumgum.com/ Frame 2260
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fuser...
  • https://usersync.gumgum.com/usersync?b=vnt&i=d6a7516a-d2a5-410b-987c-9f507af44a7c
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=vnt&i=d6a7516a-d2a5-410b-987c-9f507af44a7c
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Tue, 31 Oct 2023 14:54:29 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=vnt&i=d6a7516a-d2a5-410b-987c-9f507af44a7c
Date
Tue, 31 Oct 2023 14:54:29 GMT
Connection
keep-alive
X-CI-RTID
985224ad-dffe-4202-b2bd-cae78843273b
Content-Length
108
Content-Type
text/html; charset=utf-8
142
match.deepintent.com/usersync/ Frame 2260 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.8 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
c /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 14:54:28 GMT
content-length
0
server
c
usersync
usersync.gumgum.com/ Frame 2260
Redirect Chain
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_6f3a892e-7476-413d-8bb9-64234d4d8185&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__
  • https://b1sync.zemanta.com/usersync/gumgum/?cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__&gdpr=0&gdpr_consent=&puid=e_6f3a892e-7476-413d-8bb9-64234d4d8185&s=2&us_privacy=...
  • https://usersync.gumgum.com/usersync?b=zem&i=v4fffpB6rU08YIjKlodd&gdpr=0&us_privacy=1---
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=zem&i=v4fffpB6rU08YIjKlodd&gdpr=0&us_privacy=1---
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Tue, 31 Oct 2023 14:54:30 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
Date
Tue, 31 Oct 2023 14:54:29 GMT
Content-Type
text/html; charset=utf-8
Location
https://usersync.gumgum.com/usersync?b=zem&i=v4fffpB6rU08YIjKlodd&gdpr=0&us_privacy=1---
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
123
Expires
Thu, 01 Dec 1994 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame 2260
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
  • https://usersync.gumgum.com/usersync?b=pln&i=DPWjjnhlS1Ij&ev=1&pid=558355
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=pln&i=DPWjjnhlS1Ij&ev=1&pid=558355
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Tue, 31 Oct 2023 14:54:29 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
de-CH
location
https://usersync.gumgum.com/usersync?b=pln&i=DPWjjnhlS1Ij&ev=1&pid=558355
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-stage-0
expires
-1
usersync
usersync.gumgum.com/ Frame 2260
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sad&i=4357037334949060290
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sad&i=4357037334949060290
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Tue, 31 Oct 2023 14:54:29 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=sad&i=4357037334949060290
date
Tue, 31 Oct 2023 14:54:29 GMT
content-length
0
sync
ads.servenobid.com/ Frame 2260 		0
359 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=309&uid=e_6f3a892e-7476-413d-8bb9-64234d4d8185
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.213.237.149 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-213-237-149.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 14:54:29 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
sync
ads.servenobid.com/ Frame 9599 		0
345 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=317&uid=4357037334949060290&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.213.237.149 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-213-237-149.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 14:54:29 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
/
wt.rqtrk.eu/ Frame 9599
Redirect Chain
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=150&partneruserid=0&redirurl=https%3A%2F%2Fwt.rqtrk.eu%3Fpid%3D58a76248-f101-4e52-b8f7-c4de9362ea12%26src%3Dwww%26type%3D100%26sid%3D0%26...
  • https://wt.rqtrk.eu/?pid=58a76248-f101-4e52-b8f7-c4de9362ea12&src=www&type=100&sid=0&uid=4357037334949060290&gdpr_pd=0&gdpr=0&gdpr_consent=
43 B
350 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wt.rqtrk.eu/?pid=58a76248-f101-4e52-b8f7-c4de9362ea12&src=www&type=100&sid=0&uid=4357037334949060290&gdpr_pd=0&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Server
141.95.32.69 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
haproxy-eu-004.roqad.pl
Software
istio-envoy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Oct 2023 14:54:29 GMT
server
istio-envoy
p3p
CP="NOI DSP COR DEVa PSAa PSDa OUR BUS UNI COM NAV STA"
content-type
image/gif
cache-control
no-cache,private
x-envoy-upstream-service-time
0
content-length
43
expires
Tue, 31 Oct 2023 14:54:28 GMT

Redirect headers

location
https://wt.rqtrk.eu?pid=58a76248-f101-4e52-b8f7-c4de9362ea12&src=www&type=100&sid=0&uid=4357037334949060290&gdpr_pd=0&gdpr=0&gdpr_consent=
pragma
no-cache
date
Tue, 31 Oct 2023 14:54:29 GMT
cache-control
no-cache,no-store
content-length
0
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
/
rtb-csync.smartadserver.com/redir/ Frame 9599
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D86%26partneruserid%3D$UID&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=86&partneruserid=2447243403012636083&gdpr=0&gdpr_consent=
43 B
336 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=86&partneruserid=2447243403012636083&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Server
185.86.139.104 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 31 Oct 2023 14:54:28 GMT
cache-control
no-cache,no-store
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma
no-cache
date
Tue, 31 Oct 2023 14:54:29 GMT
an-x-request-uuid
7c92aa9f-e04b-4594-bef8-32e29984c9e5
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=86&partneruserid=2447243403012636083&gdpr=0&gdpr_consent=
x-proxy-origin
195.206.105.130; 195.206.105.130; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
redir
rtb-csync.smartadserver.com/ Frame 9599
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/sas?gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir?partneruserid=AAC5dU7KgioAABfIVHASlA&partnerid=127&gdpr=0
43 B
363 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir?partneruserid=AAC5dU7KgioAABfIVHASlA&partnerid=127&gdpr=0
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Server
185.86.139.104 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 31 Oct 2023 14:54:28 GMT
cache-control
no-cache,no-store
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

location
https://rtb-csync.smartadserver.com/redir?partneruserid=AAC5dU7KgioAABfIVHASlA&partnerid=127&gdpr=0
Date
Tue, 31 Oct 2023 14:54:29 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
/
rtb-csync.smartadserver.com/redir/ Frame 9599
Redirect Chain
  • https://cms.quantserve.com/pixel/p-EtBqU4Lj3YbAv.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?partnerid=80&gdpr=0&partneruserid=SUPwgE5D9oBSRPSGTRLpiU4X89NSQPWGSEUJZMCQ
43 B
407 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=80&gdpr=0&partneruserid=SUPwgE5D9oBSRPSGTRLpiU4X89NSQPWGSEUJZMCQ
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Server
185.86.139.104 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 31 Oct 2023 14:54:29 GMT
cache-control
no-cache,no-store
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma
no-cache
date
Tue, 31 Oct 2023 14:54:29 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://rtb-csync.smartadserver.com/redir/?partnerid=80&gdpr=0&partneruserid=SUPwgE5D9oBSRPSGTRLpiU4X89NSQPWGSEUJZMCQ
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 931A 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=39597232&p=162412&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1YN-
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
76e60e5d5a5ad4fc62e95a05f4840d8b07bbb7a27d130436b22f662424f68807

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Tue, 31 Oct 2023 14:54:29 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
adview
pubads.g.doubleclick.net/gampad/live/ Frame C25E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/live/adview?ai=Cq566JBVBZfC-BfyX9fgP68ebqAXZj_Lkc6-_wPXqEfjbm9bcExABIIDP1Hxg9ZXOgeAEoAG7terWAcgBBakC-HUkfi3LST7gAgCoAwGYBACqBOoDT9CpTTJ_uZzIg7OYSRRDLewb14miYmpFbE528OK0eWXWzJmLSJS8s2RSo06nciA4LGgaXTSZL8LgDEDZyRziotlVIhj7IZJ5I7OymOCPoyRkFvyL1Tt_FgoZUoo6OEFeZsri3yAggSL_ZwwuMiQ6u9E1BvxLg0dPvg9Qij8mVFkKXtYHtarnYDfe9M-ps4CqyW49QcXti_qvN5h2nlvWsucainPbOxof-nl9lChbgqdXgsBa8sVCwyqAKYEAyZKiSknWJC4rdd2sN2FxLJLn7md6eErJZhu0wes9Ptxws6ilPrsyaRtLlWo6QdwPnBbYCZ6UX-kkNswSXv4bt4XbyUujCpXFpMB5UuXeUQ_v_WIpMDTM3fXWgJzaTOhLpJPaIHgqalVtKXoNhphgOCDi7p8EZ9d0nvmwaoNpmAIGouyTGokZZcp0Y7NvXHH1eXq9ltax6QqKy1DQXNL17kxLis3jetufWTeYQ3JyF8tK0LFxdFVAD7KpqcX81-P8zC6LEd8nlLdM5q1bflFAwIvx0-W2ykSkIyQ2JbLqykKngEV34vVlVr0e6mbV-IlO-7otrww9EszWL6gxn_w0RqJnuZUkN-C-B2Igpvj2gyk1Rm8DwuwqH1rRNo9aP8fW6Um3vHJXZLkpfWnty8AE-qLyqcsE4AQBiAWV1LqxOZIFEAgSEAUYDzCIqo_P0abakx6gBlSAB63KlakCqAfZtrECqAeOzhuoB5PYG6gHnNwbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBC12wOoCAHSCBQIgGEQARgdMgKKAjoCgEBIvf3BOpoJMGh0dHBzOi8veW91dHUuYmUvSGlkcE5SbmoxUWc_c2k9UTBLRncybi1CVFVEeXRUVYAKA8gLAaIMDCoKCgjktLEC7rWxAtoMEQoLENDc2eDG25n2_wESAgED4g0TCJzq1qbFoIIDFfxLHQkd6-MGVcITBhi7terWAdgTAtAVAZgWAYAXAbIXHgocCAASFHB1Yi01ODU1MTQ5OTk4OTAzOTc2GLuJdg&sigh=fD7PCwU8QRI&cmd=Ch1jYS12aWRlby1wdWItMTI5MDk5NTkwMTkwNTU4OBAAGAI&uach_m=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&ase=2&nis=4&cid=CAQSPADICaaNT8frnTnqTVf18c9bA9bYjO7r3PsnaNGT8ZxHKPOshRs1qN57IkRp72sCp1U6VPb7HJNXQkIslRgB
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.599.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
Oy6hyfNY.js
tpc.googlesyndication.com/sodar/ Frame C25E 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Oy6hyfNY.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.599.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3b2ea1c9f3587781b58285cf64279e67f6329a3924fb93f81529f1826e2f4d16
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 16:41:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
512006
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15406
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 24 Oct 2024 16:41:03 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame C25E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?evt=showui&format=TRUEVIEW&lid=143&sdkv=h.3.599.0&e=44752657%2C44772139%2C44777649%2C44781409%2C44802463&id=ima_html5&c=493570768877889&domain=www.bg3.co
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.599.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Oct 2023 14:54:29 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/live/interaction/ Frame C25E 		42 B
65 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/live/interaction/?ai=CLUUUJBVBZfC-BfyX9fgP68ebqAXZj_Lkc6-_wPXqEfjbm9bcExABIIDP1Hxg9ZXOgeAEoAG7terWAcgBBakC-HUkfi3LST7gAgCoAwGYBACqBOoDT9CpTTJ_uZzIg7OYSRRDLewb14miYmpFbE528OK0eWXWzJmLSJS8s2RSo06nciA4LGgaXTSZL8LgDEDZyRziotlVIhj7IZJ5I7OymOCPoyRkFvyL1Tt_FgoZUoo6OEFeZsri3yAggSL_ZwwuMiQ6u9E1BvxLg0dPvg9Qij8mVFkKXtYHtarnYDfe9M-ps4CqyW49QcXti_qvN5h2nlvWsucainPbOxof-nl9lChbgqdXgsBa8sVCwyqAKYEAyZKiSknWJC4rdd2sN2FxLJLn7md6eErJZhu0wes9Ptxws6ilPrsyaRtLlWo6QdwPnBbYCZ6UX-kkNswSXv4bt4XbyUujCpXFpMB5UuXeUQ_v_WIpMDTM3fXWgJzaTOhLpJPaIHgqalVtKXoNhphgOCDi7p8EZ9d0nvmwaoNpmAIGouyTGokZZcp0Y7NvXHH1eXq9ltax6QqKy1DQXNL17kxLis3jetufWTeYQ3JyF8tK0LFxdFVAD7KpqcX81-P8zC6LEd8nlLdM5q1bflFAwIvx0-W2ykSkIyQ2JbLqykKngEV34vVlVr0e6mbV-IlO-7otrww9EszWL6gxn_w0RqJnuZUkN-C-B2Igpvj2gyk1Rm8DwuwqH1rRNo9aP8fW6Um3vHJXZLkpfWnty8AE-qLyqcsE4AQBiAWV1LqxOaAGVIAHrcqVqQKoB9m2sQKoB47OG6gHk9gbqAec3BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwGoCAHSCBQIgGEQARgdMgKKAjoCgEBIvf3BOoAKA8gLAaIMDCoKCgjktLEC7rWxAqoNAkNI4g0TCJzq1qbFoIIDFfxLHQkd6-MGVdgTAtAVAZgWAfgWAYAXAQ&sigh=kZjV-2yswIw&cmd=Ch1jYS12aWRlby1wdWItMTI5MDk5NTkwMTkwNTU4OBAAGAI&label=vast_creativeview&ad_mt=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ltt /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Oct 2023 14:54:29 GMT
x-content-type-options
nosniff
server
ltt
x-frame-options
SAMEORIGIN
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/live/interaction/ Frame C25E 		42 B
65 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/live/interaction/?ai=CLUUUJBVBZfC-BfyX9fgP68ebqAXZj_Lkc6-_wPXqEfjbm9bcExABIIDP1Hxg9ZXOgeAEoAG7terWAcgBBakC-HUkfi3LST7gAgCoAwGYBACqBOoDT9CpTTJ_uZzIg7OYSRRDLewb14miYmpFbE528OK0eWXWzJmLSJS8s2RSo06nciA4LGgaXTSZL8LgDEDZyRziotlVIhj7IZJ5I7OymOCPoyRkFvyL1Tt_FgoZUoo6OEFeZsri3yAggSL_ZwwuMiQ6u9E1BvxLg0dPvg9Qij8mVFkKXtYHtarnYDfe9M-ps4CqyW49QcXti_qvN5h2nlvWsucainPbOxof-nl9lChbgqdXgsBa8sVCwyqAKYEAyZKiSknWJC4rdd2sN2FxLJLn7md6eErJZhu0wes9Ptxws6ilPrsyaRtLlWo6QdwPnBbYCZ6UX-kkNswSXv4bt4XbyUujCpXFpMB5UuXeUQ_v_WIpMDTM3fXWgJzaTOhLpJPaIHgqalVtKXoNhphgOCDi7p8EZ9d0nvmwaoNpmAIGouyTGokZZcp0Y7NvXHH1eXq9ltax6QqKy1DQXNL17kxLis3jetufWTeYQ3JyF8tK0LFxdFVAD7KpqcX81-P8zC6LEd8nlLdM5q1bflFAwIvx0-W2ykSkIyQ2JbLqykKngEV34vVlVr0e6mbV-IlO-7otrww9EszWL6gxn_w0RqJnuZUkN-C-B2Igpvj2gyk1Rm8DwuwqH1rRNo9aP8fW6Um3vHJXZLkpfWnty8AE-qLyqcsE4AQBiAWV1LqxOaAGVIAHrcqVqQKoB9m2sQKoB47OG6gHk9gbqAec3BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwGoCAHSCBQIgGEQARgdMgKKAjoCgEBIvf3BOoAKA8gLAaIMDCoKCgjktLEC7rWxAqoNAkNI4g0TCJzq1qbFoIIDFfxLHQkd6-MGVdgTAtAVAZgWAfgWAYAXAQ&sigh=kZjV-2yswIw&cmd=Ch1jYS12aWRlby1wdWItMTI5MDk5NTkwMTkwNTU4OBAAGAI&label=part2viewed&ad_mt=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ltt /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Oct 2023 14:54:29 GMT
x-content-type-options
nosniff
server
ltt
x-frame-options
SAMEORIGIN
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
playback
www.youtube.com/api/stats/ Frame C25E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.youtube.com/api/stats/playback?cmt=0&rt=0&rtn=10&delay=30&adformat=2_2_1&c=vast_gvp_ads&el=adunit&len=954&ns=yt&ver=2&vtype=gvp&cplatform=desktop&cpn=cLskeZJEBZZoVM3P&docid=HidpNRnj1Qg&visitordata=CgtsR3VRc05YV2Zlaw%3D%3D&of=VXRufmRZE_LY34oljoTIeg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
/
googleads.g.doubleclick.net/pagead/live/interaction/ Frame C25E 		42 B
65 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/live/interaction/?ai=CLUUUJBVBZfC-BfyX9fgP68ebqAXZj_Lkc6-_wPXqEfjbm9bcExABIIDP1Hxg9ZXOgeAEoAG7terWAcgBBakC-HUkfi3LST7gAgCoAwGYBACqBOoDT9CpTTJ_uZzIg7OYSRRDLewb14miYmpFbE528OK0eWXWzJmLSJS8s2RSo06nciA4LGgaXTSZL8LgDEDZyRziotlVIhj7IZJ5I7OymOCPoyRkFvyL1Tt_FgoZUoo6OEFeZsri3yAggSL_ZwwuMiQ6u9E1BvxLg0dPvg9Qij8mVFkKXtYHtarnYDfe9M-ps4CqyW49QcXti_qvN5h2nlvWsucainPbOxof-nl9lChbgqdXgsBa8sVCwyqAKYEAyZKiSknWJC4rdd2sN2FxLJLn7md6eErJZhu0wes9Ptxws6ilPrsyaRtLlWo6QdwPnBbYCZ6UX-kkNswSXv4bt4XbyUujCpXFpMB5UuXeUQ_v_WIpMDTM3fXWgJzaTOhLpJPaIHgqalVtKXoNhphgOCDi7p8EZ9d0nvmwaoNpmAIGouyTGokZZcp0Y7NvXHH1eXq9ltax6QqKy1DQXNL17kxLis3jetufWTeYQ3JyF8tK0LFxdFVAD7KpqcX81-P8zC6LEd8nlLdM5q1bflFAwIvx0-W2ykSkIyQ2JbLqykKngEV34vVlVr0e6mbV-IlO-7otrww9EszWL6gxn_w0RqJnuZUkN-C-B2Igpvj2gyk1Rm8DwuwqH1rRNo9aP8fW6Um3vHJXZLkpfWnty8AE-qLyqcsE4AQBiAWV1LqxOaAGVIAHrcqVqQKoB9m2sQKoB47OG6gHk9gbqAec3BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwGoCAHSCBQIgGEQARgdMgKKAjoCgEBIvf3BOoAKA8gLAaIMDCoKCgjktLEC7rWxAqoNAkNI4g0TCJzq1qbFoIIDFfxLHQkd6-MGVdgTAtAVAZgWAfgWAYAXAQ&sigh=kZjV-2yswIw&cmd=Ch1jYS12aWRlby1wdWItMTI5MDk5NTkwMTkwNTU4OBAAGAI&label=admute&ad_mt=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ltt /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Oct 2023 14:54:29 GMT
x-content-type-options
nosniff
server
ltt
x-frame-options
SAMEORIGIN
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
native.js
s.yimg.com/dy/ads/ Frame 6D01 		81 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.yimg.com/dy/ads/native.js
Requested by
Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/ysm_bg3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
f5be70c103392c0ce642305bd1a7ee21a157f8d8f1f382b32b1cb56d04d47dfa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 14:47:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-request-id
1P0KR5DFM30WMSCA
age
436
x-amz-server-side-encryption
AES256
x-amz-id-2
TDcCQaaXNTkViUKp8lAjPLdYoQBIGvmBhooiVy8CA4ZDFKvmKXN5pOCHKGon0Ke3grWZqRRiQEc=
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 17 Oct 2023 19:38:05 GMT
server
ATS
etag
"3db30c4cf00aa6181fb6d0d40f94d7fc-df"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary
Origin, Accept-Encoding
content-type
application/javascript
cache-control
max-age=600
accept-ranges
bytes
truncated
/ Frame 6D01 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fa7169652bfeb951bb2e6795f3482f8b22ba2c41c153f5dfe0c802741e5ea479

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
usersync
rtb.gumgum.com/ Frame 6C5A
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=1301&gdpr=0&gdpr_consent=
  • https://rtb.gumgum.com/usersync?b=adf&i=3765797799554591622&gdpr=0&gdpr_consent=
35 B
208 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=adf&i=3765797799554591622&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.73.51.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-73-51-1.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
private, no-store, must-revalidate, max-age=0
content-length
35
content-type
image/gif;charset=UTF-8
date
Tue, 31 Oct 2023 14:54:29 GMT
expires
0
pragma
no-cache
server
nginx
timing-allow-origin
*

Redirect headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
0
date
Tue, 31 Oct 2023 14:54:29 GMT
expires
-1
location
https://rtb.gumgum.com/usersync?b=adf&i=3765797799554591622&gdpr=0&gdpr_consent=
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
mSNSQAl__hw8z5PwJ1hA32amL2zkBniEArBt9BN1XWc.js
pagead2.googlesyndication.com/bg/ Frame 929A 		38 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/mSNSQAl__hw8z5PwJ1hA32amL2zkBniEArBt9BN1XWc.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
99235240097ffe1c3ccf93f0275840df66a62f6ce406788402b06df413755d67
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 10:57:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
14227
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15010
x-xss-protection
0
last-modified
Tue, 24 Oct 2023 11:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 30 Oct 2024 10:57:22 GMT
drop_cookie_sw.php
csync.smilewanted.com/ Frame EE27 		0
323 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/drop_cookie_sw.php
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
81ecbbca6fc19bb2-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 31 Oct 2023 14:54:29 GMT
server
cloudflare
vary
Accept-Encoding
truncated
/ 		427 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b7d818c698d26d9d34c00c94853c93b34abb2fd53e97c415fafb9e84df993f31

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		415 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9c51b3bb0c5188de2571ed94d9432b85693241de3e05e5e82247dd8a45d4d03f

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		414 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8d5d4d2769bdb28802f4309747ef6a358007eeb37daadc66a78ba0ca81cd4bce

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
usync.js
eus.rubiconproject.com/ Frame 65AB 		40 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.221.169.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-169-246.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
9707d6e62a22e990a7f0c39c793fba66c4cb0f017f51103851dab68ea94b7d2d

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 31 Oct 2023 14:54:29 GMT
Content-Encoding
gzip
Last-Modified
Tue, 31 Oct 2023 06:39:56 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=56734
Connection
keep-alive
Content-Length
11053
Expires
Wed, 01 Nov 2023 06:40:03 GMT
pixel
cm.g.doubleclick.net/ Frame 20D8 		170 B
188 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV82ZjNhODkyZS03NDc2LTQxM2QtOGJiOS02NDIzNGQ0ZDgxODU=&gdpr=0&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f194.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
170
content-type
image/png
cross-origin-resource-policy
cross-origin
date
Tue, 31 Oct 2023 14:54:29 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame CC45 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.211.9.91 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-211-9-91.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=55918
content-encoding
gzip
content-length
5606
content-type
text/html
date
Tue, 31 Oct 2023 14:54:29 GMT
expires
Wed, 01 Nov 2023 06:26:27 GMT
last-modified
Fri, 01 Sep 2023 11:18:33 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
generic
match.adsrvr.org/track/cmf/ Frame D8D6 		70 B
148 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

content-length
70
content-type
image/gif
date
Tue, 31 Oct 2023 14:54:29 GMT
server
Kestrel
usersync
usersync.gumgum.com/ Frame C281
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=gumgum
  • https://usersync.gumgum.com/usersync?b=sus&i=ZUEVJsCo5s8AADDHjtEAAAAA
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=sus&i=ZUEVJsCo5s8AADDHjtEAAAAA
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Tue, 31 Oct 2023 14:54:30 GMT
Expires
0
Pragma
no-cache

Redirect headers

Cache-Control
private
Connection
keep-alive
Content-Length
0
Date
Tue, 31 Oct 2023 14:54:30 GMT
Location
https://usersync.gumgum.com/usersync?b=sus&i=ZUEVJsCo5s8AADDHjtEAAAAA
P3P
CP="See also http://www.scaleout.jp/privacy/"
Server
nginx
X-SO-Ads-Time
3
X-SO-Cluster-ID
0
X-SO-HostName
a-ad40091.dc2p.scaleout.jp
X-SO-IP
195.206.105.130
X-SO-Key
ZUEVJsCo5s8AADDHjtEAAAAA
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":0,"gdpr":false,"ipv4":"195.206.105.130","key":"ZUEVJsCo5s8AADDHjtEAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"a-ad40091"}
X-SO-LB-Hostname
a-tgng40011.dc2p.scaleout.jp
X-SO-Upstream-ID
a-ad40091
usersync
usersync.gumgum.com/ Frame 3362
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://usersync.gumgum.com/usersync?b=rth&i=RmUd31MLs7eUvNzo6Awi&pi=gumgum
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=rth&i=RmUd31MLs7eUvNzo6Awi&pi=gumgum
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Tue, 31 Oct 2023 14:54:29 GMT
Expires
0
Pragma
no-cache

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Tue, 31 Oct 2023 14:54:29 GMT Tue, 31 Oct 2023 14:54:29 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://usersync.gumgum.com/usersync?b=rth&i=RmUd31MLs7eUvNzo6Awi&pi=gumgum
pragma
no-cache
usync.html
eus.rubiconproject.com/ Frame 52E0
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
  • https://eus.rubiconproject.com/usync.html?p=gumgum
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.221.169.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-169-246.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 31 Oct 2023 14:54:29 GMT
ETag
"4014f-119-6051b805b8000"
Last-Modified
Mon, 11 Sep 2023 20:52:16 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Tue, 31 Oct 2023 14:54:29 GMT
location
https://eus.rubiconproject.com/usync.html?p=gumgum
server
AkamaiGHost
/
onetag-sys.com/usync/ Frame 1098 		2 KB
814 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
pixel
ap.lijit.com/ Frame 45E5 		0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&ismms2s=1&redir=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21488%26id%3D%24UID
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.6 New York, United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 31 Oct 2023 14:54:29 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
ImgSync
image8.pubmatic.com/AdServer/ Frame 45E5
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&ismms2s=1&p=161683&pu=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21482%26id%3D%23PMUID
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=2447243403012636083
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
0
93 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
185.64.190.79 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 14:54:29 GMT
cache-control
private,max-age=86400
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
date
Tue, 31 Oct 2023 14:54:28 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cs
cs-rtb.minutemedia-prebid.com/ Frame 45E5
Redirect Chain
  • https://prebid.a-mo.net/cchain/0?cb=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21492%26uid%3D&gdpr=0&gdpr_consent=&ismms2s=1
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21492&uid=&gdpr=0
0
533 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-rtb.minutemedia-prebid.com/cs?aid=21492&uid=&gdpr=0
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
2600:9000:21dd:e200:1f:4c18:bd40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 14:54:29 GMT
via
1.1 ef8392d3895fa7368e6a67a055402788.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
EWR53-C2
x-reason
missing buyer cookie sync value, buyer id: '21492'
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
x-cache
Miss from cloudfront
content-type
application/javascript
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0
x-amz-cf-id
Ftrc-n3-fVmKz4myrRERy8g9fQfr8bl5_HkSzWWPz_PKR7m9UpJA_A==

Redirect headers

location
https://cs-rtb.minutemedia-prebid.com/cs?aid=21492&uid=&gdpr=0
date
Tue, 31 Oct 2023 14:54:29 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
0
server
envoy
content-length
0
cs
cs-rtb.minutemedia-prebid.com/ Frame 45E5
Redirect Chain
  • https://u.openx.net/w/1.0/cm?gdpr=0&gdpr_consent=&id=29975467-6f1b-4e06-b545-920b22ea49b2&ismms2s=1&r=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21477%26id%3D
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21477&id=bb861941-6cf4-4c84-a395-62bb5f6970aa
0
486 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-rtb.minutemedia-prebid.com/cs?aid=21477&id=bb861941-6cf4-4c84-a395-62bb5f6970aa
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
2600:9000:21dd:e200:1f:4c18:bd40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 14:54:29 GMT
via
1.1 ef8392d3895fa7368e6a67a055402788.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
EWR53-C2
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
x-cache
Miss from cloudfront
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0
x-amz-cf-id
mHbJDGNAKPu-NDjz-0t4tTFPPIbdVuJA7GsCmlYBY81jslENI5Pwfw==

Redirect headers

date
Tue, 31 Oct 2023 14:54:29 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://cs-rtb.minutemedia-prebid.com/cs?aid=21477&id=bb861941-6cf4-4c84-a395-62bb5f6970aa
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
cs
cs-rtb.minutemedia-prebid.com/ Frame 45E5
Redirect Chain
  • https://visitor.omnitagjs.com/visitor/bsync?gdpr=0&gdpr_consent=&ismms2s=1&name=MinuteMedia&uid=a1aca1d7a7acd80e26595e82223f1e6f&url=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21502%2...
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21502&id=b0ce368651a755b519f599af3a952f7e
0
485 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-rtb.minutemedia-prebid.com/cs?aid=21502&id=b0ce368651a755b519f599af3a952f7e
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
2600:9000:21dd:e200:1f:4c18:bd40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 14:54:29 GMT
via
1.1 ef8392d3895fa7368e6a67a055402788.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
EWR53-C2
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
x-cache
Miss from cloudfront
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0
x-amz-cf-id
mf_Va8W1UPoLzb5S47UGeqDnI-nufdsr6j6v3Puq42US-Ax8RPF62A==

Redirect headers

pragma
no-cache
date
Tue, 31 Oct 2023 14:54:29 GMT
via
kong/2.8.4
x-content-type-options
nosniff
x-kong-proxy-latency
0
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
location
https://cs-rtb.minutemedia-prebid.com/cs?aid=21502&id=b0ce368651a755b519f599af3a952f7e
x-kong-upstream-latency
6
content-type
text/html; charset=UTF-8
cache-control
no-cache, no-store, must-revalidate
content-length
0
expires
0
cs
cs-rtb.minutemedia-prebid.com/ Frame 45E5
Redirect Chain
  • https://eb2.3lift.com/getuid?cmp_cs=&gdpr=0&ismms2s=1&redir=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21480%26id%3D%24UID
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21480%26id%3D%24UID
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21480&id=3442246116530153603786
0
486 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-rtb.minutemedia-prebid.com/cs?aid=21480&id=3442246116530153603786
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
2600:9000:21dd:e200:1f:4c18:bd40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 14:54:29 GMT
via
1.1 ef8392d3895fa7368e6a67a055402788.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
EWR53-C2
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
x-cache
Miss from cloudfront
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0
x-amz-cf-id
GMuZHaGCtow0_AHeG6ZwOX4xMy158jMhxyyPze3RPxg42ni53cLELg==

Redirect headers

location
https://cs-rtb.minutemedia-prebid.com/cs?aid=21480&id=3442246116530153603786
date
Tue, 31 Oct 2023 14:54:29 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
cs
cs-rtb.minutemedia-prebid.com/ Frame 45E5
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21476%26id%3D&ismms2s=1&s=196326
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21476&id=ZUEVJUQS5JXaHCYGXqdF4wAA%265293
0
488 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-rtb.minutemedia-prebid.com/cs?aid=21476&id=ZUEVJUQS5JXaHCYGXqdF4wAA%265293
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
2600:9000:21dd:e200:1f:4c18:bd40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 14:54:29 GMT
via
1.1 ef8392d3895fa7368e6a67a055402788.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
EWR53-C2
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
x-cache
Miss from cloudfront
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0
x-amz-cf-id
ZsHqRgYH2X7TMgvj6j-9JbqWFN9XZCDXI9eUqamRTXYJwmsA7a-QCw==

Redirect headers

pragma
no-cache
date
Tue, 31 Oct 2023 14:54:29 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mOeCpqaLwSqJz%2Fkdn4CVI8dplbGcnPCSxnEZKvnkY5qr4tfHUTvpKpk8ZVD8GmpZICAchF%2By%2FrDr39u3qGHg%2BOqzqCWwJeNfFg8x6zSwx2iMrHJSQyhOsPrKlx%2BUH9WIcvTvtXeRZR0qlA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://cs-rtb.minutemedia-prebid.com/cs?aid=21476&id=ZUEVJUQS5JXaHCYGXqdF4wAA%265293
cache-control
no-cache
cf-ray
81ecbbcadaf12c3a-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
sync
ads.servenobid.com/ Frame 45E5 		0
341 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=348&uid=V2OLw4a-kp_mm
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.213.237.149 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-213-237-149.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 14:54:29 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
cs
cs.yellowblue.io/ Frame 1509
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=3663&gdpr=0&gdpr_consent=
  • https://cs.yellowblue.io/cs?aid=11601&id=fadb51c9341f022911b67d771ee3e63&gdpr_consent=&gdpr=0
0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.yellowblue.io/cs?aid=11601&id=fadb51c9341f022911b67d771ee3e63&gdpr_consent=&gdpr=0
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
52.49.194.113 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-49-194-113.eu-west-1.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 14:54:29 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

Pragma
no-cache
Date
Tue, 31 Oct 2023 14:54:29 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://cs.yellowblue.io/cs?aid=11601&id=fadb51c9341f022911b67d771ee3e63&gdpr_consent=&gdpr=0
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1698764069691081-545
Expires
Tue, 31 Oct 2023 14:54:29 GMT
v1
match.sharethrough.com/universal/ Frame 1509 		0
34 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/universal/v1?supply_id=5926d422&gdpr=0&gdpr_consent=
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.67.250.230 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-67-250-230.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 14:54:29 GMT
ImgSync
image8.pubmatic.com/AdServer/ Frame 1509
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160295&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11576%26id%3D%23PMUID
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=2447243403012636083
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
0
93 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
185.64.190.79 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 14:54:29 GMT
cache-control
private,max-age=86400
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
date
Tue, 31 Oct 2023 14:54:28 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
sync
ads.servenobid.com/ Frame 1509 		0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=352&uid=T8ORw4azCp_s
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.213.237.149 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-213-237-149.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 14:54:29 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
pixel
ap.lijit.com/ Frame C96E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fsovrn%2F%24UID
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.6 New York, United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Date
Tue, 31 Oct 2023 14:54:29 GMT
X-Sovrn-Pod
ad_ap2ams1
hhrtBw21.html
tpc.googlesyndication.com/sodar/ Frame D9F5 		23 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/hhrtBw21.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Oy6hyfNY.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
861aed070db50ce0da9928455deff784c115b44540b09450f225ff7cff0c7429
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
17633
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8727
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 31 Oct 2023 10:00:36 GMT
expires
Wed, 30 Oct 2024 10:00:36 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
Pug
simage2.pubmatic.com/AdServer/ Frame DC82
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
42 B
113 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 31 Oct 2023 14:54:28 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

cache-control
no-cache
content-length
0
cross-origin-resource-policy
cross-origin
date
Tue, 31 Oct 2023 14:54:28 GMT
expires
Tue, 31 Oct 2023 00:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
852915
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
dcm
aax-eu.amazon-adsystem.com/s/ Frame 85D2 		43 B
855 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=A01F74C6-5714-45B1-8E9F-B6A125E3E453&redir=true&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.94.223.167 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Tue, 31 Oct 2023 14:54:29 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
0B0WY53ZEWY635BNNECE
Pug
image2.pubmatic.com/AdServer/ Frame 7CBF
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=5zbg0eA25tH8MeTX42f52OBi44L8NeXX5jByHDEs
42 B
416 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=5zbg0eA25tH8MeTX42f52OBi44L8NeXX5jByHDEs
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 31 Oct 2023 14:54:29 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
date
Tue, 31 Oct 2023 14:54:29 GMT
expires
Fri, 04 Aug 1978 12:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=5zbg0eA25tH8MeTX42f52OBi44L8NeXX5jByHDEs
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma
no-cache
strict-transport-security
max-age=86400
Pug
simage2.pubmatic.com/AdServer/ Frame A8A6
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2447243403012636083&gdpr=0&gdpr_consent=
42 B
218 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2447243403012636083&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 31 Oct 2023 14:54:29 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
access-control-allow-origin
*
an-x-request-uuid
e7fe8877-e993-4cce-9747-a6e237117eca
cache-control
no-store, no-cache, private
content-length
0
content-type
text/html; charset=utf-8
date
Tue, 31 Oct 2023 14:54:29 GMT
expires
Sat, 15 Nov 2008 16:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2447243403012636083&gdpr=0&gdpr_consent=
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma
no-cache
server
nginx/1.23.4
x-proxy-origin
195.206.105.130; 195.206.105.130; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
x-xss-protection
0
cs
cs-server-s2s.yellowblue.io/ Frame C0F0
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7296136119996512409&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=A01F74C6-5714-45B1-8E9F-B6A125E3E453
0
321 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=A01F74C6-5714-45B1-8E9F-B6A125E3E453
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
52.205.208.143 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-205-208-143.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://ads.pubmatic.com/
content-length
0
content-type
application/javascript
date
Tue, 31 Oct 2023 14:54:29 GMT
server
istio-envoy
x-envoy-upstream-service-time
0

Redirect headers

cache-control
private,max-age=86400
content-length
115
content-type
text/html; charset=utf-8
date
Tue, 31 Oct 2023 14:54:29 GMT
location
https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=A01F74C6-5714-45B1-8E9F-B6A125E3E453
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
ImgSync
image8.pubmatic.com/AdServer/ Frame 0F3A
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy=
  • https://ws.rqtrk.eu/pull?pid=6298098f-c92c-4c68-bdfc-f454f26a86ac&redirect=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D193%26user_id%3D%24BROWSER_ID%26gdpr%3D%24GDPR%26gdpr_consent%3D%24GDPR_CO...
  • https://a.audrte.com/get?gdpr=0&gdpr_consent=&p=1017871179&r=https://ws.rqtrk.eu/push?pid%3D30036f87-064a-40e2-82e0-38cacebdccad%26uid%3D$UID%26tr%3D0
  • https://ws.rqtrk.eu/push?pid=30036f87-064a-40e2-82e0-38cacebdccad&uid=c3brbZGjPxCQPa6FBfm9MJ8oA&tr=0
  • https://x.bidswitch.net/sync?dsp_id=193&user_id=a6f0cba5-9e58-455b-92d2-0b2260d1b377&gdpr=0&gdpr_consent=&expires=1&ssp=pubmatic
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=9b45e93c-af27-4e01-ba3b-f5b8983d2c33&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.79 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
private,max-age=86400
date
Tue, 31 Oct 2023 14:54:30 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

cache-control
no-store, no-cache, private
date
Tue, 31 Oct 2023 14:54:28 GMT
location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
ImgSync
image8.pubmatic.com/AdServer/ Frame 06ED
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=knAKLyoyX0tzy3brmzysSMPOaYI&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.79 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
private,max-age=86400
date
Tue, 31 Oct 2023 14:54:29 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

cache-control
no-store, no-cache, private
date
Tue, 31 Oct 2023 14:54:28 GMT
location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
Pug
simage2.pubmatic.com/AdServer/ Frame 71F2
Redirect Chain
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
0
74 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Tue, 31 Oct 2023 14:54:29 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
date
Tue, 31 Oct 2023 14:54:29 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
server
_
b9pj45k4
sync-tm.everesttech.net/ct/upi/pid/ Frame 2E3A
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_con...
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_...
85 B
236 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZUEVJQAAQw9o3gBH
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
85
content-type
image/png
date
Tue, 31 Oct 2023 14:54:29 GMT
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-fra-eddf8230098-FRA
x-timer
S1698764070.798466,VS0,VE98

Redirect headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
0
date
Tue, 31 Oct 2023 14:54:29 GMT
location
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZUEVJQAAQw9o3gBH
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-fra-eddf8230098-FRA
x-timer
S1698764070.671546,VS0,VE95
ImgSync
image8.pubmatic.com/AdServer/ Frame 42F0
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFDNWRVN0tnaW9BQUJmSVZIQVNsQQ&gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Cpm&bee_sync_current_partner=adx&bee_sync_init...
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://bh.contextweb.com/bh/rtset?ev=AAC5dU7KgioAABfIVHASlA&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dp...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=pm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AAC5dU7KgioAABfIVHASlA&pid=558502&do=add&gdpr=0
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAC5dU7KgioAABfIVHASlA&gdpr=0
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.79 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
private,max-age=86400
date
Tue, 31 Oct 2023 14:54:29 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

cache-control
no-store, no-cache, private
date
Tue, 31 Oct 2023 14:54:29 GMT
location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
ImgSync
image8.pubmatic.com/AdServer/ Frame E73C
Redirect Chain
  • https://t.adx.opera.com/pub/sync?pubid=pub8730968190912
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPUcd7d83846cbc4bf7bbcd2f4622650f8d
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.79 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
private,max-age=86400
date
Tue, 31 Oct 2023 14:54:29 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

cache-control
no-store, no-cache, private
date
Tue, 31 Oct 2023 14:54:27 GMT
location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
cs
cs-server-s2s.yellowblue.io/ Frame BA0B
Redirect Chain
  • https://b1sync.zemanta.com/usersync/pubmatic/?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:&gdpr=0&gdpr_consent=&gdpr=0
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=A01F74C6-5714-45B1-8E9F-B6A125E3E453
0
321 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=A01F74C6-5714-45B1-8E9F-B6A125E3E453
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
52.205.208.143 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-205-208-143.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://ads.pubmatic.com/
content-length
0
content-type
application/javascript
date
Tue, 31 Oct 2023 14:54:29 GMT
server
istio-envoy
x-envoy-upstream-service-time
1

Redirect headers

cache-control
private,max-age=86400
content-length
115
content-type
text/html; charset=utf-8
date
Tue, 31 Oct 2023 14:54:28 GMT
location
https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=A01F74C6-5714-45B1-8E9F-B6A125E3E453
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
bridge
cm.adgrx.com/ Frame 98F4 		43 B
282 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.231.180.197 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
ams-delivery-4.sys.adgear.com
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
content-length
43
content-type
image/gif
date
Tue, 31 Oct 2023 14:54:29 GMT
expires
Thu, 23 Sep 2004 17:42:04 GMT
p3p
CP="NOI OTC OTP OUR NOR"
pragma
no-cache
server
Cowboy
x-realserver-nx
ams-delivery-1
cm
ipac.ctnsnet.com/int/ Frame 2DD8 		43 B
313 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.193.173 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
173.193.186.35.bc.googleusercontent.com
Software
Apache-Coyote/1.1 /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
43
content-type
image/gif
date
Tue, 31 Oct 2023 14:54:29 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
CP="NOI DSP COR NID CUR OUR NOR"
pragma
no-cache
server
Apache-Coyote/1.1
via
1.1 google
ImgSync
image8.pubmatic.com/AdServer/ Frame 8B02
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=3774270476419636622
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.79 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
private,max-age=86400
date
Tue, 31 Oct 2023 14:54:29 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

cache-control
no-store, no-cache, private
date
Tue, 31 Oct 2023 14:54:28 GMT
location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
Pug
image2.pubmatic.com/AdServer/ Frame 40EE
Redirect Chain
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5140084928013254505
42 B
424 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5140084928013254505
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 31 Oct 2023 14:54:28 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Content-Length
0
Date
Tue, 31 Oct 2023 14:54:29 GMT
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5140084928013254505
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server
Jetty(9.4.51.v20230217)
cookiesync
core.iprom.net/ Frame C852 		43 B
276 B 		Document
General
Check archive.org
Download Go to
Full URL
https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Connection
close
Content-Length
43
Content-Type
image/gif
Date
Tue, 31 Oct 2023 14:54:29 GMT
Vary
Accept-Encoding
X-adserver-worker
molok-a5d72f7ced17@version_1.575
X-core-time
0ms
X-server-arch
v2
usersyncsupply
cm-supply-web.gammaplatform.com/adx/ Frame 9B5E 		0
0
Pug
image2.pubmatic.com/AdServer/ Frame 8DEB
Redirect Chain
  • https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent=
  • https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25...
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=9ef5ca8c17568aea/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%...
  • https://pixel-eu.onaudience.com/?partner=104&icm&cver&mapped=71f2983ac7677acd3b9726cceb7f1ba3&gdpr=0&redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4OD...
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=tk2EoAPtRnMVjgSjbTVUSgng&gdpr=0&gdpr_consent=
42 B
201 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=tk2EoAPtRnMVjgSjbTVUSgng&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 31 Oct 2023 14:54:29 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=tk2EoAPtRnMVjgSjbTVUSgng&gdpr=0&gdpr_consent=
sync
ads.servenobid.com/ Frame CB88 		0
357 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/sync?pid=316&uid=A01F74C6-5714-45B1-8E9F-B6A125E3E453
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.213.237.149 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-213-237-149.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
amp-access-control-allow-source-origin
*
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
content-length
0
content-type
text/html;charset=ISO-8859-1
date
Tue, 31 Oct 2023 14:54:29 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 931A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=oB90xlcURbGOn7ahJePkUw%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
23.211.9.91 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-211-9-91.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 14:54:29 GMT
content-encoding
gzip
last-modified
Fri, 01 Sep 2023 11:18:33 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=55918
accept-ranges
bytes
content-length
5606
expires
Wed, 01 Nov 2023 06:26:27 GMT

Redirect headers

pragma
no-cache
date
Tue, 31 Oct 2023 14:54:29 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
qmap
sync.crwdcntrl.net/ Frame 931A
Redirect Chain
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=A01F74C6-5714-45B1-8E9F-B6A125E3E453&gdpr=0&gdpr_consent=
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=A01F74C6-5714-45B1-8E9F-B6A125E3E453&gdpr=0&gdpr_consent=&ct=y
49 B
544 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=A01F74C6-5714-45B1-8E9F-B6A125E3E453&gdpr=0&gdpr_consent=&ct=y
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
18.202.86.19 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-202-86-19.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Oct 2023 14:54:29 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.4.115
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Tue, 31 Oct 2023 14:54:29 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=A01F74C6-5714-45B1-8E9F-B6A125E3E453&gdpr=0&gdpr_consent=&ct=y
cache-control
no-cache
x-server
10.45.17.75
content-length
0
expires
0
cr
cr.frontend.weborama.fr/ Frame 931A
Redirect Chain
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=1502487348
0
45 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=1502487348
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
34.111.129.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.129.111.34.bc.googleusercontent.com
Software
Weborama Collect Frontend /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Oct 2023 14:54:29 GMT
via
1.1 google
last-modified
Tue, 31 Oct 2023 14:54:29 GMT
server
Weborama Collect Frontend
vary
Origin
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 31 Oct 2023 14:54:28 GMT
via
1.1 google
last-modified
Tue, 31 Oct 2023 14:54:29 GMT
server
Weborama Collect Frontend
vary
Origin
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
location
https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=1502487348
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Tue, 03 Jul 2001 06:00:00 GMT
p
a.audrte.com/ Frame 931A
Redirect Chain
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=A01F74C6-5714-45B1-8E9F-B6A125E3E453
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=YzNiSTZ4NU1nQzBUcDZMamliLVl2WktXdw==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL...
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent=
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent=
  • https://a.audrte.com/a?adform_uid=3765797799554591622&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D
  • https://a.audrte.com/p
68 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
HTTP/1.1
Server
34.246.239.231 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-246-239-231.eu-west-1.compute.amazonaws.com
Software
nginx/1.22.1 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 31 Oct 2023 14:54:30 GMT
Server
nginx/1.22.1
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Tue, 31 Oct 2023 14:54:30 GMT
Server
nginx/1.22.1
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Access-Control-Allow-Origin
*
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Pug
image2.pubmatic.com/AdServer/ Frame 931A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QTAxRjc0QzYtNTcxNC00NUIxLThFOUYtQjZBMTI1RTNFNDUz&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Tue, 31 Oct 2023 14:54:28 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 31 Oct 2023 14:54:29 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 931A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEMppDb6C35J4XVXiHbL-HmE&google_cver=1
42 B
268 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEMppDb6C35J4XVXiHbL-HmE&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Tue, 31 Oct 2023 14:54:28 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 31 Oct 2023 14:54:29 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEMppDb6C35J4XVXiHbL-HmE&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame 931A 		43 B
612 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.204.158.49 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
49.158.204.35.bc.googleusercontent.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 14:54:29 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Mon, 30 Oct 2023 14:54:29 GMT
cs
cs-server-s2s.yellowblue.io/ Frame 931A
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=3765797799554591622
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=A01F74C6-5714-45B1-8E9F-B6A125E3E453
0
321 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=A01F74C6-5714-45B1-8E9F-B6A125E3E453
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
52.205.208.143 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-205-208-143.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 14:54:29 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://ads.pubmatic.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

location
https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=A01F74C6-5714-45B1-8E9F-B6A125E3E453
date
Tue, 31 Oct 2023 14:54:29 GMT
cache-control
private,max-age=86400
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
115
content-type
text/html; charset=utf-8
generic
match.adsrvr.org/track/cmf/ Frame 931A 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 14:54:29 GMT
server
Kestrel
content-length
70
content-type
image/gif
A01F74C6-5714-45B1-8E9F-B6A125E3E453
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 931A 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/A01F74C6-5714-45B1-8E9F-B6A125E3E453?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3602:b6d5:6b91:e46f:a747 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 14:54:29 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
SPug
image4.pubmatic.com/AdServer/ Frame 931A
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=A01F74C6-5714-45B1-8E9F-B6A125E3E453&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-YZ8s9FhE2uWZLDxrTyb0IeMHqhTFkRY-~A&gdpr=0
0
261 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-YZ8s9FhE2uWZLDxrTyb0IeMHqhTFkRY-~A&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
198.47.127.20 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 14:54:28 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-YZ8s9FhE2uWZLDxrTyb0IeMHqhTFkRY-~A&gdpr=0
date
Tue, 31 Oct 2023 14:54:29 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Pug
image2.pubmatic.com/AdServer/ Frame 931A
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=bcac1c91-5988-42c1-b9e2-49bb8fc304d7-65411525-4348&gdpr=0&gdpr_consent=
42 B
263 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=bcac1c91-5988-42c1-b9e2-49bb8fc304d7-65411525-4348&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Tue, 31 Oct 2023 14:54:28 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 31 Oct 2023 14:54:28 GMT
server
A
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=bcac1c91-5988-42c1-b9e2-49bb8fc304d7-65411525-4348&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 931A
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3376923166007774755&gdpr=0&gdpr_consent=&us_privacy=
1 B
300 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3376923166007774755&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Tue, 31 Oct 2023 14:54:29 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3376923166007774755&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Tue, 31 Oct 2023 14:54:28 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
ImgSync
image8.pubmatic.com/AdServer/ Frame 931A
Redirect Chain
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=A01F74C6-5714-45B1-8E9F-B6A125E3E453&gdpr=0&gdpr_consent=
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=571e0c8e1cc31615&is_secure=true&networkId=17100&version=1&nuid=A01F74C6-5714-45B1-8E9F-B6A125E3E453&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAIICPG5F7edANf8NXlAAAAAAA&expiration=1698850469&nuid=A01F74C6-5714-45B1-8E9F-B6A125E3E453&...
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
0
93 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
185.64.190.79 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 14:54:29 GMT
cache-control
private,max-age=86400
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
date
Tue, 31 Oct 2023 14:54:28 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Pug
simage2.pubmatic.com/AdServer/ Frame 931A
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:20e14219-bc79-4aa9-acbb-38c1d5f70d98&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
0
0
khaos.json
token.rubiconproject.com/ Frame 65AB 		7 B
778 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?khaos=LOEG9HJE-1C-LMHU
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
e8e3ec71b160ae7345e4e302cc752a77
Expires
0
/
sync.richaudience.com/a939d25b950298d0a5d324cea4fcd3d1/ Frame 1BE9
Redirect Chain
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=ns9qrKJLKD&consentString=&r=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Frichaudience%2F%5BPDID%5D
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcsync.smilewanted.com%2F
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcsync.smilewanted.com%2F&rd=1
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.richaudience.com%2Fa939d25b950298d0a5d324cea4fcd3d1%2F%3Fuid%3D$UID&gdpr=0&gdpr_consent=
  • https://sync.richaudience.com/a939d25b950298d0a5d324cea4fcd3d1/?uid=2447243403012636083&gdpr=0&gdpr_consent=
95 B
361 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.richaudience.com/a939d25b950298d0a5d324cea4fcd3d1/?uid=2447243403012636083&gdpr=0&gdpr_consent=
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
168.119.72.236 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.236.72.119.168.clients.your-server.de
Software
nginx / PHP/8.2.5
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

content-type
image/png
date
Tue, 31 Oct 2023 14:53:03 GMT
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
server
nginx
x-powered-by
PHP/8.2.5

Redirect headers

accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
access-control-allow-origin
*
an-x-request-uuid
3ff604aa-56ce-4c51-ae5b-e870c4fe4c23
cache-control
no-store, no-cache, private
content-length
0
content-type
text/html; charset=utf-8
date
Tue, 31 Oct 2023 14:54:29 GMT
expires
Sat, 15 Nov 2008 16:00:00 GMT
location
https://sync.richaudience.com/a939d25b950298d0a5d324cea4fcd3d1/?uid=2447243403012636083&gdpr=0&gdpr_consent=
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma
no-cache
server
nginx/1.23.4
x-proxy-origin
195.206.105.130; 195.206.105.130; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
x-xss-protection
0
usync.js
eus.rubiconproject.com/ Frame 52E0 		40 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.221.169.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-169-246.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
9707d6e62a22e990a7f0c39c793fba66c4cb0f017f51103851dab68ea94b7d2d

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 31 Oct 2023 14:54:29 GMT
Content-Encoding
gzip
Last-Modified
Tue, 31 Oct 2023 06:39:56 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=56734
Connection
keep-alive
Content-Length
11053
Expires
Wed, 01 Nov 2023 06:40:03 GMT
generic
match.adsrvr.org/track/cmf/ Frame 5870
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=smilewanted
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8966135194
70 B
148 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8966135194
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

content-length
70
content-type
image/gif
date
Tue, 31 Oct 2023 14:54:29 GMT
server
Kestrel

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-type
text/html
date
Tue, 31 Oct 2023 14:54:29 GMT
etag
RX1e5f4efd420e44fba41e0d169105e820003
expires
0
location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8966135194
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
pragma
no-cache
48237484-3cf0-5230-bbe4-d491dea5c1b4
csync.smilewanted.com/set_partner_userid_get/betweenx/ Frame A8AE
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=45128&callback_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbetweenx%2F${USER_ID}
  • https://ads.betweendigital.com/match?bidder_id=45128&callback_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbetweenx%2F${USER_ID}&crf=1&rts=8445765279022348259
  • https://csync.smilewanted.com/set_partner_userid_get/betweenx/48237484-3cf0-5230-bbe4-d491dea5c1b4
0
386 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/betweenx/48237484-3cf0-5230-bbe4-d491dea5c1b4
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
81ecbbcd5b0b9bb2-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 31 Oct 2023 14:54:29 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
location
https://csync.smilewanted.com/set_partner_userid_get/betweenx/48237484-3cf0-5230-bbe4-d491dea5c1b4
sync
ads.servenobid.com/ Frame 65AB
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=duration_media&khaos=LOEG9HJE-1C-LMHU
  • https://ads.servenobid.com/sync?pid=323&uid=LOEG9HJE-1C-LMHU
0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=323&uid=LOEG9HJE-1C-LMHU
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol
H2
Server
52.213.237.149 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-213-237-149.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 14:54:30 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ads.servenobid.com/sync?pid=323&uid=LOEG9HJE-1C-LMHU
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
0190a17a18f2299b1b85aeb1793e601c
Expires
0
64800e60d36c11fe0f0ab3f8954851400cd5b0b7725554801b5d041414a71b22
csync.smilewanted.com/set_partner_userid_get/bizzclick/ Frame 20A2
Redirect Chain
  • https://us.ck-ie.com/smwt256.gif?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbizzclick%2F%7B%24PARTNER_UID%7D
  • https://csync.smilewanted.com/set_partner_userid_get/bizzclick/64800e60d36c11fe0f0ab3f8954851400cd5b0b7725554801b5d041414a71b22
0
612 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/bizzclick/64800e60d36c11fe0f0ab3f8954851400cd5b0b7725554801b5d041414a71b22
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
81ecbbcf1ce99bb2-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 31 Oct 2023 14:54:30 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Date
Tue, 31 Oct 2023 14:54:30 GMT
Expires
0
Location
https://csync.smilewanted.com/set_partner_userid_get/bizzclick/64800e60d36c11fe0f0ab3f8954851400cd5b0b7725554801b5d041414a71b22
Pragma
no-cache
Server
nginx
Transfer-Encoding
chunked
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202310230101&jk=3035925322168159&bg=!SUqlSgXNAAbo5yKYyOc7ADQBe5WfOKis7d2OQ28IYJXYJo_hDIWQviwkfKfIhZvV7jhQkQoZ5Ex3D2DF7q-IfaKv5FH0AgAAAnhSAAAABGgBBwoAzK8bZEPZJERDuc0GUWFNciBqLPd_uJLARfWo86KOfpPVVHv1iiA96vmE1WUVHz-0RFhR25xAMYZolIe0d5yImI7kExXxoYCRqbUf6UR-QVfQvojewih4h2f7SY7WETpYkF_dmYy2DFpqo_vjjx9HzUcs3SqhOKcnXq2J65HkA1A-dvh7dYE4JzhwTpwRdEOfI5KU_KtYkfn9nOPJpYHZZCverfjShfDLxBoh2g-6wsX6K4rdQA6oriCywsWvYCNlmpDnFeXmIPc5duX1dZkCsRFXVX2CEwsZseAOQ5TwLkAserxT4EBlgWV5asj89PYbhg53uBluVx37l_lXSV1OFg-YzLwDpoY-vI_D8ubCwrDL3wg4nbZys9uIFZoNxDTRId0gOQEf_gozL0kgLu6CXb7jXGHIjlJeagbXiVsgBstJQ6Q5j5OZJF0fUpt_ZCdOZAjWApjO6zU7J0l9FLl4v0_th_QC-EqwDOrRfcOZ6OhMJRgzmEXyzt7Rwz9_3Xo8xtsA3TuQz3Sj4SkBSJUDwG604OOox7vqArzXX3DuZyI8GnHT4ElJvE-tBUgZ5q-6APTqsBlYSUirSrpVy7bWolbUClR0BNvaducc18TOdoJL3FJ0SMnUNAiRDO8lTgBDkIMEHrkItZOHLWgiW-jvvexJgBiKQ4qkUSXhYjai2CPxzzHqXHE2BWTyd2Esx_uE9FS_FnpUx4HE1nL58K3A7Mq-S8Uf73GoflSqYVtZ0wRDhwSDGbwswBD5qtpTn4XsmjpfE90jUSpIl1AAljsfBsS-5rVukuIFBrQkxqAaOgPOkHrI0Uhjd85yxyOUMGkRRE8LA_m_BZfZX-U3fSiMREGv5cJTA__KOrU_z2n2M5lASUG1R_t9WvuS5xz3LSKH4GT7MDPVDLnTC-pXHTfI9y2QqYsi3A0oLhrFd76XLlM3unECtz8AAsEPRXqIFAVedv-KhWgpfrAuNWMDxFzEIugzvR5RFvF6zoPDRuw0az47_1dRp40jYBO0Yc5kmI2mph3AafpKz1vBdFBWGHoFYP1oxqoNAuItR-HHlf3RAK6aogCwz6mux_XOf3ejEJLfZyTjwB2cRQ-Y2VZmtyoUNx_iQA9Bp3GEKaFTP-V3REvvBLPCrnL9L9s5OAO6hASiSIIE73q1LUwizmGFIG6vbBFIkeKMoyCFj016ztzgdWnN
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
getAds.do
ads.yap.yahoo.com/nosdk/wj/v1/ Frame 6D01 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.yap.yahoo.com/nosdk/wj/v1/getAds.do?agentVersion=205&adTrackingEnabled=true&locale=en&adUnitCode=bcca64ee-253d-4aef-a886-21cefca8d05d&apiKey=SXG6B5X3FQVQPXFZFMVG&gpp=&gppSid=&usp=&gdpr=&euconsent=&publisherUrl=https%3A%2F%2Frisu.io%2F&caps=16&cb=jsonpCallback0
Requested by
Host: s.yimg.com
URL: https://s.yimg.com/dy/ads/native.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
87.248.100.137 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
o2.ycpi.vip.ir2.yahoo.com
Software
ATS /
Resource Hash
b18c7c6f0ba505516b952d61b1b22e077c21b55bcfdac72b9a4c3c994f683851
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
date
Tue, 31 Oct 2023 14:54:29 GMT
server
ATS
age
1
x-content-type-options
nosniff
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary
Accept-Encoding, User-Agent
content-type
application/javascript; charset=UTF-8
x-envoy-upstream-service-time
38
x-xss-protection
1; mode=block
x-request-id
869612c1-efe5-46f7-b82c-036656d722ed
b
geo.yahoo.com/ Frame 6D01 		43 B
821 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://geo.yahoo.com/b?t=xhkd7&9sdk8454
Requested by
Host: adx.holmesmind.com
URL: https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:110:c204::b000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
Software
ATS /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Oct 2023 14:54:30 GMT
strict-transport-security
max-age=31536000
server
ATS
age
0
content-type
image/gif
p3p
policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
cache-control
no-cache, no-store, private
x-envoy-upstream-service-time
1
content-length
43
3765797799554591622
csync.smilewanted.com/set_partner_userid_get/adform/ Frame 86F3
Redirect Chain
  • https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fadform%2F%24UID
  • https://csync.smilewanted.com/set_partner_userid_get/adform/3765797799554591622
0
418 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/adform/3765797799554591622
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
81ecbbce3c119bb2-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 31 Oct 2023 14:54:30 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

content-length
0
content-type
text/plain
date
Tue, 31 Oct 2023 14:54:30 GMT
location
https://csync.smilewanted.com/set_partner_userid_get/adform/3765797799554591622
server
nginx
k-kaPJVqtCQrZO7B5GJ7L-_xeUIV0xTukt9P0jng
csync.smilewanted.com/set_partner_userid_get/criteo/ Frame C2F3
Redirect Chain
  • https://ssp-sync.criteo.com/user-sync/redirect?gdprapplies=0&gdpr=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fcriteo%2F%24%7BCRITEO_USER_ID%7D&profile=230
  • https://x.bidswitch.net/sync?ssp=criteo&custom_data=8726y19tb2pmSUdMMm5RJTJGSHhQJTJGSTdjek42S082QktDUVd5Z0Y1ZTRKJTJCT2ZBcUZDSGZ4UG9YSTAlMkY1Y0hkczVpMnAlMkJhcEJSa1RoOUVhSkcyQnhSdHczRlM5VHEzZVRwdjVYY...
  • https://ssp-sync.criteo.com/user-sync/match?p=8726y19tb2pmSUdMMm5RJTJGSHhQJTJGSTdjek42S082QktDUVd5Z0Y1ZTRKJTJCT2ZBcUZDSGZ4UG9YSTAlMkY1Y0hkczVpMnAlMkJhcEJSa1RoOUVhSkcyQnhSdHczRlM5VHEzZVRwdjVYYWU5a2F...
  • https://csync.smilewanted.com/set_partner_userid_get/criteo/k-kaPJVqtCQrZO7B5GJ7L-_xeUIV0xTukt9P0jng
0
680 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/criteo/k-kaPJVqtCQrZO7B5GJ7L-_xeUIV0xTukt9P0jng
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
81ecbbceac769bb2-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 31 Oct 2023 14:54:30 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

cache-control
no-store,max-age=0
content-length
0
cross-origin-resource-policy
cross-origin
date
Tue, 31 Oct 2023 14:54:29 GMT
location
https://csync.smilewanted.com/set_partner_userid_get/criteo/k-kaPJVqtCQrZO7B5GJ7L-_xeUIV0xTukt9P0jng
server
Kestrel
strict-transport-security
max-age=31536000; preload;
getuid
cookiesync.api.bliink.io/ Frame FEBE 		24 B
174 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cookiesync.api.bliink.io/getuid?url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbliink%2F%24UID
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.205.65.172 Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
172.65.205.35.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
80bd9f4f42e2a8fc72c3c71dbe5d2ae87241ec44d78689b5210018be6d3717cd

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

content-encoding
gzip
content-length
48
content-type
application/json
date
Tue, 31 Oct 2023 14:54:30 GMT
server
istio-envoy
vary
Accept-Encoding
x-envoy-upstream-service-time
1
khaos.json
token.rubiconproject.com/ Frame 52E0 		7 B
778 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?khaos=LOEG9HJE-1C-LMHU
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
e8e3ec71b160ae7345e4e302cc752a77
Expires
0
fadb51c9341f022911b67d771ee3e63
csync.smilewanted.com/set_partner_userid_get/freewheel/ Frame C8F2
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=3602&gdpr=0&gdpr_consent=
  • https://csync.smilewanted.com/set_partner_userid_get/freewheel/fadb51c9341f022911b67d771ee3e63?gdpr_consent=&gdpr=0
0
401 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/freewheel/fadb51c9341f022911b67d771ee3e63?gdpr_consent=&gdpr=0
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
81ecbbcddbaa9bb2-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 31 Oct 2023 14:54:30 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
0
Date
Tue, 31 Oct 2023 14:54:29 GMT
Expires
Tue, 31 Oct 2023 14:54:29 GMT
Location
https://csync.smilewanted.com/set_partner_userid_get/freewheel/fadb51c9341f022911b67d771ee3e63?gdpr_consent=&gdpr=0
Pragma
no-cache
Server
nginx
x-sticky-vk
1698764069952031-521
mSNSQAl__hw8z5PwJ1hA32amL2zkBniEArBt9BN1XWc.js
pagead2.googlesyndication.com/bg/ Frame D9F5 		38 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/mSNSQAl__hw8z5PwJ1hA32amL2zkBniEArBt9BN1XWc.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/hhrtBw21.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
99235240097ffe1c3ccf93f0275840df66a62f6ce406788402b06df413755d67
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 10:57:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
14227
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15010
x-xss-protection
0
last-modified
Tue, 24 Oct 2023 11:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 30 Oct 2024 10:57:22 GMT
usersync
usersync.gumgum.com/ Frame 52E0
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&khaos=LOEG9HJE-1C-LMHU
  • https://usersync.gumgum.com/usersync?b=mag&i=LOEG9HJE-1C-LMHU
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=mag&i=LOEG9HJE-1C-LMHU
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Tue, 31 Oct 2023 14:54:30 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://usersync.gumgum.com/usersync?b=mag&i=LOEG9HJE-1C-LMHU
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
402fba8a82f093def2459220061c8d31
Expires
0
sd
us-u.openx.net/w/1.0/ Frame 10B3
Redirect Chain
  • https://cms.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=yO_BKM_vxyjT6MUuzL7YIc-7wnvT7MQuyelompXv
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=yO_BKM_vxyjT6MUuzL7YIc-7wnvT7MQuyelompXv
Requested by
Host: adpushup-d.openx.net
URL: https://adpushup-d.openx.net/w/1.0/pd?cc=1
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://adpushup-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Oct 2023 14:54:30 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 31 Oct 2023 14:54:30 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=yO_BKM_vxyjT6MUuzL7YIc-7wnvT7MQuyelompXv
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame 10B3
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=22
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=3765797799554591622
43 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=3765797799554591622
Requested by
Host: adpushup-d.openx.net
URL: https://adpushup-d.openx.net/w/1.0/pd?cc=1
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://adpushup-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Oct 2023 14:54:30 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 31 Oct 2023 14:54:30 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=3765797799554591622
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
dcm
aax-eu.amazon-adsystem.com/s/ Frame 10B3 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=2ce5aa0a-67ec-8e17-8546-040837eab0a2
Requested by
Host: adpushup-d.openx.net
URL: https://adpushup-d.openx.net/w/1.0/pd?cc=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.94.223.167 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://adpushup-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 31 Oct 2023 14:54:30 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
RXAA0H22M6ZYDJC2MSG9
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
openx
match.adsrvr.org/track/cmf/ Frame 10B3 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/openx?oxid=7433d677-7b46-35ed-4548-869f5fd97b42&gdpr=0
Requested by
Host: adpushup-d.openx.net
URL: https://adpushup-d.openx.net/w/1.0/pd?cc=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://adpushup-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 14:54:30 GMT
server
Kestrel
content-length
70
content-type
image/gif
pixel
cm.g.doubleclick.net/ Frame 10B3 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NTg1YzA1YmQtYjIzMS02YjQ5LTUwYTgtZGMyNjk1M2JiNTIy
Requested by
Host: adpushup-d.openx.net
URL: https://adpushup-d.openx.net/w/1.0/pd?cc=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f194.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://adpushup-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Oct 2023 14:54:30 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 10B3
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEaMBBJLhVFHAD-polHuEnc&google_cver=1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEaMBBJLhVFHAD-polHuEnc&google_cver=1
Requested by
Host: adpushup-d.openx.net
URL: https://adpushup-d.openx.net/w/1.0/pd?cc=1
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://adpushup-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Oct 2023 14:54:30 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 31 Oct 2023 14:54:30 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEaMBBJLhVFHAD-polHuEnc&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 1998 		0
599 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Oct 2023 14:54:30 GMT
an-x-request-uuid
4b454f46-35f6-4ab4-a9d4-24593250a3a4
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
195.206.105.130; 195.206.105.130; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
generate_204
tpc.googlesyndication.com/ Frame 929A 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?UHQOrA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 14:54:30 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
SXG6B5X3FQVQPXFZFMVG_VFdfU2l0ZXRhZ19yaXN1X2JnXzMwMHgyNTBfMjAyMzAzMDE=_1677729953642
s.yimg.com/ys/ Frame 6D01 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.yimg.com/ys/SXG6B5X3FQVQPXFZFMVG_VFdfU2l0ZXRhZ19yaXN1X2JnXzMwMHgyNTBfMjAyMzAzMDE=_1677729953642?cb=ygscb
Requested by
Host: s.yimg.com
URL: https://s.yimg.com/dy/ads/native.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
6649db4b7a29bc5f4e73c81c43756ee8a218bf29ce8085cc6a86b10a635d38d9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 15:35:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-request-id
035FAWYWTPW2YCVH
age
688716
x-amz-server-side-encryption
AES256
content-length
822
x-amz-id-2
XQhz9OfrEMMs55LVnt7WKsC/5vtIlUEqy5BtyzPD5Wc+2P5BpoGlAziaD2SIrFVht1A8KaHJ9Kg=
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 02 Mar 2023 04:05:54 GMT
server
ATS
etag
"fa2aa91ba592d1ae8a4853ad8af8677c-df"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary
Accept-Encoding,Origin
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, stale-while-revalidate=30, max-age=2592000
accept-ranges
bytes
4c18c21882212da5766f31b6e76c634e.jpeg
s.yimg.com/lo/api/res/1.2/SBvNZs685vweMBLNP3mhbg--~A/Zmk9Zml0O3c9NDM1O2g9MjEwO3E9OTA7YXBwaWQ9YTAwMTs-/https://s.yimg.com/av/curveball/ads/pr/RESIZE_AND_CROP/1200x627/ Frame 6D01 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.yimg.com/lo/api/res/1.2/SBvNZs685vweMBLNP3mhbg--~A/Zmk9Zml0O3c9NDM1O2g9MjEwO3E9OTA7YXBwaWQ9YTAwMTs-/https://s.yimg.com/av/curveball/ads/pr/RESIZE_AND_CROP/1200x627/4c18c21882212da5766f31b6e76c634e.jpeg
Requested by
Host: adx.holmesmind.com
URL: https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
8912f7784aa6f0eb942bf16e06b90261c8dac9bc8a95b1170760730049df9fcd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 09:32:45 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
age
19305
cld_latency
1
edge-cache-tag
378938212810605191406412273705041446363,238853593421688359325880637090579991491,ae7a14591aaf8d474cdb3f92111c923e
cache-tag
378938212810605191406412273705041446363,238853593421688359325880637090579991491,ae7a14591aaf8d474cdb3f92111c923e
cld_cache
Miss from cloudfront, HIT
x-cache
Miss from cloudfront, HIT
expiration
expiry-date="Mon, 29 Apr 2024 00:00:00 GMT", rule-id="delete fetch for mysterio after 180 days"
cld_hits
1
content-length
21665
x-xss-protection
1; mode=block
cld_by
cache-iad-kiad7000083-IAD
x-served-by
cache-iad-kiad7000083-IAD
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 31 Oct 2023 09:27:54 GMT
server
ATS
surrogate-reporting
width=402,height=210,bytes=21665,owidth=1200,oheight=627,obytes=80969
x-timer
S1698744765.400664,VS0,VE1
etag
"b37566b52e59c15911f7f01f443ca465"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1
gemini.png
s.yimg.com/cv/apiv2/adbuilder/ Frame 6D01 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.yimg.com/cv/apiv2/adbuilder/gemini.png
Requested by
Host: adx.holmesmind.com
URL: https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
e4d7ad9f57f6cfab7610b8b0855c7937f5ec119be17ac6cf6377553c5e735f98
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 05:30:24 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-amz-request-id
F9Z3RR380ETR1N1J
age
1675447
x-amz-server-side-encryption
AES256
content-length
3328
x-amz-id-2
709hhBmne2ZRqs4osvlrXNpGb06KeMA/W1tAKoM38DvAKr2LlG5JILP5MNX13e0DKTM7PSfGh88=
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 02 Mar 2019 01:45:46 GMT
server
ATS
etag
"99f89d94ebcff9a04ef4c4174c7bc13a"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary
Origin
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
truncated
/ Frame 6D01 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
gen_204
pagead2.googlesyndication.com/pagead/ Frame D9F5 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=36&t=2&li=v_h.3.599.0&bgai=B37bwJBVBZfC-BfyX9fgP68ebqAUAAAAAOAG6BRMIoufVpsWgggMVQxsbCh1GkANc&bg=!fX6lfjHNAAbo5yKYyOc7ADQBe5WfOGw_0YpSkDLUlyrLElyW6lePH_EF2ubZ7pqF_Sgk3783QWXaHAeIcVRBNbLTkWk2AgAAAMtSAAAAA2gBBwoAGisK5-T756_KA-uB5EWMXJEWuj74gaJXH4KemQIvKvZe_uQuJki-DDKL7o5zfZE9GAXGk3FkIHQIyyAWeybDIBPZvrz2UD2jY19r7fD9bbqiHTAMk0hWx5IHgCbA9GBGXumOtBQ9vxp4XWn7b6wNco1iKIarKiwqoep3Th_o0YNzzYvnTIgJIEiSqym8uPx3f4isgKxh9UxLUmRUuk19H0vO5EiWOBiNCOHHfmtdGDaQnqepcpc2NRc6mEsa9EgGx6aUmggAxGUeVHjmk5En_dkXXKiU2-eWR8iKsIzAkXfSaBYmaMqV4ng_pYaGorbry8FOCAB9g_LL4zn_J4ztLvSpCvyqTR9lPsnT2NmjtZt0KSBrEMJtcdh7S5EWfH7DJlMeLIpYAmvvixqLg-uJOLGd8q-gFNTHGOn-3DA5iY0vr83hId9Cty1rO2JOrJwVMK61ja5OacJRb7ELKXYeXpeW86eloQikIPxVAsrarCBCHWvWwAaexPs_xoUkGn9zRlW7ZThL-7Y1hZ_MVxu2PKzqTWPZReHEt8iIMEUEMnhKHoHavk41JO90BYdssjLIc8MmwGpggxSE2YqkJOBv8xmg2zcR3PVVH8lx5RzMvldgtMDhN3O0b9NwOuDA-FhCqilh_fc1ZB2X-C5qrvabQN0Djx2KxqEGAWGVtMH-sCgZQO6uNo_FBk-8yG9SefC6cYpugTxBuw-_cWXx7UxO3yvTOICSfz-AAc2qnLxjiTQS8GBh36A7ZIU9BT8nX3OwbC5xHXFcnN3rL1b4LA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Oct 2023 14:54:30 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 6D01 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssTAWoP1i9oMI8AxWWkW2gcbiK--_fvEfhmnyguT-973y664m1Kbk48kwOCXJcc6bstHbYa9BH7Gz-tEILMPMrEjGS3mSIn7hAcGP6ODTC7TP48SKkxzdJSJARYLbqlDglosWWHFzSwJH4SR0Pjpa5vvjUQdz3aQWad67lfXmcwbzpOqXtdQESYpvYmZ8LpHW-GvHv7sEyl7AfZa5DkaWOtHoeAOSf822Jr9InyroDGwnVeaZpGEvhhKUZYngo39egRVKb67ZFEdeJNJTjcW4Tq7PGE7-7BpacoFnJlGPD5LyHted_9sqF4hdQ9Xz_enanu9KlBFGA7KBnMXieNKxszR1xeJxxjEP8a61BDwCt03-nn&sai=AMfl-YSL0cDGVc7FtDC26vtk3BqTsNumDd_R1UOhjsMfwGm4-b7HEsSIlzta-98iMpFNA-GheH6_I5GByLdxjHpQbiv6jJT6Zg87zVEIhw&sig=Cg0ArKJSzE1JjHSWnXjoEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 14:54:30 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 31 Oct 2023 14:54:30 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame DB97 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202310300101&jk=2609265270235839&bg=!4eKl4q3NAAbo5yKYyOc7ADQBe5WfOFKJXii9LDz3Z_4b4bzwa06WwincPtoxC4qxsj1xCP41veAB3vTh3idN31Ve7bA_AgAAAjpSAAAAA2gBBwoAKor0e9AU9EVzQA6NEOgRcmQxq8uO5jIfeRIFsq7uVHjC602JTXuLTiXySJkC9spAdxdPYr0f3ptsIjmtjzo_mJqpV8NN0cuk8H71kooaYp6NzUibidVH7p49ZjpshZ_gBGjm4nQ_krczZ12BM1UOV-qPMgRV4zMVA4KrbIsztxnFLUsJSzdHkJ2PyBT2pctUauvGiFiXhgyBt1pBKYOi59dKx5b9e0xaFwTfxnahQc_mpaFWOKSYg21Rcmnjr1fuVLLRtH3WVUsLRk4dMFP3ed2IjRu3yCdawbiy5osF6Ya2o6nWw90Y7R4ce4YhxDQflvE8gvBi2bNSZfOAD_f8fXt0_oJZLzP1UMZnrppw2cRAsSpBE_QUIAutFLbIWculByW20kvtXxPgKTjojA3tKf_6e62DGj2wAI3VQAmNO1ZOUqB7vHcZt1LYxgeY5Ym0XKuO22aVBU4f67SZ2S7yttt7cv0ds18kN2wbb-ZA-S7-dLX-_RI4tESwF5GVACjArYb-gWgyyA88JVF01SKqRrctQ_cMWf8RlSoHcJBNZEwCZCdQT4n9-_ruu1eL5Nxk790EqPW1KO8qSCfsgHpL-F-tya7oWL93TpDT7OlDZM_Mx5ZlOjcXo89CqVBmRb7zG7TLm6DpeSRpURqTM4iUbOVXeONHTSKnXaxBkbsCqIDYOuTmvDUlJX2jw3BsE9KmERosMgnebeE9m9p55B4zq-y-28aDEsDkHVqa0LY9qJDmXDYbDRmkY8oIUw68F4IJgGuC_jkG1cMj91nxYWltOtVRUYG86FlG3hoEO9jxM41U7vCzJHcW1hkX56qbzUgpQV0ZqyBjy1l95YH5vHsqsHhLnoag9bf7ohBOF__4nJ9fKOBv-tttAZ3a6czqh7z96kNrbzvAKzWbjSiAsB6fk_ge8pIL26V0poiopUfBHeVAgdtbJ-DcwaS_T2_S7qTm0uueHcxxGiUlKcvvLN_cW5CgXZGbHGSITmVN9J8lexskC1X3i9fZipcnSfdN4D4TM8Mo_MlCIlbvYQE--Qd7YEcTGzET_XkP4ZQadOJ5ZyMb2tM9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
VideoBidRequestHandlerServlet
am-wf.taboola.com/ 		1 KB
783 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://am-wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1698764070966&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=3&pv=1564&pt=64456775&tz=60&viewable=true&ddast=V8FNMCLAb0wbEiL-jGhxHog2NFXtCNDysAAABgYID-AEnMXJvNcrRYqza-wVo0m9jWEsvIuFYulrONaTfbOFceIyCJmWuzWY4Wa9XGN1iLZhPbWmIZGdfKxXK2Me1mG-fKYwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ2aDodPte9Xvf73SU-z1zj9yv8wqfD7nOLnm7N0WX3ueUOu1v4tPvcapfTLXa6pUeH3612utxip8PvFj0ddrfY4XeL_nafW_h6uYWvt9TpeuscfrfO9Rb97T631vWw-9wSp8NvF5reZjsAAAAAePD___8PAQAAACACAAAAgAQAAAAACgEV_i0IXAAAAADA8P___68B4JkDwhgdbovZb_cHAAAAABAAAAAAJAAQ0A9LAMQY7534_________48xQJ95I-P_____hkEPgAcfAA9CAAAAPoYEwIFP2Z-Z0xIpOC7CCAAAAMCwc5rgkUk6QcWiyv__f78VgCsAAAGLhjqGr1l0ByXewgAAAAiMWaCHxe83O-wav9tl_v_________N_J_5RyO044GbBmi68EPNLyAAwJpfQAAANuoGAOCNAJygQ9CKwWB1AmJ2AAAAAO78____6wHJwcowc2wmg4XN5BoOB8ONa-aZrVwLk2dlWw1m3hPvPGh1_LV932dDWGa_76CgnJ4es8sgY7lMBvFBw7CcDIL5mbDFaDWZbJbD2XIxGQxHw9FofwRwOUATMVguJ5PFZLcarUab4W40GyyQQAwmiKJFg8lqNJosJsPVaLKaLRe73QZRtGo1G20Gw9VsMtvtVsPBcDkaoQlbjFaTyWY5nC0Xk8FwNByNhgjmVqvlxGHzrRWu1WQtGm08a-FyYnMLhoPhyjObzYYjj1v0-pg-noVz4TBskWAA314kT4t0oluMFsuZZTcYuRye5WqwsYxWlsFgM1uZXJaJyzURSzQni3Qiu-ybg5Vh5thMBgubyTUcDoYb18wzW7kWJs_KthrM_L3Vajlx2HxrhWs1WYtGG89auJzY3ILhYLjyzGaz4cjjFr0-po9n4Vw4DPvGbDnczUaD2WjfmC2Hu9loMBvtO3SG7-pzNirLKslHaJ5pkx9pzWlQuAwW70t9Og8LxoL67Dk6hR7Ps6gz-v1-v9_v9_v9fr9B6zmYDQrf8_AXTh_LczmcjR7EBoMilggu0ongYXY7TC-3xOfZ-C1iidJ0kU70Cr_w6bD73KKnW3N02X1uucPuFj7tPrfa5XSLnW7p0eF3q50ut9jp8LtFT4fdLXb43aK_3ecWvl5u4estdbreOoffrXO9RX-7z611Pew-t8Tp8NuFprfZIpYIThfpRPQyni7qP3qI5WouGczmisFqrtgMVgkAAAAAAAAAwBJMM90EAAAAwMmghpvhYrVOBzOZTQa71XIBXARl6QIGAQAAAAAAKNbYYw3wMLsdppdb4vNs_FYGIMGcx2yzzwhirVbLGgAAgAA2AACAAG668SZgJYr7____HwcAAEBGDj0AAAD6fUBYIUeuFHrh_ApiMtkM9w9AhVir1ep2Y61WK6DBrJajzW4C_____wE!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=1&dtagid=3262075&dpubid=583815&abtst=adxLoadDist7-out_vB!adxsub-out_vA!adxsub-out_vB!esv_vC!rbcatc_vA!ufm_vG!ufwfrtb_vA!unf_vA&mPre=0.033&cirf=https%3A%2F%2Fwww.bg3.co&en=1&subu=3
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.5.3/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
eb4128b7cdb628d604eb98f503bbeee9d3205966b174326903857c197aecd99f

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
text/plain

Response headers

pragma
no-cache
date
Tue, 31 Oct 2023 14:54:31 GMT
content-encoding
gzip
server
nginx
machineid
1460
vary
Accept-Encoding
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
expires
Sat, 26 Jul 1997 05:00:00 GMT
collect
region1.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-Z0TZ7TDHS1&gtm=45je3ap0v886690812&_p=335915574&gcd=11l1l1l1l1&cid=941611089.1698764064&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1698764066&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxiang-ti-sheng-nan-xing-mei-li-zhao-mie-liao-tian-lao-tong-xue-xu-jiu-gao-gu-tong-kuang-biao.html&dt=%E6%83%B3%E6%8F%90%E5%8D%87%E7%94%B7%E6%80%A7%E9%AD%85%E5%8A%9B%EF%BC%9F%E6%89%BE%E5%92%A9%E8%81%8A%E5%A4%A9%E3%80%81%E8%80%81%E5%90%8C%E5%AD%B8%E6%95%98%E8%88%8A...%E7%9D%BE%E5%9B%BA%E9%85%AE%E7%8B%82%E9%A3%86%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&en=link_preview&_ee=1&epn.value=1&epn.siteid=42753&ep.error_msg=no_mapping_failed&_et=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Oct 2023 14:54:31 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame 931A 		0
129 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=162412&gdpr=0&gdpr_consent=&us_privacy=1YN-
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.20 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 14:54:30 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
visible
trc.taboola.com/palmate-bg3co/log/3/ 		0
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/palmate-bg3co/log/3/visible?tvi2=-2&tvi48=10143&tvi50=12238&route=AM%3AIL%3AV&lti=deflated
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231031-1-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
62
date
Tue, 31 Oct 2023 14:54:31 GMT
via
1.1 varnish
x-fastly-to-nlb-rtt
59167
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-fra-eddf8230065-FRA
pragma
no-cache
server
nginx
x-timer
S1698764072.703742,VS0,VE62
content-type
image/gif
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
PugMaster
image6.pubmatic.com/AdServer/ Frame 931A 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=46909955&p=162412&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1YN-
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
25d7d7e5e38e23815aee53addda32ec840413e34833fcb82aa5c24f4126efc74

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Tue, 31 Oct 2023 14:54:31 GMT
content-length
1479
content-type
text/html; charset=UTF-8
match
c1.adform.net/serving/cookie/ Frame B0F7 		35 B
600 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?party=14&cid=A01F74C6-5714-45B1-8E9F-B6A125E3E453&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.237 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Tue, 31 Oct 2023 14:54:32 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
i.match
s.tribalfusion.com/z/ Frame 8D9D
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...
43 B
439 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
81ecbbdf4abe9bdc-FRA
content-length
43
content-type
image/gif; charset=utf-8
date
Tue, 31 Oct 2023 14:54:33 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
302

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
81ecbbde09979bdc-FRA
content-type
text/html
date
Tue, 31 Oct 2023 14:54:32 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
206
x-reuse-index
236
pubmatic
ad.mrtnsvr.com/sync/ Frame 91AB 		0
0
pub
matching.truffle.bid/sync/ Frame 9947 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.55.120.196 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.196.120.55.162.clients.your-server.de
Software
nginx/1.23.3 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Connection
keep-alive
Date
Tue, 31 Oct 2023 14:54:32 GMT
Server
nginx/1.23.3
Strict-Transport-Security
max-age=15768000
ImgSync
image8.pubmatic.com/AdServer/ Frame F8B9
Redirect Chain
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:2DCA60587CCB4E3CA2C521D7AD5406E9&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.79 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
private,max-age=86400
date
Tue, 31 Oct 2023 14:54:32 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

cache-control
no-store, no-cache, private
date
Tue, 31 Oct 2023 14:54:31 GMT
location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
generic
match.adsrvr.org/track/cmf/ Frame 2CC6
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6763817689
70 B
148 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6763817689
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

content-length
70
content-type
image/gif
date
Tue, 31 Oct 2023 14:54:32 GMT
server
Kestrel

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-type
text/html
date
Tue, 31 Oct 2023 14:54:32 GMT
etag
RX1e5f4efd420e44fba41e0d169105e820003
expires
0
location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6763817689
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
pragma
no-cache
sync
ads.servenobid.com/ Frame 84AB 		0
357 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/sync?pid=316&uid=A01F74C6-5714-45B1-8E9F-B6A125E3E453
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.213.237.149 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-213-237-149.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
amp-access-control-allow-source-origin
*
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
content-length
0
content-type
text/html;charset=ISO-8859-1
date
Tue, 31 Oct 2023 14:54:32 GMT
mw
mwzeom.zeotap.com/ Frame 931A 		95 B
439 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=A01F74C6-5714-45B1-8E9F-B6A125E3E453
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 14:54:32 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
81ecbbde196c5c38-FRA
access-control-allow-headers
*
content-length
95
info2
uipglob.semasio.net/pubmatic/1/ Frame 931A
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=A01F74C6-5714-45B1-8E9F-B6A125E3E453&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=A01F74C6-5714-45B1-8E9F-B6A125E3E453&sInitiator=external&gdpr=0&gdpr_consent=
42 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=A01F74C6-5714-45B1-8E9F-B6A125E3E453&sInitiator=external&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
HTTP/1.1
Server
77.243.51.122 , Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Oct 2023 14:54:43 GMT
frontend-id
0
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
content-type
image/gif
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin
*
content-length
42
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 31 Oct 2023 14:54:42 GMT
frontend-id
0
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
location
/pubmatic/1/info2?sType=sync&sExtCookieId=A01F74C6-5714-45B1-8E9F-B6A125E3E453&sInitiator=external&gdpr=0&gdpr_consent=
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin
*
content-length
0
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT
mw
mwzeom.zeotap.com/ Frame 931A
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=A01F74C6-5714-45B1-8E9F-B6A125E3E453&gdpr=0&gdpr_consent=
  • https://spl.zeotap.com/?zdid=1332&zcluid=9ef5ca8c17568aea
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=132dbe81-4ec4-4486-730f-10d65dffbdb4&reqId=ff98a4a1-18ae-48a8-5036-99dfc54acd3c&zclui...
  • https://mwzeom.zeotap.com/mw?google_gid=CAESEN3xm07rfyFD5D_WiIi1ge4&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=132dbe81-4ec4-4486-730f-10d65dffbdb4&reqId=ff98a4a1-18ae-48a8-5036-99d...
95 B
177 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?google_gid=CAESEN3xm07rfyFD5D_WiIi1ge4&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=132dbe81-4ec4-4486-730f-10d65dffbdb4&reqId=ff98a4a1-18ae-48a8-5036-99dfc54acd3c&zcluid=9ef5ca8c17568aea&zdid=1332
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 14:54:33 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
81ecbbe06b185c38-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Tue, 31 Oct 2023 14:54:32 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://mwzeom.zeotap.com/mw?google_gid=CAESEN3xm07rfyFD5D_WiIi1ge4&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=132dbe81-4ec4-4486-730f-10d65dffbdb4&reqId=ff98a4a1-18ae-48a8-5036-99dfc54acd3c&zcluid=9ef5ca8c17568aea&zdid=1332
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
469
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame CC45 		47 B
222 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=61006359&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
09343d3b3473e1c994b2d603c99feb8a0f63fbd3ff20be7432ff18b973dbe651

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Tue, 31 Oct 2023 14:54:30 GMT
content-length
47
content-type
text/html; charset=UTF-8
usersync
usersync.gumgum.com/ Frame BB49 		35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=pbm&i=A01F74C6-5714-45B1-8E9F-B6A125E3E453
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Tue, 31 Oct 2023 14:54:32 GMT
Expires
0
Pragma
no-cache
usersync
usersync.gumgum.com/ Frame 632E 		35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=pbm&i=A01F74C6-5714-45B1-8E9F-B6A125E3E453
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Tue, 31 Oct 2023 14:54:32 GMT
Expires
0
Pragma
no-cache
VideoBidRequestHandlerServlet
am-wf.taboola.com/ 		1 KB
783 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://am-wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1698764073874&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=4&pv=1564&pt=64456775&tz=60&viewable=true&ddast=V8FNMCLAb0wbEiL-jGhxHog2NFXtCNDysAAABgYID-AEnMXJvNcrRYqza-wVo0m9jWEsvIuFYulrONaTfbOFceIyCJmWuzWY4Wa9XGN1iLZhPbWmIZGdfKxXK2Me1mG-fKYwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ2aDodPte9Xvf73SU-z1zj9yv8wqfD7nOLnm7N0WX3ueUOu1v4tPvcapfTLXa6pUeH3612utxip8PvFj0ddrfY4XeL_nafW_h6uYWvt9TpeuscfrfO9Rb97T631vWw-9wSp8NvF5reZjsAAAAAePD___8PAQAAACACAAAAgAQAAAAACgEV_i0IXAAAAADA8P___68B4JkDwhgdbovZb_cHAAAAABAAAAAAJAAQ0A9LAMQY7534_________48xQJ95I-P_____hkEPgAcfAA9CAAAAPoYEwIFP2Z-Z0xIpOC7CCAAAAMCwc5rgkUk6QcWiyv__f78VgCsAAAGLhjqGr1l0ByXewgAAAAiMWaCHxe83O-wav9tl_v_________N_J_5RyO044GbBmi68EPNLyAAwJpfQAAANuoGAOCNAJygQ9CKwWB1AmJ2AAAAAO78____6wHJwcowc2wmg4XN5BoOB8ONa-aZrVwLk2dlWw1m3hPvPGh1_LV932dDWGa_76CgnJ4es8sgY7lMBvFBw7CcDIL5mbDFaDWZbJbD2XIxGQxHw9FofwRwOUATMVguJ5PFZLcarUab4W40GyyQQAwmiKJFg8lqNJosJsPVaLKaLRe73QZRtGo1G20Gw9VsMtvtVsPBcDkaoQlbjFaTyWY5nC0Xk8FwNByNhgjmVqvlxGHzrRWu1WQtGm08a-FyYnMLhoPhyjObzYYjj1v0-pg-noVz4TBskWAA314kT4t0oluMFsuZZTcYuRye5WqwsYxWlsFgM1uZXJaJyzURSzQni3Qiu-ybg5Vh5thMBgubyTUcDoYb18wzW7kWJs_KthrM_L3Vajlx2HxrhWs1WYtGG89auJzY3ILhYLjyzGaz4cjjFr0-po9n4Vw4DPvGbDnczUaD2WjfmC2Hu9loMBvtO3SG7-pzNirLKslHaJ5pkx9pzWlQuAwW70t9Og8LxoL67Dk6hR7Ps6gz-v1-v9_v9_v9fr9B6zmYDQrf8_AXTh_LczmcjR7EBoMilggu0ongYXY7TC-3xOfZ-C1iidJ0kU70Cr_w6bD73KKnW3N02X1uucPuFj7tPrfa5XSLnW7p0eF3q50ut9jp8LtFT4fdLXb43aK_3ecWvl5u4estdbreOoffrXO9RX-7z611Pew-t8Tp8NuFprfZIpYIThfpRPQyni7qP3qI5WouGczmisFqrtgMVgkAAAAAAAAAwBJMM90EAAAAwMmghpvhYrVOBzOZTQa71XIBXARl6QIGAQAAAAAAKNbYYw3wMLsdppdb4vNs_FYGIMGcx2yzzwhirVbLGgAAgAA2AACAAG668SZgJYr7____HwcAAEBGDj0AAAD6fUBYIUeuFHrh_ApiMtkM9w9AhVir1ep2Y61WK6DBrJajzW4C_____wE!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=1&dtagid=3262075&dpubid=583815&abtst=adxLoadDist7-out_vB!adxsub-out_vA!adxsub-out_vB!esv_vC!rbcatc_vA!ufm_vG!ufwfrtb_vA!unf_vA&mPre=0.033&cirf=https%3A%2F%2Fwww.bg3.co&en=1&subu=3
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.5.3/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
eb4128b7cdb628d604eb98f503bbeee9d3205966b174326903857c197aecd99f

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
text/plain

Response headers

pragma
no-cache
date
Tue, 31 Oct 2023 14:54:33 GMT
content-encoding
gzip
server
nginx
machineid
1475
vary
Accept-Encoding
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
expires
Sat, 26 Jul 1997 05:00:00 GMT
/
googleads.g.doubleclick.net/pagead/live/interaction/ Frame C25E 		42 B
65 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/live/interaction/?ai=CLUUUJBVBZfC-BfyX9fgP68ebqAXZj_Lkc6-_wPXqEfjbm9bcExABIIDP1Hxg9ZXOgeAEoAG7terWAcgBBakC-HUkfi3LST7gAgCoAwGYBACqBOoDT9CpTTJ_uZzIg7OYSRRDLewb14miYmpFbE528OK0eWXWzJmLSJS8s2RSo06nciA4LGgaXTSZL8LgDEDZyRziotlVIhj7IZJ5I7OymOCPoyRkFvyL1Tt_FgoZUoo6OEFeZsri3yAggSL_ZwwuMiQ6u9E1BvxLg0dPvg9Qij8mVFkKXtYHtarnYDfe9M-ps4CqyW49QcXti_qvN5h2nlvWsucainPbOxof-nl9lChbgqdXgsBa8sVCwyqAKYEAyZKiSknWJC4rdd2sN2FxLJLn7md6eErJZhu0wes9Ptxws6ilPrsyaRtLlWo6QdwPnBbYCZ6UX-kkNswSXv4bt4XbyUujCpXFpMB5UuXeUQ_v_WIpMDTM3fXWgJzaTOhLpJPaIHgqalVtKXoNhphgOCDi7p8EZ9d0nvmwaoNpmAIGouyTGokZZcp0Y7NvXHH1eXq9ltax6QqKy1DQXNL17kxLis3jetufWTeYQ3JyF8tK0LFxdFVAD7KpqcX81-P8zC6LEd8nlLdM5q1bflFAwIvx0-W2ykSkIyQ2JbLqykKngEV34vVlVr0e6mbV-IlO-7otrww9EszWL6gxn_w0RqJnuZUkN-C-B2Igpvj2gyk1Rm8DwuwqH1rRNo9aP8fW6Um3vHJXZLkpfWnty8AE-qLyqcsE4AQBiAWV1LqxOaAGVIAHrcqVqQKoB9m2sQKoB47OG6gHk9gbqAec3BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwGoCAHSCBQIgGEQARgdMgKKAjoCgEBIvf3BOoAKA8gLAaIMDCoKCgjktLEC7rWxAqoNAkNI4g0TCJzq1qbFoIIDFfxLHQkd6-MGVdgTAtAVAZgWAfgWAYAXAQ&sigh=kZjV-2yswIw&cmd=Ch1jYS12aWRlby1wdWItMTI5MDk5NTkwMTkwNTU4OBAAGAI&label=video_skip_shown&ad_mt=5097
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ltt /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Oct 2023 14:54:34 GMT
x-content-type-options
nosniff
server
ltt
x-frame-options
SAMEORIGIN
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame 931A 		0
129 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=162412&gdpr=0&gdpr_consent=&us_privacy=1YN-
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.20 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 14:54:33 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202106/b4690b480b451bf4b0769fbc5d35b134.jpg
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202106/5bce03c10680437adb6c019699e6216e.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/7bfad1903450e5d570f3a1ee1f7ea927.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202309/d3c4d85a866e33aca295c6304a0b1098.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/51fbf36abb40ef2fd9a12a381a5a5d81.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202106/5df09551d4e6bdb90dfe768ef4687789.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/ea911093a75d9b12fcc5e6275540a3c7.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202309/79401d002e29cc5104dad08d989537f0.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202106/7afbc44ea234fea2e126543815919a8d.jpg
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/58c54f35beb14898795fe84cd8d0998a.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202309/7325087fbe0fea2520333356dbc808af.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/3c53a764b4fad74307232fd78eef9fde.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/2d7c8ae313582ee88ef692382e1d2fef.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202106/1779145f141e134a1d6c84f930a2dc91.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/0d96627f9f9fa072f738109b0b515edb.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202110/54e377ee13bb445cae0ee70376de061b.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202106/de603c26b05bebcb407336b4027fc667.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/2c0a716c2c226ad6ad1397295d47329e.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202106/58debebcd91f06a260d5c9b9e01533ba.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/f85f44f8e05d695c8ae3e793839db024.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202106/059a40e394768dcd5943c283b87b53bb.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202106/33808e04789c8b2d47342d359995fbda.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202107/ef77deaf27f5adadf4320c3c86d6cd85.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202106/0b8d2d42b484f278190928355561de88.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/8a9866fb8e69b5923872d3feb58b598d.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/8196c340da7ca499a9f763518f4b2c3e.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/a8033bc7a364ed6186779ce66d6e603e.jpg?w=150&h=100&q=100
Domain
cm-supply-web.gammaplatform.com
URL
https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel
Domain
simage2.pubmatic.com
URL
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:20e14219-bc79-4aa9-acbb-38c1d5f70d98&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Domain
ad.mrtnsvr.com
URL
https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent=

Verdicts & Comments Add Verdict or Comment

176 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| 25 object| 26 object| 27 object| 28 object| 29 object| 30 object| 31 object| documentPictureInPicture function| gtag object| dataLayer object| _taboola number| sc_project number| sc_invisible string| sc_security object| adpushup object| ucfad_async object| googletag object| AMP function| _statcounter function| _typeof object| TRC object| _tblConsole undefined| msg object| AMP_CONFIG object| AMP_EXP object| __AMP_LOG function| HTMLElementOrig object| __AMP_ERRORS object| __AMP_MODE function| __AMP_REPORT_ERROR object| __AMP_TOP object| __AMP_SERVICES object| __AMP__EXPERIMENT_TOGGLES object| __AMP_URL_CACHE boolean| __AMP_TAG object| __AMP_EXTENDED_ELEMENTS function| __AMP_BASE_CE_CLASS object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal object| ggeac object| google_js_reporting_queue object| adRecover function| setImmediate function| clearImmediate function| __trcCopyProps function| __trcFromError function| __trcClientTimestamp function| __trcLog function| __trcError function| __trcDebug function| __trcInfo function| __trcWarn function| __trcWarnUsingBeacon function| __trcDOMWalker function| __trcJSONify function| __trcUnJSONify function| __trcTrim function| __trcGetElementsByClass function| __trcToArray function| __trcObjectCreate function| PageManager function| addHashParam number| trc_debug_level string| trc_article_id object| TRCImpl number| taboola_view_id undefined| google_measure_js_timing number| google_unique_id object| ucf object| request string| paramsString undefined| $ undefined| jQuery function| jqAlias string| currentState object| adpGlobals object| _apPbJs object| hbAnalytics object| adpTags object| aries object| google_reactive_ads_global_state object| _qevents object| ap_link_preview_states object| apLinkPreviewUtils object| apEuCountries string| nam object| placementData object| _apPbJsChunk object| mnet string| nobidVersion object| nobid object| Criteo number| vidverto object| regeneratorRuntime object| aries_registry function| quantserve function| __qc object| ezt object| _qoptions object| cmTag function| inView function| VASTClient function| IMA function| VidvertoPlayer object| _cm_wfCounters string| lastWfUrl object| vpbjsChunk object| vpbjs object| _google_rum_ns_ object| google_persistent_state_async number| google_global_correlator function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList number| google_srt object| google object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$companion_ad_selection_settings object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ads_rendering_settings object| ima object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error_event object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_event object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ads_manager_loaded_event object| goog object| _aries object| inViewWindow boolean| descriptionPage object| vidvertoPromiseCache object| closure_lm_688315 function| startCMTagMain string| category object| google_ad_modifications object| google_prev_clients function| shuffle object| entertainment object| arrToUse object| playlist function| VidvertoPlayerVideoPlaylistUI object| closure_lm_86512 function| OvaMediaPlayer object| closure_lm_9839 object| googDdmPs object| criteo_syncframe_state object| criteo_pubtag object| criteo_pubtag_prebid_135 object| Criteo_prebid_135 object| GoogleGcLKhOms object| google_image_requests

198 Cookies

Domain/Path Name / Value
i.liadm.com/s Name: _li_ss
Value: ChAKBgjSARCxFgoGCKIBELEW
.bg3.co/ Name: sc_is_visitor_unique
Value: rx12918656.1698764064.97AAFC03A66D4F84EA2B2A2FB91C8899.1.1.1.1.1.1.1.1.1
.statcounter.com/ Name: is_unique
Value: sc12918656.1698764063.0
.statcounter.com/ Name: is_visitor_unique
Value: 1698764063446252339
.bg3.co/ Name: _ga_JLX4K2W8JS
Value: GS1.1.1698764064.1.0.1698764064.0.0.0
.bg3.co/ Name: _ga
Value: GA1.1.941611089.1698764064
www.bg3.co/ Name: __AP_SESSION__
Value: 419b1e88-8d5d-46f8-817c-f43635b6c913
.bg3.co/ Name: __gads
Value: ID=b9006376001d9785:T=1698764064:RT=1698764064:S=ALNI_MYqwA0M6cyUwPLq-7_IJqS8H0YPPQ
.bg3.co/ Name: __gpi
Value: UID=00000caf8311e983:T=1698764064:RT=1698764064:S=ALNI_MZgOXJZPjiP8Dpzft0WXyqThEUK6A
www.bg3.co/ Name: trc_cookie_storage
Value: taboola%2520global%253Auser-id%3D7559baf7-a552-44c3-89bf-0808e36668dc-tuctc3a9aa0
www.bg3.co/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.bg3.co/ Name: _pubcid
Value: 6a9454b4-fd18-4756-98a3-7508aff95eb3
.aralego.com/ Name: sspid
Value: d113ab74-8d0b-38ac-957a-7d347521fe17
.adform.net/ Name: C
Value: 1
.adform.net/ Name: uid
Value: 3765797799554591622
.doubleclick.net/ Name: IDE
Value: AHWqTUnQX1CGRdPlpzKnS_V1-pcapu6Xur3oZnZHIKhDBdhjkNDa_WaAlsavDWjUVKM
ad.vidverto.io/ Name: moxuuid
Value: 85136c70-477c-470d-8197-ff16ffd78f18
ad.vidverto.io/ Name: _mwayss_zone_imp[9799][count]
Value: 0
ad.vidverto.io/ Name: _mwayss_zone_imp[9799][frequencyPeriodEnd]
Value: 1698850464
ad.vidverto.io/ Name: _mwayss_imp[23133][count]
Value: 0
ad.vidverto.io/ Name: _mwayss_imp[23133][frequencyPeriodEnd]
Value: 1698850464
ad.vidverto.io/ Name: _mwayss_camp_imp[10351][count]
Value: 0
ad.vidverto.io/ Name: _mwayss_camp_imp[10351][frequencyPeriodEnd]
Value: 1698850464
ad.vidverto.io/ Name: _mwayss_imp[23239][count]
Value: 0
ad.vidverto.io/ Name: _mwayss_imp[23239][frequencyPeriodEnd]
Value: 1698850464
ad.vidverto.io/ Name: _mwayss_camp_imp[10384][count]
Value: 0
ad.vidverto.io/ Name: _mwayss_camp_imp[10384][frequencyPeriodEnd]
Value: 1698850464
.prebid.a-mo.net/ Name: __amc
Value: 1_1698764064_1698764064
.omnitagjs.com/ Name: ayl_visitor
Value: b0ce368651a755b519f599af3a952f7e
.adnxs.com/ Name: icu
Value: ChgIm_VtEAoYASABKAEwoaqEqgY4AUABSAEQoaqEqgYYAA..
.adnxs.com/ Name: uuid2
Value: 2447243403012636083
.quantserve.com/ Name: mc
Value: 65411521-2072d-81a7b-61773
.bg3.co/ Name: __qca
Value: P0-1207789840-1698764064882
a4p.adpartner.pro/ Name: apuid
Value: c0ecd9ed-b270-41a5-8fd9-076e26c977a5
.rubiconproject.com/ Name: khaos
Value: LOEG9HJE-1C-LMHU
.bidswitch.net/ Name: tuuid
Value: 9b45e93c-af27-4e01-ba3b-f5b8983d2c33
.bidswitch.net/ Name: c
Value: 1698764065
.bidswitch.net/ Name: tuuid_lu
Value: 1698764065
ad.vidverto.io/ Name: adpartner
Value: c0ecd9ed-b270-41a5-8fd9-076e26c977a5
.teads.tv/ Name: tt_viewer
Value: 5b4d8fc5-d994-424c-96ee-e9656421192f
.aralego.com/ Name: euconsent-v2
Value:
.criteo.com/ Name: uid
Value: 4bdecd49-3154-492a-b181-bc5ba0cecbb2
.admixer.net/ Name: am-uid
Value: 832bc8e760de4f69a1c4e7794690f17a
ad.vidver.to/ Name: bidswitch_com
Value: 9b45e93c-af27-4e01-ba3b-f5b8983d2c33
.prebid.a-mo.net/ Name: _sv3_7
Value: 1
.yahoo.com/ Name: A3
Value: d=AQABBCEVQWUCEMWUIHXO1_BgYjUAO9fpdiYFEgEBAQFmQmVKZQAAAAAA_eMAAA&S=AQAAAs-4zM1_8wHLI00aRvt3UwU
.linkedin.com/ Name: bcookie
Value: "v=2&93b96ff4-c532-47ca-80c3-3a26dd4ddecf"
.linkedin.com/ Name: li_gc
Value: MTswOzE2OTg3NjQwNjU7MjswMjGKBYs/7/mzuBjoNl72UlZa2WG28e2rHPsba/x6Wmjd2g==
.linkedin.com/ Name: lidc
Value: "b=TGST07:s=T:r=T:a=T:p=T:g=2662:u=1:x=1:i=1698764065:t=1698850465:v=2:sig=AQFIdcAD861hpKvivQVdiYz8VFxy83oC"
.adnxs.com/ Name: anj
Value: dTM7k!M4/YCxrEQF']wIg2E?e=$m^k!@wnf-Te9(S@mqC2lWGcn<f>pH]%0E[gcm#qk:>G1c6pqg>8GZP-HC_#tt6#(BO7-
.adnxs.com/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJydWJpY29uIjp7InVpZCI6IkxPRUc5SEpFLTFDLUxNSFUiLCJleHBpcmVzIjoiMjAyNC0wMS0yOVQxNDo1NDoyNVoifX0sImJpcnRoZGF5IjoiMjAyMy0xMC0zMVQxNDo1NDoyNVoifQ==
.bidr.io/ Name: bito
Value: AAC5dU7KgioAABfIVHASlA
.bidr.io/ Name: bitoIsSecure
Value: ok
.tapad.com/ Name: TapAd_TS
Value: 1698764066010
.tapad.com/ Name: TapAd_DID
Value: f8d21c5f-41e3-46ac-95c0-48f3ffdac211
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value:
.primis.tech/ Name: csuuid
Value: 654115222033f
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.amazon-adsystem.com/ Name: ad-id
Value: A7t8wUSTuEBbszCOfOtKWqQ
.ipredictive.com/ Name: cu
Value: d6a7516a-d2a5-410b-987c-9f507af44a7c|1698764066426
.bg3.co/ Name: _ga_Z0TZ7TDHS1
Value: GS1.1.1698764066.1.0.1698764066.0.0.0
ads.smartstream.tv/ Name: DID
Value: 1758f9500c97766912b06a3c40ff96ce
ads.smartstream.tv/ Name: idt
Value: 100
ads.smartstream.tv/ Name: permanent
Value: 1
cm.adsafety.net/ Name: UID
Value: CM120231031141ec5251ef8f6c5457ea
.adsafety.net/ Name: cm_uid
Value: CM120231031141ec5251ef8f6c5457ea
cm.adsafety.net/ Name: cache0
Value: L2UzeGVJMkNTL0pzMlRFUXR5b1cvb2w2NDBIVWtiQUtKVWVMd1BUN1ZkWEhYem5XK1NCODBmUjhyalhaeDdPWVN1b0RreUlXMWlBdGFYazk3cTJpQTNoRC8rbDB1MzJyNUJzNC85VWNUS1AzaWcvVjdiZ3ZyVlYxSUN6SGR5R3JSWnZNOG9yU0tJUjR3c1VOZFdYSDNkekVzV0NMQmo0OFh6OTk4SDExQW4xaUlkUlBCRjNzVlFXTHkrbmFDSjdBY25TWCt1MHdRbEZDMmJJeVZpVXMyTmJIWm9ENTdTV3k5d2JZdGV4cVpDVWRYYmRtSE5rQXB3cWtKVGhReU0rMW90OGZSK0NRSkZZbElzZVVVbHRjYVBNMWFOOGx4YVl2L3ZMMDZ1UTMvdEFEaStvUm9pWU5IT2xxWVZTQjRCY25tRkFCR1BqbSs2U055a0FkbU5Hck5nPT0%3D
.www.bg3.co/ Name: _im_vid
Value: 01HE33N4AP30A3SNG1MZM79HFM
.bg3.co/ Name: cto_bundle
Value: yVs-UV82dEdRR3dTRjhJR1dhMktudmFXQmJHWGhPOEJBUEhhcVBSWlF3YXBmRTlYc3ExZm1zRG5SZjVYaUpzUHdEbiUyQiUyQldnSEwyZGx0TXdnJTJCV013eUFSWDQ4ekg1NW4xUGZVZmVpTHIlMkZ2MG53Nmt3NlNnZ2w1cVFoZjAyUEdNRlpNblJ6Mnd3WEdHNFdaTiUyQnRDeXZhJTJCS3FieWclM0QlM0Q
www.bg3.co/ Name: pbjs-unifiedid
Value: %7B%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222023-10-31T14%3A54%3A28%22%7D
.casalemedia.com/ Name: CMPS
Value: 5293
.servenobid.com/ Name: pid_337
Value: y-QQo7zT1E2uHGLDhgpVk8MaAc.__DlhjAwQe68sA-~A
.servenobid.com/ Name: pid_339
Value: y-QQo7zT1E2uHGLDhgpVk8MaAc.__DlhjAwQe68sA-~A
.servenobid.com/ Name: pid_312
Value: 2447243403012636083
.casalemedia.com/ Name: CMID
Value: ZUEVJUQS5JXaHCYGXqdF4wAA
.casalemedia.com/ Name: CMPRO
Value: 5293
.lijit.com/ Name: ljt_reader
Value: HlBevRZHFUfbqa7HQBikmzIX
.gumgum.com/ Name: vst
Value: e_6f3a892e-7476-413d-8bb9-64234d4d8185
.smartadserver.com/ Name: pid
Value: 4357037334949060290
.lijit.com/ Name: _ljtrtb_273657
Value: 273657
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNjU0MTCwMLE0sjAwNDYyNTE1MBXiM9T19vUxdPE28kn3SCwCAFkCmFYlAAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNjU0MTCwMLE0sjAwNDYyNTE1MBXiM9T19vUxdPE28kn3SCwCAFkCmFYlAAAA
.servenobid.com/ Name: pid_333
Value: ZUEVJfR4DtR-Kbmzt7gnpAAAFA4AAAAB
.servenobid.com/ Name: pid_324
Value: 5140084928013254505
.servenobid.com/ Name: pid_310
Value: HlBevRZHFUfbqa7HQBikmzIX
.servenobid.com/ Name: pid_317
Value: 4357037334949060290
.taptapnetworks.com/ Name: SONATA_ID
Value: csonata_1c872633-0ef4-413a-858e-87b62aa39aa0
.creativecdn.com/ Name: u
Value: RmUd31MLs7eUvNzo6Awi
.creativecdn.com/ Name: ts
Value: 1698764069
.turn.com/ Name: uid
Value: 3376923166007774755
.servenobid.com/ Name: pid_309
Value: e_6f3a892e-7476-413d-8bb9-64234d4d8185
.pubmatic.com/ Name: KADUSERCOOKIE
Value: A01F74C6-5714-45B1-8E9F-B6A125E3E453
.go.sonobi.com/ Name: __uis
Value: 2bf8ccb3-b355-488e-bda3-83693e025ff1
.go.sonobi.com/ Name: HAPLB8G
Value: s8553|ZUEVK
.servenobid.com/ Name: pid_353
Value: 0000EEA
.metadsp.co.uk/ Name: ruuid
Value: 7b44d321-9916-49e6-832f-875b04695654
.metadsp.co.uk/ Name: c
Value: 1698764069
.metadsp.co.uk/ Name: ruuid_lu
Value: 1698764069
.demdex.net/ Name: demdex
Value: 82290695645675703784207285975771332530
.disqus.com/ Name: zeta-ssp-user-id
Value: ua-0ba4538e-8ca4-38b4-9085-cbb0be76a916
.minutemedia-prebid.com/ Name: wrvUserID
Value: V2OLw4a-kp_mm
.yellowblue.io/ Name: wrvUserID
Value: T8ORw4azCp_s
.contextweb.com/ Name: V
Value: DPWjjnhlS1Ij
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: de34da4aaafbfb52
.servenobid.com/ Name: pid_332
Value: 2bf8ccb3-b355-488e-bda3-83693e025ff1
.dpm.demdex.net/ Name: dpm
Value: 82290695645675703784207285975771332530
.3lift.com/ Name: tluid
Value: 3442246116530153603786
.servenobid.com/ Name: pid_348
Value: V2OLw4a-kp_mm
.servenobid.com/ Name: pid_352
Value: T8ORw4azCp_s
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-1e5f4efd-420e-44fb-a41e-0d169105e820-003%22%7D
.ctnsnet.com/ Name: cid
Value: e992795b38b5450cbf7a9471e0b1c6d9
.analytics.yahoo.com/ Name: IDSYNC
Value: "198o~2ese:175w~2ese:18z8~2ese"
.rqtrk.eu/ Name: browser_id
Value: a6f0cba5-9e58-455b-92d2-0b2260d1b377
.smartadserver.com/ Name: csync
Value: 80:SUPwgE5D9oBSRPSGTRLpiU4X89NSQPWGSEUJZMCQ|86:2447243403012636083|127:AAC5dU7KgioAABfIVHASlA|150:0
.servenobid.com/ Name: pid_321
Value: RX-1e5f4efd-420e-44fb-a41e-0d169105e820-003
.servenobid.com/ Name: pid_316
Value: A01F74C6-5714-45B1-8E9F-B6A125E3E453
.adfarm1.adition.com/ Name: UserID1
Value: 7296136119996512409
.csync.loopme.me/ Name: viewer_token
Value: 3cae9b2b-b384-4b8a-a265-370768db6e46
.pubmatic.com/ Name: KRTBCOOKIE_1101
Value: 23040-7296136119996512409&KRTB&23369-7296136119996512409
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-3376923166007774755&KRTB&23150-3376923166007774755&KRTB&23527-3376923166007774755
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-3765797799554591622&KRTB&23263-3765797799554591622&KRTB&23481-3765797799554591622
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-2447243403012636083&KRTB&23339-2447243403012636083
.adx.opera.com/ Name: UID
Value: OPUcd7d83846cbc4bf7bbcd2f4622650f8d
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZUEVJQAAQw9o3gBH
.simpli.fi/ Name: suid
Value: 2DCA60587CCB4E3CA2C521D7AD5406E9
.weborama.fr/ Name: AFFICHE_W
Value: 1DMQcfzVKdbU24
.ads.stickyadstv.com/ Name: UID
Value: fadb51c9341f022911b67d771ee3e63
.sitescout.com/ Name: ssi
Value: bcac1c91-5988-42c1-b9e2-49bb8fc304d7#1698764069775
.pubmatic.com/ Name: KRTBCOOKIE_18
Value: 22947-5140084928013254505
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-5zbg0eA25tH8MeTX42f52OBi44L8NeXX5jByHDEs&KRTB&19420-5zbg0eA25tH8MeTX42f52OBi44L8NeXX5jByHDEs&KRTB&22979-5zbg0eA25tH8MeTX42f52OBi44L8NeXX5jByHDEs&KRTB&23403-5zbg0eA25tH8MeTX42f52OBi44L8NeXX5jByHDEs
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESEMppDb6C35J4XVXiHbL-HmE&KRTB&23025-CAESEMppDb6C35J4XVXiHbL-HmE&KRTB&23386-CAESEMppDb6C35J4XVXiHbL-HmE
.liadm.com/ Name: lidid
Value: 33876c72-9723-45c4-944b-a937d75e249f
.pubmatic.com/ Name: KRTBCOOKIE_945
Value: 19558-uid:
.de17a.com/ Name: guid
Value: 1.3774270476419636622
.dotomi.com/ Name: DotomiTest
Value: 571e0c8e1cc31615
ads.playground.xyz/ Name: connect.sid
Value: s%3AY7_REWgbcADxKzWf5LGUp7QothhJtTp0.LnF8OH81YlozWKU93lst0rIXyRHI9ILBU9V7kXExfYs
.contextweb.com/ Name: pb_rtb_ev
Value: 3-1nq9|7dN.0.AAC5dU7KgioAABfIVHASlA|7bq.0.1
.pubmatic.com/ Name: KRTBCOOKIE_1323
Value: 23480-OPUcd7d83846cbc4bf7bbcd2f4622650f8d&KRTB&23485-OPUcd7d83846cbc4bf7bbcd2f4622650f8d&KRTB&23524-OPUcd7d83846cbc4bf7bbcd2f4622650f8d
.sitescout.com/ Name: _ssuma
Value: eyI0NSI6MTY5ODc2NDA2OTgyNX0
.richaudience.com/ Name: pdid
Value: 0481b95e-e7c9-403d-93f9-1zz1698763983
.zemanta.com/ Name: zuid
Value: v4fffpB6rU08YIjKlodd
.betweendigital.com/ Name: dc
Value: lux1
.betweendigital.com/ Name: ss
Value: 1
.betweendigital.com/ Name: tuuid
Value: 48237484-3cf0-5230-bbe4-d491dea5c1b4
.audrte.com/ Name: arcki2
Value: c3bI6x5MgC0Tp6Ljib-YvZKWw!20220908!1698764069850!ip#195.206.105.130
.audrte.com/ Name: arcki2_pubmatic
Value: A01F74C6-5714-45B1-8E9F-B6A125E3E453!20220908!1698764069850
.pubmatic.com/ Name: KRTBCOOKIE_188
Value: 3189-bcac1c91-5988-42c1-b9e2-49bb8fc304d7-65411525-4348&KRTB&23418-bcac1c91-5988-42c1-b9e2-49bb8fc304d7-65411525-4348
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-92700a2f-2a32-5f4b-73cb-76eb9b3cac48.JCcfjuMwD9%2B%2FjACaeRj%2B3FDW%2Bgzbg4SxbDs70OduvNE
.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-92700a2f-2a32-5f4b-73cb-76eb9b3cac48.JCcfjuMwD9%2B%2FjACaeRj%2B3FDW%2Bgzbg4SxbDs70OduvNE
sync.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AknAKLyoyX0tzy3brmzysSMPOaYI.0z2io6TcFe%2Fv64DFT3KLYaUeBE9%2BiYELy6042ZG%2Bxug
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AknAKLyoyX0tzy3brmzysSMPOaYI.0z2io6TcFe%2Fv64DFT3KLYaUeBE9%2BiYELy6042ZG%2Bxug
.crwdcntrl.net/ Name: _cc_dc
Value: 1
.crwdcntrl.net/ Name: _cc_id
Value: 71f2983ac7677acd3b9726cceb7f1ba3
.rqtrk.eu/ Name: rc
Value: 6:
.onaudience.com/ Name: cookie
Value: 9ef5ca8c17568aea
.onaudience.com/ Name: done_redirects104
Value: 1
.pubmatic.com/ Name: KRTBCOOKIE_336
Value: 5844-3774270476419636622
.pubmatic.com/ Name: KRTBCOOKIE_699
Value: 22727-AAC5dU7KgioAABfIVHASlA
.pubmatic.com/ Name: KRTBCOOKIE_32
Value: 11175-AAAIICPG5F7edANf8NXlAAAAAAA&KRTB&22713-AAAIICPG5F7edANf8NXlAAAAAAA&KRTB&22715-AAAIICPG5F7edANf8NXlAAAAAAA&KRTB&23519-AAAIICPG5F7edANf8NXlAAAAAAA
.betweendigital.com/ Name: ut
Value: ZUEVJQAOUBD90lnmQRGiMFbnUAq-MyH2Fes5uw==
.pubmatic.com/ Name: KRTBCOOKIE_860
Value: 16335-knAKLyoyX0tzy3brmzysSMPOaYI&KRTB&23334-knAKLyoyX0tzy3brmzysSMPOaYI&KRTB&23417-knAKLyoyX0tzy3brmzysSMPOaYI&KRTB&23426-knAKLyoyX0tzy3brmzysSMPOaYI
.audrte.com/ Name: arcki2_ddp2
Value: c3bI6x5MgC0Tp6Ljib-YvZKWw!20220908!1698764069984
.openx.net/ Name: i
Value: a79fe92e-d2c1-0a1a-1f9e-4e773bfe48bf|1698764069
.pubmatic.com/ Name: KRTBCOOKIE_466
Value: 16530-9b45e93c-af27-4e01-ba3b-f5b8983d2c33
.richaudience.com/ Name: avcid-apn-uid
Value: 2447243403012636083
sync.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIEqjuYjyQz_VLUAeYdbPu5fEnrSJs5D4OZz4mx3aVJt1EHwYBCClqoSqBjABOgTwi70wQgSY6yLd.UwIAs4ZpDRng2gtA3wdSJAQWnWzmWYOKVuw6WJTeu6U
.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIEqjuYjyQz_VLUAeYdbPu5fEnrSJs5D4OZz4mx3aVJt1EHwYBCClqoSqBjABOgTwi70wQgSY6yLd.UwIAs4ZpDRng2gtA3wdSJAQWnWzmWYOKVuw6WJTeu6U
.openx.net/ Name: pd
Value: v2|1698764070|gen0vNvQiygu
.pubmatic.com/ Name: KRTBCOOKIE_409
Value: 22966-tk2EoAPtRnMVjgSjbTVUSgng
.pubmatic.com/ Name: PugT
Value: 1698764069
.bidswitch.net/ Name: custom_data
Value: 8726y19tb2pmSUdMMm5RJTJGSHhQJTJGSTdjek42S082QktDUVd5Z0Y1ZTRKJTJCT2ZBcUZDSGZ4UG9YSTAlMkY1Y0hkczVpMnAlMkJhcEJSa1RoOUVhSkcyQnhSdHczRlM5VHEzZVRwdjVYYWU5a2FKYiUyRlVUUkFId1RYVlY1enpGdmRybXVDYmJDRFRrancwQWs3ZHJrQzRMV1JHbEJUMjYwJTJCY2hsR2J1MHBoZ1RDMXNuWE50Mm96Z0lUQ1JnNjlNblg5Yk5rZWJNVDJoRA
.quantserve.com/ Name: d
Value: ENsBEQGoKvijCJiTAA
.servenobid.com/ Name: pid_346
Value: ua-0ba4538e-8ca4-38b4-9085-cbb0be76a916
.audrte.com/ Name: arcki2_adform
Value: 3765797799554591622!20220908!1698764070129
.us.ck-ie.com/ Name: CID
Value: 9fb305a452447f30cfe6d722a51cfffb18ff8341
.smilewanted.com/ Name: sw_user_params_infos
Value: 4E3Xa56hNgi1KNHVWCpVbHjOl6nn710mzuuCm5h3Q9fWoT7QI8b6Mo%2BJY2PiIKJXa31km5G5mwHAohhq74Cv%2FqJAn5uz3EgJZ51qCFMaMZvm2qgE0IbNDQ0p5aL9%2BIgCESvAPpBMXAQHUB02aHQqPoDvhE7ci5fD5zk7GFJ7UmxOJhl7UE1A7cnijyRtiqRiQYn0n0yMtCvxAAwCqjPeQ%2BetZoEJLlZ5mu6ScTeNYqR3mSvH2YlA%2BbXKBhtmk3ZshwO6h2AzNf5TH1L41AGxBnBLEl%2Bqf0XOFZSTe2xeuczFvmhJ%2BBYBpZbzSzi%2FOPm%2FLZgQlVZlKPF7Tyzj5JHZTdQDJ93mhIyOlEERUpVaAgHDF%2Bg4Hwhc4%2FtIIBFGf56xXYBsj%2FKKPsG4hPkqk4uSP37Z6RiA5ZzGqeVha5220zyX71sI4VmYYa%2FPNX7hbPd4
.rubiconproject.com/ Name: audit
Value: 1|yQuirGeEF6AigLPK9xcYElqbBgMWySGKnddJL2ro259X+13DaoJuaM3xakPTa7j/X6utJr3FpsEhVzfZLSZD/uoyBNGqA3hL1WoBSYwPI/Y=
.socdm.com/ Name: SOC
Value: ZUEVJsCo5s8AADDHjtEAAAAA
.servenobid.com/ Name: pid_323
Value: LOEG9HJE-1C-LMHU
.rezync.com/ Name: zync-uuid
Value: febba5ac-38b2-4c04-8156-fea2350cb746:1698764070.429616
.rfihub.com/ Name: euds
Value: H4sIAAAAAAAA_wXBwRHAIAgEwE_aIQMIB6YbYbQQK8_ufXB21fLVNLKUrNkoxUFnLx3OXWH4BDMDxsGv6YTgB__zt205AAAA
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_9vEyGtoZmlhbmZiYGZpZmw6SdgsLTUpKdE0MVnX2CLJSNck2cBE18LQ1Ew3LTXRyNjUIDnJ3MTMCqbJ3EDPxMjSzNBsljAvQszU1GIRKt_ylDiSRUbmBgABQ9TfeQAAAA
live.rezync.com/ Name: sd-session-id
Value: .eJwNyksOgyAQANC7zFqaAWb4XcYAHRPSShvRTY13r8uXvBPmr2xr7tJ3SPt2yAT13W4NSCeM9lvlBQlYE2KgaAJqa5gYGa4JhozRPn1uz_ssUkrmXJUNxSiqSCpodmqRbCxjLZ5c0i4G7wg9PshEpx1cf591JbQ.ZUEVJg.C4KDc7gDy0On2YQ1azgVzF-_IOo
.rlcdn.com/ Name: rlas3
Value: 629qV74feyhUsIhGEwhIYpbuCsoKJveUoBX5FfH8jaw=
.rlcdn.com/ Name: pxrc
Value: CKaqhKoGEgUI6AcQABIGCLrqARAA
.pubmatic.com/ Name: SPugT
Value: 1698764070
.pubmatic.com/ Name: DPSync3
Value: 1699920000%3A241_235_227_226_219_197_201_245
.pubmatic.com/ Name: SyncRTB3
Value: 1699315200%3A2_15_223%7C1699920000%3A55_166_8_254_22_243_204_56_46_233_161_13_264_238_214_165_21_249_99_71_234_196_3_81_88_251_54_220_176%7C1701302400%3A203%7C1700006400%3A35%7C1703894400%3A69%7C1699574400%3A63
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-1e5f4efd-420e-44fb-a41e-0d169105e820-003%22%2C%22zdxidn%22%3A%221508%22%2C%22nxtrdr%22%3Afalse%7D
.ads.pubmatic.com/ Name: KCCH
Value: YES
.zeotap.com/ Name: zc
Value: 132dbe81-4ec4-4486-730f-10d65dffbdb4
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 8
.pubmatic.com/ Name: pi
Value: 0:4
.ads.pubmatic.com/ Name: pubsyncexp
Value: 1698785672724
.semasio.net/ Name: SEUNCY
Value: F2C0922FA4E682F
.onaudience.com/ Name: done_redirects219
Value: 1
.zeotap.com/ Name: zsc
Value: %95%AA%DEx%280%AC%3An%EC%C0%B4%AD%A6%2CaYjv%9B%0Fpp%EE%B5%C76K%CF%D1%5B_4j%7C%BE%3D%0E%D3n4%BB%90%3A%B3%16%DC%1APh%80MS%F4%DF%C0%272%85%1D%87z%5B%1D%B8%C3%11%98%82%A2%EA%2C%A5%D6%BDVBD%CDp%2C~0
.tribalfusion.com/ Name: ANON_ID
Value: aNntmIyg6AbrA7u8PVN841vSbFwt36mUAVK6Lt0O9YKL5Ifn58vccjPZdESUSkrk4btGvjm7D3S2C8T5B3WaS0ovb

36 Console Messages

Source Level URL
Text
network error URL: https://static.bg3.co/imgs/202309/79401d002e29cc5104dad08d989537f0.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/7bfad1903450e5d570f3a1ee1f7ea927.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/51fbf36abb40ef2fd9a12a381a5a5d81.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/ea911093a75d9b12fcc5e6275540a3c7.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202309/d3c4d85a866e33aca295c6304a0b1098.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202106/5bce03c10680437adb6c019699e6216e.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202106/b4690b480b451bf4b0769fbc5d35b134.jpg
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202106/5df09551d4e6bdb90dfe768ef4687789.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202106/7afbc44ea234fea2e126543815919a8d.jpg
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/58c54f35beb14898795fe84cd8d0998a.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202309/7325087fbe0fea2520333356dbc808af.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/3c53a764b4fad74307232fd78eef9fde.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/2d7c8ae313582ee88ef692382e1d2fef.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202106/1779145f141e134a1d6c84f930a2dc91.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202110/54e377ee13bb445cae0ee70376de061b.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202106/de603c26b05bebcb407336b4027fc667.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/2c0a716c2c226ad6ad1397295d47329e.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202106/58debebcd91f06a260d5c9b9e01533ba.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/0d96627f9f9fa072f738109b0b515edb.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/f85f44f8e05d695c8ae3e793839db024.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202106/059a40e394768dcd5943c283b87b53bb.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202106/33808e04789c8b2d47342d359995fbda.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202107/ef77deaf27f5adadf4320c3c86d6cd85.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/8196c340da7ca499a9f763518f4b2c3e.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202106/0b8d2d42b484f278190928355561de88.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/8a9866fb8e69b5923872d3feb58b598d.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/a8033bc7a364ed6186779ce66d6e603e.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://rtb.openx.net/openrtbb/prebidjs
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://rtb.openx.net/openrtbb/prebidjs
Message:
Failed to load resource: the server responded with a status of 400 ()
security warning URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 504)
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
network error URL: https://capi.connatix.com/us/pixel?puid=LOEG9HJE-1C-LMHU&pId=11&gdpr=&gdpr_consent=&us_privacy=
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://cdn.adpushup.com/42753/L2EveGlhbmctdGktc2hlbmctbmFuLXhpbmctbWVpLWxpLXpoYW8tbWllLWxpYW8tdGlhbi1sYW8tdG9uZy14dWUteHUtaml1LWdhby1ndS10b25nLWt1YW5nLWJpYW8uaHRtbA==.json
Message:
Failed to load resource: the server responded with a status of 404 ()
security warning URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 504)
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
network error URL: https://34ea2439be446e598bd03737d8924673.safeframe.googlesyndication.com/safeframe/1-0-40/html/hb_native_image:77d28e1bf5eea66
Message:
Failed to load resource: the server responded with a status of 404 ()
security warning URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 504)
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
network error URL: https://cookiesync.api.bliink.io/getuid?url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbliink%2F%24UID
Message:
Failed to load resource: the server responded with a status of 400 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

17e731cbde43e73ebd1ddb84bea4691d.safeframe.googlesyndication.com
34ea2439be446e598bd03737d8924673.safeframe.googlesyndication.com
4eef6f00ceaed3acf2e359b9bcdfe3a9.safeframe.googlesyndication.com
a.audrte.com
a.teads.tv
a.tribalfusion.com
a4p.adpartner.pro
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad.mrtnsvr.com
ad.sitemaji.com
ad.turn.com
ad.vidver.to
ad.vidverto.io
adpushup-d.openx.net
ads.aralego.com
ads.betweendigital.com
ads.playground.xyz
ads.pubmatic.com
ads.servenobid.com
ads.smartstream.tv
ads.stickyadstv.com
ads.yap.yahoo.com
adx.holmesmind.com
adx3.adform.net
agent.aralego.com
am-match.taboola.com
am-vid-events.taboola.com
am-wf.taboola.com
ap.lijit.com
audiencedata.im-apps.net
b1sync.zemanta.com
beacon-ams3.rubiconproject.com
bh.contextweb.com
bidder.criteo.com
c.bannerflow.net
c.statcounter.com
c1.adform.net
capi.connatix.com
cdn.adpushup.com
cdn.ampproject.org
cdn.aralego.net
cdn.indexww.com
cdn.jsdelivr.net
cdn.taboola.com
cdn.vidverto.io
ce.lijit.com
cm-supply-web.gammaplatform.com
cm.adform.net
cm.adgrx.com
cm.adsafety.net
cm.ctnsnet.com
cm.g.doubleclick.net
cms.quantserve.com
code.jquery.com
contextual.media.net
cookiesync.api.bliink.io
core.iprom.net
cr.frontend.weborama.fr
creativecdn.com
cs-rtb.minutemedia-prebid.com
cs-server-s2s.yellowblue.io
cs.yellowblue.io
csi.gstatic.com
csync.loopme.me
csync.smilewanted.com
d.turn.com
d5p.de17a.com
delivery.adrecover.com
dis.criteo.com
dmp.adform.net
dmp.im-apps.net
dpm.demdex.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
e3.adpushup.com
eb2.3lift.com
eu-u.openx.net
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
g2.gumgum.com
geo.yahoo.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
green.erne.co
grid.bidswitch.net
gum.criteo.com
hb-api.omnitagjs.com
hbx.media.net
htlb.casalemedia.com
http-intake.logs.datadoghq.com
i.liadm.com
ialaddin.genieesspv.jp
ib.adnxs.com
idsync.rlcdn.com
il-trc-events.taboola.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
image8.pubmatic.com
images.taboola.com
imasdk.googleapis.com
imprammp.taboola.com
inv-nets.admixer.net
ipac.ctnsnet.com
js-sec.indexww.com
js.genieessp.com
live.primis.tech
live.rezync.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
match.sharethrough.com
matching.truffle.bid
mug.criteo.com
mwzeom.zeotap.com
onetag-sys.com
p.rfihub.com
pagead2.googlesyndication.com
pixel-eu.onaudience.com
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pixel.onaudience.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.tapad.com
pr-bh.ybp.yahoo.com
prebid-server.rubiconproject.com
prebid.a-mo.net
prebid.media.net
prebid.smilewanted.com
pubads.g.doubleclick.net
public.servenobid.com
pubmatic-match.dotomi.com
px.ads.linkedin.com
region1.google-analytics.com
rr1---sn-1gieen7e.googlevideo.com
rtb-csync.smartadserver.com
rtb.gumgum.com
rtb.openx.net
rules.quantcount.com
s.amazon-adsystem.com
s.tribalfusion.com
s.yimg.com
s0.2mdn.net
secure-assets.rubiconproject.com
secure.adnxs.com
secure.quantserve.com
securepubads.g.doubleclick.net
shared.bannerflow.com
simage2.pubmatic.com
simage4.pubmatic.com
sonata-notifications.taptapnetworks.com
spl.zeotap.com
ssbsync.smartadserver.com
ssp-sync.criteo.com
ssp.disqus.com
ssum-sec.casalemedia.com
static.bg3.co
static.criteo.net
static.smilewanted.com
sync-tm.everesttech.net
sync.1rx.io
sync.adkernel.com
sync.aralego.com
sync.crwdcntrl.net
sync.go.sonobi.com
sync.ipredictive.com
sync.richaudience.com
sync.srv.stackadapt.com
sync.taboola.com
sync.targeting.unrulymedia.com
t.adx.opera.com
tg.socdm.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
track.adform.net
trc.taboola.com
u.ipw.metadsp.co.uk
u.openx.net
uipglob.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
us.ck-ie.com
usersync.gumgum.com
vidstat.taboola.com
vidstatb.taboola.com
visitor.omnitagjs.com
wf.taboola.com
ws.rqtrk.eu
wt.rqtrk.eu
www.bg3.co
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.statcounter.com
www.youtube.com
x.bidswitch.net
yt3.ggpht.com
ad.mrtnsvr.com
cm-supply-web.gammaplatform.com
simage2.pubmatic.com
static.bg3.co
103.231.174.251
104.18.38.76
104.20.219.77
104.22.68.131
13.32.110.110
13.32.27.7
133.186.12.16
141.226.228.48
141.94.242.204
141.95.32.69
142.250.185.226
145.40.97.66
146.59.148.16
151.101.1.108
151.101.129.44
151.101.130.49
151.101.65.44
152.199.21.70
162.55.120.196
167.235.184.171
168.119.72.236
169.197.150.8
172.217.16.194
172.64.146.152
172.64.151.101
173.231.180.197
178.250.1.9
18.195.81.68
18.202.86.19
184.30.20.22
184.30.21.51
185.106.33.48
185.165.240.175
185.184.8.90
185.64.190.78
185.64.190.79
185.84.60.23
185.86.139.104
188.42.34.65
190.2.150.148
190.2.151.7
192.96.203.13
193.0.160.131
193.135.9.129
195.5.165.20
198.47.127.20
198.47.127.205
2.18.160.23
2001:4860:4802:34::36
2001:678:cb4:bbbb::11
2001:678:cb4:bbbb::13
208.93.169.131
211.120.53.200
213.155.156.180
216.52.2.39
216.52.2.6
217.79.187.68
222.230.178.132
23.197.120.249
23.211.9.91
23.97.225.52
2600:1901:0:e207::
2600:1f18:24e6:b901:33b0:541:cb9a:ca14
2600:9000:211a:de00:6:44e3:f8c0:93a1
2600:9000:21dd:e200:1f:4c18:bd40:93a1
2600:9000:2250:4800:0:e06c:e940:93a1
2600:9000:2251:8c00:1a:5235:f980:93a1
2602:803:c003:200::31
2602:803:c003:200::67
2606:4700:10::6816:1857
2606:4700:20::681a:467
2606:4700::6810:407e
2606:4700::6810:5914
2606:4700::6811:c96e
2606:4700::6812:19ad
2620:116:800d:21:5ed4:8d5d:fed7:f5ef
2620:1ec:21::14
2800:3f0:4001:831::2003
2a00:1288:110:c204::b000
2a00:1288:80:807::2
2a00:1450:4001:808::2002
2a00:1450:4001:808::2006
2a00:1450:4001:808::200e
2a00:1450:4001:80b::2002
2a00:1450:4001:80f::2001
2a00:1450:4001:80f::200a
2a00:1450:4001:810::2002
2a00:1450:4001:81c::2001
2a00:1450:4001:81c::2002
2a00:1450:4001:827::2003
2a00:1450:4001:828::2001
2a00:1450:4001:82a::2004
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::2008
2a00:1450:4001:82f::200a
2a00:1450:4001:830::2001
2a00:1450:400a:8::6
2a02:2638:3::3
2a02:2638:3::6
2a02:2638:3::7
2a02:2638:3::c
2a02:26f0:c6::210:6568
2a02:fa8:8806:21::1690
2a04:4e42:400::649
2a05:d018:d29:3602:b6d5:6b91:e46f:a747
3.127.123.183
3.211.39.212
3.67.250.230
3.72.190.56
3.75.62.37
34.102.253.54
34.111.113.62
34.111.129.221
34.120.63.153
34.194.166.122
34.241.26.2
34.246.239.231
34.247.233.198
34.255.45.168
34.98.64.218
35.186.193.173
35.186.215.140
35.186.253.211
35.204.158.49
35.205.65.172
35.210.239.72
35.214.201.206
35.244.174.68
35.71.131.137
37.157.6.237
37.252.171.85
46.228.174.117
51.222.80.231
51.89.9.252
52.205.208.143
52.213.237.149
52.214.19.144
52.23.134.172
52.46.151.131
52.49.194.113
52.6.69.62
52.94.223.167
54.38.197.123
54.73.51.1
54.93.103.174
64.202.112.31
69.166.1.67
69.173.144.137
69.173.144.139
69.173.151.100
76.223.111.18
77.243.51.122
77.245.57.72
8.2.108.175
82.145.213.8
85.114.159.118
87.248.100.137
88.221.169.246
89.149.192.76
95.101.54.203
98.98.134.243
0229b8f7cef98381e5f09831075229b0d2a1345e745a52ea7647af903df4c77a
0407dafc112212a135d1aa4dd9b40ba0208c6bb6b1959f5535af093254189d66
04736547cedcfa3017ab9590abd5d0db741085ed9d45231d250355d3e910f73f
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
0541f15849954a50d8cef68ee82bf556c7746c867cf18350237b438557b18a3e
08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
09343d3b3473e1c994b2d603c99feb8a0f63fbd3ff20be7432ff18b973dbe651
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c85c630601edab15e8aa2e0a5ab14ae6168816700c3b2a2bb4983cdc2b11acd
0d7ca87f6e389a371dbcd1dd579bbdfe40bcc54e157c2f3aecde2722662bc5dd
104fcc2fd6e3915827dd461fe6e067382a7603215b7dad6db6a7ad41028d76f3
128161533312fa79a057e50dfaf61f7ab9b2d44c4be01fb22d125b1b2e3c23d9
12af7975664854ca36da674714083fa05297940fce71e42dabf688e2eb19a0f1
15c5ab257f685e66dbabf646aeb10b4e616dc155b17d8e1b170aa5c1cd8fe32b
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
16451b410da7e2e5795bc39384f40bb5da9c5049519689afeb4b936a4ec7f6b0
179b7e1951da161ed13c7877025515b1691a3b7576df631bccb401368c7be9cb
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
19357ba4599338efef8275b32f7810565385f2aeabdb8a98fe7ee2c2576cbbb7
1a1d718d37cfe41f443875b0e534554d59fc224d8ea838cfbfcb5d9d426a2a59
1a7af48d2ba500b47a74510b60e7de2393049cab03c78d380573f25d99161bc2
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced
1c20d54555b098aef8269b6fa89b316fa731aac67e6926c1203c27edf8cf9dbd
1d2e8de8d05446a49a58d8b8af9bc4698dbd4a63c4083d893ec232b1f3b0defe
1d5689bea7fef395b56ca5de0d36d6d081214da4703970c9e547a3ed0b84b445
1d97ed55854b9ba2188b903f4784395c01e93f77ae489172e8fe6e1be4ad61e8
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4
20678c305b50c0988193d64cb34f41e2dcb6f2fa48353106436ea301e07ce70a
2184ab8caeec4854f105785f0bbf7ca0c91d0ce66b9c8324fedad90c872ca22c
21bd977042a76480805895c3bc4371d79fe7da93c8cf7af08687e0b58f4e39ad
2216d34c7dcc4c1ae0ca523ef5c72e2588979ca3088f78f649be0d5288da27f2
255d064cf8686e4154dac32e6f6ba8143ec1ed434e203bdf341bc64ccee2f482
25d7d7e5e38e23815aee53addda32ec840413e34833fcb82aa5c24f4126efc74
26914004d3a8d5ddde2202b642d7936eb61c9f195b5cd3c87e44ef8ad4d57c16
27a91da912b7d55b674d7e51169624fba807e89df16c07fcd62ef55544abf77c
27cec687542bed4488663d01cce652836eb85f2f5fa769c0d997454350cc6b2e
287077b1aeaca25ca5387fa4bccd16aa0f098f48ab4630152689426db2d97470
2964c170ea0c2506aa35751385943bc7fbf32641578c66f94365bc3025e8c142
29cc53c94045f5992fe796c8c978b1c06e691ad2509afcbbf9fcccd09a748944
2a6c848d45a865f0a39d9b08c6f7b2e1b870d4edbf1955b67a78cda5ec6bc55a
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2b7e24f8e24d7e050c4c2cc70e84d1c0348f3df7a1262f080e3488c5800d154a
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e1c308b644d5be0cb3ca8d1ed6ca9caf2f559a2db097ce23040bb7e6f352d6e
2ebcdc45625d8bd6eb8cea62780c1128df28c86ef0e10a6369ec23c97d61d92c
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
33835e01945326ec06398086fa8580c6045acdf38f8aa21bad8c790282d63ff5
37517e5f3dc66819f61f5a7bb8ace1921282415f10551d2defa5c3eb0985b570
3775f3cc2872758f7bd29c856a60d4e55a35aebdfe51f3cf9645fc7ee3049328
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618
3a87e77ec3b3a012b4037ab4168ab0e7ab7ad7a8cdf77798bfb9d882d04e60f3
3b2ea1c9f3587781b58285cf64279e67f6329a3924fb93f81529f1826e2f4d16
3c75025cc0d5b1810cdabbaea50b98c01ea6cab7d8578ae3def95c4b6116f512
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3f3cc4594d1a5d86f9744e69a83224e4fb501d8a09ef18d4824b58f94ebe46e2
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
41dd8c49076ba5c73db693c6f14c1c3fb3013105556201a7a6d8218496802945
42f3bf00b98db3a1546c6738ebebcc11ce41bffa2e1f24c022c2f9392938d597
42fe10d8382d3fb7f84308b95ae83c5959838f0aeff2cb1733bab9d394c5a2d7
431919aa163afc4f5007d7f57f63c1169c466fc6877ba80b0dba40f2eb9c8c2c
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44590d715648a4e9c3bba8238e611ba07c8469581e0beece4e0a773bc8745f3b
45216dba89e6a2e7582cf2330c6644e9734fa99fef1866c32fc23a7a04dbaf72
4551fcd9dadcc112744127c0bb2d260add603b57093cfb2f30e29852f3c57b87
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
46bada42c52a43d863522d51939052e4aeebf83dd89011785b5738b3534aa706
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
47b193b0d3ac7fcb7bf22555b602c310145a0f6c1fd9acae397c121b22203f19
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4ab7918478793ceb022d3f5449e401b44b78d87bc4429058ebb8b64163640da2
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d7d664bdd0d9e9c6dccf6ca99899d0e3e4cd1fea23ec834bc6ef5577c98bdb5
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
4f4ac785e6eea82163d9c1a34c24f5b2f671e0620e8aa30eb7b478a3ad559c55
504327d812a644280bb0e65ce52a752b6f04baa8de92778a8acfa23a96aa597b
5198b4b9434e8096a62ef0b08309a7835e40508875b5cb3f2daa929fe28757ba
5249da1260da099cdc4e8e2b811d4c0cd740f47d662dd90ff2106e86f0e2c6f4
53822990c924d204a15e37673d6c36b4589c9a412a83d879ef2a9124b0ae16cc
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55cf3f05f0e211dd54b171882d3ec539b9e4ceb35757e6d24b453d34de6647d6
55d4cf75157fb705cc72e03673dddac908a23428acaa85d6e3357a48bd036d2d
56b2dbb7c2afde1b2aad1a71fedfa0dfcb9ec542de73e8859cee0a8a237d3d6c
56cc71004ff508068962d6cc538685227b648aa0b5f225a72b1d8c5cb66b5bd2
58550bfbd57abaa8f64bf8a14889e10a3726eaea36bf0c08a9f613fc29916c17
5a42323e0b1c4e0d4d08124e092838d317dec3536cedfeb797380f02c1ebc132
5af0dc859041c89bf851237f7f3a1e5ecacf33d3ca6b639b56c5ec08e6e9add5
5b78162f8769a076a8a1b6410a6cbff12c3b09919848817de4d8d89e9fc34fd5
60f74110267d386c033ca330fc5bbd7d2472c972b63b33fa8000e87c8f815de6
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
6649db4b7a29bc5f4e73c81c43756ee8a218bf29ce8085cc6a86b10a635d38d9
66776998b10e583a72f8fd29391a50e2c80eb3bc9a65b0dafe97e576d7d88507
67a3b833bb6acc2b54e00118653dfe9a87b1caa15d7b9bd93646bf81c6a2c5ad
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b278e48df6b2e2f917803f532a9257fbb46bf576a8dfc07f1f8eb94468b54e8
6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc
6d83b77c3d8c5c0ccc7078540a1fb0bd9fa43eeb82b89f83264d469aa100c088
6df70a849c4a12e556e5aec07b3b843f61b25f07bb04bf0f2504c1de2ea015a6
7392d9a331bcae6600820deede9b2762a9c4b1938cf8098f70658cf6a1dd388b
73e487e250b1fd7d9c2a638a3532f49c96e958845e79c3f0542f77eceeac5427
746589ecfb4406519933a6aea5f1149224afcba81e3c3ef0541e7ad6c8111b7e
76e60e5d5a5ad4fc62e95a05f4840d8b07bbb7a27d130436b22f662424f68807
77bb103ff778fd363368a2973e28d69c46911b17d6bcb65bf0d126e893031966
79435c78f5700a51da5339350b2c640153fcb817d0a7d328b5a53dd3f71252c9
79800f3b00da5826f662b804105879cd9a8013f90a89d825e6675c0a9abdfa8e
79e5889c36479f99096a96a61cbfa92fc35ecf12d233635e0224b2c415859de1
7eb814d1aa98f935061661cc64e9d2b7fb33abc57d95584fa341167014d47b51
7eddc7e40f583d7244a3f2235d6be162336c446b943ebcf7a4f4a0d02fa18030
7ff73b4711e890f88f94eaaf26b50889dafbdfd7d13b0e529a8f6fe6fda6e008
80bd9f4f42e2a8fc72c3c71dbe5d2ae87241ec44d78689b5210018be6d3717cd
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83ecdfb76c38605f0e3538a0a9de0f1e57a457a2dfebe0654ee2f9b13c49a2ec
85a9ec88a119779e7632b1fdb3e841cc9ba8c128040ae142086325b230c12ce5
85fc6174ce4620ca01e50174ef4cb0317d5e8574a634bf1924b63dac85d8ef9e
861aed070db50ce0da9928455deff784c115b44540b09450f225ff7cff0c7429
86ce935f11b9666dfbce05e803455602d2e671f93f151ca85bc12c73047e9a8c
8895c83287e65a12c85a2b9c9b284b021a906f42e407f9aa3d5969f4931b60dd
889ce7128a1460ca45b5e8b4e22c950f46e1ba71f62b22c05e6553588be964dd
8912f7784aa6f0eb942bf16e06b90261c8dac9bc8a95b1170760730049df9fcd
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8b5dcce5ae52a240d5e98a77a9825119634ec2edb925d279af19908b0371da47
8bdb773cc106f613774d2d67d669a1328d3a2eccee2ebae9d548b9dbe2b925ff
8ccb468c058da5e92426f3a868dbe38245e3e4ed71985f96264ae1407c130ff9
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
8d5d4d2769bdb28802f4309747ef6a358007eeb37daadc66a78ba0ca81cd4bce
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
91350f2450625bc2f97cd9e3f9bf41e6670b7f88b05f7e38c21c25f9c4e4dcee
9145a1b5941a698cff3ad558184cd813710a61ea765201ee9465fd2cd8cae663
9284d948e86d2e99f31483b5f4b3a4c3e65e0a6fbca9a8d2db8c6095f82ac3f5
932ff4ef67b5c172b0b040d097309bc8cda91badd8494bfd1d7f225dcdff2a9f
9383956d5154cc027fadd2e20f551d827afed83f3211fb7aaa7051be7bab62ad
93870d49d621c8497ff79e8e43190812369c744395be1e8cf58416372b990a3e
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423
954b3fda838a7666e6e9df9d3f856f317e0ac130bf5e8778b12ba575fdebf729
956101386f1e4f7c766aab85f2582fd4bc1761a2c66e426bfc847cd4d29dd137
957135063edbb7272a9f5247b887095262f77644fa42419381bf7ca2b0622bb8
9707d6e62a22e990a7f0c39c793fba66c4cb0f017f51103851dab68ea94b7d2d
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
99235240097ffe1c3ccf93f0275840df66a62f6ce406788402b06df413755d67
99b46238d6583f6e5f580d46f54f6501132d0de0088e58fcafbd785d4887d873
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9b6a7ca7428363767b92f9cf0ebc6dc31c5228022e2d2cb5016c0d9493021d1c
9c51b3bb0c5188de2571ed94d9432b85693241de3e05e5e82247dd8a45d4d03f
9d7f55e2839c038c487bacb31a0ce00e33b9639832552f982925e3de7d735ee2
9e7db974c241558a99427dd9f07298013201747cd0b96a95d1fb166eb22f576d
9fe2e6ad5eed2376cb95ece090319a59757d866056ea4ccba0379125e3548a0c
a03c4578f73d61ff2655eeb096a800f0bbd1da1a3477f7db4185fe2210740866
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e
a1e97835a44625b2df57c62bc417fabd53851bf006164fdb549ef8a5cf8024d4
a369fda3e1c07ddcdf6e095e9beee003a6746dd87b9aad098d1fcca7499b77f3
a44f5d561cd3e602e092304c1356809a206492fa189be1c11d923e8e768b06b5
a5842f0012f62a7afb70927bad232eb7038549e7e2fb2b8efeff9f3af4bc5d7c
a6082257fe9e807fd65d06b71d533e90481bce2e163e0f25b36ab36a552bc6fe
a79afc8be38c66a19e0dcfce66ec28d53571f8aec65320785f790910cd068141
a80bee4581430d3aacce9439e57e78ac2172de6b98d4bf097dc6f0c6e61787ad
a9fc2af3b136e2e19f34559b99ef072c2cd8f225da94fc4941a0fc2e0f7111b6
ac2fe2697b560ed2c6826bf1e2aa8e2e11976155d5d72410a196d04beffb10a4
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
ad1270333ea16969313802add43789e0558cd75e2bf91e768bcf3937f091a001
aeef1e373026da00565ca401cc7f9689fa90b6327cf97910d056ce9521451caf
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b18c7c6f0ba505516b952d61b1b22e077c21b55bcfdac72b9a4c3c994f683851
b2d20ef01157e938babf09976dc9371124204b5e7ffa9d9d9898cd99cdca0c5a
b585b5dfd5686ec81f8ce1e1b59feef59e251978b28fd3be530f019f7a91425f
b71c20271d9c80d1a71aa0ab9935281c4fa8ac404533f1a0747d7fb03fc68e79
b7d818c698d26d9d34c00c94853c93b34abb2fd53e97c415fafb9e84df993f31
b8b237d6b17c68a05bc377ae355cdadc36ecc1cc37a1053bc79c2aa0e307b169
ba34abe5f7db9bccc4e96465f09ab91bf5393f22dd0acfc2c0e304dd3d94e66a
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb54369234516c2f2469a9989fce0f73145879defec57a2b276b5b1e0bf92336
bd4fe49491624ed17ab1e31a5a5a1b6a44adcc14e7eed96929ce62cf299ad386
be30241d97548b4d0ae8b0fb91e586eb198cb138c9d27458ea4328dd2be0693e
beb2664a5d83399cbee87a2893eaf95a7cc8ce025afe188ea91934eb73669776
bef3b38bc159405848cea8b379aa0be149b31321a55a59e434d85c5f4c5c4fb2
c1046a7b5f56b3c23e1162005cfc50b1f0af39546ed1f194f63a1613acf2dea4
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c5b31d69948ec82644877bfedd33b1da2f216e9cbeb1cca98beb2d166ff2fda9
c6360527bc3a4b8a71c25a967de4b6a09040154b8854988d390cc967b7e31d9e
c697a9aaf58af71e6fc5bac290d6b036d189d672ee6f5c5f1c3404ca83f57be7
ca06fe1ecaf131feeaeec57c84104646f862606cb7c58bbe11dabc4aca9270f5
ccd7b25b5061d883c7bf728947fb876d6225f3d8cd4b23dd7a0fb575b6f08b3f
ccdbf5cfe041882c25b7d948da3608cf2f39d4d2a1c9d66eacf2e2029e427919
cda3c421b62828768ee2741a35bef36bcfdb1199ee3eb987269f7d1ce2dd8876
cdabd3d1aead86fd01ac4eae13ea72552b3e8870bcd4ed2f0e8d34d160a7a549
cdc8970d14a6af6f4ec3c8ba1c6b0effba47a68076a0728bade3c8fb57ea0e68
cdca4dd1b18840912f67f332e5fb77b74ac2e6895e26a8ac2b654a8860e6a965
cecd140859fded0e3056368fb89485ec9b8a63ea24c6a8dfb3d18f6a5f407772
cf42e132308db4daf29fc5d8af08e4bef27adc3cab3082d8cc3ded5908fd3924
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfd86eed5b662601ed1effa05e0922030a1bbfb3111d160df9b4f71630198c37
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d2ee87eebf29ad69e63d734eff3bfcf2a8fd1a4472e1b25b62981c8f5386c53f
d8268330cae734d0a85d5fbaf4f799038853da356f3cf062fb643b848ff1787b
d955618eccbf6f0cbfb990ff2966d3995da6f4fb1a917920cb13f906643edbd4
df83d1810776ea1effd8a536f0ad32f5a400168a2efaa48c97c1fcf57724900a
dfa729d82a3effadab1000181cb99108f232721e3b0af74cfae4c12704b35a32
e07f6815d25792da1b4b3cd8a7d1b0705a2fbdf120d615f0b80c90a152d30fc2
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e48ad39da56ff092f81a47bb001fa1cbd3c2cd2251bb95d5ef545f6d175f5b0f
e4b719f1a67c14180f1c37221dc5487bef4a6bcc7d6838f69dedb1c99f0a905f
e4d7ad9f57f6cfab7610b8b0855c7937f5ec119be17ac6cf6377553c5e735f98
e519cc4b7b8fdc64a7aaafc1b808cde266a234205aac0d6c55589c12446d565e
e5ca865f9ccbb860ff0e593eac9b8cb853782fe864c30947b1de87a455af4775
e690b007a72c30a72e0eb7618678874d0b3fce48c83af10e6f974d4e9e6a0754
e798cfbe560a371c76254f3f81d53af136450768d2971b5849c49a0134b919d2
e7f82c6dfd3fe1bc4eef0b0facc251264f2193ac0233bdfb87cf9d75aba8e8a8
e93769d2227f72b6ff0536b3f5ecfe10874f386201eade7c6753fb2ad5cd1041
eae438576c20d429574bb39337c98179423e0ec301675c2ba564e15fd2e0ae0c
eb2697b60c526a1d4980e0874700e7c2b4f43bb9292770f71bb4bb972506e415
eb4128b7cdb628d604eb98f503bbeee9d3205966b174326903857c197aecd99f
eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
eb7942f135ce5b7b6bcb9becd335aac30ed761972e48d73197a287ae13b7565b
edc30a0e05622f71d52d07a0b7b5e94e654ee06854f893be1954336730eb0db6
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
effa793c576058fea09ab3ed24b66f51608539794804942af8652908b8526759
f121de070aa6d63e0ddef92b4c326e46b64d2436539f434af422af53590f577c
f1c8f6ff1e61b42b3bc44b62301146d05b82f66b4179284d06f761229e7bc382
f37bbc7351a147c46e39abbc29083386e848eb80396410db8bf3257732926c5d
f485f11880adf3bcb0bd5025e93a41363914c293f82917983d75e6daa7819432
f5be70c103392c0ce642305bd1a7ee21a157f8d8f1f382b32b1cb56d04d47dfa
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
f7a397b5050ce15faf422776536b460ce298364935ebc77a8d488f7b3107d92b
f94611f7a8ded4e97166e42539e2559b0ed5b4454f6dc1a0f0ef29410e54c20c
fa7169652bfeb951bb2e6795f3482f8b22ba2c41c153f5dfe0c802741e5ea479
fdbc49323e8cd37fc1c120e0a7b52b8575b4a05ffebc7b8309ef4b64cb6cb54b
fef1165b124fd1d0a4374137f7e1def786829e48dcc580b6e90e2cc364a08258
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e