urlscan.io logo urlscan.io
SecurityTrails logo

www.bg3.co Open in urlscan Pro
103.231.174.251  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.bg3.co/a/huang-zi-jiao-xia-biao-zao-qu-xiao-ding-dan-bei-mai-jia-yao-qiu-zhong-ding-yi-kan-jie-qian-zha...
Submission: On November 16 via manual from US — Scanned from CH
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 124 IPs in 16 countries across 121 domains to perform 714 HTTP transactions. The main IP is 103.231.174.251, located in New York, United States and belongs to XLC-AS-AP XLC GLOBAL, HK. The main domain is www.bg3.co.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G4 on May 22nd 2023. Valid for: a year.
This is the only time www.bg3.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 103.231.174.251 9744 (XLC-AS-AP...)
4 142.250.184.193 15169 (GOOGLE)
62 142.250.186.162 15169 (GOOGLE)
2 142.250.186.104 15169 (GOOGLE)
2 104.20.219.77 13335 (CLOUDFLAR...)
7 152.199.21.70 15133 (EDGECAST)
41 151.101.193.44 54113 (FASTLY)
1 2 162.210.196.208 30633 (LEASEWEB-...)
3 172.67.71.254 13335 (CLOUDFLAR...)
2 151.101.2.137 54113 (FASTLY)
3 178.250.1.11 44788 (ASN-CRITE...)
10 141.226.228.48 200478 (TABOOLA-AS)
3 216.239.32.36 15169 (GOOGLE)
3 142.250.185.225 15169 (GOOGLE)
24 185.132.133.134 49981 (WORLDSTREAM)
5 172.217.18.2 15169 (GOOGLE)
5 3.233.156.160 14618 (AMAZON-AES)
11 23.97.225.52 8075 (MICROSOFT...)
4 151.101.129.44 54113 (FASTLY)
19 185.106.33.48 200478 (TABOOLA-AS)
3 4 192.96.203.13 30633 (LEASEWEB-...)
1 104.16.88.20 13335 (CLOUDFLAR...)
15 104.22.68.131 13335 (CLOUDFLAR...)
4 23 172.64.151.101 13335 (CLOUDFLAR...)
2 69.173.144.137 26667 (RUBICONPR...)
2 213.19.162.51 3356 (LEVEL3)
2 18.185.207.108 16509 (AMAZON-02)
2 178.250.1.8 44788 (ASN-CRITE...)
2 34.120.63.153 396982 (GOOGLE-CL...)
9 15 185.89.211.12 29990 (ASN-APPNEX)
1 3 52.19.228.53 16509 (AMAZON-02)
8 23 51.38.120.206 16276 (OVH)
4 35.227.252.103 15169 (GOOGLE)
20 52.212.105.38 16509 (AMAZON-02)
2 18.197.219.206 16509 (AMAZON-02)
8 184.30.21.51 16625 (AKAMAI-AS)
3 5 91.228.74.244 16509 (AMAZON-02)
5 142.250.185.202 15169 (GOOGLE)
1 1 51.83.220.94 16276 (OVH)
12 13 3.65.51.143 16509 (AMAZON-02)
1 3 185.180.223.221 49981 (WORLDSTREAM)
2 172.217.23.106 15169 (GOOGLE)
3 3 23.56.202.187 16625 (AKAMAI-AS)
12 184.30.22.30 16625 (AKAMAI-AS)
8 11 52.17.168.131 16509 (AMAZON-02)
20 35.71.131.137 16509 (AMAZON-02)
6 185.29.132.241 30419 (MEDIAMATH...)
1 1 69.173.144.139 26667 (RUBICONPR...)
2 2 154.54.250.150 26558 (FREEWHEEL)
11 19 69.173.144.165 26667 (RUBICONPR...)
22 47 142.250.185.194 15169 (GOOGLE)
9 16 185.86.139.93 201081 (SMARTADSE...)
2 7 35.244.174.68 15169 (GOOGLE)
2 9 209.54.182.161 16509 (AMAZON-02)
21 39 198.47.127.18 3257 (GTT-BACKB...)
12 16 198.47.127.205 62713 (AS-PUBMATIC)
12 15 3.75.62.37 16509 (AMAZON-02)
3 3 54.229.235.73 16509 (AMAZON-02)
7 216.58.212.130 15169 (GOOGLE)
35 142.250.185.166 15169 (GOOGLE)
18 142.250.186.97 15169 (GOOGLE)
3 142.250.185.132 15169 (GOOGLE)
1 18.66.97.31 16509 (AMAZON-02)
2 5 216.52.2.30 30282 (AS-INAPCD...)
1 1 13.32.27.65 16509 (AMAZON-02)
9 10 46.228.174.117 56396 (AMOBEE)
1 1 18.202.39.242 16509 (AMAZON-02)
2 2 211.120.53.206 4694 (IDCF IDC ...)
2 3 87.250.250.90 208398 (TELETECH)
1 167.235.184.171 24940 (HETZNER-AS)
5 9 69.173.144.138 26667 (RUBICONPR...)
2 52.6.176.132 14618 (AMAZON-AES)
2 178.250.1.3 44788 (ASN-CRITE...)
1 141.226.224.32 200478 (TABOOLA-AS)
2 6 52.95.118.179 16509 (AMAZON-02)
1 13.107.42.14 8068 (MICROSOFT...)
8 8 34.252.177.198 16509 (AMAZON-02)
2 2 52.73.179.168 14618 (AMAZON-AES)
1 2 216.52.2.39 32475 (SINGLEHOP...)
1 13.32.99.20 16509 (AMAZON-02)
1 23.48.23.44 20940 (AKAMAI-ASN1)
3 52.28.38.5 16509 (AMAZON-02)
5 175.110.113.214 49981 (WORLDSTREAM)
1 8 37.157.2.228 198622 (ADFORM)
1 213.19.162.37 26667 (RUBICONPR...)
2 142.250.181.227 15169 (GOOGLE)
5 8 35.244.159.8 396982 (GOOGLE-CL...)
2 3 13.248.245.213 16509 (AMAZON-02)
1 151.101.1.108 54113 (FASTLY)
2 3 147.75.84.158 54825 (PACKET)
2 172.64.149.180 13335 (CLOUDFLAR...)
1 184.30.20.22 16625 (AKAMAI-AS)
1 13.32.27.7 16509 (AMAZON-02)
6 172.217.26.227 15169 (GOOGLE)
4 37.157.6.234 198622 (ADFORM)
1 185.84.60.20 198622 (ADFORM)
20 2.18.161.51 16625 (AKAMAI-AS)
2 18.203.132.178 16509 (AMAZON-02)
4 23.35.236.201 16625 (AKAMAI-AS)
7 18.66.112.58 16509 (AMAZON-02)
3 44.198.128.71 14618 (AMAZON-AES)
4 4 46.228.164.11 56396 (AMOBEE)
3 3 193.0.160.130 54312 (ROCKETFUEL)
1 1 69.166.1.35 27630 (AS-XFERNET)
3 3 54.87.176.184 14618 (AMAZON-AES)
3 3 208.93.169.131 46244 (WEBMD-IDC...)
1 1 8.2.110.114 46636 (NATCOWEB)
1 1 2.18.160.23 16625 (AKAMAI-AS)
2 5 172.217.18.6 15169 (GOOGLE)
2 4 34.98.64.218 396982 (GOOGLE-CL...)
12 13 37.157.4.28 198622 (ADFORM)
4 4 3.214.253.15 14618 (AMAZON-AES)
2 107.178.254.65 15169 (GOOGLE)
3 5 35.204.74.118 396982 (GOOGLE-CL...)
1 3.216.57.210 14618 (AMAZON-AES)
4 4 98.98.134.243 21859 (ZEN-ECN)
4 5 54.194.65.19 16509 (AMAZON-02)
2 2 34.111.113.62 396982 (GOOGLE-CL...)
1 1 45.137.176.88 60350 (VP)
7 7 50.31.142.95 23352 (SERVERCEN...)
3 3 35.214.186.3 15169 (GOOGLE)
6 16 2.16.97.41 16625 (AKAMAI-AS)
14 34.247.233.198 16509 (AMAZON-02)
2 2 35.210.239.72 15169 (GOOGLE)
3 3 54.165.29.149 14618 (AMAZON-AES)
1 169.197.150.8 398989 (DEEPINTENT)
4 198.47.127.19 62713 (AS-PUBMATIC)
1 54.171.40.33 16509 (AMAZON-02)
1 18.245.60.57 16509 (AMAZON-02)
4 4 178.250.1.9 44788 (ASN-CRITE...)
1 54.78.254.47 16509 (AMAZON-02)
1 69.192.160.219 16625 (AKAMAI-AS)
1 18.203.198.173 16509 (AMAZON-02)
1 54.72.15.103 16509 (AMAZON-02)
2 52.31.127.110 16509 (AMAZON-02)
1 1 37.157.2.229 198622 (ADFORM)
4 4 185.184.8.90 204995 (RTB-HOUSE...)
1 1 8.43.72.97 26667 (RUBICONPR...)
23 29 185.64.191.210 62713 (AS-PUBMATIC)
9 185.64.190.81 62713 (AS-PUBMATIC)
2 2 85.114.159.118 24961 (MYLOC-AS ...)
2 2 31.172.81.159 44066 (DE-FIRSTC...)
2 2 82.145.213.8 39832 (NO-OPERA)
2 64.95.96.108 32475 (SINGLEHOP...)
1 3 151.101.66.49 54113 (FASTLY)
3 3 213.155.156.181 1299 (TWELVE99 ...)
2 35.186.193.173 15169 (GOOGLE)
2 195.5.165.20 44968 (IPROM-AS)
1 2 34.111.129.221 396982 (GOOGLE-CL...)
3 4 34.246.239.231 16509 (AMAZON-02)
4 4 64.158.223.137 41041 (VCLK-EU-SE)
2 2 188.166.17.21 14061 (DIGITALOC...)
1 1 154.59.122.79 174 (COGENT-174)
3 104.17.202.110 13335 (CLOUDFLAR...)
1 1 3.127.123.183 16509 (AMAZON-02)
1 2 104.18.25.173 13335 (CLOUDFLAR...)
1 1 141.94.240.143 16276 (OVH)
2 2 141.94.170.77 16276 (OVH)
1 162.55.120.196 24940 (HETZNER-AS)
1 3 104.22.25.87 13335 (CLOUDFLAR...)
1 2 77.243.51.121 42697 (NETIC-AS)
2 2 15.235.15.221 16276 (OVH)
1 34.102.253.54 396982 (GOOGLE-CL...)
714 124
1    103.231.174.251 (New York, United States)

ASN9744 (XLC-AS-AP XLC GLOBAL, HK)
www.bg3.co
4    142.250.184.193 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f1.1e100.net
cdn.ampproject.org
62    142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net
securepubads.g.doubleclick.net
pagead2.googlesyndication.com
pubads.g.doubleclick.net
2    142.250.186.104 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f8.1e100.net
www.googletagmanager.com
2    104.20.219.77 (None, )

ASN13335 (CLOUDFLARENET, US)
www.statcounter.com
c.statcounter.com
7    152.199.21.70 (United States)

ASN15133 (EDGECAST, US)
delivery.adrecover.com
cdn.adpushup.com
41    151.101.193.44 (United States)

ASN54113 (FASTLY, US)
cdn.taboola.com
trc.taboola.com
images.taboola.com
imprammp.taboola.com
wf.taboola.com
vidstat.taboola.com
vidstatb.taboola.com
2    162.210.196.208 (Lanham, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
ads.aralego.com
3    172.67.71.254 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.aralego.net
2    151.101.2.137 (United States)

ASN54113 (FASTLY, US)
code.jquery.com
3    178.250.1.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
10    141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)
trc-events.taboola.com
am-match.taboola.com
sync.taboola.com
am-vid-events.taboola.com
am-wf.taboola.com
3    216.239.32.36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
3    142.250.185.225 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f1.1e100.net
e8dcf410f0bc838e0d9790e74ac3cf4b.safeframe.googlesyndication.com
b6b8a151ac2a3038939ef9cb3e6a97ce.safeframe.googlesyndication.com
24    185.132.133.134 (Naaldwijk, Netherlands)

ASN49981 (WORLDSTREAM, NL)
PTR: 185-132-133-134.hosted-by-worldstream.net
ad.vidverto.io
5    172.217.18.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s22-in-f2.1e100.net
www.googletagservices.com
5    3.233.156.160 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-233-156-160.compute-1.amazonaws.com
http-intake.logs.datadoghq.com
11    23.97.225.52 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
e3.adpushup.com
4    151.101.129.44 (United States)

ASN54113 (FASTLY, US)
vidstat.taboola.com
pips.taboola.com
19    185.106.33.48 (Israel)

ASN200478 (TABOOLA-AS, IL)
il-trc-events.taboola.com
4    192.96.203.13 (Manassas, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
sync.aralego.com
1    104.16.88.20 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
15    104.22.68.131 (None, )

ASN13335 (CLOUDFLARENET, US)
prebid.smilewanted.com
csync.smilewanted.com
static.smilewanted.com
23    172.64.151.101 (United States)

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
dsum-sec.casalemedia.com
ssum-sec.casalemedia.com
r.casalemedia.com
2    69.173.144.137 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
prebid-server.rubiconproject.com
2    213.19.162.51 (United Kingdom)

ASN3356 (LEVEL3, US)
fastlane.rubiconproject.com
2    18.185.207.108 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-185-207-108.eu-central-1.compute.amazonaws.com
tlx.3lift.com
2    178.250.1.8 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
bidder.criteo.com
2    34.120.63.153 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 153.63.120.34.bc.googleusercontent.com
prebid.media.net
15    185.89.211.12 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com
secure.adnxs.com
3    52.19.228.53 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-19-228-53.eu-west-1.compute.amazonaws.com
hb-api.omnitagjs.com
visitor.omnitagjs.com
23    51.38.120.206 (Hessen, Germany)

ASN16276 (OVH, FR)
PTR: ip206.ip-51-38-120.eu
onetag-sys.com
4    35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com
rtb.openx.net
20    52.212.105.38 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-212-105-38.eu-west-1.compute.amazonaws.com
ads.servenobid.com
2    18.197.219.206 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-197-219-206.eu-central-1.compute.amazonaws.com
grid.bidswitch.net
8    184.30.21.51 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-21-51.deploy.static.akamaitechnologies.com
a.teads.tv
5    91.228.74.244 (United Kingdom)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
pixel.quantserve.com
cms.quantserve.com
5    142.250.185.202 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f10.1e100.net
imasdk.googleapis.com
1    51.83.220.94 (France)

ASN16276 (OVH, FR)
PTR: app-ngx-pl-03.adpartner.pro
a4p.adpartner.pro
13    3.65.51.143 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-65-51-143.eu-central-1.compute.amazonaws.com
x.bidswitch.net
3    185.180.223.221 (Naaldwijk, Netherlands)

ASN49981 (WORLDSTREAM, NL)
PTR: 185-180-223-221.hosted-by-worldstream.net
ad.vidver.to
ad.mox.tv
2    172.217.23.106 (United States)

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f106.1e100.net
fonts.googleapis.com
3    23.56.202.187 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-56-202-187.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
12    184.30.22.30 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-22-30.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
11    52.17.168.131 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-168-131.eu-west-1.compute.amazonaws.com
pr-bh.ybp.yahoo.com
20    35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
6    185.29.132.241 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
1    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel-eu.rubiconproject.com
2    154.54.250.150 (Saint-Denis, France)

ASN26558 (FREEWHEEL, US)
ads.stickyadstv.com
19    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
47    142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net
cm.g.doubleclick.net
16    185.86.139.93 (France)

ASN201081 (SMARTADSERVER, FR)
ssbsync-global.smartadserver.com
ssbsync.smartadserver.com
rtb-csync.smartadserver.com
sync.smartadserver.com
7    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
id.rlcdn.com
idsync.rlcdn.com
9    209.54.182.161 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
39    198.47.127.18 (United States)

ASN3257 (GTT-BACKBONE GTT, US)
image8.pubmatic.com
16    198.47.127.205 (United States)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
15    3.75.62.37 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-75-62-37.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
3    54.229.235.73 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-229-235-73.eu-west-1.compute.amazonaws.com
ad.360yield.com
ice.360yield.com
7    216.58.212.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s46-in-f2.1e100.net
googleads.g.doubleclick.net
35    142.250.185.166 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f6.1e100.net
s0.2mdn.net
18    142.250.186.97 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f1.1e100.net
tpc.googlesyndication.com
3    142.250.185.132 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f4.1e100.net
www.google.com
1    18.66.97.31 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-31.fra56.r.cloudfront.net
rules.quantcount.com
5    216.52.2.30 (United States)

ASN30282 (AS-INAPCDN-OCY, US)
ap.lijit.com
1    13.32.27.65 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-65.fra56.r.cloudfront.net
s.ad.smaato.net
10    46.228.174.117 (United Kingdom)

ASN56396 (AMOBEE, GB)
sync.1rx.io
sync.targeting.unrulymedia.com
1    18.202.39.242 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-202-39-242.eu-west-1.compute.amazonaws.com
ads.yieldmo.com
2    211.120.53.206 (Japan)

ASN4694 (IDCF IDC Frontier Inc., JP)
tg.socdm.com
3    87.250.250.90 (Russian Federation)

ASN208398 (TELETECH, RS)
PTR: bs.yandex.ru
an.yandex.ru
1    167.235.184.171 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.171.184.235.167.clients.your-server.de
inv-nets.admixer.net
9    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
2    52.6.176.132 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-6-176-132.compute-1.amazonaws.com
1x1.a-mo.net
2    178.250.1.3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
1    141.226.224.32 (United States)

ASN200478 (TABOOLA-AS, IL)
cds.taboola.com
6    52.95.118.179 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
1    13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
8    34.252.177.198 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-252-177-198.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
2    52.73.179.168 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-73-179-168.compute-1.amazonaws.com
sync.ipredictive.com
2    216.52.2.39 (United States)

ASN32475 (SINGLEHOP-LLC, US)
ce.lijit.com
1    13.32.99.20 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-20.fra60.r.cloudfront.net
live.primis.tech
1    23.48.23.44 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-48-23-44.deploy.static.akamaitechnologies.com
hb.yahoo.net
3    52.28.38.5 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-38-5.eu-central-1.compute.amazonaws.com
match.sharethrough.com
5    175.110.113.214 (Naaldwijk, Netherlands)

ASN49981 (WORLDSTREAM, NL)
PTR: 175-110-113-214.hosted-by-worldstream.net
cdn.vidverto.io
8    37.157.2.228 (Denmark)

ASN198622 (ADFORM, DK)
track.adform.net
1    213.19.162.37 (United Kingdom)

ASN26667 (RUBICONPROJECT, US)
beacon-ams3.rubiconproject.com
2    142.250.181.227 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f3.1e100.net
fonts.gstatic.com
8    35.244.159.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.159.244.35.bc.googleusercontent.com
us-u.openx.net
adpushup-d.openx.net
eu-u.openx.net
u.openx.net
3    13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
1    151.101.1.108 (United States)

ASN54113 (FASTLY, US)
acdn.adnxs.com
3    147.75.84.158 (Amsterdam, Netherlands)

ASN54825 (PACKET, US)
prebid.a-mo.net
2    172.64.149.180 (United States)

ASN13335 (CLOUDFLARENET, US)
js-sec.indexww.com
cdn.indexww.com
1    184.30.20.22 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-20-22.deploy.static.akamaitechnologies.com
contextual.media.net
1    13.32.27.7 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-7.fra56.r.cloudfront.net
public.servenobid.com
6    172.217.26.227 (United States)

ASN15169 (GOOGLE, US)
PTR: bom05s09-in-f3.1e100.net
csi.gstatic.com
4    37.157.6.234 (Denmark)

ASN198622 (ADFORM, DK)
s1.adform.net
1    185.84.60.20 (Denmark)

ASN198622 (ADFORM, DK)
adx3.adform.net
20    2.18.161.51 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-161-51.deploy.static.akamaitechnologies.com
t2.teads.tv
t.teads.tv
2    18.203.132.178 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-203-132-178.eu-west-1.compute.amazonaws.com
g2.gumgum.com
rtb.gumgum.com
4    23.35.236.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-201.deploy.static.akamaitechnologies.com
ads.pubmatic.com
7    18.66.112.58 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-58.fra56.r.cloudfront.net
cs-rtb.minutemedia-prebid.com
3    44.198.128.71 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-198-128-71.compute-1.amazonaws.com
cs-server-s2s.yellowblue.io
4    46.228.164.11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
3    193.0.160.130 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
1    69.166.1.35 (United States)

ASN27630 (AS-XFERNET, US)
sync.go.sonobi.com
3    54.87.176.184 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-87-176-184.compute-1.amazonaws.com
ssp.disqus.com
3    208.93.169.131 (United States)

ASN46244 (WEBMD-IDC1-AS, US)
bh.contextweb.com
1    8.2.110.114 (United States)

ASN46636 (NATCOWEB, US)
us.ck-ie.com
1    2.18.160.23 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-160-23.deploy.static.akamaitechnologies.com
hbx.media.net
5    172.217.18.6 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s22-in-f6.1e100.net
ad.doubleclick.net
4    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
us-u.openx.net
u.openx.net
13    37.157.4.28 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
dmp.adform.net
4    3.214.253.15 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-214-253-15.compute-1.amazonaws.com
i.liadm.com
2    107.178.254.65 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 65.254.178.107.bc.googleusercontent.com
pippio.com
5    35.204.74.118 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 118.74.204.35.bc.googleusercontent.com
um.simpli.fi
1    3.216.57.210 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-216-57-210.compute-1.amazonaws.com
rtb.adentifi.com
4    98.98.134.243 (United States)

ASN21859 (ZEN-ECN, US)
pixel-sync.sitescout.com
5    54.194.65.19 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-65-19.eu-west-1.compute.amazonaws.com
sync.crwdcntrl.net
2    34.111.113.62 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com
pixel.tapad.com
1    45.137.176.88 (France)

ASN60350 (VP, FR)
sync.adotmob.com
7    50.31.142.95 (Hickory Hills, United States)

ASN23352 (SERVERCENTRAL, US)
PTR: chi.outbrain.com
b1sync.zemanta.com
3    35.214.186.3 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 3.186.214.35.bc.googleusercontent.com
csync.loopme.me
16    2.16.97.41 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-16-97-41.deploy.static.akamaitechnologies.com
sync.teads.tv
s8t.teads.tv
14    34.247.233.198 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
usersync.gumgum.com
2    35.210.239.72 (Brussels, Belgium)

ASN15169 (GOOGLE, US)
PTR: 72.239.210.35.bc.googleusercontent.com
u.ipw.metadsp.co.uk
3    54.165.29.149 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-165-29-149.compute-1.amazonaws.com
sync.srv.stackadapt.com
1    169.197.150.8 (United States)

ASN398989 (DEEPINTENT, US)
PTR: g.deepintent.com
match.deepintent.com
4    198.47.127.19 (United States)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
1    54.171.40.33 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-171-40-33.eu-west-1.compute.amazonaws.com
cs.yellowblue.io
1    18.245.60.57 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-60-57.fra60.r.cloudfront.net
sdk.streamrail.com
4    178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
1    54.78.254.47 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-78-254-47.eu-west-1.compute.amazonaws.com
loadm.exelator.com
1    69.192.160.219 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a69-192-160-219.deploy.static.akamaitechnologies.com
tags.bluekai.com
1    18.203.198.173 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-203-198-173.eu-west-1.compute.amazonaws.com
aa.agkn.com
1    54.72.15.103 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-72-15-103.eu-west-1.compute.amazonaws.com
beacon.krxd.net
2    52.31.127.110 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-31-127-110.eu-west-1.compute.amazonaws.com
sync.springserve.com
1    37.157.2.229 (Denmark)

ASN198622 (ADFORM, DK)
cm.adform.net
4    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
creativecdn.com
1    8.43.72.97 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel-us-east.rubiconproject.com
29    185.64.191.210 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
9    185.64.190.81 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
simage4.pubmatic.com
2    85.114.159.118 (Loerrach, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
2    31.172.81.159 (Germany)

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)
sync.bumlam.com
2    82.145.213.8 (Norway)

ASN39832 (NO-OPERA, NO)
PTR: n-sysadmin-jumpbox-03.feednews.opera.technology
t.adx.opera.com
2    64.95.96.108 (Amsterdam, Netherlands)

ASN32475 (SINGLEHOP-LLC, US)
cm.adgrx.com
3    151.101.66.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
3    213.155.156.181 (Sweden)

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
d5p.de17a.com
2    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
ipac.ctnsnet.com
2    195.5.165.20 (Slovenia)

ASN44968 (IPROM-AS, SI)
core.iprom.net
2    34.111.129.221 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 221.129.111.34.bc.googleusercontent.com
cr.frontend.weborama.fr
4    34.246.239.231 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-246-239-231.eu-west-1.compute.amazonaws.com
a.audrte.com
4    64.158.223.137 (Amsterdam, Netherlands)

ASN41041 (VCLK-EU-SE, US)
PTR: ams02-nessy-float1.dotomi.com
pubmatic-match.dotomi.com
2    188.166.17.21 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
match.adsby.bidtheatre.com
1    154.59.122.79 (Schiphol, Netherlands)

ASN174 (COGENT-174, US)
ums.acuityplatform.com
3    104.17.202.110 (None, )

ASN13335 (CLOUDFLARENET, US)
c.bannerflow.net
1    3.127.123.183 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-127-123-183.eu-central-1.compute.amazonaws.com
sonata-notifications.taptapnetworks.com
2    104.18.25.173 (None, )

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
1    141.94.240.143 (France)

ASN16276 (OVH, FR)
PTR: bixel-9.cloudy.ovh
green.erne.co
2    141.94.170.77 (France)

ASN16276 (OVH, FR)
PTR: pikafka-eu-6.cloudy.ovh
pixel-eu.onaudience.com
1    162.55.120.196 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.196.120.55.162.clients.your-server.de
matching.truffle.bid
3    104.22.25.87 (None, )

ASN13335 (CLOUDFLARENET, US)
mwzeom.zeotap.com
spl.zeotap.com
2    77.243.51.121 (Denmark)

ASN42697 (NETIC-AS, DK)
uipglob.semasio.net
2    15.235.15.221 (Canada)

ASN16276 (OVH, FR)
PTR: pikafka-us-3.cloudy.ovh
pixel.onaudience.com
1    34.102.253.54 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 54.253.102.34.bc.googleusercontent.com
ads.playground.xyz
Apex Domain
Subdomains		 Transfer
101 pubmatic.com
image8.pubmatic.com — Cisco Umbrella Rank: 662
image2.pubmatic.com — Cisco Umbrella Rank: 924
ads.pubmatic.com — Cisco Umbrella Rank: 534
image6.pubmatic.com — Cisco Umbrella Rank: 823
simage2.pubmatic.com — Cisco Umbrella Rank: 843
image4.pubmatic.com — Cisco Umbrella Rank: 1184
simage4.pubmatic.com — Cisco Umbrella Rank: 1289
64 KB
83 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196
cm.g.doubleclick.net — Cisco Umbrella Rank: 245
googleads.g.doubleclick.net — Cisco Umbrella Rank: 33
pubads.g.doubleclick.net — Cisco Umbrella Rank: 401
ad.doubleclick.net — Cisco Umbrella Rank: 154
486 KB
75 taboola.com
cdn.taboola.com — Cisco Umbrella Rank: 1136
trc.taboola.com — Cisco Umbrella Rank: 705
trc-events.taboola.com — Cisco Umbrella Rank: 2170
vidstat.taboola.com — Cisco Umbrella Rank: 3029
il-trc-events.taboola.com — Cisco Umbrella Rank: 20251
images.taboola.com — Cisco Umbrella Rank: 1923
imprammp.taboola.com — Cisco Umbrella Rank: 15442
am-match.taboola.com — Cisco Umbrella Rank: 15833
wf.taboola.com — Cisco Umbrella Rank: 3148
sync.taboola.com — Cisco Umbrella Rank: 1322
pips.taboola.com — Cisco Umbrella Rank: 1694
am-vid-events.taboola.com — Cisco Umbrella Rank: 15082
cds.taboola.com — Cisco Umbrella Rank: 1933
vidstatb.taboola.com — Cisco Umbrella Rank: 5039
am-wf.taboola.com — Cisco Umbrella Rank: 17326
1 MB
59 googlesyndication.com
e8dcf410f0bc838e0d9790e74ac3cf4b.safeframe.googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 97
tpc.googlesyndication.com — Cisco Umbrella Rank: 149
b6b8a151ac2a3038939ef9cb3e6a97ce.safeframe.googlesyndication.com
708 KB
50 rubiconproject.com
prebid-server.rubiconproject.com — Cisco Umbrella Rank: 776
fastlane.rubiconproject.com — Cisco Umbrella Rank: 513
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 969
eus.rubiconproject.com — Cisco Umbrella Rank: 602
pixel-eu.rubiconproject.com — Cisco Umbrella Rank: 2394
pixel.rubiconproject.com — Cisco Umbrella Rank: 376
token.rubiconproject.com — Cisco Umbrella Rank: 458
beacon-ams3.rubiconproject.com — Cisco Umbrella Rank: 10151
pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 1156
108 KB
44 teads.tv
a.teads.tv — Cisco Umbrella Rank: 1462
t2.teads.tv — Cisco Umbrella Rank: 25995
t.teads.tv — Cisco Umbrella Rank: 2845
sync.teads.tv — Cisco Umbrella Rank: 1403
s8t.teads.tv — Cisco Umbrella Rank: 5510
431 KB
35 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 300
937 KB
29 vidverto.io
ad.vidverto.io — Cisco Umbrella Rank: 30159
cdn.vidverto.io — Cisco Umbrella Rank: 40183
425 KB
27 adform.net
track.adform.net — Cisco Umbrella Rank: 4256
s1.adform.net — Cisco Umbrella Rank: 9253
adx3.adform.net — Cisco Umbrella Rank: 59130
c1.adform.net — Cisco Umbrella Rank: 599
cm.adform.net — Cisco Umbrella Rank: 1267
dmp.adform.net — Cisco Umbrella Rank: 3509
88 KB
26 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 492
ups.analytics.yahoo.com — Cisco Umbrella Rank: 327
9 KB
23 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 746
22 KB
23 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 511
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 625
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 486
r.casalemedia.com — Cisco Umbrella Rank: 1699
15 KB
21 servenobid.com
ads.servenobid.com — Cisco Umbrella Rank: 2437
public.servenobid.com — Cisco Umbrella Rank: 5174
11 KB
20 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 353
3 KB
16 gumgum.com
g2.gumgum.com — Cisco Umbrella Rank: 1591
usersync.gumgum.com — Cisco Umbrella Rank: 2098
rtb.gumgum.com — Cisco Umbrella Rank: 1589
5 KB
16 smartadserver.com
ssbsync-global.smartadserver.com — Cisco Umbrella Rank: 1511
ssbsync.smartadserver.com — Cisco Umbrella Rank: 774
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 733
sync.smartadserver.com — Cisco Umbrella Rank: 1330
5 KB
16 openx.net
rtb.openx.net — Cisco Umbrella Rank: 695
us-u.openx.net — Cisco Umbrella Rank: 522
adpushup-d.openx.net — Cisco Umbrella Rank: 26550
eu-u.openx.net — Cisco Umbrella Rank: 2753
u.openx.net — Cisco Umbrella Rank: 659
3 KB
16 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 246
acdn.adnxs.com — Cisco Umbrella Rank: 609
secure.adnxs.com — Cisco Umbrella Rank: 495
28 KB
16 adpushup.com
cdn.adpushup.com — Cisco Umbrella Rank: 16569
e3.adpushup.com — Cisco Umbrella Rank: 19508
304 KB
15 amazon-adsystem.com
s.amazon-adsystem.com — Cisco Umbrella Rank: 310
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 890
10 KB
15 bidswitch.net
grid.bidswitch.net — Cisco Umbrella Rank: 1165
x.bidswitch.net — Cisco Umbrella Rank: 351
5 KB
15 smilewanted.com
prebid.smilewanted.com — Cisco Umbrella Rank: 5524
csync.smilewanted.com — Cisco Umbrella Rank: 2822
static.smilewanted.com — Cisco Umbrella Rank: 9244
20 KB
9 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 454
bidder.criteo.com — Cisco Umbrella Rank: 757
dis.criteo.com — Cisco Umbrella Rank: 597
3 KB
8 gstatic.com
fonts.gstatic.com
csi.gstatic.com
38 KB
8 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 573
4 KB
7 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 580
3 KB
7 minutemedia-prebid.com
cs-rtb.minutemedia-prebid.com — Cisco Umbrella Rank: 5267
4 KB
7 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 567
4 KB
7 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 683
ce.lijit.com — Cisco Umbrella Rank: 882
3 KB
7 rlcdn.com
id.rlcdn.com — Cisco Umbrella Rank: 728
idsync.rlcdn.com — Cisco Umbrella Rank: 415
519 B
7 googleapis.com
imasdk.googleapis.com — Cisco Umbrella Rank: 447
fonts.googleapis.com — Cisco Umbrella Rank: 31
977 KB
6 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 1372
3 KB
6 aralego.com
ads.aralego.com — Cisco Umbrella Rank: 30610
sync.aralego.com — Cisco Umbrella Rank: 3112
3 KB
5 crwdcntrl.net
sync.crwdcntrl.net — Cisco Umbrella Rank: 865
2 KB
5 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 795
2 KB
5 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 1245
pixel.quantserve.com — Cisco Umbrella Rank: 964
cms.quantserve.com — Cisco Umbrella Rank: 764
11 KB
5 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 572
eb2.3lift.com — Cisco Umbrella Rank: 417
2 KB
5 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 751 Failed
1x1.a-mo.net — Cisco Umbrella Rank: 2785
317 B
5 datadoghq.com
http-intake.logs.datadoghq.com — Cisco Umbrella Rank: 8487
1 KB
5 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 212
321 KB
4 onaudience.com
pixel-eu.onaudience.com — Cisco Umbrella Rank: 19303
pixel.onaudience.com — Cisco Umbrella Rank: 3239
2 KB
4 dotomi.com
pubmatic-match.dotomi.com — Cisco Umbrella Rank: 3483
1 KB
4 audrte.com
a.audrte.com — Cisco Umbrella Rank: 2810
3 KB
4 creativecdn.com
creativecdn.com — Cisco Umbrella Rank: 592
1 KB
4 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 726
3 KB
4 liadm.com
i.liadm.com — Cisco Umbrella Rank: 539
2 KB
4 turn.com
ad.turn.com — Cisco Umbrella Rank: 851
2 KB
4 yellowblue.io
cs-server-s2s.yellowblue.io — Cisco Umbrella Rank: 2460
cs.yellowblue.io — Cisco Umbrella Rank: 1590
2 KB
4 media.net
prebid.media.net — Cisco Umbrella Rank: 1335
contextual.media.net — Cisco Umbrella Rank: 691
hbx.media.net — Cisco Umbrella Rank: 1337
12 KB
4 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 406
90 KB
3 zeotap.com
mwzeom.zeotap.com — Cisco Umbrella Rank: 3222
spl.zeotap.com — Cisco Umbrella Rank: 3274
1 KB
3 bannerflow.net
c.bannerflow.net — Cisco Umbrella Rank: 8923
42 KB
3 de17a.com
d5p.de17a.com — Cisco Umbrella Rank: 4905
782 B
3 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 709
941 B
3 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 689
3 KB
3 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 940
743 B
3 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 547
3 KB
3 disqus.com
ssp.disqus.com — Cisco Umbrella Rank: 1439
1 KB
3 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 868
2 KB
3 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 559
103 B
3 yandex.ru
an.yandex.ru — Cisco Umbrella Rank: 5085
979 B
3 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1268
1 KB
3 google.com
www.google.com — Cisco Umbrella Rank: 2
2 KB
3 360yield.com
ad.360yield.com — Cisco Umbrella Rank: 781
ice.360yield.com — Cisco Umbrella Rank: 2116
1 KB
3 omnitagjs.com
hb-api.omnitagjs.com — Cisco Umbrella Rank: 3481
visitor.omnitagjs.com — Cisco Umbrella Rank: 799
1 KB
3 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2462
350 B
3 aralego.net
cdn.aralego.net — Cisco Umbrella Rank: 15951
41 KB
2 semasio.net
uipglob.semasio.net — Cisco Umbrella Rank: 1222
1 KB
2 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 860
s.tribalfusion.com — Cisco Umbrella Rank: 2311
1 KB
2 bidtheatre.com
match.adsby.bidtheatre.com — Cisco Umbrella Rank: 2242
1 KB
2 weborama.fr
cr.frontend.weborama.fr — Cisco Umbrella Rank: 24983
497 B
2 iprom.net
core.iprom.net — Cisco Umbrella Rank: 6074
556 B
2 ctnsnet.com
ipac.ctnsnet.com — Cisco Umbrella Rank: 5723
670 B
2 adgrx.com
cm.adgrx.com — Cisco Umbrella Rank: 1392
565 B
2 opera.com
t.adx.opera.com — Cisco Umbrella Rank: 1397
1 KB
2 bumlam.com
sync.bumlam.com — Cisco Umbrella Rank: 3997
1 KB
2 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1533
1 KB
2 springserve.com
sync.springserve.com — Cisco Umbrella Rank: 3340
411 B
2 metadsp.co.uk
u.ipw.metadsp.co.uk — Cisco Umbrella Rank: 5190
909 B
2 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 487
1 KB
2 pippio.com
pippio.com — Cisco Umbrella Rank: 988
140 B
2 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 674
cdn.indexww.com — Cisco Umbrella Rank: 1531
2 KB
2 ipredictive.com
sync.ipredictive.com — Cisco Umbrella Rank: 909
958 B
2 criteo.net
static.criteo.net — Cisco Umbrella Rank: 668
60 KB
2 socdm.com
tg.socdm.com — Cisco Umbrella Rank: 1208
2 KB
2 mox.tv
ad.mox.tv — Cisco Umbrella Rank: 42792
302 B
2 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 566
1 KB
2 jquery.com
code.jquery.com — Cisco Umbrella Rank: 762
60 KB
2 adrecover.com
delivery.adrecover.com — Cisco Umbrella Rank: 27295
11 KB
2 statcounter.com
www.statcounter.com — Cisco Umbrella Rank: 15116
c.statcounter.com — Cisco Umbrella Rank: 9937
15 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 35
179 KB
1 playground.xyz
ads.playground.xyz — Cisco Umbrella Rank: 4089
260 B
1 truffle.bid
matching.truffle.bid — Cisco Umbrella Rank: 6588
1 erne.co
green.erne.co — Cisco Umbrella Rank: 31191
412 B
1 taptapnetworks.com
sonata-notifications.taptapnetworks.com — Cisco Umbrella Rank: 6560
347 B
1 acuityplatform.com
ums.acuityplatform.com — Cisco Umbrella Rank: 1309
684 B
1 krxd.net
beacon.krxd.net — Cisco Umbrella Rank: 758
338 B
1 agkn.com
aa.agkn.com — Cisco Umbrella Rank: 560
499 B
1 bluekai.com
tags.bluekai.com — Cisco Umbrella Rank: 685
485 B
1 exelator.com
loadm.exelator.com — Cisco Umbrella Rank: 1743
324 B
1 streamrail.com
sdk.streamrail.com — Cisco Umbrella Rank: 4860
18 KB
1 deepintent.com
match.deepintent.com — Cisco Umbrella Rank: 1055
44 B
1 adotmob.com
sync.adotmob.com — Cisco Umbrella Rank: 1578
680 B
1 adentifi.com
rtb.adentifi.com — Cisco Umbrella Rank: 1218
287 B
1 ck-ie.com
us.ck-ie.com — Cisco Umbrella Rank: 3060
696 B
1 sonobi.com
sync.go.sonobi.com — Cisco Umbrella Rank: 931
623 B
1 yahoo.net
hb.yahoo.net — Cisco Umbrella Rank: 938
315 B
1 primis.tech
live.primis.tech — Cisco Umbrella Rank: 1458
525 B
1 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 377
864 B
1 admixer.net
inv-nets.admixer.net — Cisco Umbrella Rank: 2430
262 B
1 yieldmo.com
ads.yieldmo.com — Cisco Umbrella Rank: 657
596 B
1 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 716
432 B
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 1212
643 B
1 vidver.to
ad.vidver.to — Cisco Umbrella Rank: 53225
155 B
1 adpartner.pro
a4p.adpartner.pro — Cisco Umbrella Rank: 10367
258 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 335
2 KB
1 bg3.co
www.bg3.co
static.bg3.co Failed
16 KB
0 gammaplatform.com Failed
cm-supply-web.gammaplatform.com Failed
0 mrtnsvr.com Failed
ad.mrtnsvr.com Failed
0 redintelligence.net Failed
hal9000.redintelligence.net Failed
0 adkernel.com Failed
sync.adkernel.com Failed
714 121
Domain Requested by
47 cm.g.doubleclick.net 22 redirects onetag-sys.com
googleads.g.doubleclick.net
e8dcf410f0bc838e0d9790e74ac3cf4b.safeframe.googlesyndication.com
eus.rubiconproject.com
adpushup-d.openx.net
ssbsync.smartadserver.com
sync.teads.tv
g2.gumgum.com
www.bg3.co
39 image8.pubmatic.com 21 redirects ads.pubmatic.com
38 pagead2.googlesyndication.com ads.aralego.com
www.bg3.co
pagead2.googlesyndication.com
imasdk.googleapis.com
tpc.googlesyndication.com
securepubads.g.doubleclick.net
googleads.g.doubleclick.net
s0.2mdn.net
www.googletagservices.com
35 s0.2mdn.net www.bg3.co
s0.2mdn.net
imasdk.googleapis.com
29 simage2.pubmatic.com 23 redirects ads.pubmatic.com
24 ad.vidverto.io www.bg3.co
ad.vidverto.io
imasdk.googleapis.com
23 onetag-sys.com 8 redirects cdn.adpushup.com
ad.vidverto.io
onetag-sys.com
public.servenobid.com
20 match.adsrvr.org www.bg3.co
onetag-sys.com
imprammp.taboola.com
am-match.taboola.com
e8dcf410f0bc838e0d9790e74ac3cf4b.safeframe.googlesyndication.com
eus.rubiconproject.com
cdn.adpushup.com
adpushup-d.openx.net
ssum-sec.casalemedia.com
sync.teads.tv
g2.gumgum.com
ads.pubmatic.com
20 ads.servenobid.com cdn.adpushup.com
public.servenobid.com
ssum-sec.casalemedia.com
ssbsync.smartadserver.com
onetag-sys.com
g2.gumgum.com
cs-server-s2s.yellowblue.io
cs-rtb.minutemedia-prebid.com
eus.rubiconproject.com
ads.pubmatic.com
19 pixel.rubiconproject.com 11 redirects onetag-sys.com
eus.rubiconproject.com
19 il-trc-events.taboola.com www.bg3.co
cdn.taboola.com
18 tpc.googlesyndication.com www.bg3.co
e8dcf410f0bc838e0d9790e74ac3cf4b.safeframe.googlesyndication.com
tpc.googlesyndication.com
googleads.g.doubleclick.net
securepubads.g.doubleclick.net
s0.2mdn.net
pagead2.googlesyndication.com
imasdk.googleapis.com
16 image2.pubmatic.com 12 redirects ads.pubmatic.com
16 images.taboola.com www.bg3.co
16 securepubads.g.doubleclick.net www.bg3.co
securepubads.g.doubleclick.net
www.googletagservices.com
cdn.aralego.net
15 ups.analytics.yahoo.com 12 redirects am-match.taboola.com
onetag-sys.com
15 cdn.taboola.com www.bg3.co
cdn.taboola.com
14 usersync.gumgum.com g2.gumgum.com
eus.rubiconproject.com
ads.pubmatic.com
14 sync.teads.tv 6 redirects a.teads.tv
sync.teads.tv
14 t2.teads.tv www.bg3.co
13 x.bidswitch.net 12 redirects imprammp.taboola.com
12 c1.adform.net 11 redirects ads.pubmatic.com
12 csync.smilewanted.com cdn.adpushup.com
csync.smilewanted.com
ads.pubmatic.com
12 dsum-sec.casalemedia.com 3 redirects googleads.g.doubleclick.net
ssum-sec.casalemedia.com
12 eus.rubiconproject.com ads.aralego.com
am-match.taboola.com
eus.rubiconproject.com
cdn.adpushup.com
public.servenobid.com
www.bg3.co
g2.gumgum.com
12 ib.adnxs.com 6 redirects cdn.adpushup.com
eus.rubiconproject.com
googleads.g.doubleclick.net
acdn.adnxs.com
11 pr-bh.ybp.yahoo.com 8 redirects ssum-sec.casalemedia.com
ads.pubmatic.com
11 e3.adpushup.com www.bg3.co
9 token.rubiconproject.com 5 redirects eus.rubiconproject.com
9 s.amazon-adsystem.com 2 redirects onetag-sys.com
eus.rubiconproject.com
ssum-sec.casalemedia.com
8 pubads.g.doubleclick.net imasdk.googleapis.com
8 track.adform.net 1 redirects www.bg3.co
s1.adform.net
8 match.prod.bidr.io 8 redirects
8 a.teads.tv cdn.adpushup.com
a.teads.tv
7 b1sync.zemanta.com 7 redirects
7 rtb-csync.smartadserver.com 3 redirects public.servenobid.com
ssbsync.smartadserver.com
7 cs-rtb.minutemedia-prebid.com public.servenobid.com
cs-rtb.minutemedia-prebid.com
7 us-u.openx.net 4 redirects googleads.g.doubleclick.net
adpushup-d.openx.net
7 sync.1rx.io 7 redirects
7 googleads.g.doubleclick.net www.bg3.co
pagead2.googlesyndication.com
googleads.g.doubleclick.net
6 image4.pubmatic.com ads.pubmatic.com
6 t.teads.tv www.bg3.co
6 csi.gstatic.com imasdk.googleapis.com
6 aax-eu.amazon-adsystem.com 2 redirects eus.rubiconproject.com
adpushup-d.openx.net
ads.pubmatic.com
6 sync.mathtag.com onetag-sys.com
ads.pubmatic.com
5 sync.crwdcntrl.net 4 redirects ads.pubmatic.com
5 um.simpli.fi 3 redirects cs-server-s2s.yellowblue.io
ads.pubmatic.com
5 ad.doubleclick.net 2 redirects googleads.g.doubleclick.net
www.bg3.co
5 ssum-sec.casalemedia.com 1 redirects public.servenobid.com
js-sec.indexww.com
ssum-sec.casalemedia.com
5 cdn.vidverto.io www.bg3.co
5 ap.lijit.com 2 redirects public.servenobid.com
cs-rtb.minutemedia-prebid.com
csync.smilewanted.com
5 imasdk.googleapis.com ad.vidverto.io
imasdk.googleapis.com
5 htlb.casalemedia.com cdn.adpushup.com
5 vidstat.taboola.com cdn.taboola.com
vidstat.taboola.com
5 http-intake.logs.datadoghq.com cdn.adpushup.com
5 www.googletagservices.com securepubads.g.doubleclick.net
www.bg3.co
googleads.g.doubleclick.net
5 cdn.adpushup.com www.bg3.co
cdn.adpushup.com
4 pubmatic-match.dotomi.com 4 redirects
4 a.audrte.com 3 redirects ads.pubmatic.com
4 creativecdn.com 4 redirects
4 dis.criteo.com 4 redirects
4 image6.pubmatic.com ads.pubmatic.com
4 pixel-sync.sitescout.com 4 redirects
4 i.liadm.com 4 redirects
4 ad.turn.com 4 redirects
4 ads.pubmatic.com public.servenobid.com
csync.smilewanted.com
g2.gumgum.com
ads.pubmatic.com
4 ssbsync.smartadserver.com 3 redirects public.servenobid.com
4 s1.adform.net track.adform.net
s1.adform.net
www.bg3.co
4 id.rlcdn.com onetag-sys.com
4 rtb.openx.net cdn.adpushup.com
4 sync.aralego.com 3 redirects ads.aralego.com
4 trc.taboola.com cdn.taboola.com
4 cdn.ampproject.org www.bg3.co
cdn.ampproject.org
3 simage4.pubmatic.com ads.pubmatic.com
3 c.bannerflow.net www.bg3.co
c.bannerflow.net
3 d5p.de17a.com 3 redirects
3 sync-tm.everesttech.net 1 redirects ads.pubmatic.com
3 idsync.rlcdn.com 2 redirects sync.teads.tv
3 sync.srv.stackadapt.com 3 redirects
3 csync.loopme.me 3 redirects
3 secure.adnxs.com 3 redirects
3 am-wf.taboola.com vidstat.taboola.com
3 cms.quantserve.com 3 redirects
3 bh.contextweb.com 3 redirects
3 ssp.disqus.com 3 redirects
3 p.rfihub.com 3 redirects
3 cs-server-s2s.yellowblue.io public.servenobid.com
ads.pubmatic.com
3 eb2.3lift.com 2 redirects cdn.adpushup.com
3 match.sharethrough.com eus.rubiconproject.com
public.servenobid.com
cs-server-s2s.yellowblue.io
3 an.yandex.ru 2 redirects e8dcf410f0bc838e0d9790e74ac3cf4b.safeframe.googlesyndication.com
3 sync.targeting.unrulymedia.com 2 redirects e8dcf410f0bc838e0d9790e74ac3cf4b.safeframe.googlesyndication.com
3 sync.taboola.com imprammp.taboola.com
am-match.taboola.com
3 www.google.com www.bg3.co
tpc.googlesyndication.com
3 ssbsync-global.smartadserver.com 1 redirects onetag-sys.com
3 secure-assets.rubiconproject.com 3 redirects
3 prebid.a-mo.net cdn.adpushup.com
3 region1.google-analytics.com www.googletagmanager.com
3 gum.criteo.com cdn.taboola.com
cdn.adpushup.com
3 cdn.aralego.net www.bg3.co
ads.aralego.com
2 pixel.onaudience.com 2 redirects
2 uipglob.semasio.net 1 redirects ads.pubmatic.com
2 mwzeom.zeotap.com ads.pubmatic.com
2 pixel-eu.onaudience.com 2 redirects
2 match.adsby.bidtheatre.com 2 redirects
2 cr.frontend.weborama.fr 1 redirects ads.pubmatic.com
2 core.iprom.net ads.pubmatic.com
2 ipac.ctnsnet.com ads.pubmatic.com
2 cm.adgrx.com ads.pubmatic.com
2 t.adx.opera.com 2 redirects
2 sync.bumlam.com 2 redirects
2 dsp.adfarm1.adition.com 2 redirects
2 sync.springserve.com sync.teads.tv
2 sync.smartadserver.com 2 redirects
2 u.openx.net 2 redirects
2 u.ipw.metadsp.co.uk 2 redirects
2 s8t.teads.tv www.bg3.co
2 pixel.tapad.com 2 redirects
2 pippio.com ssum-sec.casalemedia.com
2 adpushup-d.openx.net 1 redirects cdn.adpushup.com
2 fonts.gstatic.com ad.vidverto.io
2 ce.lijit.com 1 redirects eus.rubiconproject.com
2 sync.ipredictive.com 2 redirects
2 static.criteo.net cdn.adpushup.com
static.criteo.net
2 1x1.a-mo.net www.bg3.co
2 tg.socdm.com 2 redirects
2 wf.taboola.com vidstat.taboola.com
2 am-match.taboola.com vidstat.taboola.com
2 ad.mox.tv 1 redirects onetag-sys.com
2 ad.360yield.com 2 redirects
2 ads.stickyadstv.com 2 redirects
2 fonts.googleapis.com cdn.taboola.com
e8dcf410f0bc838e0d9790e74ac3cf4b.safeframe.googlesyndication.com
2 grid.bidswitch.net cdn.adpushup.com
2 hb-api.omnitagjs.com cdn.adpushup.com
2 prebid.media.net cdn.adpushup.com
2 bidder.criteo.com cdn.adpushup.com
2 tlx.3lift.com cdn.adpushup.com
2 fastlane.rubiconproject.com cdn.adpushup.com
2 prebid-server.rubiconproject.com cdn.adpushup.com
2 prebid.smilewanted.com cdn.adpushup.com
2 e8dcf410f0bc838e0d9790e74ac3cf4b.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 code.jquery.com cdn.adpushup.com
delivery.adrecover.com
2 ads.aralego.com 1 redirects ads.aralego.com
2 delivery.adrecover.com www.bg3.co
2 www.googletagmanager.com www.bg3.co
www.googletagmanager.com
1 ads.playground.xyz ads.pubmatic.com
1 spl.zeotap.com 1 redirects
1 matching.truffle.bid ads.pubmatic.com
1 green.erne.co 1 redirects
1 s.tribalfusion.com ads.pubmatic.com
1 a.tribalfusion.com 1 redirects
1 sonata-notifications.taptapnetworks.com 1 redirects
1 ums.acuityplatform.com 1 redirects
1 dmp.adform.net 1 redirects
1 pixel-us-east.rubiconproject.com 1 redirects
1 rtb.gumgum.com g2.gumgum.com
1 cm.adform.net 1 redirects
1 beacon.krxd.net sync.teads.tv
1 aa.agkn.com sync.teads.tv
1 tags.bluekai.com sync.teads.tv
1 loadm.exelator.com sync.teads.tv
1 ice.360yield.com 1 redirects
1 sdk.streamrail.com cs-server-s2s.yellowblue.io
1 visitor.omnitagjs.com 1 redirects
1 cs.yellowblue.io cs-server-s2s.yellowblue.io
1 match.deepintent.com g2.gumgum.com
1 cdn.indexww.com ssum-sec.casalemedia.com
1 sync.adotmob.com 1 redirects
1 r.casalemedia.com ssum-sec.casalemedia.com
1 rtb.adentifi.com ssum-sec.casalemedia.com
1 eu-u.openx.net adpushup-d.openx.net
1 hbx.media.net 1 redirects
1 us.ck-ie.com 1 redirects
1 sync.go.sonobi.com 1 redirects
1 g2.gumgum.com public.servenobid.com
1 adx3.adform.net imasdk.googleapis.com
1 static.smilewanted.com csync.smilewanted.com
1 public.servenobid.com cdn.adpushup.com
1 contextual.media.net cdn.adpushup.com
1 js-sec.indexww.com cdn.adpushup.com
1 acdn.adnxs.com cdn.adpushup.com
1 beacon-ams3.rubiconproject.com www.bg3.co
1 b6b8a151ac2a3038939ef9cb3e6a97ce.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 hb.yahoo.net eus.rubiconproject.com
1 live.primis.tech eus.rubiconproject.com
1 px.ads.linkedin.com eus.rubiconproject.com
1 vidstatb.taboola.com www.bg3.co
1 cds.taboola.com cdn.taboola.com
1 pixel.quantserve.com www.bg3.co
1 am-vid-events.taboola.com www.bg3.co
1 pips.taboola.com cdn.taboola.com
1 inv-nets.admixer.net ad.vidverto.io
1 ads.yieldmo.com 1 redirects
1 s.ad.smaato.net 1 redirects
1 rules.quantcount.com secure.quantserve.com
1 imprammp.taboola.com vidstat.taboola.com
1 pixel-eu.rubiconproject.com 1 redirects
1 ad.vidver.to www.bg3.co
1 a4p.adpartner.pro 1 redirects
1 secure.quantserve.com cdn.adpushup.com
1 cdn.jsdelivr.net cdn.adpushup.com
1 trc-events.taboola.com cdn.taboola.com
1 c.statcounter.com www.statcounter.com
1 www.statcounter.com www.bg3.co
1 www.bg3.co
0 cm-supply-web.gammaplatform.com Failed ads.pubmatic.com
0 ad.mrtnsvr.com Failed ads.pubmatic.com
0 hal9000.redintelligence.net Failed googleads.g.doubleclick.net
0 sync.adkernel.com Failed public.servenobid.com
0 static.bg3.co Failed www.bg3.co
714 209
Subject Issuer Validity Valid
*.bg3.co
AlphaSSL CA - SHA256 - G4		 2023-05-22 -
2024-06-22		 a year crt.sh
misc-sni.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
statcounter.com
Sectigo RSA Domain Validation Secure Server CA		 2022-11-24 -
2023-12-24		 a year crt.sh
*.adpushup.com
GeoTrust TLS RSA CA G1		 2023-08-11 -
2024-07-12		 a year crt.sh
*.taboola.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-23 -
2024-11-22		 a year crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2023-07-11 -
2024-07-14		 a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-26 -
2023-12-23		 3 months crt.sh
ad.vidverto.io
R3		 2023-09-24 -
2023-12-23		 3 months crt.sh
*.logs.datadoghq.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-03-22 -
2024-03-22		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-04-18 -
2024-04-17		 a year crt.sh
*.aralego.com
Sectigo RSA Domain Validation Secure Server CA		 2023-11-09 -
2024-12-09		 a year crt.sh
casalemedia.com
Cloudflare Inc ECC CA-3		 2023-05-21 -
2024-05-20		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-05 -
2024-04-03		 a year crt.sh
*.3lift.com
Amazon RSA 2048 M02		 2023-04-13 -
2024-05-11		 a year crt.sh
prebid.media.net
GTS CA 1D4		 2023-10-28 -
2024-01-26		 3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
omnitagjs.com
Sectigo RSA Domain Validation Secure Server CA		 2023-06-23 -
2024-07-22		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-28 -
2024-01-28		 a year crt.sh
*.openx.net
RapidSSL TLS RSA CA G1		 2023-08-18 -
2024-08-18		 a year crt.sh
ads.servenobid.com
Amazon RSA 2048 M01		 2023-04-29 -
2024-05-27		 a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2023-03-23 -
2024-03-23		 a year crt.sh
teads.tv
R3		 2023-11-03 -
2024-02-01		 3 months crt.sh
quantserve.com
R3		 2023-10-28 -
2024-01-26		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.mathtag.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-03-30 -
2024-04-29		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2023-02-02 -
2024-03-03		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.admixer.net
Sectigo ECC Domain Validation Secure Server CA		 2022-11-21 -
2023-12-22		 a year crt.sh
*.a-mo.net
Amazon RSA 2048 M02		 2023-07-11 -
2024-08-07		 a year crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-09 -
2024-01-06		 3 months crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-08-03 -
2024-01-24		 6 months crt.sh
cdn.vidverto.io
R3		 2023-09-23 -
2023-12-22		 3 months crt.sh
track.adform.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-06 -
2024-09-19		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1		 2023-03-27 -
2024-04-26		 a year crt.sh
indexww.com
Cloudflare Inc ECC CA-3		 2023-09-05 -
2024-09-03		 a year crt.sh
*.media.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-10 -
2024-02-18		 a year crt.sh
*.servenobid.com
Amazon RSA 2048 M02		 2023-02-21 -
2024-02-05		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-21 -
2024-01-23		 a year crt.sh
*.adform.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-05-25 -
2024-06-18		 a year crt.sh
ie-ad-exch-prd-one-eks.prd.eks.ie.adexchange.gumgum.com
Amazon RSA 2048 M01		 2023-07-17 -
2024-08-14		 a year crt.sh
*.pubmatic.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-25 -
2024-01-24		 a year crt.sh
*.minutemedia-prebid.com
Amazon RSA 2048 M01		 2023-05-01 -
2024-05-29		 a year crt.sh
*.yellowblue.io
Amazon ECDSA 256 M02		 2023-04-18 -
2024-05-16		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2023-05-06 -
2024-05-04		 a year crt.sh
*.sharethrough.com
Amazon RSA 2048 M01		 2023-06-14 -
2024-07-12		 a year crt.sh
aax-eu.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-06-21 -
2024-03-02		 8 months crt.sh
s.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-03 -
2024-02-19		 a year crt.sh
adentifi.com
Amazon RSA 2048 M01		 2023-07-06 -
2024-08-03		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-08-29 -
2024-02-21		 6 months crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2022-11-30 -
2024-01-01		 a year crt.sh
streamrail.com
Amazon RSA 2048 M02		 2023-04-12 -
2024-05-11		 a year crt.sh
*.exelator.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-05-29 -
2024-06-11		 a year crt.sh
odc-pixel-prod-01.oracle.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-07 -
2024-02-08		 a year crt.sh
*.agkn.com
RapidSSL Global TLS RSA4096 SHA256 2022 CA1		 2023-09-07 -
2024-09-29		 a year crt.sh
beacon.krxd.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-04-14 -
2024-04-12		 a year crt.sh
*.ad-server.k8s.ie.ggops.com
Amazon RSA 2048 M02		 2023-02-08 -
2024-02-15		 a year crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA		 2023-03-03 -
2024-03-31		 a year crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-08-11 -
2024-09-11		 a year crt.sh
*.ctnsnet.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-13 -
2024-11-10		 a year crt.sh
*.iprom.net
R3		 2023-11-13 -
2024-02-11		 3 months crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M02		 2023-10-08 -
2024-11-06		 a year crt.sh
*.simpli.fi
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-11-07 -
2024-12-07		 a year crt.sh
truffle.bid
R3		 2023-10-24 -
2024-01-22		 3 months crt.sh
ads.playground.xyz
GTS CA 1D4		 2023-10-04 -
2024-01-02		 3 months crt.sh

This page contains 135 frames:

Primary Page: https://www.bg3.co/a/huang-zi-jiao-xia-biao-zao-qu-xiao-ding-dan-bei-mai-jia-yao-qiu-zhong-ding-yi-kan-jie-qian-zhang-5bei-zhen-de-you-dian-guo-huo.html
Frame ID: 0EC5D2277CF68F9C9D74FE0AD1301F14
Requests: 220 HTTP requests in this frame

Frame: https://e8dcf410f0bc838e0d9790e74ac3cf4b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 74FE0338A3C35362F17E46648B925A40
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuNvs3V5aPKsBlOnWUJadUmUjJ8VerAVXpr-c_3pyOTJlJfC44GW3z3mOWhOOuMHrf_rQweCBM64ze77ifmLNW2NhZ45UOkyjGgo_hilnrSWRPwGswphW6OdwHDgt6DpCGjOS3hpuSjVcKK7yBX8qPgId_FfOTulg3vLagfoY3y6a9QQWBKg5yPmBVSpowfRq9pO1TKPA8f2FBGPyYirN1pXZIjfMnQYm2zQV3faIp-8jalmpdXWyKVwpQU4djwT93oOQusOFDL6u5fQV9OiPeXhbUr1pg6mW3bcaYXq-7p5hA6BQ36yZvrbR1jJ3eIzq4eXw&sai=AMfl-YTGy5AmaD-Jt72NRARATxXWR7CGd1632zW33EGjLrQlJ-IKARp62Ul1YjCj2sEhbkWBvLJGFbfoZaRXKrW7yvHxTdF1OzxZc5aJcomeuoliFFWfA-y1WChMk77rq9aV2spP1K2a7qI_5LhINdHRV-Vq&sig=Cg0ArKJSzAvENLghww7VEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: DB92B66E60E2229479DD11085539DB0F
Requests: 4 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=
Frame ID: 97CCF5F984309C0997D1D0ECF773CB10
Requests: 16 HTTP requests in this frame

Frame: https://e8dcf410f0bc838e0d9790e74ac3cf4b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 172CE3348612AC72B6EA4801DC010ABB
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: BA369B23A2D57B3A94661CF4A5F90DD4
Requests: 6 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Frame ID: AA6E0C91C396A9F3763ED08F082981B4
Requests: 7 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=adiiix
Frame ID: 3C81A2870B2BF3064CE4AAE9EA5E71D6
Requests: 20 HTTP requests in this frame

Frame: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8uHkCLAbkc88eGz07IxPI5549Nnp2Ri4AAABgYID-AImtPDaTazlYyxymjVu0MhnXwt3MtFatJr7JarUaLmwLIyCxlcdmci0Ha5nDtHGLVibjWribmdaq1cQ3Wa1Ww4VtYQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AaBmGg6HT7XvV73-90lPs9c4_cr_ELXw-5zS59uqdPhdwufDrfE6fC7pQ-_W_F6C58Ov1vktPvcIofdLXE53WqH0y11OtzKh9-teLre0qPf7nOLnHafW_l0ax12t9TpciueDrtbenTYfW7VxOV0S48uu1vkciv_rrfI6bC7da6_W-j624Wmt9kOAAAAAB78____QwAAAACIAAAAACABAAAAgEJAhX8LAhcAAAAAMPz___9rAHjmkPA20-Vp97ns_gAAAAAAAgAAAIAEAAL6YQmAGOO9E___________MQboM29k_P___98w6AHw4APgQQgAAMDHkC2spwusCtVZIgWwRRgBAAAAkC3GvzgySSeoWFT5___vtwJwBQAgYPFaGkw8i-6gxFsYAAAAgTEL9LD4_WaHXeN3u8z_________v5n_M_9ohHp64tIA9cORqvkFBABY8wsIAMBG3RTMvRmAE3QIWjEYrE5AzA4AAADAnf___389IOPczQwL12hhcjgHG5tvNFptRhbPxGPYmHyrzXJ7NrRYxyAB6ND7bAjL7PcdFJTT02N2GWQsl8kgPmgYlpNBMD8TthitJpPNcjhbLiaD4Wg4Gu2PAC4HaCIGy-VkspjsVqPVaDPcjWaDBRKIwQRRtGgwWY1Gk8VkuBpNVrPlYrfbIIpWrWajzWC4mk1mu91qOBguRyM0YYvRajLZLIez5WIyGI6Go9EQwZDNY9yshiO3yLWbuEWTxcSt3M0sbo1ps1iNNjaXb-Jai14f08c0841cDi8SDPDci-RpkU4UG8NwtxoMJhaTZeSbbHazkWVk2ngGC5tvNhhOJmKJ5mSRTmSXfce5mxkWrtHC5HAONjbfaLTajCyeicewMflWm-W-ZPMYN6vhyC1y7SZu0WQxcSt3M4tbY9osVqONzeWbuNai18f0Mc18I5fD39gNBovNZLkb7Bu7wWCxmSx3g32HzvBdfc5GZVkl-ei0ffNiW645DQqXweJ9qU_nYcFYkE47R6fM4XgWdUa_3-_3-_1-v9_vN2g9B7NB4Xse_sLpY3kuh7PRg9hgUMQSwUU6ETzMbofp5Zb4PBu_RSxRmi7SiV7hF7oedp9b-nRLnQ6_W_h0uCVOh98tffjditdb-HT43SKn3ecWOexuicvpVjucbqnT4VY-_G7F0_WWHv12n1vktPvcyqdb67C7pU6XW_F02N3So8Puc6smLqdbenTZ3SKXW_l3vUVOh92tc_3dQtffLjS9zRaxRHC6SCeil_F0Uf-RQ-yGc8VyN5eMhnPJZpUAAAAAAAAAACzBNNNNAAAAAJwMargZLlbrdDCT2WSwWy0XwEVQli5gEAAAAAAAgGKNPdYAD7PbYXq5JT7Pxm9lABLMecw2-4wg1mq1rAEAAAhgAwAACOCmG28CwaO4_____3EAAABk5NADAACg3weEFbBe6IErxa8gFoPdav8AVIi1Wq1uN9ZqtQIWyHIx2E3g____Pw!&cmcv=&pix=undefined&cb=1700132973292&uv=3358&tms=1700132973292&abt=adxsub-out_vA!adxsub-out_vB!tbt_player!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=6ecfd590-fa4c-4ed8-87f4-55b725558a6a&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Frame ID: 22F17F89B96FACF8B7A1D1319733DD52
Requests: 4 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V8uHkCLAbkc88eGz07IxPI5549Nnp2Ri4AAABgYID-AImtPDaTazlYyxymjVu0MhnXwt3MtFatJr7JarUaLmwLIyCxlcdmci0Ha5nDtHGLVibjWribmdaq1cQ3Wa1Ww4VtYQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AaBmGg6HT7XvV73-90lPs9c4_cr_ELXw-5zS59uqdPhdwufDrfE6fC7pQ-_W_F6C58Ov1vktPvcIofdLXE53WqH0y11OtzKh9-teLre0qPf7nOLnHafW_l0ax12t9TpciueDrtbenTYfW7VxOV0S48uu1vkciv_rrfI6bC7da6_W-j624Wmt9kOAAAAAB78____QwAAAACIAAAAACABAAAAgEJAhX8LAhcAAAAAMPz___9rAHjmkPA20-Vp97ns_gAAAAAAAgAAAIAEAAL6YQmAGOO9E___________MQboM29k_P___98w6AHw4APgQQgAAMDHkC2spwusCtVZIgWwRRgBAAAAkC3GvzgySSeoWFT5___vtwJwBQAgYPFaGkw8i-6gxFsYAAAAgTEL9LD4_WaHXeN3u8z_________v5n_M_9ohHp64tIA9cORqvkFBABY8wsIAMBG3RTMvRmAE3QIWjEYrE5AzA4AAADAnf___389IOPczQwL12hhcjgHG5tvNFptRhbPxGPYmHyrzXJ7NrRYxyAB6ND7bAjL7PcdFJTT02N2GWQsl8kgPmgYlpNBMD8TthitJpPNcjhbLiaD4Wg4Gu2PAC4HaCIGy-VkspjsVqPVaDPcjWaDBRKIwQRRtGgwWY1Gk8VkuBpNVrPlYrfbIIpWrWajzWC4mk1mu91qOBguRyM0YYvRajLZLIez5WIyGI6Go9EQwZDNY9yshiO3yLWbuEWTxcSt3M0sbo1ps1iNNjaXb-Jai14f08c0841cDi8SDPDci-RpkU4UG8NwtxoMJhaTZeSbbHazkWVk2ngGC5tvNhhOJmKJ5mSRTmSXfce5mxkWrtHC5HAONjbfaLTajCyeicewMflWm-W-ZPMYN6vhyC1y7SZu0WQxcSt3M4tbY9osVqONzeWbuNai18f0Mc18I5fD39gNBovNZLkb7Bu7wWCxmSx3g32HzvBdfc5GZVkl-ei0ffNiW645DQqXweJ9qU_nYcFYkE47R6fM4XgWdUa_3-_3-_1-v9_vN2g9B7NB4Xse_sLpY3kuh7PRg9hgUMQSwUU6ETzMbofp5Zb4PBu_RSxRmi7SiV7hF7oedp9b-nRLnQ6_W_h0uCVOh98tffjditdb-HT43SKn3ecWOexuicvpVjucbqnT4VY-_G7F0_WWHv12n1vktPvcyqdb67C7pU6XW_F02N3So8Puc6smLqdbenTZ3SKXW_l3vUVOh92tc_3dQtffLjS9zRaxRHC6SCeil_F0Uf-RQ-yGc8VyN5eMhnPJZpUAAAAAAAAAACzBNNNNAAAAAJwMargZLlbrdDCT2WSwWy0XwEVQli5gEAAAAAAAgGKNPdYAD7PbYXq5JT7Pxm9lABLMecw2-4wg1mq1rAEAAAhgAwAACOCmG28CwaO4_____3EAAABk5NADAACg3weEFbBe6IErxa8gFoPdav8AVIi1Wq1uN9ZqtQIWyHIx2E3g____Pw!&excid=22&docw=0&cijs=1&nlb=false
Frame ID: 0BF419996ED3BF4EEA3AD90DC5A52D2B
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJjjZhDYrrgBGL3T2PsBMAE&v=APEucNVe7ho--LeymVHSbAqk9WczmQzMLIQeZPqpPm78UULAeel5cJwHeSSgqcEbu68Ut4kZXHPoqU39CICcoUt7qBF5fyfrsQ
Frame ID: 3CE3DC3B5CDE37C40E1F1134B8DADB95
Requests: 4 HTTP requests in this frame

Frame: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Frame ID: 04C1AEF65B48E600E16ADB0D7421B7E5
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 8961562CE9AD818EB3FC6666138A8D62
Requests: 9 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Frame ID: F432DAC2B122A74FA1AA0176095E6AA6
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/2994967784453244426/index.html?e=69&leftOffset=0&topOffset=0&c=V0csK58Cww&t=1&renderingType=2&ev=01_250
Frame ID: 29EA50463877B2C0A49F405548492C86
Requests: 35 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 340F172DA9ED9220987C18E9893B0C7E
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/zrt_lookup_fy2021.html
Frame ID: 46923903235A4A07CCB5489DDE25B935
Requests: 1 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V8uHkCLAbkc88eGz07IxPI5549Nnp2Ri4AAABgYID-AImtPDaTazlYyxymjVu0MhnXwt3MtFatJr7JarUaLmwLIyCxlcdmci0Ha5nDtHGLVibjWribmdaq1cQ3Wa1Ww4VtYQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AaBmGg6HT7XvV73-90lPs9c4_cr_ELXw-5zS59uqdPhdwufDrfE6fC7pQ-_W_F6C58Ov1vktPvcIofdLXE53WqH0y11OtzKh9-teLre0qPf7nOLnHafW_l0ax12t9TpciueDrtbenTYfW7VxOV0S48uu1vkciv_rrfI6bC7da6_W-j624Wmt9kOAAAAAB78____QwAAAACIAAAAACABAAAAgEJAhX8LAhcAAAAAMPz___9rAHjmkPA20-Vp97ns_gAAAAAAAgAAAIAEAAL6YQmAGOO9E___________MQboM29k_P___98w6AHw4APgQQgAAMDHkC2spwusCtVZIgWwRRgBAAAAkC3GvzgySSeoWFT5___vtwJwBQAgYPFaGkw8i-6gxFsYAAAAgTEL9LD4_WaHXeN3u8z_________v5n_M_9ohHp64tIA9cORqvkFBABY8wsIAMBG3RTMvRmAE3QIWjEYrE5AzA4AAADAnf___389IOPczQwL12hhcjgHG5tvNFptRhbPxGPYmHyrzXJ7NrRYxyAB6ND7bAjL7PcdFJTT02N2GWQsl8kgPmgYlpNBMD8TthitJpPNcjhbLiaD4Wg4Gu2PAC4HaCIGy-VkspjsVqPVaDPcjWaDBRKIwQRRtGgwWY1Gk8VkuBpNVrPlYrfbIIpWrWajzWC4mk1mu91qOBguRyM0YYvRajLZLIez5WIyGI6Go9EQwZDNY9yshiO3yLWbuEWTxcSt3M0sbo1ps1iNNjaXb-Jai14f08c0841cDi8SDPDci-RpkU4UG8NwtxoMJhaTZeSbbHazkWVk2ngGC5tvNhhOJmKJ5mSRTmSXfce5mxkWrtHC5HAONjbfaLTajCyeicewMflWm-W-ZPMYN6vhyC1y7SZu0WQxcSt3M4tbY9osVqONzeWbuNai18f0Mc18I5fD39gNBovNZLkb7Bu7wWCxmSx3g32HzvBdfc5GZVkl-ei0ffNiW645DQqXweJ9qU_nYcFYkE47R6fM4XgWdUa_3-_3-_1-v9_vN2g9B7NB4Xse_sLpY3kuh7PRg9hgUMQSwUU6ETzMbofp5Zb4PBu_RSxRmi7SiV7hF7oedp9b-nRLnQ6_W_h0uCVOh98tffjditdb-HT43SKn3ecWOexuicvpVjucbqnT4VY-_G7F0_WWHv12n1vktPvcyqdb67C7pU6XW_F02N3So8Puc6smLqdbenTZ3SKXW_l3vUVOh92tc_3dQtffLjS9zRaxRHC6SCeil_F0Uf-RQ-yGc8VyN5eMhnPJZpUAAAAAAAAAACzBNNNNAAAAAJwMargZLlbrdDCT2WSwWy0XwEVQli5gEAAAAAAAgGKNPdYAD7PbYXq5JT7Pxm9lABLMecw2-4wg1mq1rAEAAAhgAwAACOCmG28CwaO4_____3EAAABk5NADAACg3weEFbBe6IErxa8gFoPdav8AVIi1Wq1uN9ZqtQIWyHIx2E3g____Pw!&excid=22&docw=0&cijs=1&nlb=false
Frame ID: D31B0D4FA8085DBCFDAC797F510C77B9
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301107&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1700132976&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhuang-zi-jiao-xia-biao-zao-qu-xiao-ding-dan-bei-mai-jia-yao-qiu-zhong-ding-yi-kan-jie-qian-zhang-5bei-zhen-de-you-dian-guo-huo.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700132973992&bpp=941&bdt=1668&idt=2920&shv=r20231109&mjsv=m202311090101&ptt=5&saldr=sd&cookie=ID%3Db41398bdaa9909b2%3AT%3D1700132970%3ART%3D1700132970%3AS%3DALNI_MY9TDWl_IAj-r6iD6RW7pCAt1wm8w&gpic=UID%3D00000cc9e0085334%3AT%3D1700132970%3ART%3D1700132970%3AS%3DALNI_MaGHGq4gTOIhiQ9EJVN50HJyw1Ixg&correlator=1789034463196&frm=23&ife=1&pv=2&ga_vid=1685989450.1700132971&ga_sid=1700132977&ga_hid=279756116&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1544&biw=1600&bih=1200&isw=336&ish=280&ifk=904434799&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31078301%2C44807763%2C44808148%2C44808285%2C44809055%2C31079698&oid=2&pvsid=2215057882865319&tmod=1229521688&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.139s2rqhl1tc&btvi=1&fsb=1&dtd=2965
Frame ID: 3623C5C952652AB332EC4C89EA9549BD
Requests: 15 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Frame ID: 4FA77BBABC650EDAA3AE68D8B59B2182
Requests: 24 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 3F2BDBEEC1BB1B83C06A6EF001D09703
Requests: 1 HTTP requests in this frame

Frame: https://b6b8a151ac2a3038939ef9cb3e6a97ce.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 314ACE742C0B48CDE6635B8783E84E13
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuA4pTC5p6n4nmBB9MYPZi7_Q5YzfesLCe2Ywl2k2dfvK3q5EKveYG-ktfOEgXOJR7UY3LD0wJao3nejzgcAEf4dlv3cHe3kwOxTEWr12TEnOXoT_q_zQQDmHnVauWA4TVsqT9PuR0nXD3YauVDo7Y6lWRR9e7TQnIfUUq593dZbg9B-tTjOMEj3EC8sOJ4kuFdoKrgwBFAlgoRLHL8KjPnYoWtL2RruPutrqJkVROqCoSQJe53wLjyJKFMQnl_QXaJpuv3yTz7Umm7D9NEVHOqcWVdiY8EFzdNNU99j3K5pk3m3Wox17W8JUx4whD3rMastQ81HAEQsdiNOKSQhPQjpYM26wLU&sai=AMfl-YQYkDvnaH2r3YUbrVzWAKdR8uHQ0ecLX-BRAPsf1RL1dDoNtxEKIrBqY36o3wEa8XDrfpCEmrwovu9a3SGW0bONvjcrbOO5uQgFhQwsDOhFbe0wLKf9vnkKgSBpYvY&sig=Cg0ArKJSzNvkxr9iQSiBEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: AE1700419C9F160489B96ADDECEFEDD4
Requests: 19 HTTP requests in this frame

Frame: https://a.teads.tv/hb/ad/a47ef0db-25e0-4f94-81af-19922be34ec7_86b8abf0-5054-4ede-94d0-97be783571fe
Frame ID: 3EBEC1CD20C5EAB43D4F2E1F9E248884
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxiXwojGATAB&v=APEucNX40iiXE3SCuivYyCcrpHw6S1B9z7U2b5uX792MZpLwRD1rkdT6-Yjd9X8dyjTpqCWxO2syRbxxQMxU9UrabKQo0VsmiQ
Frame ID: D49780DE262B12173007FFF651691091
Requests: 5 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstFQQZ97nfIOm3J3Dv1RhXKxVqwpbq-UWncR2osS9HvjwV2M4Xo50hrGudunfFYVw2nfsTB7WR5EdPcvmoVI0oPgIaXAv5xS-rNEAmU2el_qRR2v3GNdgmxQdhZoDeHGGn-rISyWnnvqqcF0zkPco9zXYe89jj9phY2lQzPKeOcSeLT19Fk2_oQtq97jdtmFeiYMz_azdkAS2jWvrZqUajMme3HNy9XLbf1llV7xl1jYmIh-aU1Wp0VXVH7MgsPECJ24va4xDA8qYKXU9FA7NUZkfEsI2sY4JMpqpZcrrF6Q_yFvAAuCuOw7LydYhDr6OsKpHy91kq6zpOA4yEbFswgi_fGOi_Y&sai=AMfl-YS0kJv32kGShwyc1-tkpG_ESIxMin7nYu27GnWtl3uh42tR-GDq-wVtUOQlTcu7sqPo5pI8Js4H7iG-GzRRURJBaO1ZPOsHMnVPzJiT5ZYk-hf3v6LndtROLSzWaAM&sig=Cg0ArKJSzHtxSmAkJ5VREAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 9326BFC094646032DCD188F82E0E7706
Requests: 15 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: 74A015858360F04E3C99F29DCB861269
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: DB2F293F2D575376610A9703F43D50E3
Requests: 3 HTTP requests in this frame

Frame: https://prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=&gpp=&gpp_sid=
Frame ID: 50B36F1849C5A5D95885DCFC605C361F
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 67EFEA9D53B1DDF9E18AFD6F3893BB46
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: E24BAD8DC670BB99387E03FA985772D7
Requests: 2 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C2045%2C3012%2C2043%2C2040%2C244%2C2039%2C3007%2C246%2C4%2C203%2C446%2C9%2C2055%2C2099%2C173%2C294%2C251%2C175%2C450%2C132%2C374%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C459%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C461%2C222%2C345%2C468%2C10000%2C80%2C108%2C229%2C307%2C508&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Frame ID: F3EB04155B473F4504E33F53ECF0851B
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/
Frame ID: 2E51B20987FD5A35E03CD9F37A9E459D
Requests: 2 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1700132973214
Frame ID: 021313083DB56E8F671D43637DCA5C94
Requests: 9 HTTP requests in this frame

Frame: https://public.servenobid.com/sync.html
Frame ID: 7367458C58CA311CC673FCB10EF48445
Requests: 13 HTTP requests in this frame

Frame: https://adpushup-d.openx.net/w/1.0/pd?cc=1
Frame ID: D89E26D9A7FD1A8BBA94B51D24644BAA
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 34899829101E9D6BE20DA5C95AC85977
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: C29AAAD87EAECB8631AF1D9D9414CA7B
Requests: 2 HTTP requests in this frame

Frame: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Frame ID: E34F075BC2EAD7790B18110BE53B9EAF
Requests: 12 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Frame ID: EEE2C49B750C4D0C1050B3B6CAA1E33A
Requests: 8 HTTP requests in this frame

Frame: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Frame ID: 06DDFAFD53B23756F03A0AB444A37E05
Requests: 6 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Frame ID: 60FB226D92FA8FF7C32274AAF058FD34
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Frame ID: 618720F963DF2D22EEDB49F0827FACCA
Requests: 4 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Frame ID: 598D6FA44C3B136BA04F1814D888587C
Requests: 28 HTTP requests in this frame

Frame: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Frame ID: 26F370509968E7AB28B48554846566BD
Requests: 9 HTTP requests in this frame

Frame: https://sync.adkernel.com/user-sync?zone=181225&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D152%26uid%3D%7BUID%7D&gdpr=0&gdpr_consent=&us_privacy=1YN-&
Frame ID: C7DEC092FDC77F559246991598F0A831
Requests: 1 HTTP requests in this frame

Frame: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Frame ID: 9E2162228C15BB0AB5C2C3DB2F9AA0A8
Requests: 5 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: B068DB389A497CB4EC1DD783CBD47D8D
Requests: 10 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1700132976870
Frame ID: CC497B65695D014AE23F149BB7338388
Requests: 9 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Frame ID: E59DE4164802F53C371FA63A7B17EAB8
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 5057FE39B0B8FAB4A6B1F4D9C1AE360E
Requests: 1 HTTP requests in this frame

Frame: https://sync.teads.tv/iframe?pid=169092&fromFormat=true&env=js-web&hb_provider=prebid&auctid=a47ef0db-25e0-4f94-81af-19922be34ec7_86b8abf0-5054-4ede-94d0-97be783571fe&viewerId=e749febd-847a-46f3-ae87-f65a1c76e7b9
Frame ID: D011452A0C7CA46346520F553A94CE80
Requests: 12 HTTP requests in this frame

Frame: https://s8t.teads.tv/creative-e7ab6051-78c6-11ee-b1b1-1b6012379357/performance-image-dco-facf32d3-740d-48bf-adf2-4048ed2453eb.jpg
Frame ID: 2A197B7DF4F5C3960263244BDDAA2537
Requests: 2 HTTP requests in this frame

Frame: https://csync.smilewanted.com/drop_cookie_sw.php
Frame ID: 7A666C1B423F5C23F9529BA2A174DFE5
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 98DA76844189C27CC21C1BDE328391DC
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&geo=eu&co=ch
Frame ID: 7C0F9EA194F2F366B553DE9E44AC34C4
Requests: 2 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/smart/1022322488938986752
Frame ID: C58696A8E08DF7143906D2ACCE593F3A
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/appnexus/500845215933131403
Frame ID: C2ADBBCAFEB8192012145D910C883E52
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
Frame ID: 1174B94A4CFF866DC04B146514702CE1
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/rubicon/LP139Y10-G-4X8A?gdpr=0
Frame ID: 42F0FF16A094DCDD89345BED212895F9
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Frame ID: 01739AE639FAA3F7E99F5DAE14A0290F
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: FFCFF89E4D0E624A15275F4CD3497C20
Requests: 7 HTTP requests in this frame

Frame: https://sdk.streamrail.com/favicon.ico?r=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11563%26id%3D&rid=[COOKIE_ID]
Frame ID: 5C4DEC8DF66150F8FC05C12BCCB0CC9B
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/improve/79fa1d23-cc90-49bd-ad79-8a4547142217&partner_id=1010
Frame ID: 323AB363EF9381E82ED1DECDF499F023
Requests: 1 HTTP requests in this frame

Frame: https://sync.teads.tv/iframe?pid=169092&fromFormat=true&env=js-web&hb_provider=prebid&auctid=a47ef0db-25e0-4f94-81af-19922be34ec7_41c71f8a-9c4e-493a-8dfc-1ddc38e617eb&viewerId=e749febd-847a-46f3-ae87-f65a1c76e7b9
Frame ID: EF499770AD86226B86AEF8EEBFDE206F
Requests: 7 HTTP requests in this frame

Frame: https://s8t.teads.tv/creative-5fadf0b0-6420-11ee-b7d4-e3f027d50924/performance-image-dco-81e6ea03-82fb-4931-8988-5cc9d350c476.jpg
Frame ID: 6CB41189372CE9AAC58DFE98D485D61B
Requests: 2 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/openx/ddf51c3f-d747-4f91-b259-06a127b1ffff
Frame ID: CD6DDA2F9C0168152DD7D4D432107A3E
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fsovrn%2F%24UID
Frame ID: 7550E0513BD63D67DDD02461142F2D64
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/adform/4296390461623842244
Frame ID: 39434AB680A1602AED7CD56FA82191BA
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/outbrain/?gdpr=0
Frame ID: 69945DF8E037D6F4DB2704151160F86F
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/hd2Il582vi81Knjdu8cF6ZhHuvG8HUJOPMwRGcWCirE?pi=smilewanted&tc=1
Frame ID: 7BFED5623B5B66BD9F483A281D0F2228
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=adf&i=4296390461623842244&gdpr=0&gdpr_consent=
Frame ID: 7230FFE4D109B719610CD8F2BDBC585A
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV85ZDcyNjE1NS1kY2U0LTRkN2YtYjUwYS00OTZhNGQ4NDM4YmM=&gdpr=0&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Frame ID: 56D218BF027A0DB8BEE747310B5CB6BC
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Frame ID: D3C0C5DE83EE57F12DCA6FFD84509218
Requests: 2 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
Frame ID: 434C547E35E21F650B50C1D98E9DE2B6
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=sus&i=ZVX4b8Co5uYAALLE.8MAAAAA
Frame ID: 5960441B94ED3743093A1905F0DE3228
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=rth&i=hd2Il582vi81Knjdu8cF6ZhHuvG8HUJOPMwRGcWCirE&pi=gumgum&tc=1
Frame ID: 9FCD4D76A84F7BA58754B4B42F787229
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: 1EE62EF026EA86069F8C5A01ADE25CBD
Requests: 4 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Frame ID: BEFB68F2D66D8955E5A91156772E7929
Requests: 6 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 1CBFB24EC9B6732132364ADC09920A7A
Requests: 1 HTTP requests in this frame

Frame: https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D
Frame ID: 59D87727FFAF05C8445D88C629AAF744
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=4296390461623842244
Frame ID: CBAEB9085DE4EF09726CEEEE791FA3CB
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=0C12FB58-4C26-466B-B2C8-B7995E65D171&redir=true&gdpr=0&gdpr_consent=
Frame ID: CFD1EB59770923C95AA9BF94FED5C3EE
Requests: 1 HTTP requests in this frame

Frame: https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=0C12FB58-4C26-466B-B2C8-B7995E65D171
Frame ID: 1A6E321CB55594CD3875C482DE683374
Requests: 1 HTTP requests in this frame

Frame: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-uPV3jMVE2uU5DIEWDxclBf340m5x81U-~A&gdpr=0
Frame ID: 3365AA06944A000156672BAD7FF23D8E
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=4296390461623842244
Frame ID: DD4C5D6EA24E17AB46AA184A6A790EF0
Requests: 1 HTTP requests in this frame

Frame: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-uPV3jMVE2uU5DIEWDxclBf340m5x81U-~A&gdpr=0
Frame ID: EC88B450AB466C1D6134E0047A6A621D
Requests: 1 HTTP requests in this frame

Frame: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-uPV3jMVE2uU5DIEWDxclBf340m5x81U-~A&gdpr=0
Frame ID: A655CBC891A0D189A55840BEA06ECC81
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPUebc8d0fe4a37436cb8740274a79f101d
Frame ID: CA45E4B7379BD3F6FB0E32AD506B712A
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAHXxE7Kq_EAABTv7sfYQQ&gdpr=0&gdpr_consent=
Frame ID: 9081E1FCDAA714C18D6B557C963379A1
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: 8B4E5C13322C2ADD1DDE8FBA34B98C8E
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZVX4dwAAD9xKHgBH
Frame ID: 2F78868AB1BECFCA46BCD34CE982A83E
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Frame ID: 488D91F17EC108F02B5BE0DB44C87C21
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=4296390461623842244
Frame ID: A360EFFC2AD7F1B53DA07762DF3D6B48
Requests: 1 HTTP requests in this frame

Frame: https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=0C12FB58-4C26-466B-B2C8-B7995E65D171
Frame ID: 200F7AEEF1D8A528A4732752EC340708
Requests: 1 HTTP requests in this frame

Frame: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Frame ID: A32B5F6FE2BCE891879AE62BCFDB5C55
Requests: 1 HTTP requests in this frame

Frame: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Frame ID: E2A0EC544D6E59D4EDF4E6143874261E
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Frame ID: AF1C5A85FBCA4967A5B1827D888FED17
Requests: 1 HTTP requests in this frame

Frame: https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent=
Frame ID: 8E73C13DCF2D3B7DBF4775B17122F44E
Requests: 1 HTTP requests in this frame

Frame: https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel
Frame ID: A8DA4DB43EEF27708A1B127438BBDA53
Requests: 1 HTTP requests in this frame

Frame: https://ads.servenobid.com/sync?pid=316&uid=0C12FB58-4C26-466B-B2C8-B7995E65D171
Frame ID: 713FD46E93EF336A3B52233D2B156B77
Requests: 1 HTTP requests in this frame

Frame: https://s1.adform.net/Banners/Elements/Files/2135726/13311274/13311274.js?ADFassetID=13311274&bv=257
Frame ID: 90EE851364D2A06B64E5EA4CA82FD26B
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 1BB007E9AFF186125A786D5347C9C5EE
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 36F2D06F681A86FCE9BB038C725E109E
Requests: 2 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=0C12FB58-4C26-466B-B2C8-B7995E65D171&gdpr=0&gdpr_consent=
Frame ID: 44E76EBA6AB70BB3C22027F1ED68B5C2
Requests: 1 HTTP requests in this frame

Frame: https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D
Frame ID: AC8ADC3357D11770CB52D1FA107FB5ED
Requests: 1 HTTP requests in this frame

Frame: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Frame ID: F9A90A540C3B960CEAD64E8FC0DC1CC6
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=0C12FB58-4C26-466B-B2C8-B7995E65D171&redir=true&gdpr=0&gdpr_consent=
Frame ID: F1080D9EBA903B58554CE6194C557A74
Requests: 1 HTTP requests in this frame

Frame: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Frame ID: F73B9DBFB28F91A4ED3751134A67899E
Requests: 1 HTTP requests in this frame

Frame: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Frame ID: ECF0321EC6A9F51859825D462416BAB3
Requests: 1 HTTP requests in this frame

Frame: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Frame ID: 0091B3C982788B37D76E4B1A728456DC
Requests: 1 HTTP requests in this frame

Frame: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Frame ID: 773DBD7B3BA58E988DE833D274AD3C1C
Requests: 1 HTTP requests in this frame

Frame: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Frame ID: 9762346F500D620788B826246250A801
Requests: 1 HTTP requests in this frame

Frame: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Frame ID: EBE0E1AC1D2A48293A07B7F65E0F7391
Requests: 1 HTTP requests in this frame

Frame: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Frame ID: 82702732F3954F488510A59C65C47A16
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: 15CFCC511CAD79D3BB65081C9F3EEE37
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=
Frame ID: D6B31A9151329521545007EE58A4FCC0
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Frame ID: 6B9485F567915097EFC7DB4C8A0EA884
Requests: 1 HTTP requests in this frame

Frame: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Frame ID: 5A6BF566AFA321E780EFA42D3F441D56
Requests: 1 HTTP requests in this frame

Frame: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Frame ID: D84BB184054BFAA992148E5E8447E7A9
Requests: 1 HTTP requests in this frame

Frame: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Frame ID: 60308CF232577B92E30D43D9433E7C43
Requests: 1 HTTP requests in this frame

Frame: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Frame ID: 2D1092C60ED96CED8EFDDCD161ABFF67
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Frame ID: C4C076BDA5002C442D10F8AADE36934C
Requests: 1 HTTP requests in this frame

Frame: https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent=
Frame ID: 201CFC2FD98E8914EFCB3B29BD4980D7
Requests: 1 HTTP requests in this frame

Frame: https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel
Frame ID: 48F5C2665632CB974A3E2D946BF16437
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 1865A03F5EB5F636C9630A3FC6D9A153
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=kODCF8PzngURhjbYhQQQVbbS&gdpr=0&gdpr_consent=
Frame ID: 5BC0D2B293AEA39FA0F8CC4F34BD4C76
Requests: 1 HTTP requests in this frame

Frame: https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Frame ID: 693B87A9302563192CE76F5FCF62BE1E
Requests: 1 HTTP requests in this frame

Frame: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Frame ID: B9D4286E5FE5B490DA2BBF44E698F8DD
Requests: 1 HTTP requests in this frame

Frame: https://ads.servenobid.com/sync?pid=316&uid=0C12FB58-4C26-466B-B2C8-B7995E65D171
Frame ID: 8971C63124EEB8444B5C3748ADEA531E
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=452515956
Frame ID: BE02B98A545C4AF0FA372AD980F5AFEA
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/pubmatic/0C12FB58-4C26-466B-B2C8-B7995E65D171
Frame ID: 19D29863A267524E65F17792A1520472
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=pbm&i=0C12FB58-4C26-466B-B2C8-B7995E65D171
Frame ID: F47D5FD32277F6CAC7788940E9A1416C
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/pubmatic/0C12FB58-4C26-466B-B2C8-B7995E65D171
Frame ID: 673AE52320E544B6DCA055E7DD391F7D
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=pbm&i=0C12FB58-4C26-466B-B2C8-B7995E65D171
Frame ID: 81775CFCC2BE0F7A00D0050BD7D68565
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

黃子佼下標遭取消訂單!被賣家要求重訂…一看價錢漲5倍:真的有點過火 - 天天要聞

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <[^>]+\sdata-v(?:ue)?-
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/pagead/show_ads\.js
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • lightbox(?:-plus-jquery)?.{0,32}\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • /prebid\.js
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • statcounter\.com/counter/counter
Overall confidence: 100%
Detected patterns
  • https?://an\.yandex\.ru/
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

714
Requests

78 %
HTTPS

0 %
IPv6

121
Domains

209
Subdomains

124
IPs

16
Countries

6780 kB
Transfer

20364 kB
Size

207
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 8
  • https://ads.aralego.com/sdk HTTP 301
  • https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Request Chain 117
  • https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fad.vidverto.io%2Fdelivery%2Fv2%2Fsync%3Fuserid%3D%7Buser_id%7D%26p_id%3D23 HTTP 302
  • https://ad.vidverto.io/delivery/v2/sync?userid=eb848c1b-cdc1-48fb-b186-57ac9bcafe30&p_id=23
Request Chain 118
  • https://x.bidswitch.net/sync?ssp=prodoohmox&user_id=4c4b5e78-4b85-4319-9c94-885ef85562d3&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=prodoohmox&user_id=4c4b5e78-4b85-4319-9c94-885ef85562d3&gdpr=0&gdpr_consent= HTTP 302
  • https://ad.vidver.to/delivery/v2/sync?userid=9fda2ccc-c830-446d-93e5-b2b049761564&p_id=15
Request Chain 136
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adiiix HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=adiiix
Request Chain 137
  • https://sync.aralego.com/idsync?euconsent-v2=${GDPR_CONSENT_607}& HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/ucfunnel/1d06a2b9-53cd-36ea-bdcb-8612e5fa2cc3?gdpr=0&euconsent= HTTP 302
  • https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-lDRzcWxE2oWxI855GN6GEaY4Ru3kR2UCUd7sSwU-~A&redirect= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
Request Chain 140
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=2&uid=LP139Y2T-26-72OR&gdpr=0
Request Chain 141
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D0%26gdpr_consent%3D%26uid%3D$UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fonetag-sys.com%252Fmatch%252F%253Fint_id%253D98%2526gdpr%253D0%2526gdpr_consent%253D%2526uid%253D%24UID HTTP 302
  • https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=500845215933131403
Request Chain 142
  • https://ads.stickyadstv.com/user-matching?id=3679&gdpr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=3&uid=b66f21b54857ce7ad1d8d01265367bc&gdpr_consent=&gdpr=0
Request Chain 144
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABi9fSau__StG33Teu3gVDe3_XPXsNlE-sVw
Request Chain 145
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid] HTTP 302
  • https://onetag-sys.com/match/?int_id=107&uid=1022322488938986752
Request Chain 147
  • https://onetag-sys.com/match/?int_id=113&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=mnDCyDbfnTRAUffBjESs9sowWjAW5HlICxSTsgEr1q8
Request Chain 148
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}%26uid%3D%23PMUID HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}%26uid%3D%23PMUID&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MEMxMkZCNTgtNEMyNi00NjZCLUIyQzgtQjc5OTVFNjVEMTcx&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=0C12FB58-4C26-466B-B2C8-B7995E65D171
Request Chain 149
  • https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm HTTP 302
  • https://onetag-sys.com/match/?int_id=106&google_gid=CAESEBr-d6rYF-De6p3kb2VjeJg&google_cver=1
Request Chain 150
  • https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=0&gdpr_consent= HTTP 302
  • https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=0&gdpr_consent=&verify=true HTTP 302
  • https://onetag-sys.com/match/?int_id=92&uid=y-QlZGW8ZE2uEqgB5Sr_CPzgRR4faYhIQU4BHHl5w-~A
Request Chain 152
  • https://x.bidswitch.net/sync?ssp=onetag&gdpr=0&gdpr_consent= HTTP 302
  • https://ad.360yield.com/server_match?partner_id=446&gdpr=0&gdpr_consent=&bidswitch_ssp_id=onetag&bsw_custom_parameter=9fda2ccc-c830-446d-93e5-b2b049761564&r=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D446%26user_id%3D%7BPUB_USER_ID%7D%26ssp%3D{SSP}%26gdpr%3D{GDPR}%26gdpr_consent%3D{GDPR_CONSENT}%26ssp%3D{SSP}%26bsw_param%3D{BSW_PARAM} HTTP 302
  • https://ad.360yield.com/ul_cb/server_match?partner_id=446&gdpr=0&gdpr_consent=&bidswitch_ssp_id=onetag&bsw_custom_parameter=9fda2ccc-c830-446d-93e5-b2b049761564&r=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D446%26user_id%3D%7BPUB_USER_ID%7D%26ssp%3D%7BSSP%7D%26gdpr%3D%7BGDPR%7D%26gdpr_consent%3D%7BGDPR_CONSENT%7D%26ssp%3D%7BSSP%7D%26bsw_param%3D%7BBSW_PARAM%7D HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=446&user_id=79fa1d23-cc90-49bd-ad79-8a4547142217&ssp=onetag&gdpr=0&gdpr_consent=&ssp=onetag&bsw_param=9fda2ccc-c830-446d-93e5-b2b049761564 HTTP 302
  • https://onetag-sys.com/match/?int_id=30&uid=9fda2ccc-c830-446d-93e5-b2b049761564&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 153
  • https://ad.mox.tv/delivery/sync?userid=gqezkTm2WS7UVcC0tghobplhIKzpWvhADTUhlDNXlsc&p_id=5 HTTP 301
  • https://ad.mox.tv/delivery/v2/sync?userid=gqezkTm2WS7UVcC0tghobplhIKzpWvhADTUhlDNXlsc&p_id=5
Request Chain 190
  • https://pr-bh.ybp.yahoo.com/sync/taboola/dfc8358d-d57b-421b-97fb-c43154cfe7b5-tuctc4f7dea?gdpr=1&us_privacy=1--- HTTP 302
  • https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-_qyKQZlE2oTt.orc83JqVf5_56mCqTS14ojb3w--~A
Request Chain 193
  • https://pr-bh.ybp.yahoo.com/sync/taboola/dfc8358d-d57b-421b-97fb-c43154cfe7b5-tuctc4f7dea?gdpr=1&us_privacy=1--- HTTP 302
  • https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-_qyKQZlE2oTt.orc83JqVf5_56mCqTS14ojb3w--~A
Request Chain 209
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOzJuiSmImVyeXS_lnvm1Ts&google_cver=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOzJuiSmImVyeXS_lnvm1Ts&google_cver=1&C=1
Request Chain 210
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZVX4btzE3ScfCHXUwhjfswAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOzJuiSmImVyeXS_lnvm1Ts&google_cver=1
Request Chain 213
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEHfjZZcYjZfzmJni8qBENbA&google_cver=1&google_push=AXcoOmQbv5O0tImZyaCTsE2GH1O4RQq-jkSCmWPyCqFYNrH8OVbtpxA63XI3fyjzaohAxmGM1RryJ5Xn0aFKULUW6RF0f6aQ7Otc HTTP 307
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEHfjZZcYjZfzmJni8qBENbA&google_cver=1&google_push=AXcoOmQbv5O0tImZyaCTsE2GH1O4RQq-jkSCmWPyCqFYNrH8OVbtpxA63XI3fyjzaohAxmGM1RryJ5Xn0aFKULUW6RF0f6aQ7Otc&sovrn_retry=true HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmQbv5O0tImZyaCTsE2GH1O4RQq-jkSCmWPyCqFYNrH8OVbtpxA63XI3fyjzaohAxmGM1RryJ5Xn0aFKULUW6RF0f6aQ7Otc&google_hm=Hql9uGZH1CvkZeCYQnORcCxJ
Request Chain 214
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEMpl4jm4VrFwFI3ci-E8RDo&google_cver=1&google_push=AXcoOmRBvlW35hdOXs6CxV13RouFEDxGxaLbbZXcJgUHyMLTvna4s3rnK9yMz9XCEr0oD2UojhKIYWIB5jeIDQHY34lki-o430OFdg HTTP 302
  • https://sync.1rx.io/usersync/smaato/572eec4f08?gdpr=0&gdpr_consent= HTTP 302
  • https://sync.1rx.io/usersync/smaato/572eec4f08?zcc=1&cb=1700132975613 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-1e642822-578c-4c31-9f7e-c461572976c2-003
Request Chain 215
  • https://ads.yieldmo.com/exptsync?google_gid=CAESEEHFwmswMsTsA6J5tBvc704&google_cver=1&google_push=AXcoOmSpv4sYS-DGcLcHFSBbgYhK5vnw6Sm786r04Hug0i3CjxVnpthL65roCMwO9_Z8UHDifT0oEBfgWITw2ezQpZ7wtkKl-LRd HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AXcoOmSpv4sYS-DGcLcHFSBbgYhK5vnw6Sm786r04Hug0i3CjxVnpthL65roCMwO9_Z8UHDifT0oEBfgWITw2ezQpZ7wtkKl-LRd&google_hm=M0Z5cERNTTY2NU1XamJCV1dBSjc=
Request Chain 216
  • https://tg.socdm.com/rtb/sync_before?proto=google_ebda&google_gid=CAESEHwoODATnQ4SWC-Y5qPHCpI&google_cver=1&google_push=AXcoOmQrM-fLcXJkMv3-EVX-ZYVyKXuzhlFsfLGKh2fPuU6mxEkFPkqqB_zshnI8PODIzd9Cvgo09PQQjGqycmuutVhrJtitkHb6Gg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=AXcoOmQrM-fLcXJkMv3-EVX-ZYVyKXuzhlFsfLGKh2fPuU6mxEkFPkqqB_zshnI8PODIzd9Cvgo09PQQjGqycmuutVhrJtitkHb6Gg&google_hm=WlZYNGI4Q281dVlBQUxMRS44TUFBQUFB
Request Chain 217
  • https://an.yandex.ru/mapuid/google/CAESEPDB76gklnqKPz6jGVieNQ0?ext-param=AXcoOmSRj-t4pf5JQYQuO56iJSG3CkcoF54x0V29Ab36ZsR6PtT04KD_H9Ow4jnQqkGJLr_biqHcJ4j2ainazKU2L3JCQCbj70fiEDA&partner-tag=yandex_ag&google_cver=1 HTTP 302
  • https://an.yandex.ru/mapuid/google/CAESEPDB76gklnqKPz6jGVieNQ0?redir-setuniq=1&ext-param=AXcoOmSRj-t4pf5JQYQuO56iJSG3CkcoF54x0V29Ab36ZsR6PtT04KD_H9Ow4jnQqkGJLr_biqHcJ4j2ainazKU2L3JCQCbj70fiEDA&partner-tag=yandex_ag&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yandex_ag&google_hm=CAESEPDB76gklnqKPz6jGVieNQ0&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif HTTP 302
  • https://an.yandex.ru/resource/spacer.gif
Request Chain 218
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEOmyU5y0EsA7vnQYB_KrX3A&google_cver=1&google_push=AXcoOmR60X7SD0Ov7k6yt6oGjrmqDaFUqEe2jAuK7vum2AC4tesHgPSXUMJTXtzZd23tcNLJzo8gDGzWsdmFbCi3jS3v2l6Ltal4Bdw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=9fda2ccc-c830-446d-93e5-b2b049761564&%%GOOGLE_PUSH_PAIR%%
Request Chain 235
  • https://pixel.rubiconproject.com/exchange/sync.php?p=adiiix&khaos=LP139Y10-G-4X8A HTTP 302
  • https://sync.aralego.com/idsync?ucf_nid=dsp-34BA74DB2DB8A36B0867EE4A76799A2&ucf_user_id=LP139Y10-G-4X8A HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
Request Chain 244
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TFAxMzlZMTAtRy00WDhB HTTP 302
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESELESqAZMqHhjndHKasEjweU&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFAxMzlZMTAtRy00WDhB&google_push=
Request Chain 245
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=wgTyuLMnT8eRb-LRROjpPw&rk=usync-other HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=wgTyuLMnT8eRb-LRROjpPw
Request Chain 246
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OWIzMTA1MjVhNjJkZTEwMDliZjE0ZTc5NmEwMWIyZmE2MmM5ZTU1OQ
Request Chain 247
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=z2PAeBDSTga006kSrO5Z2Q&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=z2PAeBDSTga006kSrO5Z2Q
Request Chain 248
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LP139Y10-G-4X8A
Request Chain 250
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEBl4p-QVEOyJR1DSTpel2ZA&google_cver=1
Request Chain 251
  • https://pixel.rubiconproject.com/exchange/sync.php?p=a9us HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=LP139Y10-G-4X8A&ex=d-rubiconproject.com&status=ok
Request Chain 252
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/--Hv_-WbwvRfm87RLKZnQg?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-exibmptE2oIH54XHGhxWJxQK_WI1NeJ1A.k1Tw--~A
Request Chain 253
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp HTTP 303
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&_bee_ppp=1 HTTP 303
  • https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAHXxE7Kq_EAABTv7sfYQQ&expires=30
Request Chain 254
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=${ADELPHIC_CUID}&expires=30 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=443381ad-be1b-4ff1-8521-3fb3045f3de8&expires=30
Request Chain 255
  • https://pixel.rubiconproject.com/exchange/sync.php?p=sovrn HTTP 302
  • https://ce.lijit.com/merge?pid=80&3pid=LP139Y10-G-4X8A
Request Chain 256
  • https://pixel.rubiconproject.com/exchange/sync.php?p=primis HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LP139Y10-G-4X8A
Request Chain 257
  • https://token.rubiconproject.com/token?pid=26594 HTTP 302
  • https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LP139Y10-G-4X8A&redir=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=58160&ovsid=LP139Y10-G-4X8A&redir=true HTTP 302
  • https://hb.yahoo.net/cksync?cs=63&axid_e=eS14cVRpQWhwRTJ1SHpodzRXNUR0TEJDWUd4ZlFXQS4wcH5B&ovsid=LP139Y10-G-4X8A&dpid=58160
Request Chain 258
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-apn HTTP 302
  • https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LP139Y10-G-4X8A
Request Chain 259
  • https://pixel.rubiconproject.com/exchange/sync.php?p=18694 HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LP139Y10-G-4X8A
Request Chain 290
  • https://pr-bh.ybp.yahoo.com/sync/taboola/dfc8358d-d57b-421b-97fb-c43154cfe7b5-tuctc4f7dea?gdpr=1&us_privacy=1--- HTTP 302
  • https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-h0sDRshE2oQ56YHTIu5NZV5P94vMGl0E0E0AAQ--~A
Request Chain 337
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEKIVUNGGJAOne0m3cGey8NY&google_cver=1
Request Chain 338
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTAwODQ1MjE1OTMzMTMxNDAz
Request Chain 339
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEKTdiBhnS5gIM9IZQZnWDg&google_cver=1 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESEEKTdiBhnS5gIM9IZQZnWDg&google_cver=1
Request Chain 340
  • https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
  • https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NTRkMDBkNjMtMmU1NS0yZmFiLWUxY2MtOWJmNDkzZWY5OWVk
Request Chain 353
  • https://adpushup-d.openx.net/w/1.0/pd HTTP 302
  • https://adpushup-d.openx.net/w/1.0/pd?cc=1
Request Chain 370
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABi9fSgwy4U0Ufgdd7md16YCmOGyb4qQYrFQ
Request Chain 373
  • https://onetag-sys.com/match/?int_id=113&gdpr=1&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=AMav111NabHvOyK5A3wtEK7Azazdyj1DoLAFcN-6NC8
Request Chain 394
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Request Chain 399
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID HTTP 302
  • https://ads.servenobid.com/sync?pid=312&uid=500845215933131403
Request Chain 400
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D HTTP 302
  • https://ads.servenobid.com/sync?pid=310&uid=Hql9uGZH1CvkZeCYQnORcCxJ
Request Chain 402
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=6795921952 HTTP 302
  • https://sync.1rx.io/usersync/turn/8640911169531480051?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-1e642822-578c-4c31-9f7e-c461572976c2-003?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fpartnerid%3D113%26partneruserid%3DRX-1e642822-578c-4c31-9f7e-c461572976c2-003 HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=113&partneruserid=RX-1e642822-578c-4c31-9f7e-c461572976c2-003
Request Chain 403
  • https://p.rfihub.com/cm?pub=44007&in=1 HTTP 302
  • https://ads.servenobid.com/sync?pid=324&uid=5144588527489820076
Request Chain 404
  • https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D332%26uid%3D HTTP 302
  • https://ads.servenobid.com/sync?pid=332&uid=6d7abaa9-6b75-434e-8d6f-8026df56dbea
Request Chain 405
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D HTTP 302
  • https://ads.servenobid.com/sync?pid=327&uid=&us_privacy=1YN-&gdpr=0
Request Chain 406
  • https://ups.analytics.yahoo.com/ups/58559/occ HTTP 302
  • https://ads.servenobid.com/sync?pid=337&uid=y-cgQFRH5E2uFD5FZ1OqfDLRF14AGHdV6woLNDAHA-~A
Request Chain 407
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID HTTP 302
  • https://bh.contextweb.com/bh/rtset?pid=562894&ev=1&us_privacy=&rurl=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D29%26buyeruid%3D%25%25VGUID%25%25%26r%3DCid1YS1hYmM0OWY2Yy0xNzgxLTNjYjUtYTFlMS1lYzZlNzc1MzZmMzEQ____________ASpTaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzQ2JnVpZD11YS1hYmM0OWY2Yy0xNzgxLTNjYjUtYTFlMS1lYzZlNzc1MzZmMzEyAh0eOAE=%26gdpr%3D%26gdpr_consent%3D HTTP 302
  • https://ssp.disqus.com/match?bidder=29&buyeruid=LT3Ny37GwtSv&r=Cid1YS1hYmM0OWY2Yy0xNzgxLTNjYjUtYTFlMS1lYzZlNzc1MzZmMzEQ____________ASpTaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzQ2JnVpZD11YS1hYmM0OWY2Yy0xNzgxLTNjYjUtYTFlMS1lYzZlNzc1MzZmMzEyAh0eOAE=&gdpr=&gdpr_consent=&ev=1&us_privacy=&pid=562894 HTTP 302
  • https://us.ck-ie.com/ztg897.gif?gdpr=&gdpr_consent=&us_privacy=&coppa={$COPPA}&redir=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D30%26buyeruid%3D%7B%24PARTNER_UID%7D%26r%3DCid1YS1hYmM0OWY2Yy0xNzgxLTNjYjUtYTFlMS1lYzZlNzc1MzZmMzEQ____________ASpTaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzQ2JnVpZD11YS1hYmM0OWY2Yy0xNzgxLTNjYjUtYTFlMS1lYzZlNzc1MzZmMzEyAh0eOAI=%26gdpr%3D%26gdpr_consent%3D HTTP 302
  • https://ssp.disqus.com/match?bidder=30&buyeruid=e7263fa27e5f17dd1d81f8150f3d92e488a577f3ae8578e3e855f1f99803fb18&r=Cid1YS1hYmM0OWY2Yy0xNzgxLTNjYjUtYTFlMS1lYzZlNzc1MzZmMzEQ____________ASpTaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzQ2JnVpZD11YS1hYmM0OWY2Yy0xNzgxLTNjYjUtYTFlMS1lYzZlNzc1MzZmMzEyAh0eOAI=&gdpr=&gdpr_consent= HTTP 302
  • https://ads.servenobid.com/sync?pid=346&uid=ua-abc49f6c-1781-3cb5-a1e1-ec6e77536f31
Request Chain 408
  • https://ups.analytics.yahoo.com/ups/58632/occ HTTP 302
  • https://ads.servenobid.com/sync?pid=339&uid=y-cgQFRH5E2uFD5FZ1OqfDLRF14AGHdV6woLNDAHA-~A
Request Chain 410
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D353%26uid%3D%3Cvsid%3E HTTP 302
  • https://ads.servenobid.com/sync?pid=353&uid=0000EEA
Request Chain 420
  • https://cms.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=qVqIgvlXioeyDo6B-w2Q0a5c39SyXIyP-VczmBGO
Request Chain 421
  • https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=2077481175515758965
Request Chain 425
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEKTdiBhnS5gIM9IZQZnWDg&google_cver=1
Request Chain 435
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZVX4btzE3ScfCHXUwhjfswAAFHUAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESENj41yeJ4fJ2W4FQNdauhEw&google_cver=1
Request Chain 436
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZVX4btzE3ScfCHXUwhjfswAA%265237&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid= HTTP 303
  • https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZVX4btzE3ScfCHXUwhjfswAA%265237&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=6685f683996d48458eb1972bc255fa2e HTTP 303
  • https://pippio.com/api/sync?pid=710914&_=2&it=4&it=4&it=4&iv=cd8996eced116af71651e4eedd6865840605caf0e6b0219d0a43ded30f06bb93
Request Chain 439
  • https://ssbsync.smartadserver.com/api/sync?callerId=82&gdpr=$%7bGDPR%7d&gdpr_consent=$%7bGDPR_CONSENT%7d HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=1022322488938986752&gdpr=0&gdpr_consent=
Request Chain 440
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=92ECAA55306B4FD395D26EC89C178274
Request Chain 442
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48 HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=48 HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=118381f6-8542-441e-8997-93e63d54d767-6555f875-4348&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3D118381f6-8542-441e-8997-93e63d54d767-6555f875-4348%26partner_url%3Dhttps%253A%252F%252Fr.casalemedia.com%252Frum%253Fcm_dsp_id%253D64%2526external_user_id%253D118381f6-8542-441e-8997-93e63d54d767-6555f875-4348%2526gdpr%253D0%2526gdpr_consent%253D HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=118381f6-8542-441e-8997-93e63d54d767-6555f875-4348&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3D118381f6-8542-441e-8997-93e63d54d767-6555f875-4348%26partner_url%3Dhttps%253A%252F%252Fr.casalemedia.com%252Frum%253Fcm_dsp_id%253D64%2526external_user_id%253D118381f6-8542-441e-8997-93e63d54d767-6555f875-4348%2526gdpr%253D0%2526gdpr_consent%253D&ct=y HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=118381f6-8542-441e-8997-93e63d54d767-6555f875-4348&partner_url=https%3A%2F%2Fr.casalemedia.com%2Frum%3Fcm_dsp_id%3D64%26external_user_id%3D118381f6-8542-441e-8997-93e63d54d767-6555f875-4348%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://pixel.tapad.com/idsync/ex/push/check?partner_id=2499&partner_device_id=118381f6-8542-441e-8997-93e63d54d767-6555f875-4348&partner_url=https%3A%2F%2Fr.casalemedia.com%2Frum%3Fcm_dsp_id%3D64%26external_user_id%3D118381f6-8542-441e-8997-93e63d54d767-6555f875-4348%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://r.casalemedia.com/rum?cm_dsp_id=64&external_user_id=118381f6-8542-441e-8997-93e63d54d767-6555f875-4348&gdpr=0&gdpr_consent=
Request Chain 444
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZVX4btzE3ScfCHXUwhjfswAA%265237&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid= HTTP 303
  • https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZVX4btzE3ScfCHXUwhjfswAA%265237&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=61f9850ba7034904a6a79668bd7d6ffa HTTP 303
  • https://pippio.com/api/sync?pid=710914&_=2&it=4&it=4&it=4&iv=cd8996eced116af71651e4eedd6865840605caf0e6b0219d0a43ded30f06bb93
Request Chain 446
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=500845215933131403
Request Chain 447
  • https://match.prod.bidr.io/cookie-sync/ie HTTP 303
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAHXxE7Kq_EAABTv7sfYQQ&expiration=1701342581
Request Chain 448
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZVX4btzE3ScfCHXUwhjfswAAFHUAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESENj41yeJ4fJ2W4FQNdauhEw&google_cver=1
Request Chain 449
  • https://sync.adotmob.com/cookie/indexexchange?gdpr=&gdpr_consent=&r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7Bamob_user_id%7D%26expiration%3D%5BEXPIRATION%5D&gpp=&gpp_sid= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&expiration=%5BEXPIRATION%5D&gdprConsent=
Request Chain 450
  • https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=
Request Chain 451
  • https://csync.loopme.me/?pubid=11466&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid= HTTP 307
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=f194886c-a459-4bca-b87e-fa585f8f6de2&gpp_sid=null&gpp=null&us_privacy=null&gdpr_consent=null&gdpr=null
Request Chain 454
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=76&partneruserid=GOOGLE_HOSTED_SI&redirurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsmartrtb_dbm%26google_cm%26google_sc%26google_hm%3DSMART_USER_ID_B64&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smartrtb_dbm&google_cm&google_sc&google_hm=MTAyMjMyMjQ4ODkzODk4Njc1Mg==&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEFtILp1V2GFKdwBJi0JP504&gdpr=0&gdpr_consent=&google_cver=1
Request Chain 455
  • https://c1.adform.net/serving/cookie/match?party=10&sspurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D22%26partneruserid%3DYOUR_USER_ID&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=22&partneruserid=4296390461623842244&gdpr=0&gdpr_consent=
Request Chain 456
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=134&partneruserid=OB_OK&redirurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsmart_adserver_eb%26google_hm%3DSMART_USER_ID_B64&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_hm=MTAyMjMyMjQ4ODkzODk4Njc1Mg==&gdpr=0&gdpr_consent=
Request Chain 457
  • https://sync.1rx.io/usersync2/smartadserver?gdpr=0&gdpr_consent= HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=7834643693 HTTP 302
  • https://sync.1rx.io/usersync/turn/8424738387417696243?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-1e642822-578c-4c31-9f7e-c461572976c2-003?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fpartnerid%3D113%26partneruserid%3DRX-1e642822-578c-4c31-9f7e-c461572976c2-003 HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=113&partneruserid=RX-1e642822-578c-4c31-9f7e-c461572976c2-003
Request Chain 471
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABi9fSieDBFX19xk-PXYiqOH1TTbdkL5X4OA
Request Chain 475
  • https://onetag-sys.com/match/?int_id=113&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=P7izp4317_tKBUmF2jkjgDBVxc2fEsy87MZ5HnKEOdA
Request Chain 482
  • https://ad.doubleclick.net/ddm/trackimp/N1595888.2664817TEADSCH/B30649609.380086671;dc_trk_aid=570662925;dc_trk_cid=203460367;ord=1700132980045;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=;dc_tdv=1 HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N1595888.2664817TEADSCH/B30649609.380086671;dc_pre=CIKLrfOwyIIDFaeJ_QcdOxcMOQ;dc_trk_aid=570662925;dc_trk_cid=203460367;ord=1700132980045;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=;dc_tdv=1
Request Chain 486
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABi9fSizt6dHOwGlhtpi5TioZh2LbIQBKB5g
Request Chain 487
  • https://onetag-sys.com/match/?int_id=113&gdpr=1&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=P7izp4317_tKBUmF2jkjgDBVxc2fEsy87MZ5HnKEOdA
Request Chain 493
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID HTTP 302
  • https://usersync.gumgum.com/usersync?b=apn&i=500845215933131403
Request Chain 494
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_9d726155-dce4-4d7f-b50a-496a4d8438bc&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://u.ipw.metadsp.co.uk/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2&bsw_user_id=${BSW_USER_UD}&bsw_param=9fda2ccc-c830-446d-93e5-b2b049761564&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=1--- HTTP 302
  • https://u.ipw.metadsp.co.uk/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2&bsw_user_id=${BSW_USER_UD}&bsw_param=9fda2ccc-c830-446d-93e5-b2b049761564&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=1--- HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=339&expires=14&gdpr=0&gdpr_consent=&user_group=1&user_id=dc3c1384-0302-4d38-99dd-0a9e2e8a8312&ssp=gumgum2&bsw_param=9fda2ccc-c830-446d-93e5-b2b049761564 HTTP 302
  • https://usersync.gumgum.com/usersync?b=bsw&i=9fda2ccc-c830-446d-93e5-b2b049761564&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 495
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=opx&i=8f827ad9-cf37-4959-9357-d1a0915d56cb
Request Chain 496
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sta&i=0-8d088009-e5eb-4ede-5f07-e3c376857bf2$cell
Request Chain 497
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=oth&i=y-Z5MDfmNE2pdcEW6YUdmewv7GWAQNlKMHw_T7~A
Request Chain 498
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=vnt&i=443381ad-be1b-4ff1-8521-3fb3045f3de8
Request Chain 500
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_9d726155-dce4-4d7f-b50a-496a4d8438bc&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__ HTTP 302
  • https://b1sync.zemanta.com/usersync/gumgum/?cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__&gdpr=0&gdpr_consent=&puid=e_9d726155-dce4-4d7f-b50a-496a4d8438bc&s=2&us_privacy=1--- HTTP 302
  • https://usersync.gumgum.com/usersync?b=zem&i=CsLcpeFZxukIyenoxtIY&gdpr=0&us_privacy=1---
Request Chain 501
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
  • https://usersync.gumgum.com/usersync?b=pln&i=LT3Ny37GwtSv&ev=1&pid=558355
Request Chain 502
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sad&i=1022322488938986752
Request Chain 510
  • https://ads.stickyadstv.com/user-matching?id=3663&gdpr=0&gdpr_consent= HTTP 302
  • https://cs.yellowblue.io/cs?aid=11601&id=b66f21b54857ce7ad1d8d01265367bc&gdpr_consent=&gdpr=0
Request Chain 512
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160295&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11576%26id%3D%23PMUID HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEIUZ9nAZfANXXa8siAXkIWk&google_cver=1 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Request Chain 515
  • https://eb2.3lift.com/getuid?cmp_cs=&gdpr=0&ismms2s=1&redir=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21480%26id%3D%24UID HTTP 302
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21480%26id%3D%24UID HTTP 302
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21480&id=4067064112270208969257
Request Chain 516
  • https://u.openx.net/w/1.0/cm?gdpr=0&gdpr_consent=&id=29975467-6f1b-4e06-b545-920b22ea49b2&ismms2s=1&r=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21477%26id%3D HTTP 302
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21477&id=e1e63cad-98b0-4e5b-8cb4-d8ba190edd68
Request Chain 518
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&ismms2s=1&p=161683&pu=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21482%26id%3D%23PMUID HTTP 302
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21482&id=0C12FB58-4C26-466B-B2C8-B7995E65D171
Request Chain 519
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21476%26id%3D&ismms2s=1&s=196326 HTTP 302
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21476&id=ZVX4btzE3ScfCHXUwhjfswAA%265237
Request Chain 520
  • https://visitor.omnitagjs.com/visitor/bsync?gdpr=0&gdpr_consent=&ismms2s=1&name=MinuteMedia&uid=a1aca1d7a7acd80e26595e82223f1e6f&url=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21502%26id%3D%5BBUYER_ID%5D HTTP 307
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21502&id=b8a1d49d298f6c37e0b62b5d2edb130f
Request Chain 521
  • https://prebid.a-mo.net/cchain/0?cb=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21492%26uid%3D&gdpr=0&gdpr_consent=&ismms2s=1 HTTP 302
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21492&uid=&gdpr=0
Request Chain 525
  • https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid] HTTP 302
  • https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1 HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/smart/1022322488938986752
Request Chain 526
  • https://secure.adnxs.com/getuid?https://csync.smilewanted.com/set_partner_userid_get/appnexus/$UID HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/appnexus/500845215933131403
Request Chain 528
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-smilewanted&gdpr=0&gdpr_consent= HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/rubicon/LP139Y10-G-4X8A?gdpr=0
Request Chain 537
  • https://ice.360yield.com/server_match?r=https://csync.smilewanted.com/set_partner_userid_get/improve/{PUB_USER_ID}&partner_id=1010 HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/improve/79fa1d23-cc90-49bd-ad79-8a4547142217&partner_id=1010
Request Chain 543
  • https://ad.doubleclick.net/ddm/trackimp/N1138786.3391166TEADS_CHE_105603/B30596275.377000711;dc_trk_aid=567962966;dc_trk_cid=200017129;ord=1700132980794;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=;dc_tdv=1 HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N1138786.3391166TEADS_CHE_105603/B30596275.377000711;dc_pre=CITC_vOwyIIDFdmh_QcdkewPSQ;dc_trk_aid=567962966;dc_trk_cid=200017129;ord=1700132980794;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=;dc_tdv=1
Request Chain 545
  • https://u.openx.net/w/1.0/cm?id=158474f5-20ec-4fcc-8ba8-4c101c556b25&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fopenx%2F HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/openx/ddf51c3f-d747-4f91-b259-06a127b1ffff
Request Chain 546
  • https://sync.teads.tv/um?eid=3&fp=1&uid=&vid=e749febd-847a-46f3-ae87-f65a1c76e7b9&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D&gdpr=0&_t=1700132981546 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=ZTc0OWZlYmQtODQ3YS00NmYzLWFlODctZjY1YTFjNzZlN2I5
Request Chain 548
  • https://dis.criteo.com/dis/usersync.aspx?r=79&p=145&cp=teads&cu=1&url=https%3A%2F%2Fsync.teads.tv%2Fum%3Ffp%3D1%26eid%3D80%26uid%3D%40%40CRITEO_USERID%40%40&gdpr=0&_t=1700132981546 HTTP 302
  • https://sync.teads.tv/um?fp=1&eid=80&uid=271aa54b-560d-4d1f-a1ae-a3997c7daf96&gdpr=0
Request Chain 549
  • https://pr-bh.ybp.yahoo.com/sync/teads/e749febd-847a-46f3-ae87-f65a1c76e7b9?gdpr=0&_t=1700132981546 HTTP 302
  • https://sync.teads.tv/um?eid=132&uid=y-ZfC2ErFE2oRp9TEzoNrAA6.54WD3DNRJjEs-~A
Request Chain 552
  • https://idsync.rlcdn.com/474599.gif?partner_uid=e749febd-847a-46f3-ae87-f65a1c76e7b9_ch&_t=1700132981546 HTTP 307
  • https://idsync.rlcdn.com/1000.gif?memo=COf7HBIzCi8IARCzmAkaJ2U3NDlmZWJkLTg0N2EtNDZmMy1hZTg3LWY2NWExYzc2ZTdiOV9jaBAAGg0I9_DXqgYSBQjoBxAAQgBKAA HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm HTTP 302
  • https://idsync.rlcdn.com/362358.gif?google_gid=CAESEJ08tgnOmRTApn5AARlw89I&google_cver=1
Request Chain 555
  • https://sync.teads.tv/um?fp=1&ssb_provider_id=1&uid=&vid=e749febd-847a-46f3-ae87-f65a1c76e7b9&fb=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000024%26uuid%3D%5BVID%5D&gdpr=0&_t=1700132981546 HTTP 302
  • https://sync.springserve.com/usersync?aid=1000024&uuid=e749febd-847a-46f3-ae87-f65a1c76e7b9
Request Chain 556
  • https://sync.teads.tv/um?fp=1&ssb_provider_id=3&google_nid=teadstv_ab&uid=&vid=e749febd-847a-46f3-ae87-f65a1c76e7b9&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&gdpr=0&_t=1700132981546 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=ZTc0OWZlYmQtODQ3YS00NmYzLWFlODctZjY1YTFjNzZlN2I5 HTTP 302
  • https://sync.teads.tv/um/report?ssb_provider_id=3&google_nid=teadstv_ab&fp=1
Request Chain 558
  • https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fadform%2F%24UID HTTP 303
  • https://csync.smilewanted.com/set_partner_userid_get/adform/4296390461623842244
Request Chain 559
  • https://b1sync.zemanta.com/usersync/smilewanted?gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Foutbrain%2F__ZUID__ HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/outbrain/?gdpr=0
Request Chain 560
  • https://creativecdn.com/cm-notify?pi=smilewanted HTTP 302
  • https://creativecdn.com/cm-notify?pi=smilewanted&tc=1 HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/hd2Il582vi81Knjdu8cF6ZhHuvG8HUJOPMwRGcWCirE?pi=smilewanted&tc=1
Request Chain 562
  • https://c1.adform.net/serving/cookie/match?party=1301&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/usersync?b=adf&i=4296390461623842244&gdpr=0&gdpr_consent=
Request Chain 566
  • https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
  • https://usersync.gumgum.com/usersync?b=sus&i=ZVX4b8Co5uYAALLE.8MAAAAA
Request Chain 567
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1 HTTP 302
  • https://usersync.gumgum.com/usersync?b=rth&i=hd2Il582vi81Knjdu8cF6ZhHuvG8HUJOPMwRGcWCirE&pi=gumgum&tc=1
Request Chain 568
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=gumgum
Request Chain 576
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=duration_media&khaos=LP139Y10-G-4X8A HTTP 302
  • https://ads.servenobid.com/sync?pid=323&uid=LP139Y10-G-4X8A
Request Chain 577
  • https://sync.teads.tv/um?eid=3&fp=1&uid=&vid=e749febd-847a-46f3-ae87-f65a1c76e7b9&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D&gdpr=0&_t=1700132982599 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=ZTc0OWZlYmQtODQ3YS00NmYzLWFlODctZjY1YTFjNzZlN2I5
Request Chain 579
  • https://dis.criteo.com/dis/usersync.aspx?r=79&p=145&cp=teads&cu=1&url=https%3A%2F%2Fsync.teads.tv%2Fum%3Ffp%3D1%26eid%3D80%26uid%3D%40%40CRITEO_USERID%40%40&gdpr=0&_t=1700132982599 HTTP 302
  • https://sync.teads.tv/um?fp=1&eid=80&uid=271aa54b-560d-4d1f-a1ae-a3997c7daf96&gdpr=0
Request Chain 580
  • https://pr-bh.ybp.yahoo.com/sync/teads/e749febd-847a-46f3-ae87-f65a1c76e7b9?gdpr=0&_t=1700132982599 HTTP 302
  • https://sync.teads.tv/um?eid=132&uid=y-ZfC2ErFE2oRp9TEzoNrAA6.54WD3DNRJjEs-~A
Request Chain 581
  • https://sync.teads.tv/um?fp=1&ssb_provider_id=1&uid=&vid=e749febd-847a-46f3-ae87-f65a1c76e7b9&fb=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000024%26uuid%3D%5BVID%5D&gdpr=0&_t=1700132982599 HTTP 302
  • https://sync.springserve.com/usersync?aid=1000024&uuid=e749febd-847a-46f3-ae87-f65a1c76e7b9
Request Chain 582
  • https://sync.teads.tv/um?fp=1&ssb_provider_id=3&google_nid=teadstv_ab&uid=&vid=e749febd-847a-46f3-ae87-f65a1c76e7b9&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&gdpr=0&_t=1700132982599 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=ZTc0OWZlYmQtODQ3YS00NmYzLWFlODctZjY1YTFjNzZlN2I5 HTTP 302
  • https://sync.teads.tv/um/report?ssb_provider_id=3&google_nid=teadstv_ab&fp=1
Request Chain 587
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=4296390461623842244
Request Chain 589
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=7fYJHb37Cxj2og8ev6ERTurwXkv28A0Qvfv7esqf HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=0C12FB58-4C26-466B-B2C8-B7995E65D171
Request Chain 590
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=500845215933131403&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=4296390461623842244 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=0C12FB58-4C26-466B-B2C8-B7995E65D171&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-uPV3jMVE2uU5DIEWDxclBf340m5x81U-~A&gdpr=0
Request Chain 591
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7302015560856696985&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=4296390461623842244
Request Chain 592
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=jQiACeXrTt5fB-PDdoV78g&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=4296390461623842244 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=0C12FB58-4C26-466B-B2C8-B7995E65D171&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-uPV3jMVE2uU5DIEWDxclBf340m5x81U-~A&gdpr=0
Request Chain 593
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.bumlam.com/?src=bsw2&bsw_ssp=pubmatic&bsw_param=9fda2ccc-c830-446d-93e5-b2b049761564&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.bumlam.com/?src=bsw2&s_data=CAIQARj48NeqBloJCgRnZHByEgEwWg4KDGdkcHJfY29uc2VudKIBEKVunaqEcBHuu7EAJZDIJDeqAQhwdWJtYXRpY7IBJDlmZGEyY2NjLWM4MzAtNDQ2ZC05M2U1LWIyYjA0OTc2MTU2NA** HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=476&user_id=a56e9daa-8470-11ee-bbb1-002590c82437&expires=90&ssp=pubmatic&bsw_param=9fda2ccc-c830-446d-93e5-b2b049761564 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=9fda2ccc-c830-446d-93e5-b2b049761564&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=0C12FB58-4C26-466B-B2C8-B7995E65D171&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-uPV3jMVE2uU5DIEWDxclBf340m5x81U-~A&gdpr=0
Request Chain 594
  • https://t.adx.opera.com/pub/sync?pubid=pub8730968190912 HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPUebc8d0fe4a37436cb8740274a79f101d
Request Chain 595
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent= HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFIWHhFN0txX0VBQUJUdjdzZllRUQ&gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partneruserid=AAHXxE7Kq_EAABTv7sfYQQ&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dpp%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2%26userid%3DSMART_USER_ID&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=pp%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=2&userid=1022322488938986752&gdpr=0&gdpr_consent= HTTP 303
  • https://bh.contextweb.com/bh/rtset?ev=AAHXxE7Kq_EAABTv7sfYQQ&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D1022322488938986752%26gdpr%3D0%26gdpr_consent%3D%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=1022322488938986752&gdpr=0&gdpr_consent=&bee_sync_partners=pm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AAHXxE7Kq_EAABTv7sfYQQ&pid=558502&do=add&gdpr=0 HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAHXxE7Kq_EAABTv7sfYQQ&gdpr=0&gdpr_consent=
Request Chain 597
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZVX4dwAAD9xKHgBH
Request Chain 598
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token} HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Request Chain 599
  • https://b1sync.zemanta.com/usersync/pubmatic/?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:&gdpr=0&gdpr_consent=&gdpr=0 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=4296390461623842244
Request Chain 600
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5144588527489820076 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=0C12FB58-4C26-466B-B2C8-B7995E65D171
Request Chain 601
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=1928991434768822063 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Request Chain 607
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=DBL7WEwmRmuyyLeZXmXRcQ%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 609
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent= HTTP 307
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=441213302
Request Chain 610
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=0C12FB58-4C26-466B-B2C8-B7995E65D171 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=OTI3ckM3eXp5MEdRTC1XZVlPLVlnNHRZUQ==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%253D%253D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/a?adform_uid=4296390461623842244&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D HTTP 302
  • https://a.audrte.com/p
Request Chain 611
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEIUZ9nAZfANXXa8siAXkIWk&google_cver=1
Request Chain 613
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=4296390461623842244 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=4296390461623842244 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=0C12FB58-4C26-466B-B2C8-B7995E65D171&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-uPV3jMVE2uU5DIEWDxclBf340m5x81U-~A&gdpr=0
Request Chain 615
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=0C12FB58-4C26-466B-B2C8-B7995E65D171&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-uPV3jMVE2uU5DIEWDxclBf340m5x81U-~A&gdpr=0
Request Chain 617
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=118381f6-8542-441e-8997-93e63d54d767-6555f875-4348&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Request Chain 618
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=0C12FB58-4C26-466B-B2C8-B7995E65D171&gdpr=0&gdpr_consent= HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=7b9a15fce07218b2&is_secure=true&networkId=17100&version=1&nuid=0C12FB58-4C26-466B-B2C8-B7995E65D171&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAHwf4wAoXdMQNqPB6nAAAAAAA&expiration=1700219384&nuid=0C12FB58-4C26-466B-B2C8-B7995E65D171&is_secure=true&gdpr_consent=&gdpr=0
Request Chain 619
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8640911169531480051&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=4296390461623842244 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=0C12FB58-4C26-466B-B2C8-B7995E65D171&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-uPV3jMVE2uU5DIEWDxclBf340m5x81U-~A&gdpr=0
Request Chain 620
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:5a20b5b8-afad-4f61-9a02-e0ba66d3e4c2&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Request Chain 624
  • https://um.simpli.fi/gp_match?google_gid=CAESEGdCnR-BMfx5m8PtciMvEIA&google_cver=1&google_push=AXcoOmTrGzLaPxGG5RaUHRnEzwFYWAyyTjycjBynrGbLrS5NxB8Cz823ciyxmNVChzkVR4mfndDbF8F6irkAgh0EbucQaWlVBWTVEu0ns2Wh5fNEFQqxUl6pjcCahuZqtuuvkGdRDYsXlBvIihiLGOWz2I4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=92ECAA55306B4FD395D26EC89C178274&google_push=AXcoOmTrGzLaPxGG5RaUHRnEzwFYWAyyTjycjBynrGbLrS5NxB8Cz823ciyxmNVChzkVR4mfndDbF8F6irkAgh0EbucQaWlVBWTVEu0ns2Wh5fNEFQqxUl6pjcCahuZqtuuvkGdRDYsXlBvIihiLGOWz2I4
Request Chain 625
  • https://ums.acuityplatform.com/tum?umid=4&uid=CAESEEa_XsMy4T-c9xWeIQr2Tak&google_cver=1&google_push=AXcoOmQHK8hgMg-3yvYaOz17S4V-FnO7onB1QLLMT-t4GzJ3h9fEMtCseRjGf8XQ1KY5D1KUv0quyh8w45q8rYVpKS2MTX6c_nwat92FG-3rE8bbDRCNBRoEcT7hIWH2srbMjPkBTxxZex-Er1IuGjw5do6h HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=853050275236&us_privacy=1---
Request Chain 626
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEHI2vOALFewp05vPahu_XDA&google_cver=1&google_push=AXcoOmThk6oKG6lDMywSjBF4-EE_-u0FbSVaEeEl6PHPsMFGXp5vtoOJvY9yc2KsA_FdqjR-TUyCSmIjIyZJltqnzI6diaEcnza40YQTM0IcSwUgsuwJdsWfFTFIEHtEv7K-AHjMmMoSGrZ0n5UZAuwYEqtu HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmThk6oKG6lDMywSjBF4-EE_-u0FbSVaEeEl6PHPsMFGXp5vtoOJvY9yc2KsA_FdqjR-TUyCSmIjIyZJltqnzI6diaEcnza40YQTM0IcSwUgsuwJdsWfFTFIEHtEv7K-AHjMmMoSGrZ0n5UZAuwYEqtu&google_hm=n9oszMgwRG2T5bKwSXYVZA==
Request Chain 627
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEDmfZoBpz1KK_t9iNjGROE0&google_cver=1&google_push=AXcoOmRTzHT6O6iW-HpEil0PA-51OJKoV31aVkde0puR8-3s_FKIvDBRxm6qesUFWWRklv86ATzNKnp1CJ5LJTDDDk7O60IA9RtUbaSPZnCo7mYkxnygctL8ZOsloT0plpsZBFw2FOmoa9r20g1V__aU6kW0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmRTzHT6O6iW-HpEil0PA-51OJKoV31aVkde0puR8-3s_FKIvDBRxm6qesUFWWRklv86ATzNKnp1CJ5LJTDDDk7O60IA9RtUbaSPZnCo7mYkxnygctL8ZOsloT0plpsZBFw2FOmoa9r20g1V__aU6kW0&google_hm=Q3NMY3BlRlp4dWtJeWVub3h0SVk=
Request Chain 628
  • https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEI9D12HpEMVfjSzppSzUcQk&google_cver=1&google_push=AXcoOmTwrhU72n2poBIx6Q7QbCg7-r7F0IDfaUN_-hs34J2K-VqajYN6msERK0avafQ8EhLZobGy1VoarLzsoe_fTyHq8jLEiVyOefJgd70MGDuzvJgGM8u2OQOouPdiHo3yVqdnwFylYOuLY8BwxF3ChmGE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AXcoOmTwrhU72n2poBIx6Q7QbCg7-r7F0IDfaUN_-hs34J2K-VqajYN6msERK0avafQ8EhLZobGy1VoarLzsoe_fTyHq8jLEiVyOefJgd70MGDuzvJgGM8u2OQOouPdiHo3yVqdnwFylYOuLY8BwxF3ChmGE&google_hm=MTAyMjMyMjQ4ODkzODk4Njc1Mg%3D%3D
Request Chain 636
  • https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&khaos=LP139Y10-G-4X8A HTTP 302
  • https://usersync.gumgum.com/usersync?b=mag&i=LP139Y10-G-4X8A
Request Chain 639
  • https://track.adform.net/banners/scripts/rmb/Adform.DHTML.js HTTP 301
  • https://s1.adform.net/banners/scripts/rmb/Adform.DHTML.js
Request Chain 666
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Request Chain 668
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=7fYJHb37Cxj2og8ev6ERTurwXkv28A0Qvfv7esqf HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Request Chain 669
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=500845215933131403&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Request Chain 670
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7302015560856696985&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Request Chain 671
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=jQiACeXrTt5fB-PDdoV78g&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Request Chain 672
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://sonata-notifications.taptapnetworks.com/web/cookie/bidswitch/sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=9fda2ccc-c830-446d-93e5-b2b049761564&gdpr=0&gdpr_consent=&gdpr_pd= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=413&ssp=pubmatic&user_id=csonata_d337bda2-51e8-4b4e-a65f-fdf5eb876af4&bsw_param=9fda2ccc-c830-446d-93e5-b2b049761564&expires=10&gdpr=0&gdpr_consent=&gdpr_pd= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=9fda2ccc-c830-446d-93e5-b2b049761564&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Request Chain 673
  • https://t.adx.opera.com/pub/sync?pubid=pub8730968190912 HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPUebc8d0fe4a37436cb8740274a79f101d HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Request Chain 674
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent= HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAHXxE7Kq_EAABTv7sfYQQ&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Request Chain 677
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token} HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Request Chain 678
  • https://b1sync.zemanta.com/usersync/pubmatic/?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:&gdpr=0&gdpr_consent=&gdpr=0 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Request Chain 679
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5144588527489820076 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Request Chain 680
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=1928991434768822063 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Request Chain 685
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Request Chain 686
  • https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent= HTTP 302
  • https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25_rid%26gdpr%3D0%26gdpr_consent%3D%25_gdpr_consent HTTP 302
  • https://sync.crwdcntrl.net/map/c=14544/tp=BIDB/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253DkODCF8PzngURhjbYhQQQVbbS%2526gdpr%253D0%2526gdpr_consent%253D HTTP 302
  • https://pixel-eu.onaudience.com/?partner=104&icm&cver&mapped=d99fceed2ef8ed218612ab095010e81&gdpr=0&redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3DkODCF8PzngURhjbYhQQQVbbS%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=kODCF8PzngURhjbYhQQQVbbS&gdpr=0&gdpr_consent=
Request Chain 688
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:92ECAA55306B4FD395D26EC89C178274&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Request Chain 691
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=0C12FB58-4C26-466B-B2C8-B7995E65D171&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=0C12FB58-4C26-466B-B2C8-B7995E65D171&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 692
  • https://pixel.onaudience.com/?partner=214&mapped=0C12FB58-4C26-466B-B2C8-B7995E65D171&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=5892852ade643e32/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D HTTP 302
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=d99fceed2ef8ed218612ab095010e81&gdpr=0 HTTP 302
  • https://spl.zeotap.com/?zdid=1332&zcluid=ea69bc13bddd5118 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=5e635e9c-ddae-423d-4113-094b60993d05&reqId=4adea766-e889-4f69-402f-9bf774a50935&zcluid=ea69bc13bddd5118&zdid=1332 HTTP 302
  • https://mwzeom.zeotap.com/mw?google_gid=CAESEHYSwSwIhgJNOnT-JVcnLYo&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=5e635e9c-ddae-423d-4113-094b60993d05&reqId=4adea766-e889-4f69-402f-9bf774a50935&zcluid=ea69bc13bddd5118&zdid=1332
Request Chain 694
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=118381f6-8542-441e-8997-93e63d54d767-6555f875-4348&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Request Chain 695
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=0C12FB58-4C26-466B-B2C8-B7995E65D171&gdpr=0&gdpr_consent= HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=642d2224ec5716e6&is_secure=true&networkId=17100&version=1&nuid=0C12FB58-4C26-466B-B2C8-B7995E65D171&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAIxg0zRQuDdwNEMUo6AAAAAAA&expiration=1700219386&nuid=0C12FB58-4C26-466B-B2C8-B7995E65D171&is_secure=true&gdpr_consent=&gdpr=0 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Request Chain 696
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8640911169531480051&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Request Chain 697
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:5a20b5b8-afad-4f61-9a02-e0ba66d3e4c2&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Request Chain 705
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=452515956

714 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request huang-zi-jiao-xia-biao-zao-qu-xiao-ding-dan-bei-mai-jia-yao-qiu-zhong-ding-yi-kan-jie-qian-zhang-5bei-zhen-de-you-dian-guo-huo.html
www.bg3.co/a/ 		56 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.bg3.co/a/huang-zi-jiao-xia-biao-zao-qu-xiao-ding-dan-bei-mai-jia-yao-qiu-zhong-ding-yi-kan-jie-qian-zhang-5bei-zhen-de-you-dian-guo-huo.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.231.174.251 New York, United States, ASN9744 (XLC-AS-AP XLC GLOBAL, HK),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e0d64417e99288a467e80a25705af879a88834f01e98bd76406d18a135177158

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
max-age=60
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Thu, 16 Nov 2023 11:09:29 GMT
etag
"dfc2-pUFXYYB8YdnBxMo+0sdnr9dIA40"
expires
Thu, 16 Nov 2023 11:10:29 GMT
server
nginx/1.18.0 (Ubuntu)
vary
Accept-Encoding
v0.js
cdn.ampproject.org/ 		278 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/huang-zi-jiao-xia-biao-zao-qu-xiao-ding-dan-bei-mai-jia-yao-qiu-zhong-ding-yi-kan-jie-qian-zhang-5bei-zhen-de-you-dian-guo-huo.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f1.1e100.net
Software
sffe /
Resource Hash
908a935e15d34ec51aa5d98fb7c9f11b814fac80cc7e1bc32aed903df3754558
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Thu, 16 Nov 2023 11:09:30 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
73200
x-xss-protection
0
server
sffe
etag
"b209cac081bc437c"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3000, stale-while-revalidate=1206600
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 16 Nov 2023 11:09:30 GMT
amp-sidebar-0.1.js
cdn.ampproject.org/v0/ 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-sidebar-0.1.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/huang-zi-jiao-xia-biao-zao-qu-xiao-ding-dan-bei-mai-jia-yao-qiu-zhong-ding-yi-kan-jie-qian-zhang-5bei-zhen-de-you-dian-guo-huo.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f1.1e100.net
Software
sffe /
Resource Hash
4d7ee587b1b2fb177db15824d9de078179371e1068c7d71a7c3941dab2806eba
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Thu, 16 Nov 2023 11:09:30 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9651
x-xss-protection
0
server
sffe
etag
"e5d8e2e1a4e85f74"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 16 Nov 2023 11:09:30 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		101 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/huang-zi-jiao-xia-biao-zao-qu-xiao-ding-dan-bei-mai-jia-yao-qiu-zhong-ding-yi-kan-jie-qian-zhang-5bei-zhen-de-you-dian-guo-huo.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
30551997de2481542a5b34e1a2c911d560820b78be586a71066ff2749aec54bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 11:09:30 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31451
x-xss-protection
0
server
cafe
etag
554 / 19677 / m202311090101 / config-hash: 12061389886161084213
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 16 Nov 2023 11:09:30 GMT
js
www.googletagmanager.com/gtag/ 		268 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-JLX4K2W8JS
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/huang-zi-jiao-xia-biao-zao-qu-xiao-ding-dan-bei-mai-jia-yao-qiu-zhong-ding-yi-kan-jie-qian-zhang-5bei-zhen-de-you-dian-guo-huo.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
aec10ac8a752c26226659e6945ce83abf31ab91b223f7ae82d813bac6820c559
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 11:09:30 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
91445
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 16 Nov 2023 11:09:30 GMT
counter.js
www.statcounter.com/counter/ 		40 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.statcounter.com/counter/counter.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/huang-zi-jiao-xia-biao-zao-qu-xiao-ding-dan-bei-mai-jia-yao-qiu-zhong-ding-yi-kan-jie-qian-zhang-5bei-zhen-de-you-dian-guo-huo.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.219.77 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9b6a7ca7428363767b92f9cf0ebc6dc31c5228022e2d2cb5016c0d9493021d1c

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 11:09:30 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 15 Nov 2023 18:30:12 GMT
server
cloudflare
age
23589
etag
W/"65550e34-a1eb"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
cf-ray
826f48379b400e17-MXP
expires
Thu, 16 Nov 2023 16:36:21 GMT
adRecover.js
delivery.adrecover.com/43519/ 		39 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://delivery.adrecover.com/43519/adRecover.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/huang-zi-jiao-xia-biao-zao-qu-xiao-ding-dan-bei-mai-jia-yao-qiu-zhong-ding-yi-kan-jie-qian-zhang-5bei-zhen-de-you-dian-guo-huo.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
915e540ec4846f32a7e0ded607aecbe88840842f30933a946260d0fdcd72c782

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Thu, 16 Nov 2023 12:09:30 GMT
date
Thu, 16 Nov 2023 11:08:30 GMT
content-encoding
br
x-ap-device
DESKTOP
last-modified
Thu, 16 Nov 2023 07:59:26 GMT
server
nginx/1.18.0
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
x-ap-geo
CH
x-client-device
desktop
x-client-geo
CH
adpushup.js
cdn.adpushup.com/42753/ 		750 KB
155 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/42753/adpushup.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/huang-zi-jiao-xia-biao-zao-qu-xiao-ding-dan-bei-mai-jia-yao-qiu-zhong-ding-yi-kan-jie-qian-zhang-5bei-zhen-de-you-dian-guo-huo.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CC5) /
Resource Hash
d23d438ca954c26fbff379654b9f2c749f03f970d70fd7f57d3b5a825a68d8ec

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-client-geo
CH
date
Thu, 16 Nov 2023 11:09:30 GMT
content-encoding
br
age
21393
x-cache
HIT
x-client-device
desktop
content-length
158260
x-ap-device
DESKTOP
last-modified
Wed, 15 Nov 2023 23:57:17 GMT
server
ECAcc (frc/4CC5)
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
x-ap-geo
CH
accept-ranges
bytes
expires
Thu, 16 Nov 2023 12:09:30 GMT
loader.js
cdn.taboola.com/libtrc/palmate-bg3co/ 		683 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/huang-zi-jiao-xia-biao-zao-qu-xiao-ding-dan-bei-mai-jia-yao-qiu-zhong-ding-yi-kan-jie-qian-zhang-5bei-zhen-de-you-dian-guo-huo.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e70cf57c3f90fb7881336a15e6e24bbb547cc47f0c249c3490c563238c786cbd

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
aEJEmpG1X.K4y3doVW1NagxuPFQ9AYQg
content-encoding
gzip
via
1.1 varnish
date
Thu, 16 Nov 2023 11:09:30 GMT
x-amz-request-id
WJH838PMX89ME12C
age
0
x-amz-server-side-encryption
AES256
x-cache
MISS
x-from-cache
1
x-envoy-upstream-service-time
11
x-amz-replication-status
FAILED
content-length
57133
x-amz-id-2
v6D8AzuAxdlfot+USyW23DdSx2WabiwoiHJDQaHpNIqJIy8IPKZlO2SlHpifa72ofMsx3SvEvgM=
x-served-by
cache-fra-eddf8230085-FRA
last-modified
Thu, 16 Nov 2023 11:09:30 UTC
server
nginx
x-timer
S1700132970.113758,VS0,VE45
etag
"ae3ad445d409404ce5e2b9e6a8412009fdebdbe3"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
abp
20
cache-control
private,max-age=14400
accept-ranges
bytes
x-cache-hits
0
sdk
cdn.aralego.net/ucfad/sdk/us-east/
Redirect Chain
  • https://ads.aralego.com/sdk
  • https://cdn.aralego.net/ucfad/sdk/us-east/sdk
39 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/huang-zi-jiao-xia-biao-zao-qu-xiao-ding-dan-bei-mai-jia-yao-qiu-zhong-ding-yi-kan-jie-qian-zhang-5bei-zhen-de-you-dian-guo-huo.html
Protocol
H2
Server
172.67.71.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb7942f135ce5b7b6bcb9becd335aac30ed761972e48d73197a287ae13b7565b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 11:09:31 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
13536
alt-svc
h3=":443"; ma=86400
content-length
40188
last-modified
Mon, 28 Aug 2023 06:02:11 GMT
server
cloudflare
etag
"64ec3863-9cfc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cNlO3JLkG3%2F%2BiizEDl%2B1qB5TEsnSIXAtIPlqBSHWFeI7EZiaqYdWYtLdRIr%2F7VlKd17ki%2B0UY%2FEaow5VEPfeHLe6CBYDQli4D6uh9X8zkYIpzhCf%2B7qUX4QNYAxrPxxBjQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
max-age=14400
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
826f483dbe300e57-MXP

Redirect headers

location
https://cdn.aralego.net/ucfad/sdk/us-east/sdk
connection
close
content-length
0
impl.20231115-12-RELEASE.js
cdn.taboola.com/libtrc/ 		818 KB
170 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/impl.20231115-12-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
db60bd4316f03fa5ff95c6b9ac540005378b4b4909770de9deb5052a677fa201

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
pCyJ5O4SbLD5gEBWOwMFKXnMy2_VNl8u
content-encoding
br
via
1.1 varnish
date
Thu, 16 Nov 2023 11:09:30 GMT
x-amz-request-id
4EM6ZY7HF23V99Q6
age
23926
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
173416
x-amz-id-2
KFe9Un0N9x70+HufPkg0X9ImFxxHgnKpvzROowjpsqcuLMBeVaNSu+E4Tmd7ojD1IFU3X6Og5LQ=
x-served-by
cache-fra-eddf8230085-FRA
last-modified
Wed, 15 Nov 2023 12:21:51 GMT
server
AmazonS3-br
x-timer
S1700132970.292400,VS0,VE0
etag
"6dc53d06db9b19a6f34f516ced53769d"
vary
Accept-Encoding
content-type
application/javascript
abp
32
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
79197
t.php
c.statcounter.com/ 		192 B
566 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.statcounter.com/t.php?sc_project=12918656&u1=818BA6A827164F56B6AB7E584B8ABE9D&java=1&security=dd738f34&sc_snum=1&sess=de22c1&p=0&rcat=d&rdom=d&rdomg=new&bb=1&jg=new&rr=1.1.1.1.1.1.1.1.1&resolution=1600&h=1200&camefrom=&u=https%3A//www.bg3.co/a/huang-zi-jiao-xia-biao-zao-qu-xiao-ding-dan-bei-mai-jia-yao-qiu-zhong-ding-yi-kan-jie-qian-zhang-5bei-zhen-de-you-dian-guo-huo.html&t=%E9%BB%83%E5%AD%90%E4%BD%BC%E4%B8%8B%E6%A8%99%E9%81%AD%E5%8F%96%E6%B6%88%E8%A8%82%E5%96%AE%EF%BC%81%E8%A2%AB%E8%B3%A3%E5%AE%B6%E8%A6%81%E6%B1%82%E9%87%8D%E8%A8%82%E2%80%A6%E4%B8%80%E7%9C%8B%E5%83%B9%E9%8C%A2%E6%BC%B25%E5%80%8D%EF%BC%9A%E7%9C%9F%E7%9A%84%E6%9C%89%E9%BB%9E%E9%81%8E%E7%81%AB%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&invisible=1&sc_rum_e_s=3649&sc_rum_e_e=3653&sc_rum_f_s=0&sc_rum_f_e=3606&get_config=true
Requested by
Host: www.statcounter.com
URL: https://www.statcounter.com/counter/counter.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.219.77 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb2697b60c526a1d4980e0874700e7c2b4f43bb9292770f71bb4bb972506e415

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 11:09:30 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
content-type
application/json
access-control-allow-origin
https://www.bg3.co
p3p
policyref="http://www.statcounter.com/w3c/p3p.xml", CP="ADMa OUR COM NAV NID DSP NOI COR"
access-control-allow-credentials
true
cf-ray
826f48388c6b0e17-MXP
expires
Mon, 26 Jul 1997 05:00:00 GMT
jquery-3.6.0.min.js
code.jquery.com/ 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.6.0.min.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 11:09:30 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
4894870
x-cache
HIT, HIT
content-length
30875
x-served-by
cache-lga21931-LGA, cache-fra-etou8220072-FRA
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
x-timer
S1700132971.823812,VS0,VE0
etag
W/"28feccc0-15d9d"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=604800
accept-ranges
bytes
x-cache-hits
11, 550089
sync
gum.criteo.com/ 		46 B
288 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231115-12-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 11:09:30 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
250872
expires
60
json
trc.taboola.com/palmate-bg3co/trc/3/ 		75 KB
18 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/palmate-bg3co/trc/3/json?tim=12%3A09%3A30.465&lti=deflated&data=%7B%22id%22%3A859%2C%22ii%22%3A%22%2Fa%2Fhuang-zi-jiao-xia-biao-zao-qu-xiao-ding-dan-bei-mai-jia-yao-qiu-zhong-ding-yi-kan-jie-qian-zhang-5bei-zhen-de-you-dian-guo-huo.html%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1700129123224%2C%22vi%22%3A1700132970462%2C%22cv%22%3A%2220231115-12-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2Fhuang-zi-jiao-xia-biao-zao-qu-xiao-ding-dan-bei-mai-jia-yao-qiu-zhong-ding-yi-kan-jie-qian-zhang-5bei-zhen-de-you-dian-guo-huo.html%22%2C%22bv%22%3A%220%22%2C%22wc%22%3Atrue%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bu%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2Fhuang-zi-jiao-xia-biao-zao-qu-xiao-ding-dan-bei-mai-jia-yao-qiu-zhong-ding-yi-kan-jie-qian-zhang-5bei-zhen-de-you-dian-guo-huo.html%22%2C%22vpi%22%3A%22%2Fa%2Fhuang-zi-jiao-xia-biao-zao-qu-xiao-ding-dan-bei-mai-jia-yao-qiu-zhong-ding-yi-kan-jie-qian-zhang-5bei-zhen-de-you-dian-guo-huo.html%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A3320%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A6%2C%22uim%22%3A%22alternating-thumbnails-a%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Article%20Feed%22%2C%22orig_uip%22%3A%22Below%20Article%20Feed%22%2C%22cd%22%3A1824.40625%2C%22mw%22%3A760%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Fa%2Fhuang-zi-jiao-xia-biao-zao-qu-xiao-ding-dan-bei-mai-jia-yao-qiu-zhong-ding-yi-kan-jie-qian-zhang-5bei-zhen-de-you-dian-guo-huo.html%2CBelow%20Article%20Feed%3Dalternating-thumbnails-a%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231115-12-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
17d13b26cae2b73a148a8de81b6222b248beb5c183618c4a323aed8f128d3f07

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
420
date
Thu, 16 Nov 2023 11:09:30 GMT
content-encoding
gzip
via
1.1 varnish
cpu
0.7179166666666666
x-fastly-to-nlb-rtt
68935
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-fra-eddf8230085-FRA
x-log-content-encoding
gzip
server
nginx
x-timer
S1700132971.549999,VS0,VE420
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
https://www.bg3.co
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
bulk-metrics
trc-events.taboola.com/palmate-bg3co/log/3/ 		0
244 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc-events.taboola.com/palmate-bg3co/log/3/bulk-metrics?lti=deflated&bulkSize=1
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231115-12-RELEASE.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://www.bg3.co
pragma
no-cache
date
Thu, 16 Nov 2023 11:09:30 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
7dac779a72d52754de2ceaf13886cd5c.jpg
static.bg3.co/imgs/202309/ 		0
0
e2c42b0dd9ecca15b12e7114b50a193f.jpg
static.bg3.co/imgs/202309/ 		0
0
9ef59ff42edee3c93a3bc5c7611bbdfc.jpg
static.bg3.co/imgs/202111/ 		0
0
31e22c7f8a38776fa9669c5894341ae2.jpg
static.bg3.co/imgs/202012/ 		0
0
c27c99e29db03ae00991044c59702901.jpg
static.bg3.co/imgs/202309/ 		0
0
c88e5669501730c3a9632cbaa24321c2.jpg
static.bg3.co/imgs/202106/ 		0
0
45f721fd326e21dd1011476d4d985a77.jpg
static.bg3.co/imgs/202309/ 		0
0
a7792d04144cf935b1101f732f47192c.jpg
static.bg3.co/imgs/202105/ 		0
0
2943441f9b9b1aad7662508621f04918.jpg
static.bg3.co/imgs/202108/ 		0
0
a56eb05d6e7d08f2c4ae6e6b9b08b136.jpg
static.bg3.co/imgs/202109/ 		0
0
dd00dc76f6c9dc3380ef262495d00bd2.jpg
static.bg3.co/imgs/202105/ 		0
0
f829dd9d407af708f6e1310d1adcc7ea.jpg
static.bg3.co/imgs/202105/ 		0
0
03084efdaee0d5edeb3788cbb20b571b.jpg
static.bg3.co/imgs/202204/ 		0
0
3e5e70f86ad159db4807c6eafa088348.jpg
static.bg3.co/imgs/202309/ 		0
0
1c85b04da5e7ad99b6129c44ffc41137.jpg
static.bg3.co/imgs/202106/ 		0
0
c3f1723ad73cffb0bb2b3a8a5cf963af.jpg
static.bg3.co/imgs/202107/ 		0
0
amp-auto-lightbox-0.1.js
cdn.ampproject.org/rtv/012310301456000/v0/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310301456000/v0/amp-auto-lightbox-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f1.1e100.net
Software
sffe /
Resource Hash
22d9dc8a34bcbffe719050b949b9872f9af036a9bbfd3ca2e99165d604acaf24
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 14 Nov 2023 21:06:44 GMT
age
136967
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2975
x-xss-protection
0
server
sffe
etag
"ebb1be4e47c7faed"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 13 Nov 2024 21:06:44 GMT
amp-loader-0.1.js
cdn.ampproject.org/rtv/012310301456000/v0/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310301456000/v0/amp-loader-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f1.1e100.net
Software
sffe /
Resource Hash
ff65d80be1d7ee6ad9620de618dc1bd3962d81fa505806c02038dd6acc3641b8
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 14 Nov 2023 21:06:44 GMT
age
136967
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3938
x-xss-protection
0
server
sffe
etag
"3c281510b2fc8bce"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 13 Nov 2024 21:06:44 GMT
collect
region1.google-analytics.com/g/ 		0
251 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-JLX4K2W8JS&gtm=45je3b81v9102959953&_p=1700132969829&gcd=11l1l1l1l1&dma=0&cid=1685989450.1700132971&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1700132970&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhuang-zi-jiao-xia-biao-zao-qu-xiao-ding-dan-bei-mai-jia-yao-qiu-zhong-ding-yi-kan-jie-qian-zhang-5bei-zhen-de-you-dian-guo-huo.html&dt=%E9%BB%83%E5%AD%90%E4%BD%BC%E4%B8%8B%E6%A8%99%E9%81%AD%E5%8F%96%E6%B6%88%E8%A8%82%E5%96%AE%EF%BC%81%E8%A2%AB%E8%B3%A3%E5%AE%B6%E8%A6%81%E6%B1%82%E9%87%8D%E8%A8%82%E2%80%A6%E4%B8%80%E7%9C%8B%E5%83%B9%E9%8C%A2%E6%BC%B25%E5%80%8D%EF%BC%9A%E7%9C%9F%E7%9A%84%E6%9C%89%E9%BB%9E%E9%81%8E%E7%81%AB%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=3989
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JLX4K2W8JS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.32.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Nov 2023 11:09:31 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/ 		429 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
b04dfae5d49297b8b6a514bd8bf1c7bea7ebe622232401a5abed5a92809a2b66
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 10:54:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
924
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
137535
x-xss-protection
0
server
cafe
etag
18342593356503948095
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Fri, 15 Nov 2024 10:54:06 GMT
jquery-2.2.2.min.js
code.jquery.com/ 		84 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-2.2.2.min.js
Requested by
Host: delivery.adrecover.com
URL: https://delivery.adrecover.com/43519/adRecover.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
dfa729d82a3effadab1000181cb99108f232721e3b0af74cfae4c12704b35a32

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 11:09:30 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
5330766
x-cache
HIT, HIT
content-length
29880
x-served-by
cache-lga21979-LGA, cache-fra-etou8220072-FRA
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
x-timer
S1700132971.823804,VS0,VE0
etag
W/"28feccc0-14e98"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=604800
accept-ranges
bytes
x-cache-hits
44, 527
ads
securepubads.g.doubleclick.net/gampad/ 		29 KB
13 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2954177320407704&correlator=3740775735817672&eid=31079659%2C31079666%2C31079671%2C31079527&output=ldjh&gdfp_req=1&vrg=202311090101&ptt=17&impl=fif&iu_parts=22574853003%2CADU-BG3-VIDEO&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&sfv=1-0-40&sc=1&cookie_enabled=1&arp=1&abxe=1&dt=1700132970793&lmt=1700132970&adxs=220&adys=498&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhuang-zi-jiao-xia-biao-zao-qu-xiao-ding-dan-bei-mai-jia-yao-qiu-zhong-ding-yi-kan-jie-qian-zhang-5bei-zhen-de-you-dian-guo-huo.html&vis=1&psz=760x225&msz=760x0&fws=4&ohw=1600&ga_vid=1685989450.1700132971&ga_sid=1700132971&ga_hid=611753072&ga_fc=true&dlt=1700132969807&idt=946&adks=2226185566&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
fc80c9d5645e0ef906b6779f9e06c45ede4091c727006669e0cd888eb69410c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 11:09:30 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12902
x-xss-protection
0
google-lineitem-id
6344488284
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138440076868
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
e8dcf410f0bc838e0d9790e74ac3cf4b.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 74FE 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://e8dcf410f0bc838e0d9790e74ac3cf4b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f1.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 16 Nov 2023 11:09:31 GMT
expires
Fri, 15 Nov 2024 11:09:31 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
block.jpg
delivery.adrecover.com/ 		631 B
810 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://delivery.adrecover.com/block.jpg?ts=1700132970907
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/huang-zi-jiao-xia-biao-zao-qu-xiao-ding-dan-bei-mai-jia-yao-qiu-zhong-ding-yi-kan-jie-qian-zhang-5bei-zhen-de-you-dian-guo-huo.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CC2) /
Resource Hash
9284d948e86d2e99f31483b5f4b3a4c3e65e0a6fbca9a8d2db8c6095f82ac3f5

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Fri, 15 Nov 2024 11:09:30 GMT
date
Thu, 16 Nov 2023 11:09:30 GMT
last-modified
Wed, 23 Jun 2021 06:37:54 GMT
server
ECAcc (frc/4CC2)
age
7863246
etag
"60d2d6c2-277"
x-cache
HIT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-client-device
desktop
content-length
631
x-client-geo
CH
view
securepubads.g.doubleclick.net/pcs/ Frame DB92 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuNvs3V5aPKsBlOnWUJadUmUjJ8VerAVXpr-c_3pyOTJlJfC44GW3z3mOWhOOuMHrf_rQweCBM64ze77ifmLNW2NhZ45UOkyjGgo_hilnrSWRPwGswphW6OdwHDgt6DpCGjOS3hpuSjVcKK7yBX8qPgId_FfOTulg3vLagfoY3y6a9QQWBKg5yPmBVSpowfRq9pO1TKPA8f2FBGPyYirN1pXZIjfMnQYm2zQV3faIp-8jalmpdXWyKVwpQU4djwT93oOQusOFDL6u5fQV9OiPeXhbUr1pg6mW3bcaYXq-7p5hA6BQ36yZvrbR1jJ3eIzq4eXw&sai=AMfl-YTGy5AmaD-Jt72NRARATxXWR7CGd1632zW33EGjLrQlJ-IKARp62Ul1YjCj2sEhbkWBvLJGFbfoZaRXKrW7yvHxTdF1OzxZc5aJcomeuoliFFWfA-y1WChMk77rq9aV2spP1K2a7qI_5LhINdHRV-Vq&sig=Cg0ArKJSzAvENLghww7VEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/huang-zi-jiao-xia-biao-zao-qu-xiao-ding-dan-bei-mai-jia-yao-qiu-zhong-ding-yi-kan-jie-qian-zhang-5bei-zhen-de-you-dian-guo-huo.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 11:09:31 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 16 Nov 2023 11:09:31 GMT
invocation.js
ad.vidverto.io/vidverto/js/aries/v1/ 		26 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/huang-zi-jiao-xia-biao-zao-qu-xiao-ding-dan-bei-mai-jia-yao-qiu-zhong-ding-yi-kan-jie-qian-zhang-5bei-zhen-de-you-dian-guo-huo.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.132.133.134 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-132-133-134.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
786c7be1974ccce2bd33de1579abfd3bf4343ea99da16780ffa18c27b4cb6ee2

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 11:09:31 GMT
content-encoding
gzip
last-modified
Thu, 16 Nov 2023 09:10:40 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"6555dc90-66a0"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600, public, max-age=3600
expires
Thu, 16 Nov 2023 12:09:31 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame DB92 		203 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f2.1e100.net
Software
sffe /
Resource Hash
f68b49b743e29d28f46d9321318cd1fbdc017ddd6a4bdcdac1730ffc20b9f60e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 11:09:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65395
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1700052045412510"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 16 Nov 2023 11:09:31 GMT
pb.42753.1698934930219.js
cdn.adpushup.com/prebid/ 		437 KB
127 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4C8E) /
Resource Hash
6356de0eb2efef06a8338e5779a7d4e0f35fb127823cf356c6e3d5495d96b230

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-client-geo
CH
date
Thu, 16 Nov 2023 11:09:31 GMT
content-encoding
br
age
1131437
x-cache
HIT
x-client-device
desktop
content-length
130160
last-modified
Thu, 02 Nov 2023 14:21:48 GMT
server
ECAcc (frc/4C8E)
etag
W/"6543b07c-6d3da"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
expires
Fri, 15 Nov 2024 11:09:31 GMT
quantcast.js
cdn.adpushup.com/pbuseridscripts/ 		450 B
310 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CD4) /
Resource Hash
26914004d3a8d5ddde2202b642d7936eb61c9f195b5cd3c87e44ef8ad4d57c16

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-client-geo
CH
date
Thu, 16 Nov 2023 11:09:31 GMT
content-encoding
br
age
6306790
x-cache
HIT
x-client-device
desktop
content-length
211
last-modified
Mon, 28 Jun 2021 04:15:23 GMT
server
ECAcc (frc/4CD4)
etag
W/"60d94cdb-1c2"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
expires
Fri, 15 Nov 2024 11:09:31 GMT
logs
http-intake.logs.datadoghq.com/api/v2/ 		2 B
253 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://http-intake.logs.datadoghq.com/api/v2/logs?dd-api-key=pub6b45632781dd758b20e9d8357c39efab&ddsource=nodejs&service=adpushup.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.233.156.160 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-233-156-160.compute-1.amazonaws.com
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 16 Nov 2023 11:09:31 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
accept-encoding
identity,gzip,x-gzip,deflate,x-deflate,zstd
content-type
application/json
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
2
linkPreview.js
cdn.adpushup.com/42753/ 		75 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/42753/linkPreview.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/huang-zi-jiao-xia-biao-zao-qu-xiao-ding-dan-bei-mai-jia-yao-qiu-zhong-ding-yi-kan-jie-qian-zhang-5bei-zhen-de-you-dian-guo-huo.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4D07) /
Resource Hash
6b278e48df6b2e2f917803f532a9257fbb46bf576a8dfc07f1f8eb94468b54e8

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-client-geo
CH
date
Thu, 16 Nov 2023 11:09:31 GMT
content-encoding
br
age
5419587
x-cache
HIT
x-client-device
desktop
content-length
18371
last-modified
Tue, 13 Dec 2022 07:20:55 GMT
server
ECAcc (frc/4D07)
etag
W/"639827d7-12dc3"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
expires
Fri, 15 Nov 2024 11:09:31 GMT
testmode
e3.adpushup.com/AdPushupFeedbackWebService/feedback/ 		70 B
318 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/testmode?data=eyJjcmVhdGVkVFMiOjE3MDAxMzI5NzEwNzYsInBhY2tldElkIjoiMDAwMEE3MDEtYzViNTVhYTgtNzM0Ni00YzUzLTgzNDAtZWFiNGEwNTJiYjhiIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL2h1YW5nLXppLWppYW8teGlhLWJpYW8temFvLXF1LXhpYW8tZGluZy1kYW4tYmVpLW1haS1qaWEteWFvLXFpdS16aG9uZy1kaW5nLXlpLWthbi1qaWUtcWlhbi16aGFuZy01YmVpLXpoZW4tZGUteW91LWRpYW4tZ3VvLWh1by5odG1sIiwibW9kZSI6NCwiZXJyb3JDb2RlIjowLCJyZWZlcnJlciI6IiIsInBsYXRmb3JtIjoiREVTS1RPUCIsImlzR2VuaWVlIjpmYWxzZSwic2VjdGlvbnMiOm51bGwsImNvdW50cnkiOiJDSCJ9&c_b=4446.699996948242
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/huang-zi-jiao-xia-biao-zao-qu-xiao-ding-dan-bei-mai-jia-yao-qiu-zhong-ding-yi-kan-jie-qian-zhang-5bei-zhen-de-you-dian-guo-huo.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Nov 2023 11:09:31 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
sync
e3.adpushup.com/AdPushupFeedbackWebService/user/ 		70 B
364 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/user/sync
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/huang-zi-jiao-xia-biao-zao-qu-xiao-ding-dan-bei-mai-jia-yao-qiu-zhong-ding-yi-kan-jie-qian-zhang-5bei-zhen-de-you-dian-guo-huo.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Nov 2023 11:09:31 GMT
server
nginx/1.18.0 (Ubuntu)
ap-cookie-status
cookies ap_uid and ap_usid not set due to GDPR
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
floating-unit.20231115-12-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/floating-unit.20231115-12-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0c3996bd8ed0671b55614c005c16d872f3e18abfeb6a7df5c4054c0bc1f7014d

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
vZWQXGLHb5Ha7bKifVdPohfFtEbYG4Uw
content-encoding
gzip
via
1.1 varnish
date
Thu, 16 Nov 2023 11:09:31 GMT
x-amz-request-id
HY55G1EVEBX83TA2
age
2059
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
2494
x-amz-id-2
IOUgU4tMVdaCXE8Sq00HrOUn0W/eJ9nhu8Z2n7xYS+d3TDoAvlyVhXbS95ik7q8smW79kFdeWYw=
x-served-by
cache-fra-eddf8230085-FRA
last-modified
Thu, 16 Nov 2023 10:35:13 GMT
server
AmazonS3
x-timer
S1700132972.860065,VS0,VE0
etag
"6218db46527c87ab28ccbce82e24834a"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
84
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
470
taboola-vignette-new-scanning.20231115-12-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		27 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/taboola-vignette-new-scanning.20231115-12-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
55e660b30aad3334068c80b8905331158b276816c5e996461cc862343733e09a

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
4rwG9kSu0i0eEAJpTK0roOu1w4fl4.rl
content-encoding
gzip
via
1.1 varnish
date
Thu, 16 Nov 2023 11:09:31 GMT
x-amz-request-id
BJ2KRC8CV3F3A8YD
age
2040
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
8020
x-amz-id-2
OxNwyuQ1H7EVKUSxEJESvZTFD8GCDFao+61QkIQKOQvYZnraQIdz/NRzuQAVmh8OB6bk0SoDNgo=
x-served-by
cache-fra-eddf8230085-FRA
last-modified
Thu, 16 Nov 2023 10:35:32 GMT
server
AmazonS3
x-timer
S1700132972.860081,VS0,VE0
etag
"f093c7913dc199816a808dc2f7de011b"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
48
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
323
distance-from-article.20231115-12-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/distance-from-article.20231115-12-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1cda9e4909bacdb4c016d9687cede6656613b0afe807e9c404fad0c1ea419d2a

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
fHQ2sYlJpKH87E1ObSLT3aip89r4k9kb
content-encoding
gzip
via
1.1 varnish
date
Thu, 16 Nov 2023 11:09:31 GMT
x-amz-request-id
4DYDZY8TAVQBQKVC
age
2069
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1133
x-amz-id-2
brB28maopzptAbHNzSMfRVFwgrs6cSfCBXOqE3JXdSVDy/q0NpVYF1mu4mxX6BG42RgZB9Fwg2M=
x-served-by
cache-fra-eddf8230085-FRA
last-modified
Thu, 16 Nov 2023 10:35:03 GMT
server
AmazonS3
x-timer
S1700132972.877484,VS0,VE0
etag
"2e4237e34e6d0b28273a2b3b84ac609d"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
60
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
4896
article-detection.20231115-12-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/article-detection.20231115-12-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8cd81723c91999c9c329827a042e8a4f4060c0698696be432d02bc9c3a59ec9a

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
2r7iHu.dFi7bQnDhZnsXRGcvtDWmL74r
content-encoding
gzip
via
1.1 varnish
date
Thu, 16 Nov 2023 11:09:31 GMT
x-amz-request-id
3SFFRJ781Y5F3TAF
age
2076
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1292
x-amz-id-2
qxur0hGMvpvfrXzKkFuyxgm5J4sL5VqA9At+YlRwWMwt889oY2msMfrl44ponGc69Jx/KTpr4CI=
x-served-by
cache-fra-eddf8230085-FRA
last-modified
Thu, 16 Nov 2023 10:34:56 GMT
server
AmazonS3
x-timer
S1700132972.877473,VS0,VE0
etag
"0fd55f89de0cc13625351bf849830eff"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
54
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
4923
UnitFeedManagerDesktop.min.js
vidstat.taboola.com/lite-unit/4.5.7/ 		130 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/lite-unit/4.5.7/UnitFeedManagerDesktop.min.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231115-12-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f3a5c0220cd47633052fafc7165b728d2fa3c0afcb4e6c093f60d430a6a9d5cd

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 11:09:31 GMT
via
1.1 f192553c835240a9b5df520fb7ffd876.cloudfront.net (CloudFront), 1.1 varnish
content-encoding
gzip
x-amz-cf-pop
FRA60-P5
age
180985
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront, HIT
content-length
35262
x-served-by
cache-fra-eddf8230133-FRA
last-modified
Tue, 14 Nov 2023 08:52:22 GMT
server
AmazonS3
x-timer
S1700132972.989101,VS0,VE0
etag
"acbf4feb7c49eb33282548b433b4476b"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
Jo5l-Lqg8vP3PvPYFHU-4aF9JButzd_bIlasCp5HILfOA__dzXaDuw==
x-cache-hits
33541
feed-card-placeholder.20231115-12-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/feed-card-placeholder.20231115-12-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3e75db1bd89b64a9d895f582c4371a3d45f7b322e94e989885c713eaf62e9ff5

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
MEPyNLrbQusfnDEvkrSKdx6kLFGyAwjk
content-encoding
gzip
via
1.1 varnish
date
Thu, 16 Nov 2023 11:09:31 GMT
x-amz-request-id
9JB4SCDDPY1WHVTY
age
2064
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1263
x-amz-id-2
RWvvUk/U2HwhPO6lYMt4CUQuecHoN9hhpQXQ08bH3xnfdooFbQsqxWyMiAgJNJE7h6Wlv6PDz6M=
x-served-by
cache-fra-eddf8230085-FRA
last-modified
Thu, 16 Nov 2023 10:35:08 GMT
server
AmazonS3
x-timer
S1700132972.892447,VS0,VE0
etag
"adfab50f6213f059b49fb054b34d3bff"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
69
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
4451
userx.20231115-12-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/userx.20231115-12-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
070860f42ab61a7571754d4ce072a13fb2250e2e731da83e729529c88481628a

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
MtUWJaoQBlOGADTENtNUdA2D7ZdaHdoD
content-encoding
gzip
via
1.1 varnish
date
Thu, 16 Nov 2023 11:09:31 GMT
x-amz-request-id
794JZV645VSQVAHH
age
2036
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
5399
x-amz-id-2
2w+47tnrtH8LV/kVqx9glsfsSYn4iEchckkpRhXBWTBv+B7yaRhHp1Tqwy4/yam6T41BV1AqLy4=
x-served-by
cache-fra-eddf8230085-FRA
last-modified
Thu, 16 Nov 2023 10:35:36 GMT
server
AmazonS3
x-timer
S1700132972.907411,VS0,VE0
etag
"60901c23766bd0299c589e0b5d2d761f"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
18
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
1482
explore-more.20231115-12-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		26 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/explore-more.20231115-12-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8b3bd6344a360847d4c1cd39e1d760861422fd06f852fe063abd34fa74fce99e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
Oxbe_TmKGPa17hiIGZXFTac5CFnm.usk
content-encoding
gzip
via
1.1 varnish
date
Thu, 16 Nov 2023 11:09:31 GMT
x-amz-request-id
2XKRWWQ0VXJV68CW
age
2066
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
7707
x-amz-id-2
QQgW3iSnxK4C236hwqJJq9jWQAcrSw7Rj/x6a4Eh3i1/IvvhSknBfGILXgaUvB8Wqb728ZrIIBI=
x-served-by
cache-fra-eddf8230085-FRA
last-modified
Thu, 16 Nov 2023 10:35:06 GMT
server
AmazonS3
x-timer
S1700132972.963917,VS0,VE0
etag
"162f48ac2eeea8ef8ec82a0205d8df6b"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
13
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
1978
supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&tvi48=9598&tvi50=11075&lti=deflated&ri=b8bfa1a0ca4cd7ad61a4617e2c71c06a&sd=v2_c97f0a54ada90cf74453db3bc0cd7539_dfc8358d-d57b-421b-97fb-c43154cfe7b5-tuctc4f7dea_1700132970_1700132970_CNawjgYQ2YJdGN6_yb69MSABKAEwKziy0A1At4gQSLCc3QNQ____________AVgAYABosa_ptcr9986tAXAA&ui=dfc8358d-d57b-421b-97fb-c43154cfe7b5-tuctc4f7dea&pi=/a/huang-zi-jiao-xia-biao-zao-qu-xiao-ding-dan-bei-mai-jia-yao-qiu-zhong-ding-yi-kan-jie-qian-zhang-5bei-zhen-de-you-dian-guo-huo.html&wi=8332376904320459836&pt=text&vi=1700132970462&d=%7B%22event_type%22%3A%22next_up%22%2C%22event_state%22%3A%22RENDERED%22%2C%22event_value%22%3Anull%2C%22event_msg%22%3Anull%7D&tim=12%3A09%3A31.816&id=7028&llvl=2&cv=20231115-12-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/huang-zi-jiao-xia-biao-zao-qu-xiao-ding-dan-bei-mai-jia-yao-qiu-zhong-ding-yi-kan-jie-qian-zhang-5bei-zhen-de-you-dian-guo-huo.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Thu, 16 Nov 2023 11:09:32 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&tvi48=9598&tvi50=11075&lti=deflated&ri=b8bfa1a0ca4cd7ad61a4617e2c71c06a&sd=v2_c97f0a54ada90cf74453db3bc0cd7539_dfc8358d-d57b-421b-97fb-c43154cfe7b5-tuctc4f7dea_1700132970_1700132970_CNawjgYQ2YJdGN6_yb69MSABKAEwKziy0A1At4gQSLCc3QNQ____________AVgAYABosa_ptcr9986tAXAA&ui=dfc8358d-d57b-421b-97fb-c43154cfe7b5-tuctc4f7dea&pi=/a/huang-zi-jiao-xia-biao-zao-qu-xiao-ding-dan-bei-mai-jia-yao-qiu-zhong-ding-yi-kan-jie-qian-zhang-5bei-zhen-de-you-dian-guo-huo.html&wi=8332376904320459836&pt=text&vi=1700132970462&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22taboola-vignette-before-load%22%2C%22eventTime%22%3A1700132971818%7D&tim=12%3A09%3A31.818&id=5942&llvl=2&cv=20231115-12-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/huang-zi-jiao-xia-biao-zao-qu-xiao-ding-dan-bei-mai-jia-yao-qiu-zhong-ding-yi-kan-jie-qian-zhang-5bei-zhen-de-you-dian-guo-huo.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Thu, 16 Nov 2023 11:09:32 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&tvi48=9598&tvi50=11075&lti=deflated&ri=b8bfa1a0ca4cd7ad61a4617e2c71c06a&sd=v2_c97f0a54ada90cf74453db3bc0cd7539_dfc8358d-d57b-421b-97fb-c43154cfe7b5-tuctc4f7dea_1700132970_1700132970_CNawjgYQ2YJdGN6_yb69MSABKAEwKziy0A1At4gQSLCc3QNQ____________AVgAYABosa_ptcr9986tAXAA&ui=dfc8358d-d57b-421b-97fb-c43154cfe7b5-tuctc4f7dea&pi=/a/huang-zi-jiao-xia-biao-zao-qu-xiao-ding-dan-bei-mai-jia-yao-qiu-zhong-ding-yi-kan-jie-qian-zhang-5bei-zhen-de-you-dian-guo-huo.html&wi=8332376904320459836&pt=text&vi=1700132970462&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22block_clicks_init%22%2C%22type%22%3A%22block-clicks-manager%22%2C%22eventTime%22%3A1700132971830%7D&tim=12%3A09%3A31.830&id=4546&llvl=2&cv=20231115-12-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/huang-zi-jiao-xia-biao-zao-qu-xiao-ding-dan-bei-mai-jia-yao-qiu-zhong-ding-yi-kan-jie-qian-zhang-5bei-zhen-de-you-dian-guo-huo.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Thu, 16 Nov 2023 11:09:32 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&tvi48=9598&tvi50=11075&lti=deflated&ri=b8bfa1a0ca4cd7ad61a4617e2c71c06a&sd=v2_c97f0a54ada90cf74453db3bc0cd7539_dfc8358d-d57b-421b-97fb-c43154cfe7b5-tuctc4f7dea_1700132970_1700132970_CNawjgYQ2YJdGN6_yb69MSABKAEwKziy0A1At4gQSLCc3QNQ____________AVgAYABosa_ptcr9986tAXAA&ui=dfc8358d-d57b-421b-97fb-c43154cfe7b5-tuctc4f7dea&pi=/a/huang-zi-jiao-xia-biao-zao-qu-xiao-ding-dan-bei-mai-jia-yao-qiu-zhong-ding-yi-kan-jie-qian-zhang-5bei-zhen-de-you-dian-guo-huo.html&wi=8332376904320459836&pt=text&vi=1700132970462&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22ADOPTED%22%2C%22event_value%22%3A%22%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=12%3A09%3A31.935&id=9793&llvl=2&cv=20231115-12-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/huang-zi-jiao-xia-biao-zao-qu-xiao-ding-dan-bei-mai-jia-yao-qiu-zhong-ding-yi-kan-jie-qian-zhang-5bei-zhen-de-you-dian-guo-huo.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Thu, 16 Nov 2023 11:09:32 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=12%3A09%3A31.942&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-rec-reel-01-x-delta&llvl=2&id=7642&cv=20231115-12-RELEASE&lt=deflated&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/huang-zi-jiao-xia-biao-zao-qu-xiao-ding-dan-bei-mai-jia-yao-qiu-zhong-ding-yi-kan-jie-qian-zhang-5bei-zhen-de-you-dian-guo-huo.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 11:09:32 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
40694
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
90 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=12%3A09%3A31.944&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-01-x-delta&llvl=2&id=664&cv=20231115-12-RELEASE&lt=deflated&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/huang-zi-jiao-xia-biao-zao-qu-xiao-ding-dan-bei-mai-jia-yao-qiu-zhong-ding-yi-kan-jie-qian-zhang-5bei-zhen-de-you-dian-guo-huo.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 11:09:32 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
40694
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=12%3A09%3A31.952&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-01-b-em-delta&llvl=2&id=7065&cv=20231115-12-RELEASE&lt=deflated&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/huang-zi-jiao-xia-biao-zao-qu-xiao-ding-dan-bei-mai-jia-yao-qiu-zhong-ding-yi-kan-jie-qian-zhang-5bei-zhen-de-you-dian-guo-huo.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 11:09:32 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
40694
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=12%3A09%3A31.954&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-y-em-delta&llvl=2&id=5350&cv=20231115-12-RELEASE&lt=deflated&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/huang-zi-jiao-xia-biao-zao-qu-xiao-ding-dan-bei-mai-jia-yao-qiu-zhong-ding-yi-kan-jie-qian-zhang-5bei-zhen-de-you-dian-guo-huo.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 11:09:32 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
40694
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=12%3A09%3A31.961&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-y-em-delta&llvl=2&id=9595&cv=20231115-12-RELEASE&lt=deflated&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/huang-zi-jiao-xia-biao-zao-qu-xiao-ding-dan-bei-mai-jia-yao-qiu-zhong-ding-yi-kan-jie-qian-zhang-5bei-zhen-de-you-dian-guo-huo.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 11:09:32 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
40694
f89e1763-220d-4e09-ba69-9e040548fb7a.svg
cdn.taboola.com/static/f8/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/static/f8/f89e1763-220d-4e09-ba69-9e040548fb7a.svg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/huang-zi-jiao-xia-biao-zao-qu-xiao-ding-dan-bei-mai-jia-yao-qiu-zhong-ding-yi-kan-jie-qian-zhang-5bei-zhen-de-you-dian-guo-huo.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
cMrDKn.emLmm9kiiOOF64ulDT4DRy6LK
content-encoding
gzip
via
1.1 varnish
date
Thu, 16 Nov 2023 11:09:32 GMT
x-amz-request-id
Y1PG8J215N22T8P1
age
3
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1758
x-amz-id-2
Uw5tFQx0SXBhUtt7LR3tzPg4AwJsLw0b0pfPCtMtj2dH9WxEQG/AKgaWCN1zlzUHI1DQ4s8JfL8=
x-served-by
cache-fra-eddf8230085-FRA
last-modified
Wed, 07 Feb 2018 11:15:52 GMT
server
AmazonS3
x-timer
S1700132972.999896,VS0,VE0
etag
"b8b410e4b18d45aa2f3d9bc09cd335fb"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
abp
33
cache-control
private,max-age=31536000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
4
bulk-metrics
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
243 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/bulk-metrics?tvi48=9598&tvi50=11075&route=AM%3AIL%3AV&lti=deflated&bulkSize=7
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231115-12-RELEASE.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://www.bg3.co
pragma
no-cache
date
Thu, 16 Nov 2023 11:09:32 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
profile%3Aezone-teaser940x528
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_885%2Cw_1180%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//mim.p7s1.io/pis/mw/fdebjq5FgV8h73OMk30hSmQ3ksnTujGLThfZrJTemL4yREOdH4xmFM2deImx6... 		101 KB
102 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_885%2Cw_1180%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//mim.p7s1.io/pis/mw/fdebjq5FgV8h73OMk30hSmQ3ksnTujGLThfZrJTemL4yREOdH4xmFM2deImx6DNMg-N70eTHVG2zsG3jFxHgwMu8dUBQ9IEq7W2LjI75cilIOA/profile%3Aezone-teaser940x528
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/huang-zi-jiao-xia-biao-zao-qu-xiao-ding-dan-bei-mai-jia-yao-qiu-zhong-ding-yi-kan-jie-qian-zhang-5bei-zhen-de-you-dian-guo-huo.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
7454471a762e5b490179ed541bb8e7158c6369661251e54203c2220fedad8af5

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
2
date
Thu, 16 Nov 2023 11:09:32 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_885%2Cw_1180%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//mim.p7s1.io/pis/mw/fdebjq5FgV8h73OMk30hSmQ3ksnTujGLThfZrJTemL4yREOdH4xmFM2deImx6DNMg-N70eTHVG2zsG3jFxHgwMu8dUBQ9IEq7W2LjI75cilIOA/profile%3Aezone-teaser940x528
age
1910542
edge-cache-tag
332148772397168287270586239145648000460,300725542225319019678437132620861179772,29ecf9b93bbf306179626feeda1fab70
cache-tag
332148772397168287270586239145648000460,300725542225319019678437132620861179772,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time
755
req-referer
https://www.aerotelegraph.com/
content-length
103316
x-request-id
6e978b31ecf79a11c5467207f87441c0
x-backend-name
CH_nlb801
x-served-by
cache-iad-kcgs7200029-IAD, cache-iad-kcgs7200029-IAD, cache-lga21966-LGA, cache-iad-kcgs7200061-IAD, cache-fra-eddf8230085-FRA
last-modified
Tue, 24 Oct 2023 13:38:36 GMT
server
nginx
surrogate-reporting
width=705,height=529,bytes=59299,owidth=940,oheight=529,obytes=98579
x-timer
S1700132972.095249,VS0,VE2
etag
"c03933be4f1cb8f12999bfa3428b9ef1"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 2, 0, 4, 1
profile%3Aezone-teaser940x528
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//mim.p7s1.io/pis/mw/fdebjq5FgV8h73OMk30hSmQ3ksnTujGLThfZrJTemL4yREOdH4xmFM2deImx6D... 		52 KB
53 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//mim.p7s1.io/pis/mw/fdebjq5FgV8h73OMk30hSmQ3ksnTujGLThfZrJTemL4yREOdH4xmFM2deImx6DNMg-N70eTHVG2zsG3jFxHgwMu8dUBQ9IEq7W2LjI75cilIOA/profile%3Aezone-teaser940x528
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/huang-zi-jiao-xia-biao-zao-qu-xiao-ding-dan-bei-mai-jia-yao-qiu-zhong-ding-yi-kan-jie-qian-zhang-5bei-zhen-de-you-dian-guo-huo.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
62b67fe02b0cba2ac38d051cf168d3a25bf2d3765e5fb7d2fa792c9b74c3a5ee

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Thu, 16 Nov 2023 11:09:32 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//mim.p7s1.io/pis/mw/fdebjq5FgV8h73OMk30hSmQ3ksnTujGLThfZrJTemL4yREOdH4xmFM2deImx6DNMg-N70eTHVG2zsG3jFxHgwMu8dUBQ9IEq7W2LjI75cilIOA/profile%3Aezone-teaser940x528
age
1672720
edge-cache-tag
332148772397168287270586239145648000460,498584393636076703798430334516519001030,29ecf9b93bbf306179626feeda1fab70
cache-tag
332148772397168287270586239145648000460,498584393636076703798430334516519001030,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
511
req-referer
https://www.tag24.de/justiz/gerichtsprozesse-muenchen/8500-euro-fuer-heli-einsatz-wanderin-muss-selbst-zahlen-und-klagt-2992640
content-length
53184
x-request-id
62ff7cf9966e0b68e6db7ee7607792e5
x-backend-name
LA_nlb204
x-served-by
cache-iad-kjyo7100066-IAD, cache-iad-kcgs7200105-IAD, cache-sna10720-LGB, cache-iad-kcgs7200032-IAD, cache-fra-eddf8230085-FRA
last-modified
Tue, 24 Oct 2023 13:38:36 GMT
server
nginx
surrogate-reporting
width=920,height=460,bytes=67252,owidth=940,oheight=529,obytes=98579
x-timer
S1700132972.115514,VS0,VE1
etag
"21a6d0018bfe7775779604a84e3df3fd"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 2, 1
72b4885f70b55eff9e0ea334d56db5a6.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/72b4885f70b55eff9e0ea334d56db5a6.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/huang-zi-jiao-xia-biao-zao-qu-xiao-ding-dan-bei-mai-jia-yao-qiu-zhong-ding-yi-kan-jie-qian-zhang-5bei-zhen-de-you-dian-guo-huo.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
f3207a651a4545228753e075c04a7de1c31465486fcbefece815b3bb4a07b217

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Thu, 16 Nov 2023 11:09:32 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/72b4885f70b55eff9e0ea334d56db5a6.png
age
2532279
edge-cache-tag
584044035095160462806265021726578545844,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
584044035095160462806265021726578545844,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
105
req-referer
https://www.karlsruhe-insider.de/
content-length
15484
x-request-id
86af05c47b7721e22041dee5f5098c2d
x-backend-name
LA_nlb202
x-served-by
cache-iad-kjyo7100137-IAD, cache-iad-kjyo7100137-IAD, cache-sna10750-LGB, cache-iad-kiad7000031-IAD, cache-fra-eddf8230085-FRA
last-modified
Fri, 08 Sep 2023 06:35:15 GMT
server
nginx
x-timer
S1700132972.133909,VS0,VE1
etag
"1fdebd550ec6c3b9359e80c87f0d78de"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 22, 1, 99, 1
8b0d25bb-ea2a-4b95-a252-8bc366ada36f__X9F5lLLH.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/8b0d25bb-ea2a-4b95-a252-8bc366ada36f__X9F5lLLH.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/huang-zi-jiao-xia-biao-zao-qu-xiao-ding-dan-bei-mai-jia-yao-qiu-zhong-ding-yi-kan-jie-qian-zhang-5bei-zhen-de-you-dian-guo-huo.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
8d26e201c5bf921cce628506e3d6b7d9645e6001d7b94d169d468249a43421f5

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Thu, 16 Nov 2023 11:09:32 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/8b0d25bb-ea2a-4b95-a252-8bc366ada36f__X9F5lLLH.jpg
age
3738508
edge-cache-tag
438378630997508548517438721481607029344,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
cache-tag
438378630997508548517438721481607029344,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
735
req-referer
https://www.t-tapp.com/does-having-a-rotten-tooth-hurt/
content-length
10784
x-request-id
22feb11b254e2d075fcde1ade08db167
x-backend-name
US_nlb104
x-served-by
cache-iad-kiad7000101-IAD, cache-iad-kjyo7100178-IAD, cache-iad-kcgs7200072-IAD, cache-fra-eddf8230085-FRA
last-modified
Thu, 07 Sep 2023 07:10:03 GMT
server
nginx
surrogate-reporting
width=460,height=256,bytes=16026,owidth=2000,oheight=1457,obytes=197392
x-timer
S1700132972.133860,VS0,VE1
etag
"62fd0b04b6800b3d86bda697925731cb"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 1, 1
2369446f435814c2884566242ca9cebe.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		72 KB
73 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2369446f435814c2884566242ca9cebe.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/huang-zi-jiao-xia-biao-zao-qu-xiao-ding-dan-bei-mai-jia-yao-qiu-zhong-ding-yi-kan-jie-qian-zhang-5bei-zhen-de-you-dian-guo-huo.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
a639d642577d83b578d46429d9d66c0b6d4d577ed25b75a2fd8699af9d0ca67b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
2
date
Thu, 16 Nov 2023 11:09:32 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2369446f435814c2884566242ca9cebe.jpg
age
1839311
edge-cache-tag
563848386788618383252994488150488470583,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag
563848386788618383252994488150488470583,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
359
req-referer
https://www.gazzetta.it/
content-length
73928
x-request-id
b0ddf58c5871875bd0c41f4e69b4ed7d
x-backend-name
LA_nlb202
x-served-by
cache-iad-kjyo7100175-IAD, cache-iad-kiad7000156-IAD, cache-lax10642-LGB, cache-iad-kjyo7100114-IAD, cache-fra-eddf8230085-FRA
last-modified
Sun, 06 Aug 2023 16:26:39 GMT
server
nginx
x-timer
S1700132972.209439,VS0,VE2
etag
"d2dd95575000b12e2e96d305c6e2c72e"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 15, 1, 11, 1
nYim6X6SYHYMpRj.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//rgi.bar/platform/console/tools/cropper/images/prod/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//rgi.bar/platform/console/tools/cropper/images/prod/nYim6X6SYHYMpRj.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/huang-zi-jiao-xia-biao-zao-qu-xiao-ding-dan-bei-mai-jia-yao-qiu-zhong-ding-yi-kan-jie-qian-zhang-5bei-zhen-de-you-dian-guo-huo.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
d52df9fabaed1fef20e9bcacbdafdaa0d0f6d07ef28c580fe47c0f14a0053ad3

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Thu, 16 Nov 2023 11:09:32 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//rgi.bar/platform/console/tools/cropper/images/prod/nYim6X6SYHYMpRj.jpg
age
2504370
edge-cache-tag
338166782886888119765135496302646930728,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
338166782886888119765135496302646930728,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache
HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
321
expiration
expiry-date="Thu, 21 Sep 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.lefigaro.fr/
content-length
9756
x-backend-name
US_nlb101
x-served-by
cache-iad-kiad7000054-IAD, cache-iad-kjyo7100076-IAD, cache-iad-kiad7000058-IAD, cache-fra-eddf8230085-FRA
last-modified
Mon, 21 Aug 2023 16:40:54 GMT
server
nginx
surrogate-reporting
width=1000,height=555,owidth=1000,oheight=625,obytes=103339
x-timer
S1700132972.226482,VS0,VE1
etag
"0adc8ec46c2767904c6ee865def1f1ec"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 3757, 1
fdd473ac-765c-434e-8c45-743b68ff6185__VHB1DvZe.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/fdd473ac-765c-434e-8c45-743b68ff6185__VHB1DvZe.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/huang-zi-jiao-xia-biao-zao-qu-xiao-ding-dan-bei-mai-jia-yao-qiu-zhong-ding-yi-kan-jie-qian-zhang-5bei-zhen-de-you-dian-guo-huo.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e95e83b5511380e64e27dc441f07683384d215e8b071ce5060e40749cf2d958a

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Thu, 16 Nov 2023 11:09:32 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/fdd473ac-765c-434e-8c45-743b68ff6185__VHB1DvZe.jpg
age
3831978
edge-cache-tag
563119329788606364261683097547806832532,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
cache-tag
563119329788606364261683097547806832532,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
71
expiration
expiry-date="Fri, 29 Sep 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://eat.de/
content-length
4826
x-backend-name
CH_nlb804
x-served-by
cache-iad-kcgs7200129-IAD, cache-iad-kiad7000098-IAD, cache-iad-kjyo7100154-IAD, cache-fra-eddf8230085-FRA
last-modified
Tue, 29 Aug 2023 22:18:48 GMT
server
nginx
surrogate-reporting
width=460,height=256,owidth=2292,oheight=1199,obytes=119911
x-timer
S1700132972.226472,VS0,VE1
etag
"b9c31f6963ba8d68d0a8202d1a31abb4"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 96, 1
profile%3Aezone-teaser940x528
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//mim.p7s1.io/pis/mw/fdebjq5FgV8h73OMk30hSmQ3ksnTujGLThfZrJTemL4yREOdH4xmFM2deImx6D... 		81 KB
82 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//mim.p7s1.io/pis/mw/fdebjq5FgV8h73OMk30hSmQ3ksnTujGLThfZrJTemL4yREOdH4xmFM2deImx6DNMg-N70eTHVG2zsG3jFxHgwMu8dUBQ9IEq7W2LjI75cilIOA/profile%3Aezone-teaser940x528
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/huang-zi-jiao-xia-biao-zao-qu-xiao-ding-dan-bei-mai-jia-yao-qiu-zhong-ding-yi-kan-jie-qian-zhang-5bei-zhen-de-you-dian-guo-huo.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
398de2685f4d09e875b1de6d1778799533939abb8addedd5a4a378ee028dca6c

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Thu, 16 Nov 2023 11:09:32 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//mim.p7s1.io/pis/mw/fdebjq5FgV8h73OMk30hSmQ3ksnTujGLThfZrJTemL4yREOdH4xmFM2deImx6DNMg-N70eTHVG2zsG3jFxHgwMu8dUBQ9IEq7W2LjI75cilIOA/profile%3Aezone-teaser940x528
age
1914503
edge-cache-tag
332148772397168287270586239145648000460,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
332148772397168287270586239145648000460,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
208
req-referer
https://www.t-online.de/
content-length
83378
x-request-id
c9a4b90b8197cc970fb9758d739b8e6f
x-backend-name
US_nlb101
x-served-by
cache-iad-kiad7000059-IAD, cache-iad-kiad7000147-IAD, cache-iad-kjyo7100164-IAD, cache-fra-eddf8230085-FRA
last-modified
Tue, 24 Oct 2023 13:38:36 GMT
server
nginx
surrogate-reporting
width=940,height=522,bytes=79296,owidth=940,oheight=529,obytes=98579
x-timer
S1700132972.226433,VS0,VE1
etag
"5d86a311ee5b6befcb3c39b3ea8fb0ba"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1, 1
2369446f435814c2884566242ca9cebe.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		80 KB
81 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2369446f435814c2884566242ca9cebe.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/huang-zi-jiao-xia-biao-zao-qu-xiao-ding-dan-bei-mai-jia-yao-qiu-zhong-ding-yi-kan-jie-qian-zhang-5bei-zhen-de-you-dian-guo-huo.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
ff70c81520c4bd3cd8abbf416b2443c06c45034d6145bde572c58b5fb334a919

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
2
date
Thu, 16 Nov 2023 11:09:32 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2369446f435814c2884566242ca9cebe.jpg
age
2655989
edge-cache-tag
563848386788618383252994488150488470583,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
563848386788618383252994488150488470583,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache
HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
351
expiration
expiry-date="Fri, 22 Sep 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.t-online.de/
content-length
81864
x-backend-name
CH_nlb801
x-served-by
cache-iad-kcgs7200129-IAD, cache-iad-kiad7000081-IAD, cache-iad-kiad7000147-IAD, cache-fra-eddf8230085-FRA
last-modified
Tue, 22 Aug 2023 06:58:47 GMT
server
nginx
x-timer
S1700132972.279354,VS0,VE2
etag
"a599b677e80328771b63771ec4703ad5"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 268, 1
72b4885f70b55eff9e0ea334d56db5a6.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		36 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/72b4885f70b55eff9e0ea334d56db5a6.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/huang-zi-jiao-xia-biao-zao-qu-xiao-ding-dan-bei-mai-jia-yao-qiu-zhong-ding-yi-kan-jie-qian-zhang-5bei-zhen-de-you-dian-guo-huo.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
286551a894e8d9f3b27fb3c86d432b0ad3d33695b0056b2300457d13f9ebde76

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Thu, 16 Nov 2023 11:09:32 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/72b4885f70b55eff9e0ea334d56db5a6.png
age
2532279
edge-cache-tag
584044035095160462806265021726578545844,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
584044035095160462806265021726578545844,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
213
req-referer
https://www.kicker.de/
content-length
36706
x-request-id
86af05c47b7721e22041dee5f5098c2d
x-backend-name
LA_nlb203
x-served-by
cache-iad-kjyo7100137-IAD, cache-iad-kjyo7100137-IAD, cache-lax10623-LGB, cache-iad-kiad7000062-IAD, cache-fra-eddf8230085-FRA
last-modified
Fri, 08 Sep 2023 06:35:15 GMT
server
nginx
x-timer
S1700132972.311415,VS0,VE1
etag
"1fdebd550ec6c3b9359e80c87f0d78de"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 22, 1, 16, 1
8b0d25bb-ea2a-4b95-a252-8bc366ada36f__X9F5lLLH.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/ 		33 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/8b0d25bb-ea2a-4b95-a252-8bc366ada36f__X9F5lLLH.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/huang-zi-jiao-xia-biao-zao-qu-xiao-ding-dan-bei-mai-jia-yao-qiu-zhong-ding-yi-kan-jie-qian-zhang-5bei-zhen-de-you-dian-guo-huo.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
7ac3517a3dc7faa2258f56236360201bb0f23aa702ff53300bcb4efc8e4407af

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Thu, 16 Nov 2023 11:09:32 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/8b0d25bb-ea2a-4b95-a252-8bc366ada36f__X9F5lLLH.jpg
age
1760477
edge-cache-tag
438378630997508548517438721481607029344,475000658346574341699039966618312097677,29ecf9b93bbf306179626feeda1fab70
cache-tag
438378630997508548517438721481607029344,475000658346574341699039966618312097677,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
749
req-referer
https://www.t-online.de/
content-length
33638
x-request-id
956b8b2f454acd0d5157a8ef2fb1201e
x-backend-name
LA_nlb202
x-served-by
cache-iad-kiad7000118-IAD, cache-iad-kjyo7100035-IAD, cache-sna10725-LGB, cache-iad-kjyo7100023-IAD, cache-fra-eddf8230085-FRA
last-modified
Thu, 07 Sep 2023 07:10:03 GMT
server
nginx
surrogate-reporting
width=940,height=523,bytes=48351,owidth=2000,oheight=1457,obytes=197392
x-timer
S1700132972.323247,VS0,VE1
etag
"3bb4cf0d908a96cab5dd4873ba3cea84"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 1, 1
feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE3MDAxMzI5NzIxMjYsInBhY2tldElkIjoiMDAwMEE3MDEtYzViNTVhYTgtNzM0Ni00YzUzLTgzNDAtZWFiNGEwNTJiYjhiIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL2h1YW5nLXppLWppYW8teGlhLWJpYW8temFvLXF1LXhpYW8tZGluZy1kYW4tYmVpLW1haS1qaWEteWFvLXFpdS16aG9uZy1kaW5nLXlpLWthbi1qaWUtcWlhbi16aGFuZy01YmVpLXpoZW4tZGUteW91LWRpYW4tZ3VvLWh1by5odG1sIiwibW9kZSI6MSwiZXJyb3JDb2RlIjoxLCJyZWZlcnJlciI6IiIsInBsYXRmb3JtIjoiREVTS1RPUCIsImlzR2VuaWVlIjpmYWxzZSwic2VjdGlvbnMiOlt7InNlY3Rpb25JZCI6Ijc3YTljMjJmLWFjMDItNDVkZC05NmJjLWIwODk2YThhN2Q1YSIsInNlY3Rpb25OYW1lIjoiQVBfTF9EX0FSVElDTEVfNzI4WDI1MF83N2E5YyIsInN0YXR1cyI6MSwibmV0d29yayI6ImFkcFRhZ3MiLCJuZXR3b3JrQWRVbml0SWQiOiJBRFBfNDI3NTNfNzI4WDI1MF83N2E5YzIyZi1hYzAyLTQ1ZGQtOTZiYy1iMDg5NmE4YTdkNWEiLCJzZXJ2aWNlcyI6WzEsM10sImFkVW5pdFR5cGUiOjF9XSwicGFnZUdyb3VwIjoiQVJUSUNMRSIsInBhZ2VWYXJpYXRpb25JZCI6Ijk2NzUwMTI1LWI5MGMtNDk3YS04Njk5LTczMTcxZjdiNDkzNSIsInBhZ2VWYXJpYXRpb25OYW1lIjoiQWRQdXNodXAiLCJwYWdlVmFyaWF0aW9uVHlwZSI6MSwiY291bnRyeSI6IkNIIn0%3D&c_b=5500.300003051758
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/huang-zi-jiao-xia-biao-zao-qu-xiao-ding-dan-bei-mai-jia-yao-qiu-zhong-ding-yi-kan-jie-qian-zhang-5bei-zhen-de-you-dian-guo-huo.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Nov 2023 11:09:32 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE3MDAxMzI5NzIxNDEsInBhY2tldElkIjoiMDAwMEE3MDEtYzViNTVhYTgtNzM0Ni00YzUzLTgzNDAtZWFiNGEwNTJiYjhiIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL2h1YW5nLXppLWppYW8teGlhLWJpYW8temFvLXF1LXhpYW8tZGluZy1kYW4tYmVpLW1haS1qaWEteWFvLXFpdS16aG9uZy1kaW5nLXlpLWthbi1qaWUtcWlhbi16aGFuZy01YmVpLXpoZW4tZGUteW91LWRpYW4tZ3VvLWh1by5odG1sIiwibW9kZSI6MSwiZXJyb3JDb2RlIjoxLCJyZWZlcnJlciI6IiIsInBsYXRmb3JtIjoiREVTS1RPUCIsImlzR2VuaWVlIjpmYWxzZSwic2VjdGlvbnMiOlt7InNlY3Rpb25JZCI6ImQxYzEwYTcyLTI3YjQtNDkzMS04Y2U3LTk5YTE4ZWJiZGJhZSIsInNlY3Rpb25OYW1lIjoiQVBfSV9EX0FSVElDTEVfNzI4WDkwX2QxYzEwIiwic3RhdHVzIjoxLCJuZXR3b3JrIjoiYWRwVGFncyIsIm5ldHdvcmtBZFVuaXRJZCI6IlNUSUNLWV9BRFBfNDI3NTNfNzI4WDkwX2QxYzEwYTcyLTI3YjQtNDkzMS04Y2U3LTk5YTE4ZWJiZGJhZSIsInNlcnZpY2VzIjpbNSwzXSwiYWRVbml0VHlwZSI6M31dLCJwYWdlR3JvdXAiOiJBUlRJQ0xFIiwicGFnZVZhcmlhdGlvbklkIjoiOTY3NTAxMjUtYjkwYy00OTdhLTg2OTktNzMxNzFmN2I0OTM1IiwicGFnZVZhcmlhdGlvbk5hbWUiOiJBZFB1c2h1cCIsInBhZ2VWYXJpYXRpb25UeXBlIjoxLCJjb3VudHJ5IjoiQ0gifQ%3D%3D&c_b=5515.400001525879
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/huang-zi-jiao-xia-biao-zao-qu-xiao-ding-dan-bei-mai-jia-yao-qiu-zhong-ding-yi-kan-jie-qian-zhang-5bei-zhen-de-you-dian-guo-huo.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Nov 2023 11:09:32 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE3MDAxMzI5NzIxNTIsInBhY2tldElkIjoiMDAwMEE3MDEtYzViNTVhYTgtNzM0Ni00YzUzLTgzNDAtZWFiNGEwNTJiYjhiIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL2h1YW5nLXppLWppYW8teGlhLWJpYW8temFvLXF1LXhpYW8tZGluZy1kYW4tYmVpLW1haS1qaWEteWFvLXFpdS16aG9uZy1kaW5nLXlpLWthbi1qaWUtcWlhbi16aGFuZy01YmVpLXpoZW4tZGUteW91LWRpYW4tZ3VvLWh1by5odG1sIiwibW9kZSI6MSwiZXJyb3JDb2RlIjoxLCJyZWZlcnJlciI6IiIsInBsYXRmb3JtIjoiREVTS1RPUCIsImlzR2VuaWVlIjpmYWxzZSwic2VjdGlvbnMiOlt7InNlY3Rpb25JZCI6Ijg2MWUwZjVlLTE0ZjAtNGZlMC1iMWY2LTM1YTI4ZjMzZDIyOCIsInNlY3Rpb25OYW1lIjoiQVBfSV9EXzMzNlgyODBfODYxZTAiLCJzdGF0dXMiOjEsIm5ldHdvcmsiOiJhZHBUYWdzIiwibmV0d29ya0FkVW5pdElkIjoiQURQXzQyNzUzXzMzNlgyODBfODYxZTBmNWUtMTRmMC00ZmUwLWIxZjYtMzVhMjhmMzNkMjI4Iiwic2VydmljZXMiOls1XSwiYWRVbml0VHlwZSI6OH1dLCJwYWdlR3JvdXAiOiJBUlRJQ0xFIiwicGFnZVZhcmlhdGlvbklkIjoiOTY3NTAxMjUtYjkwYy00OTdhLTg2OTktNzMxNzFmN2I0OTM1IiwicGFnZVZhcmlhdGlvbk5hbWUiOiJBZFB1c2h1cCIsInBhZ2VWYXJpYXRpb25UeXBlIjoxLCJjb3VudHJ5IjoiQ0gifQ%3D%3D&c_b=5522
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/huang-zi-jiao-xia-biao-zao-qu-xiao-ding-dan-bei-mai-jia-yao-qiu-zhong-ding-yi-kan-jie-qian-zhang-5bei-zhen-de-you-dian-guo-huo.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Nov 2023 11:09:32 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
ads
securepubads.g.doubleclick.net/gampad/ 		159 KB
54 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2954177320407704&correlator=551341571854198&eid=31079659%2C31079666%2C31079671%2C31079527&output=ldjh&gdfp_req=1&vrg=202311090101&ptt=17&impl=fif&iu_parts=103512698%3A22574853003%2C22967173653&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=2&sfv=1-0-40&ists=1&fas=8&eri=1&sc=1&cookie=ID%3Db41398bdaa9909b2%3AT%3D1700132970%3ART%3D1700132970%3AS%3DALNI_MY9TDWl_IAj-r6iD6RW7pCAt1wm8w&gpic=UID%3D00000cc9e0085334%3AT%3D1700132970%3ART%3D1700132970%3AS%3DALNI_MaGHGq4gTOIhiQ9EJVN50HJyw1Ixg&arp=1&abxe=1&dt=1700132972169&lmt=1700132972&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhuang-zi-jiao-xia-biao-zao-qu-xiao-ding-dan-bei-mai-jia-yao-qiu-zhong-ding-yi-kan-jie-qian-zhang-5bei-zhen-de-you-dian-guo-huo.html&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1685989450.1700132971&ga_sid=1700132971&ga_hid=611753072&ga_fc=true&dlt=1700132969807&idt=946&prev_scp=stopUnfilledRefresh3%3Dd_g0_u0%26adpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D0%26fluid%3D0%26vacant_variation%3Dexperiment_bp_0%26vacant_RCA%3DE_0%26refreshcount%3D0%26refreshrate%3D30%26control_reporting%3Dchrome_DESKTOP_3_0_pv%26cluster_reporting%3Dchrome_DESKTOP_3_1_active_0_pv%26ap_refresh_type%3DAV_8%26fcEnabled%3D0&cust_params=da%3Dadx%26outbrain%3Dtrue%26ap_product%3Dadpushup%26pubmatic_eb_disable%3Dfalse%26ap_fp_engine_ran%3D0%26fp_engine_ran%3D0_2%26ap_fp_engine_type%3Dnone%26ap_fp_engine_temp%3Dnone_2%26faid%3Dfalse%26adro%3Dv8_e&adks=3412779558&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
b1b0a19f09c2c743c8eeb54a2d035612247696c5252a09204dec84b6f2535861
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 11:09:32 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
55394
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl_page_level_ads.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/ 		39 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl_page_level_ads.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
e329117bbdc12ee0649ed6654138a9ba8e600eaddf9138752631a50d236d135a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 14:12:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
75427
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13750
x-xss-protection
0
server
cafe
etag
15254217830347453119
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Thu, 14 Nov 2024 14:12:25 GMT
truncated
/ Frame DB92 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ee10001dcbae3bc77f254477f183d1c582e1e4b4bb4ba669f1fe329d86a329d2

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame DB92 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuRMFc2RbOBUeVzC6_pyuRnMbPJaIIH4kO2AKHbZxU8r3Aj2P4JhyIM2VrImu4NPFncrFSUnkdHtbTdmfUoj1wF7qaR84M5OtwNcIiwE47lm3iIKPnm9OJUiZx2qb5Af16LeU0SKUyLB4rdkN5lmunYCTqRxdnbf1YooLQwx6G9zvAAVGv87g3ot0QVij0oD6aIWP7zi59S8d_6MH2nXev0tKGeLN5RxEwWufP42DdXC7D67BdxXOD6VEKk-sjydnO5UxkZhwRDHQHXb2ZNxMGFWqjWsQAJmrONJDbEM-G1hp1ZKIzPzLfmkUaxByZ4cY8MfrHd&sai=AMfl-YRiUqbM0zS-G8FZA64souPKdJrDfAJr3lUca2uA8rGIT36eUxkt5J2c2ycj1tyYzO7pm7E8nQMAMYZJTF0C2cXzEskdvZaVuwnAiAE6c-q2bil5q0d1S1oEbb0-XSUMvmiaVfoy-g7fdjKxaXrLIvvL&sig=Cg0ArKJSzJudEzfj7K7kEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 11:09:32 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 16 Nov 2023 11:09:32 GMT
impress
ad.vidverto.io/delivery/ 		57 KB
20 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/delivery/impress?ctype=div&width=720&height=405&tld=www.bg3.co&pzoneid=9799&in_iframe=&position=atf&screen_width=1600&screen_height=1200&top_domain=www.bg3.co&top_url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhuang-zi-jiao-xia-biao-zao-qu-xiao-ding-dan-bei-mai-jia-yao-qiu-zhong-ding-yi-kan-jie-qian-zhang-5bei-zhen-de-you-dian-guo-huo.html&domain=www.bg3.co&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhuang-zi-jiao-xia-biao-zao-qu-xiao-ding-dan-bei-mai-jia-yao-qiu-zhong-ding-yi-kan-jie-qian-zhang-5bei-zhen-de-you-dian-guo-huo.html&referrer=&async=1&uid=5521046866&gdpr=0&gdpr_consent=
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.132.133.134 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-132-133-134.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
af7dad7da0187a329e1a4f0e68c6262ffbec1f3269121adc006ec3205fbefa4c

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://www.bg3.co
date
Thu, 16 Nov 2023 11:09:32 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
application/json; charset=utf-8
ucfad-formats.css
cdn.aralego.net/css/dev/ 		975 B
637 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.71.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 11:09:32 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1613
cf-polished
origSize=1191
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 16 Mar 2018 07:19:46 GMT
server
cloudflare
etag
W/"5aab7012-4a7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bE1ZA3U8WNTEDvJi2VvcWKfC%2BpyIryaTouJoMpNFSzZr9snry9Dwi2L9soHsxCOpXDeaHHErbor%2FBCf8H2bETxsK5LsEfnx1LHayv6QqA9MXCat0FpCvlkvtIvXLehBltA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
access-control-allow-credentials
true
cf-ray
826f48452fe70e57-MXP
idRequest
sync.aralego.com/ 		46 B
488 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.96.203.13 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
a77c26c4f8ea30390eca297f72d5fbd7853e3b2464c7a5fc8d461af330bd15ae

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 16 Nov 2023 11:09:32 GMT
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://www.bg3.co
Access-Control-Allow-Credentials
true
Connection
close
Content-Length
46
testmode
e3.adpushup.com/AdPushupFeedbackWebService/feedback/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/testmode?data=eyJjcmVhdGVkVFMiOjE3MDAxMzI5NzIxMjYsInBhY2tldElkIjoiMDAwMEE3MDEtYzViNTVhYTgtNzM0Ni00YzUzLTgzNDAtZWFiNGEwNTJiYjhiIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL2h1YW5nLXppLWppYW8teGlhLWJpYW8temFvLXF1LXhpYW8tZGluZy1kYW4tYmVpLW1haS1qaWEteWFvLXFpdS16aG9uZy1kaW5nLXlpLWthbi1qaWUtcWlhbi16aGFuZy01YmVpLXpoZW4tZGUteW91LWRpYW4tZ3VvLWh1by5odG1sIiwibW9kZSI6NSwiZXJyb3JDb2RlIjoxLCJyZWZlcnJlciI6IiIsInBsYXRmb3JtIjoiREVTS1RPUCIsImlzR2VuaWVlIjpmYWxzZSwic2VjdGlvbnMiOm51bGwsInBhZ2VHcm91cCI6IkFSVElDTEUiLCJwYWdlVmFyaWF0aW9uSWQiOiI5Njc1MDEyNS1iOTBjLTQ5N2EtODY5OS03MzE3MWY3YjQ5MzUiLCJwYWdlVmFyaWF0aW9uTmFtZSI6IkFkUHVzaHVwIiwicGFnZVZhcmlhdGlvblR5cGUiOjEsImNvdW50cnkiOiJDSCJ9&c_b=5713.699996948242
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/huang-zi-jiao-xia-biao-zao-qu-xiao-ding-dan-bei-mai-jia-yao-qiu-zhong-ding-yi-kan-jie-qian-zhang-5bei-zhen-de-you-dian-guo-huo.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Nov 2023 11:09:32 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
ad_request
ads.aralego.com/ 		564 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=0&bl=en-US&je=1&dnt=0&host=www.bg3.co&u=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhuang-zi-jiao-xia-biao-zao-qu-xiao-ding-dan-bei-mai-jia-yao-qiu-zhong-ding-yi-kan-jie-qian-zhang-5bei-zhen-de-you-dian-guo-huo.html&adid=ad-34BA6B783D78883D133AD3AD3D6293B9&w=&h=280&ver=UCX_WEB-20200113&pos=1&seq=0&cb=0.3428574322299449&gdpr=%24%7BGDPR%7D&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&format=300%2C250%3B336%2C280%3B&lang=en-US%2Cen&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&uaMobile=%3F0
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.210.196.208 Lanham, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
7eddc7e40f583d7244a3f2235d6be162336c446b943ebcf7a4f4a0d02fa18030

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 11:09:32 GMT
x-width
336
x-height
280
x-adstyle
banner
access-control-allow-methods
GET,POST,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.bg3.co
access-control-expose-headers
X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
vary
Accept-Encoding
access-control-allow-credentials
true
x-adsource
PSA
x-adtype
html
connection
close
content-length
564
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20231116
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.88.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a18ffbf77cf4d3bc8539b189e1aea2530e9a698a37b4de6089e6d6224c2ca830
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 16 Nov 2023 11:09:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
25719
x-jsd-version
1.0.1875
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230081-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"63f-L0Ljb9SbZP21vRYLf3HdNCXma8E"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d%2FlJxUpy%2By9ZG8v7XUjDKdUQ2TBlvqpLlRVhkUGY0yISixo%2BPwgHIy28Ntt1wME%2FhUB517knnczwiwzjACIWyqeP%2B%2B7FGTPZvd1eF%2FVAD%2FYOMA7Q2D%2FGbSgTJHra06fADls%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
826f48491e7822bd-CDG
c
prebid.a-mo.net/a/ 		0
0
/
prebid.smilewanted.com/ 		0
306 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 16 Nov 2023 11:09:32 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
826f48480db80e1a-MXP
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
pbjs
htlb.casalemedia.com/openrtb/ 		35 B
545 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=693656
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3fbbb39f2306e785c1345acd03e022f07da5db2758c7600b67e7c6795262c4bd

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 16 Nov 2023 11:09:32 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wuZyXeeJG4T0uGQ%2BukXcHuwTh59ASLxpfP0bwQH4vkHwe5lCcDz1CcZ4bDNOgjyuFH8F3g%2FBP9RHU1VWLIL1nZqVNNxMmaLQZz262yo%2FCo4p8VcAWbBUYju%2F5SCsh0C%2FuCKW6NWH"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
826f48483a460229-ZRH
alt-svc
h3=":443"; ma=86400
content-length
35
expires
0
pbjs
htlb.casalemedia.com/openrtb/ 		35 B
333 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=693656
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3fbbb39f2306e785c1345acd03e022f07da5db2758c7600b67e7c6795262c4bd

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 16 Nov 2023 11:09:33 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jd%2B%2B48O6bn1dF9%2Bhsboq6aaFuklWAybkbtZL8aqCSd5DCzU2j1u3pLXheNYtopi9BW%2FVRtZs07f3aCvXWbd16b8QTBBAI0F6RmgkobXIZGsa5g%2B%2FFlixd5tiCnxYVFJgGaxRHqud"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
826f48483a400229-ZRH
alt-svc
h3=":443"; ma=86400
content-length
35
expires
0
auction
prebid-server.rubiconproject.com/openrtb2/ 		184 B
467 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.173.144.137 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
fce0729cefb1d3a0113502c42e8bf3625974f73a3fb61912a668f99fa4f1fbeb

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
content-encoding
gzip
x-prebid
pbs-java/2.3.0
Content-Type
application/json
access-control-allow-origin
https://www.bg3.co
Cache-Control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
174
Expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		464 B
968 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20616&site_id=395958&zone_id=2209398&size_id=15&alt_size_ids=2%2C1%2C13%2C14%2C19%2C43%2C44%2C117&rp_schain=1.0,1!adpushup.com,062d9a21f747ddee7c25d4297776e0aa,1,,,&eid_pubcid.org=2c4219bf-0a64-43c4-813b-e4dc5de0ea0c%5E1&rf=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhuang-zi-jiao-xia-biao-zao-qu-xiao-ding-dan-bei-mai-jia-yao-qiu-zhong-ding-yi-kan-jie-qian-zhang-5bei-zhen-de-you-dian-guo-huo.html&kw=%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E%EF%BC%8C%E9%BB%83%E5%AD%90%E4%BD%BC%E4%B8%8B%E6%A8%99%E9%81%AD%E5%8F%96%E6%B6%88%E8%A8%82%E5%96%AE%EF%BC%81%E8%A2%AB%E8%B3%A3%E5%AE%B6%E8%A6%81%E6%B1%82%E9%87%8D%E8%A8%82%E2%80%A6%E4%B8%80%E7%9C%8B%E5%83%B9%E9%8C%A2%E6%BC%B25%E5%80%8D%EF%BC%9A%E7%9C%9F%E7%9A%84%E6%9C%89%E9%BB%9E%E9%81%8E%E7%81%AB&tg_i.domain=bg3.co&tg_i.page=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhuang-zi-jiao-xia-biao-zao-qu-xiao-ding-dan-bei-mai-jia-yao-qiu-zhong-ding-yi-kan-jie-qian-zhang-5bei-zhen-de-you-dian-guo-huo.html&tk_flint=pbjs_lite_v7.48.0&x_source.tid=a47ef0db-25e0-4f94-81af-19922be34ec7&l_pb_bid_id=14ad396e350271e&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=a47ef0db-25e0-4f94-81af-19922be34ec7&rp_maxbids=1&slots=1&rand=0.2833554833447256
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.19.162.51 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
d037de0cc751ff094727a51e633c4b6be6021fa02ff4cf48d677158cbfcb05db

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 16 Nov 2023 11:09:33 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
464
expires
Wed, 17 Sep 1975 21:32:10 GMT
auction
tlx.3lift.com/header/ 		19 B
636 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=7.48.0&referrer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhuang-zi-jiao-xia-biao-zao-qu-xiao-ding-dan-bei-mai-jia-yao-qiu-zhong-ding-yi-kan-jie-qian-zhang-5bei-zhen-de-you-dian-guo-huo.html&tmax=2500
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.185.207.108 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-185-207-108.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 16 Nov 2023 11:09:32 GMT
accept-ch
sec-ch-width,user-agent,sec-ch-dpr,sec-ch-ua-platform,sec-ch-prefers-color-scheme,sec-ch-ua-full-version-list,sec-ch-downlink,sec-ch-viewport-width,sec-ch-ua-mobile,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua-full-version,sec-ch-ua,sec-ch-ua-bitness,sec-ch-device-memory,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ect,sec-ch-save-data,sec-ch-viewport-height
x-auction-status
29, 29, 29, 29, 29, 29, 29
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
cdb
bidder.criteo.com/ 		0
189 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=35&wv=7.48.0&cb=70499046313&lsavail=0
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.bg3.co
date
Thu, 16 Nov 2023 11:09:32 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
prebid
prebid.media.net/rtb/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUPEPKI9
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
153.63.120.34.bc.googleusercontent.com
Software
envoy /
Resource Hash
d86e2b7519aa62cce700c8766e13cef1088fe8a4159abcb83cadee86699e94b3

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 16 Nov 2023 11:09:33 GMT
via
1.1 google
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
server
envoy
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
111
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 16 Nov 2023 11:09:33 GMT
prebid
ib.adnxs.com/ut/v3/ 		138 B
700 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.12 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
70faa8a3106b32300aeade7a3f39e87e92b777b0bc31fa7c8514c730b2edfc26
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 16 Nov 2023 11:09:32 GMT
an-x-request-uuid
cf3d20cc-0166-4453-833e-a2a6c876626f
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
178.197.248.23; 178.197.248.23; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
138
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
hb-api.omnitagjs.com/hb-api/prebid/ 		3 B
519 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhuang-zi-jiao-xia-biao-zao-qu-xiao-ding-dan-bei-mai-jia-yao-qiu-zhong-ding-yi-kan-jie-qian-zhang-5bei-zhen-de-you-dian-guo-huo.html&PageUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhuang-zi-jiao-xia-biao-zao-qu-xiao-ding-dan-bei-mai-jia-yao-qiu-zhong-ding-yi-kan-jie-qian-zhang-5bei-zhen-de-you-dian-guo-huo.html&PageReferrer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhuang-zi-jiao-xia-biao-zao-qu-xiao-ding-dan-bei-mai-jia-yao-qiu-zhong-ding-yi-kan-jie-qian-zhang-5bei-zhen-de-you-dian-guo-huo.html&CanonicalUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhuang-zi-jiao-xia-biao-zao-qu-xiao-ding-dan-bei-mai-jia-yao-qiu-zhong-ding-yi-kan-jie-qian-zhang-5bei-zhen-de-you-dian-guo-huo.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.19.228.53 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-228-53.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
37517e5f3dc66819f61f5a7bb8ace1921282415f10551d2defa5c3eb0985b570
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 16 Nov 2023 11:09:32 GMT
via
kong/2.8.4
x-content-type-options
nosniff
x-kong-proxy-latency
28
p3p
CP="CAO PSA OUR"
x-kong-upstream-latency
11
content-length
3
pragma
no-cache
access-control-max-age
3600
access-control-allow-methods
OPTIONS, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Accept-Encoding
access-control-allow-headers
Accept-Encoding, Content-Type
expires
0
prebid-request
onetag-sys.com/ 		6 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
bfcff0afb703192ec86eb0a3f6f7dd786381997a5af6a9731dd97df6137dcd79
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
https://www.bg3.co
content-type
application/json
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
4104
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
prebidjs
rtb.openx.net/openrtbb/ 		53 B
346 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
/
Resource Hash
2c2f6f9490d297b317a366603ad1b268ae13555606f18dafc68c2569d91e1d04

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 16 Nov 2023 11:09:32 GMT
content-encoding
gzip
via
1.1 google
vary
Origin
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77
prebidjs
rtb.openx.net/openrtbb/ 		53 B
229 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
/
Resource Hash
2c2f6f9490d297b317a366603ad1b268ae13555606f18dafc68c2569d91e1d04

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 16 Nov 2023 11:09:32 GMT
content-encoding
gzip
via
1.1 google
vary
Origin
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77
adreq
ads.servenobid.com/ 		592 B
664 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/adreq?cb=9534
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.212.105.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-212-105-38.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
63f830b2a5a39216e6e907ba7974b352d6b40a65368a5748fbaef20b0607e555

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 16 Nov 2023 11:09:32 GMT
content-encoding
gzip
amp-access-control-allow-source-origin
*
vary
accept-encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
hbjson
grid.bidswitch.net/ 		24 B
361 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://grid.bidswitch.net/hbjson
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.197.219.206 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-219-206.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
046c7a4ef42da70b08467c2d37701973f500b8a7e97732be65b3b6e27ddc82d5

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 16 Nov 2023 11:09:33 GMT
Content-Encoding
gzip
Server
nginx
Content-Type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
49
bid-request
a.teads.tv/hb/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.21.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-21-51.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
11c76e582218e442391f05ce7c78c80755be2100325ddb1dec2dc05ac06880b2

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 16 Nov 2023 11:09:33 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
476
expires
Thu, 16 Nov 2023 11:09:33 GMT
quant.js
secure.quantserve.com/ 		21 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.228.74.244 , United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
77daa4388c965a3e23b5a6c800727d8025ab108f89cf5679e79136986d5b4561

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 11:09:33 GMT
content-encoding
gzip
etag
"e23JaXq4HVtlOmThpFhluQ=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Thu, 23 Nov 2023 11:09:33 GMT
/
onetag-sys.com/usync/ Frame 97CC 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
6f22e70f0121384d134fffed21418a6b55115ccfaa3bccf556187e3a8568248c
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
1436
content-type
text/html
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security
max-age=15552000
ima3.js
imasdk.googleapis.com/js/sdkloader/ 		365 KB
126 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.202 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f10.1e100.net
Software
sffe /
Resource Hash
4b11a3cb86b8e90ee13ac577dbb1a2398373c7d7777a18066cf50b991ecae129
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 11:09:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
128095
x-xss-protection
0
expires
Thu, 16 Nov 2023 11:09:33 GMT
inview.min.js
ad.vidverto.io/js/ima2/2/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/js/ima2/2/inview.min.js
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.132.133.134 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-132-133-134.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
2ebcdc45625d8bd6eb8cea62780c1128df28c86ef0e10a6369ec23c97d61d92c

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 11:09:32 GMT
content-encoding
gzip
last-modified
Wed, 10 Jun 2020 14:52:51 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"5ee0f3c3-1389"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600, public, max-age=3600
expires
Thu, 16 Nov 2023 12:09:32 GMT
vast-client.min.js
ad.vidverto.io/js/ima2/2/ 		60 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/js/ima2/2/vast-client.min.js
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.132.133.134 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-132-133-134.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
ccd7b25b5061d883c7bf728947fb876d6225f3d8cd4b23dd7a0fb575b6f08b3f

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 11:09:32 GMT
content-encoding
gzip
last-modified
Tue, 03 Oct 2023 13:43:37 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"651c1a89-ee50"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600, public, max-age=3600
expires
Thu, 16 Nov 2023 12:09:32 GMT
ima.min.js
ad.vidverto.io/js/ima2/2/ 		88 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/js/ima2/2/ima.min.js?correlator=e1f92774e1475db659092738cadde3f0
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.132.133.134 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-132-133-134.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
a4892c9c2afde9a0b57ecab9049dd4c625fc9bb7051941dd222eb8ba97b09b3f

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 11:09:32 GMT
content-encoding
gzip
last-modified
Wed, 15 Nov 2023 11:21:43 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"6554a9c7-161f9"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600, public, max-age=3600
expires
Thu, 16 Nov 2023 12:09:32 GMT
vidvertoplayer.js
ad.vidverto.io/vidverto/player/ 		130 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/vidverto/player/vidvertoplayer.js
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.132.133.134 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-132-133-134.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
a61d8ed19b5bba32c11ba948036fe83489cc0a85662a9031e9db1707518ccd61

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 11:09:32 GMT
content-encoding
gzip
last-modified
Wed, 01 Nov 2023 15:40:22 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"65427166-20687"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600, public, max-age=3600
expires
Thu, 16 Nov 2023 12:09:32 GMT
prebid.js
ad.vidverto.io/js/achernar/ 		293 KB
98 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/js/achernar/prebid.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/huang-zi-jiao-xia-biao-zao-qu-xiao-ding-dan-bei-mai-jia-yao-qiu-zhong-ding-yi-kan-jie-qian-zhang-5bei-zhen-de-you-dian-guo-huo.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.132.133.134 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-132-133-134.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
b2d20ef01157e938babf09976dc9371124204b5e7ffa9d9d9898cd99cdca0c5a

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 11:09:32 GMT
content-encoding
gzip
last-modified
Tue, 24 Oct 2023 15:09:23 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"6537de23-49456"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600, public, max-age=3600
expires
Thu, 16 Nov 2023 12:09:32 GMT
invocation.min.css
ad.vidverto.io/vidverto/ 		3 KB
850 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/vidverto/invocation.min.css
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.132.133.134 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-132-133-134.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
60f74110267d386c033ca330fc5bbd7d2472c972b63b33fa8000e87c8f815de6

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 11:09:32 GMT
content-encoding
gzip
last-modified
Wed, 11 Nov 2020 16:53:37 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"5fac1711-a0a"
vary
Accept-Encoding
content-type
text/css
sync
ad.vidverto.io/delivery/v2/
Redirect Chain
  • https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fad.vidverto.io%2Fdelivery%2Fv2%2Fsync%3Fuserid%3D%7Buser_id%7D%26p_id%3D23
  • https://ad.vidverto.io/delivery/v2/sync?userid=eb848c1b-cdc1-48fb-b186-57ac9bcafe30&p_id=23
0
151 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.vidverto.io/delivery/v2/sync?userid=eb848c1b-cdc1-48fb-b186-57ac9bcafe30&p_id=23
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/huang-zi-jiao-xia-biao-zao-qu-xiao-ding-dan-bei-mai-jia-yao-qiu-zhong-ding-yi-kan-jie-qian-zhang-5bei-zhen-de-you-dian-guo-huo.html
Protocol
H2
Server
185.132.133.134 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-132-133-134.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 11:09:33 GMT
content-length
0
server
nginx/1.14.0 (Ubuntu)

Redirect headers

location
https://ad.vidverto.io/delivery/v2/sync?userid=eb848c1b-cdc1-48fb-b186-57ac9bcafe30&p_id=23
date
Thu, 16 Nov 2023 11:09:33 GMT
cache-control
no-store no-transform
server
nginx
content-length
161
content-type
text/html; charset=utf-8
sync
ad.vidver.to/delivery/v2/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=prodoohmox&user_id=4c4b5e78-4b85-4319-9c94-885ef85562d3&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=prodoohmox&user_id=4c4b5e78-4b85-4319-9c94-885ef85562d3&gdpr=0&gdpr_consent=
  • https://ad.vidver.to/delivery/v2/sync?userid=9fda2ccc-c830-446d-93e5-b2b049761564&p_id=15
0
155 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.vidver.to/delivery/v2/sync?userid=9fda2ccc-c830-446d-93e5-b2b049761564&p_id=15
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/huang-zi-jiao-xia-biao-zao-qu-xiao-ding-dan-bei-mai-jia-yao-qiu-zhong-ding-yi-kan-jie-qian-zhang-5bei-zhen-de-you-dian-guo-huo.html
Protocol
H2
Server
185.180.223.221 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-180-223-221.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 11:09:33 GMT
content-length
0
server
nginx/1.14.0 (Ubuntu)

Redirect headers

location
//ad.vidver.to/delivery/v2/sync?userid=9fda2ccc-c830-446d-93e5-b2b049761564&p_id=15
date
Thu, 16 Nov 2023 11:09:33 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
next-up-widget.20231115-12-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/next-up-widget.20231115-12-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
27d6ba134553745312d716620773c823abd0334a4d9f162d2cd24417d175e5b9

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
4GT98e9Mx_BGTk7tmGeAauqJy93jVzJp
content-encoding
gzip
via
1.1 varnish
date
Thu, 16 Nov 2023 11:09:32 GMT
x-amz-request-id
SCM73KJ42JJCFEEA
age
2057
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
4624
x-amz-id-2
bSU8kl6BD1AapOBUaeBPrEgP8Og5pAb1u7FnQ2XA0KCRCpoQMs6zJgSPRX1+zIVYuhKWn6pmMb8=
x-served-by
cache-fra-eddf8230085-FRA
last-modified
Thu, 16 Nov 2023 10:35:16 GMT
server
AmazonS3
x-timer
S1700132973.779904,VS0,VE0
etag
"9c48823fc656e9b337ee802ba033acf8"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
16
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
453
abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&tvi48=9598&tvi50=11075&lti=deflated&ri=b8bfa1a0ca4cd7ad61a4617e2c71c06a&sd=v2_c97f0a54ada90cf74453db3bc0cd7539_dfc8358d-d57b-421b-97fb-c43154cfe7b5-tuctc4f7dea_1700132970_1700132970_CNawjgYQ2YJdGN6_yb69MSABKAEwKziy0A1At4gQSLCc3QNQ____________AVgAYABosa_ptcr9986tAXAA&ui=dfc8358d-d57b-421b-97fb-c43154cfe7b5-tuctc4f7dea&pi=/a/huang-zi-jiao-xia-biao-zao-qu-xiao-ding-dan-bei-mai-jia-yao-qiu-zhong-ding-yi-kan-jie-qian-zhang-5bei-zhen-de-you-dian-guo-huo.html&wi=8332376904320459836&pt=text&vi=1700132970462&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22taboola-vignette-script-loaded%22%2C%22type%22%3A%22%7B%5C%22timeFromLoad%5C%22%3A2948%7D%22%2C%22eventTime%22%3A1700132972753%7D&tim=12%3A09%3A32.753&id=8177&llvl=2&cv=20231115-12-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/huang-zi-jiao-xia-biao-zao-qu-xiao-ding-dan-bei-mai-jia-yao-qiu-zhong-ding-yi-kan-jie-qian-zhang-5bei-zhen-de-you-dian-guo-huo.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Thu, 16 Nov 2023 11:09:32 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
favicon-16px.png
ad.vidverto.io/images/ 		900 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.vidverto.io/images/favicon-16px.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/huang-zi-jiao-xia-biao-zao-qu-xiao-ding-dan-bei-mai-jia-yao-qiu-zhong-ding-yi-kan-jie-qian-zhang-5bei-zhen-de-you-dian-guo-huo.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.132.133.134 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-132-133-134.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
42fe10d8382d3fb7f84308b95ae83c5959838f0aeff2cb1733bab9d394c5a2d7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 11:09:32 GMT
last-modified
Wed, 10 Jun 2020 14:52:51 GMT
server
nginx/1.14.0 (Ubuntu)
etag
"5ee0f3c3-384"
content-type
image/png
cache-control
max-age=604800, public, max-age=604800
accept-ranges
bytes
content-length
900
expires
Thu, 23 Nov 2023 11:09:32 GMT
72b4885f70b55eff9e0ea334d56db5a6.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		36 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/72b4885f70b55eff9e0ea334d56db5a6.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/huang-zi-jiao-xia-biao-zao-qu-xiao-ding-dan-bei-mai-jia-yao-qiu-zhong-ding-yi-kan-jie-qian-zhang-5bei-zhen-de-you-dian-guo-huo.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
286551a894e8d9f3b27fb3c86d432b0ad3d33695b0056b2300457d13f9ebde76

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Thu, 16 Nov 2023 11:09:32 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/72b4885f70b55eff9e0ea334d56db5a6.png
age
2532279
edge-cache-tag
584044035095160462806265021726578545844,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
584044035095160462806265021726578545844,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
213
req-referer
https://www.kicker.de/
content-length
36706
x-request-id
86af05c47b7721e22041dee5f5098c2d
x-backend-name
LA_nlb203
x-served-by
cache-iad-kjyo7100137-IAD, cache-iad-kjyo7100137-IAD, cache-lax10623-LGB, cache-iad-kiad7000062-IAD, cache-fra-eddf8230085-FRA
last-modified
Fri, 08 Sep 2023 06:35:15 GMT
server
nginx
x-timer
S1700132973.810008,VS0,VE0
etag
"1fdebd550ec6c3b9359e80c87f0d78de"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 22, 1, 16, 2
8b0d25bb-ea2a-4b95-a252-8bc366ada36f__X9F5lLLH.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/ 		33 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/8b0d25bb-ea2a-4b95-a252-8bc366ada36f__X9F5lLLH.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/huang-zi-jiao-xia-biao-zao-qu-xiao-ding-dan-bei-mai-jia-yao-qiu-zhong-ding-yi-kan-jie-qian-zhang-5bei-zhen-de-you-dian-guo-huo.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
7ac3517a3dc7faa2258f56236360201bb0f23aa702ff53300bcb4efc8e4407af

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Thu, 16 Nov 2023 11:09:32 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/8b0d25bb-ea2a-4b95-a252-8bc366ada36f__X9F5lLLH.jpg
age
1760477
edge-cache-tag
438378630997508548517438721481607029344,475000658346574341699039966618312097677,29ecf9b93bbf306179626feeda1fab70
cache-tag
438378630997508548517438721481607029344,475000658346574341699039966618312097677,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
749
req-referer
https://www.t-online.de/
content-length
33638
x-request-id
956b8b2f454acd0d5157a8ef2fb1201e
x-backend-name
LA_nlb202
x-served-by
cache-iad-kiad7000118-IAD, cache-iad-kjyo7100035-IAD, cache-sna10725-LGB, cache-iad-kjyo7100023-IAD, cache-fra-eddf8230085-FRA
last-modified
Thu, 07 Sep 2023 07:10:03 GMT
server
nginx
surrogate-reporting
width=940,height=523,bytes=48351,owidth=2000,oheight=1457,obytes=197392
x-timer
S1700132973.809987,VS0,VE0
etag
"3bb4cf0d908a96cab5dd4873ba3cea84"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 1, 2
supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&tvi48=9598&tvi50=11075&lti=deflated&ri=b8bfa1a0ca4cd7ad61a4617e2c71c06a&sd=v2_c97f0a54ada90cf74453db3bc0cd7539_dfc8358d-d57b-421b-97fb-c43154cfe7b5-tuctc4f7dea_1700132970_1700132970_CNawjgYQ2YJdGN6_yb69MSABKAEwKziy0A1At4gQSLCc3QNQ____________AVgAYABosa_ptcr9986tAXAA&ui=dfc8358d-d57b-421b-97fb-c43154cfe7b5-tuctc4f7dea&pi=/a/huang-zi-jiao-xia-biao-zao-qu-xiao-ding-dan-bei-mai-jia-yao-qiu-zhong-ding-yi-kan-jie-qian-zhang-5bei-zhen-de-you-dian-guo-huo.html&wi=8332376904320459836&pt=text&vi=1700132970462&d=%7B%22event_type%22%3A%22distance_from_article%22%2C%22event_state%22%3A%22reported%22%2C%22event_value%22%3A%22303.609375%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=12%3A09%3A32.806&id=2595&llvl=2&cv=20231115-12-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/huang-zi-jiao-xia-biao-zao-qu-xiao-ding-dan-bei-mai-jia-yao-qiu-zhong-ding-yi-kan-jie-qian-zhang-5bei-zhen-de-you-dian-guo-huo.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Thu, 16 Nov 2023 11:09:32 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=12%3A09%3A32.933&type=warn&msg=TRC.TranslationsManager%20-%20missing%20feature%20in%20translationMap%3A%20userx.&llvl=2&id=2184&cv=20231115-12-RELEASE&lt=deflated&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/huang-zi-jiao-xia-biao-zao-qu-xiao-ding-dan-bei-mai-jia-yao-qiu-zhong-ding-yi-kan-jie-qian-zhang-5bei-zhen-de-you-dian-guo-huo.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 11:09:32 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
46079
css2
fonts.googleapis.com/ 		20 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231115-12-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f106.1e100.net
Software
ESF /
Resource Hash
a44f5d561cd3e602e092304c1356809a206492fa189be1c11d923e8e768b06b5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 16 Nov 2023 11:09:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 16 Nov 2023 09:26:33 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 16 Nov 2023 11:09:33 GMT
spa-detector.20231115-12-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/spa-detector.20231115-12-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
426a6e209c2f680b4e2d5a54381eb2148143ef6fa5d161c309975e1870969e9c

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
jhZs0YIRmAE73Gd59tlESMeEAjFxidis
content-encoding
gzip
via
1.1 varnish
date
Thu, 16 Nov 2023 11:09:33 GMT
x-amz-request-id
RH9HG1FTZK2B4X0X
age
2050
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
779
x-amz-id-2
GfpYuyjZJA2ZoNKJFa/egiXYrsyfGMlyYEctQhH8jvFWxSk+xFP4LEFCisZXs9Wg95jO4q1K/5o=
x-served-by
cache-fra-eddf8230085-FRA
last-modified
Thu, 16 Nov 2023 10:35:23 GMT
server
AmazonS3
x-timer
S1700132973.007353,VS0,VE0
etag
"b27baa9019f9edae55433938211f3e18"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
12
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
2047
supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&tvi48=9598&tvi50=11075&lti=deflated&ri=b8bfa1a0ca4cd7ad61a4617e2c71c06a&sd=v2_c97f0a54ada90cf74453db3bc0cd7539_dfc8358d-d57b-421b-97fb-c43154cfe7b5-tuctc4f7dea_1700132970_1700132970_CNawjgYQ2YJdGN6_yb69MSABKAEwKziy0A1At4gQSLCc3QNQ____________AVgAYABosa_ptcr9986tAXAA&ui=dfc8358d-d57b-421b-97fb-c43154cfe7b5-tuctc4f7dea&pi=/a/huang-zi-jiao-xia-biao-zao-qu-xiao-ding-dan-bei-mai-jia-yao-qiu-zhong-ding-yi-kan-jie-qian-zhang-5bei-zhen-de-you-dian-guo-huo.html&wi=8332376904320459836&pt=text&vi=1700132970462&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22AVAILABLE%22%2C%22event_value%22%3A%22%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=12%3A09%3A32.946&id=8608&llvl=2&cv=20231115-12-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/huang-zi-jiao-xia-biao-zao-qu-xiao-ding-dan-bei-mai-jia-yao-qiu-zhong-ding-yi-kan-jie-qian-zhang-5bei-zhen-de-you-dian-guo-huo.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Thu, 16 Nov 2023 11:09:33 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&tvi48=9598&tvi50=11075&lti=deflated&ri=b8bfa1a0ca4cd7ad61a4617e2c71c06a&sd=v2_c97f0a54ada90cf74453db3bc0cd7539_dfc8358d-d57b-421b-97fb-c43154cfe7b5-tuctc4f7dea_1700132970_1700132970_CNawjgYQ2YJdGN6_yb69MSABKAEwKziy0A1At4gQSLCc3QNQ____________AVgAYABosa_ptcr9986tAXAA&ui=dfc8358d-d57b-421b-97fb-c43154cfe7b5-tuctc4f7dea&pi=/a/huang-zi-jiao-xia-biao-zao-qu-xiao-ding-dan-bei-mai-jia-yao-qiu-zhong-ding-yi-kan-jie-qian-zhang-5bei-zhen-de-you-dian-guo-huo.html&wi=8332376904320459836&pt=text&vi=1700132970462&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22explore-more%22%2C%22type%22%3A%22header%20found%22%2C%22eventTime%22%3A1700132972948%7D&tim=12%3A09%3A32.948&id=8956&llvl=2&cv=20231115-12-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/huang-zi-jiao-xia-biao-zao-qu-xiao-ding-dan-bei-mai-jia-yao-qiu-zhong-ding-yi-kan-jie-qian-zhang-5bei-zhen-de-you-dian-guo-huo.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Thu, 16 Nov 2023 11:09:33 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&tvi48=9598&tvi50=11075&lti=deflated&ri=b8bfa1a0ca4cd7ad61a4617e2c71c06a&sd=v2_c97f0a54ada90cf74453db3bc0cd7539_dfc8358d-d57b-421b-97fb-c43154cfe7b5-tuctc4f7dea_1700132970_1700132970_CNawjgYQ2YJdGN6_yb69MSABKAEwKziy0A1At4gQSLCc3QNQ____________AVgAYABosa_ptcr9986tAXAA&ui=dfc8358d-d57b-421b-97fb-c43154cfe7b5-tuctc4f7dea&pi=/a/huang-zi-jiao-xia-biao-zao-qu-xiao-ding-dan-bei-mai-jia-yao-qiu-zhong-ding-yi-kan-jie-qian-zhang-5bei-zhen-de-you-dian-guo-huo.html&wi=8332376904320459836&pt=text&vi=1700132970462&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22CLICKABLE%22%2C%22event_value%22%3A%22tblOriginalState%3A%20true%22%2C%22event_msg%22%3A%22back%20button%20enabled%2C%20history%20changed.%22%2C%22event_key%22%3A%22%22%7D&tim=12%3A09%3A32.977&id=4185&llvl=2&cv=20231115-12-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/huang-zi-jiao-xia-biao-zao-qu-xiao-ding-dan-bei-mai-jia-yao-qiu-zhong-ding-yi-kan-jie-qian-zhang-5bei-zhen-de-you-dian-guo-huo.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Thu, 16 Nov 2023 11:09:33 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&tvi48=9598&tvi50=11075&lti=deflated&ri=b8bfa1a0ca4cd7ad61a4617e2c71c06a&sd=v2_c97f0a54ada90cf74453db3bc0cd7539_dfc8358d-d57b-421b-97fb-c43154cfe7b5-tuctc4f7dea_1700132970_1700132970_CNawjgYQ2YJdGN6_yb69MSABKAEwKziy0A1At4gQSLCc3QNQ____________AVgAYABosa_ptcr9986tAXAA&ui=dfc8358d-d57b-421b-97fb-c43154cfe7b5-tuctc4f7dea&pi=/a/huang-zi-jiao-xia-biao-zao-qu-xiao-ding-dan-bei-mai-jia-yao-qiu-zhong-ding-yi-kan-jie-qian-zhang-5bei-zhen-de-you-dian-guo-huo.html&wi=8332376904320459836&pt=text&vi=1700132970462&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22explore-more%22%2C%22type%22%3A%22explore-more-available%22%2C%22eventTime%22%3A1700132972979%7D&tim=12%3A09%3A32.979&id=8249&llvl=2&cv=20231115-12-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/huang-zi-jiao-xia-biao-zao-qu-xiao-ding-dan-bei-mai-jia-yao-qiu-zhong-ding-yi-kan-jie-qian-zhang-5bei-zhen-de-you-dian-guo-huo.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Thu, 16 Nov 2023 11:09:33 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
container.html
e8dcf410f0bc838e0d9790e74ac3cf4b.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 172C 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://e8dcf410f0bc838e0d9790e74ac3cf4b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f1.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 16 Nov 2023 11:09:31 GMT
expires
Fri, 15 Nov 2024 11:09:31 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame BA36 		24 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
297b2161f034edd0ac70974992f76110aef25e9dd1350e1afcf5449735b061d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 11:09:33 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10180
x-xss-protection
0
server
cafe
etag
18237407647168291986
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 16 Nov 2023 11:09:33 GMT
bulk-metrics
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
243 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/bulk-metrics?tvi48=9598&tvi50=11075&route=AM%3AIL%3AV&lti=deflated&bulkSize=1
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231115-12-RELEASE.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://www.bg3.co
pragma
no-cache
date
Thu, 16 Nov 2023 11:09:33 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cookieSyncIframe.html
cdn.aralego.net/ucfad/cookie/ Frame AA6E 		714 B
615 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.71.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
47b193b0d3ac7fcb7bf22555b602c310145a0f6c1fd9acae397c121b22203f19

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
age
13377
alt-svc
h3=":443"; ma=86400
cache-control
max-age=14400
cf-cache-status
HIT
cf-ray
826f484aaee10e57-MXP
content-encoding
br
content-type
text/html
date
Thu, 16 Nov 2023 11:09:33 GMT
last-modified
Wed, 09 Feb 2022 05:59:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dMLk3qNxi7b8fP6f6vJbQLZ%2BbUGrFAad9OKOGWk0RyyrO4o1C6UjTJzh%2FrrVqaKKaE0f8O64%2BsARL7QdcjqUD1OGEV34R%2FEufIuW25qgGke3OTir5rglkaqzy0e97cvjzQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 3C81
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adiiix
  • https://eus.rubiconproject.com/usync.html?p=adiiix
281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=adiiix
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-22-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 16 Nov 2023 11:09:33 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Thu, 16 Nov 2023 11:09:33 GMT
location
https://eus.rubiconproject.com/usync.html?p=adiiix
server
AkamaiGHost
generic
match.adsrvr.org/track/cmf/
Redirect Chain
  • https://sync.aralego.com/idsync?euconsent-v2=${GDPR_CONSENT_607}&
  • https://pr-bh.ybp.yahoo.com/sync/ucfunnel/1d06a2b9-53cd-36ea-bdcb-8612e5fa2cc3?gdpr=0&euconsent=
  • https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-lDRzcWxE2oWxI855GN6GEaY4Ru3kR2UCUd7sSwU-~A&redirect=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/huang-zi-jiao-xia-biao-zao-qu-xiao-ding-dan-bei-mai-jia-yao-qiu-zhong-ding-yi-kan-jie-qian-zhang-5bei-zhen-de-you-dian-guo-huo.html
Protocol
H2
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 11:09:34 GMT
server
Kestrel
content-length
70
content-type
image/gif

Redirect headers

Location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
Date
Thu, 16 Nov 2023 11:09:34 GMT
Connection
close
Content-Length
111
Vary
Accept, Accept-Encoding
Content-Type
text/plain; charset=utf-8
bulk
trc.taboola.com/palmate-bg3co/log/3/ 		0
309 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/palmate-bg3co/log/3/bulk?tvi48=9598&tvi50=11075&route=AM%3AIL%3AV&lti=deflated&bulkSize=11
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231115-12-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
86
date
Thu, 16 Nov 2023 11:09:33 GMT
via
1.1 varnish
x-fastly-to-nlb-rtt
69006
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-fra-eddf8230085-FRA
pragma
no-cache
server
nginx
x-timer
S1700132973.262544,VS0,VE86
content-type
image/gif
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
img
sync.mathtag.com/sync/ Frame 97CC 		43 B
443 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D0%26gdpr_consent%3D
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.132.241 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MT3 1075 283b7e3 master zrh zrh-pixel-x27 config_version:"1369" /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 16 Nov 2023 11:09:33 GMT
Server
MT3 1075 283b7e3 master zrh zrh-pixel-x27 config_version:"1369"
Content-Type
image/gif
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
43
Expires
Thu, 16 Nov 2023 11:09:32 GMT
/
onetag-sys.com/match/ Frame 97CC
Redirect Chain
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=2&uid=LP139Y2T-26-72OR&gdpr=0
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=2&uid=LP139Y2T-26-72OR&gdpr=0
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://onetag-sys.com/match/?int_id=2&uid=LP139Y2T-26-72OR&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
b71bced807741b20dd93dce6c2d26405
Expires
0
/
onetag-sys.com/match/ Frame 97CC
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D0%26gdpr_consent%3D%26uid%3D$UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fonetag-sys.com%252Fmatch%252F%253Fint_id%253D98%2526gdpr%253D0%2526gdpr_consent%253D%2526uid%253D%24UID
  • https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=500845215933131403
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=500845215933131403
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Thu, 16 Nov 2023 11:09:33 GMT
an-x-request-uuid
7bedfb4a-3f89-4744-9717-1965f0821b44
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=500845215933131403
x-proxy-origin
178.197.248.23; 178.197.248.23; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
/
onetag-sys.com/match/ Frame 97CC
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=3679&gdpr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=3&uid=b66f21b54857ce7ad1d8d01265367bc&gdpr_consent=&gdpr=0
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=3&uid=b66f21b54857ce7ad1d8d01265367bc&gdpr_consent=&gdpr=0
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Pragma
no-cache
Date
Thu, 16 Nov 2023 11:09:33 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://onetag-sys.com/match/?int_id=3&uid=b66f21b54857ce7ad1d8d01265367bc&gdpr_consent=&gdpr=0
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1700132973807061-341
tap.php
pixel.rubiconproject.com/ Frame 97CC 		42 B
775 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=gqezkTm2WS7UVcC0tghobplhIKzpWvhADTUhlDNXlsc
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
4b510f0cc5fcbc9800016ef543086418
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 97CC
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABi9fSau__StG33Teu3gVDe3_XPXsNlE-sVw
170 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABi9fSau__StG33Teu3gVDe3_XPXsNlE-sVw
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Nov 2023 11:09:33 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABi9fSau__StG33Teu3gVDe3_XPXsNlE-sVw
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
/
onetag-sys.com/match/ Frame 97CC
Redirect Chain
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid]
  • https://onetag-sys.com/match/?int_id=107&uid=1022322488938986752
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=107&uid=1022322488938986752
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
https://onetag-sys.com/match/?int_id=107&uid=1022322488938986752
date
Thu, 16 Nov 2023 11:09:33 GMT
content-length
0
711916.gif
id.rlcdn.com/ Frame 97CC 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/711916.gif?ct=4&cv=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
ecm3
s.amazon-adsystem.com/ Frame 97CC
Redirect Chain
  • https://onetag-sys.com/match/?int_id=113&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=mnDCyDbfnTRAUffBjESs9sowWjAW5HlICxSTsgEr1q8
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=mnDCyDbfnTRAUffBjESs9sowWjAW5HlICxSTsgEr1q8
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 16 Nov 2023 11:09:33 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
AQ4NQH1RHQ8XF0SJ2BF7
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=mnDCyDbfnTRAUffBjESs9sowWjAW5HlICxSTsgEr1q8
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
/
onetag-sys.com/match/ Frame 97CC
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}%26u...
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}%26u...
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MEMxMkZCNTgtNEMyNi00NjZCLUIyQzgtQjc5OTVFNjVEMTcx&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=0C12FB58-4C26-466B-B2C8-B7995E65D171
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=0C12FB58-4C26-466B-B2C8-B7995E65D171
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=0C12FB58-4C26-466B-B2C8-B7995E65D171
date
Thu, 16 Nov 2023 11:09:32 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
157
content-type
text/html; charset=utf-8
/
onetag-sys.com/match/ Frame 97CC
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm
  • https://onetag-sys.com/match/?int_id=106&google_gid=CAESEBr-d6rYF-De6p3kb2VjeJg&google_cver=1
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEBr-d6rYF-De6p3kb2VjeJg&google_cver=1
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Thu, 16 Nov 2023 11:09:33 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEBr-d6rYF-De6p3kb2VjeJg&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
298
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
onetag-sys.com/match/ Frame 97CC
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=0&gdpr_consent=
  • https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=0&gdpr_consent=&verify=true
  • https://onetag-sys.com/match/?int_id=92&uid=y-QlZGW8ZE2uEqgB5Sr_CPzgRR4faYhIQU4BHHl5w-~A
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=92&uid=y-QlZGW8ZE2uEqgB5Sr_CPzgRR4faYhIQU4BHHl5w-~A
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
https://onetag-sys.com/match/?int_id=92&uid=y-QlZGW8ZE2uEqgB5Sr_CPzgRR4faYhIQU4BHHl5w-~A
date
Thu, 16 Nov 2023 11:09:33 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
generic
match.adsrvr.org/track/cmf/ Frame 97CC 		70 B
149 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=0&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 11:09:33 GMT
server
Kestrel
content-length
70
content-type
image/gif
/
onetag-sys.com/match/ Frame 97CC
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=onetag&gdpr=0&gdpr_consent=
  • https://ad.360yield.com/server_match?partner_id=446&gdpr=0&gdpr_consent=&bidswitch_ssp_id=onetag&bsw_custom_parameter=9fda2ccc-c830-446d-93e5-b2b049761564&r=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fd...
  • https://ad.360yield.com/ul_cb/server_match?partner_id=446&gdpr=0&gdpr_consent=&bidswitch_ssp_id=onetag&bsw_custom_parameter=9fda2ccc-c830-446d-93e5-b2b049761564&r=https%3A%2F%2Fx.bidswitch.net%2Fsy...
  • https://x.bidswitch.net/sync?dsp_id=446&user_id=79fa1d23-cc90-49bd-ad79-8a4547142217&ssp=onetag&gdpr=0&gdpr_consent=&ssp=onetag&bsw_param=9fda2ccc-c830-446d-93e5-b2b049761564
  • https://onetag-sys.com/match/?int_id=30&uid=9fda2ccc-c830-446d-93e5-b2b049761564&gdpr=0&gdpr_consent=&us_privacy=
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=30&uid=9fda2ccc-c830-446d-93e5-b2b049761564&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
//onetag-sys.com/match/?int_id=30&uid=9fda2ccc-c830-446d-93e5-b2b049761564&gdpr=0&gdpr_consent=&us_privacy=
date
Thu, 16 Nov 2023 11:09:33 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
sync
ad.mox.tv/delivery/v2/ Frame 97CC
Redirect Chain
  • https://ad.mox.tv/delivery/sync?userid=gqezkTm2WS7UVcC0tghobplhIKzpWvhADTUhlDNXlsc&p_id=5
  • https://ad.mox.tv/delivery/v2/sync?userid=gqezkTm2WS7UVcC0tghobplhIKzpWvhADTUhlDNXlsc&p_id=5
0
157 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.mox.tv/delivery/v2/sync?userid=gqezkTm2WS7UVcC0tghobplhIKzpWvhADTUhlDNXlsc&p_id=5
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
185.180.223.221 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-180-223-221.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 11:09:33 GMT
content-length
0
server
nginx/1.14.0 (Ubuntu)

Redirect headers

location
https://ad.mox.tv/delivery/v2/sync?userid=gqezkTm2WS7UVcC0tghobplhIKzpWvhADTUhlDNXlsc&p_id=5
date
Thu, 16 Nov 2023 11:09:33 GMT
server
nginx/1.14.0 (Ubuntu)
content-length
194
content-type
text/html
st
imprammp.taboola.com/ Frame 22F1 		422 B
332 B 		Document
General
Check archive.org
Download Go to
Full URL
https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8uHkCLAbkc88eGz07IxPI5549Nnp2Ri4AAABgYID-AImtPDaTazlYyxymjVu0MhnXwt3MtFatJr7JarUaLmwLIyCxlcdmci0Ha5nDtHGLVibjWribmdaq1cQ3Wa1Ww4VtYQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AaBmGg6HT7XvV73-90lPs9c4_cr_ELXw-5zS59uqdPhdwufDrfE6fC7pQ-_W_F6C58Ov1vktPvcIofdLXE53WqH0y11OtzKh9-teLre0qPf7nOLnHafW_l0ax12t9TpciueDrtbenTYfW7VxOV0S48uu1vkciv_rrfI6bC7da6_W-j624Wmt9kOAAAAAB78____QwAAAACIAAAAACABAAAAgEJAhX8LAhcAAAAAMPz___9rAHjmkPA20-Vp97ns_gAAAAAAAgAAAIAEAAL6YQmAGOO9E___________MQboM29k_P___98w6AHw4APgQQgAAMDHkC2spwusCtVZIgWwRRgBAAAAkC3GvzgySSeoWFT5___vtwJwBQAgYPFaGkw8i-6gxFsYAAAAgTEL9LD4_WaHXeN3u8z_________v5n_M_9ohHp64tIA9cORqvkFBABY8wsIAMBG3RTMvRmAE3QIWjEYrE5AzA4AAADAnf___389IOPczQwL12hhcjgHG5tvNFptRhbPxGPYmHyrzXJ7NrRYxyAB6ND7bAjL7PcdFJTT02N2GWQsl8kgPmgYlpNBMD8TthitJpPNcjhbLiaD4Wg4Gu2PAC4HaCIGy-VkspjsVqPVaDPcjWaDBRKIwQRRtGgwWY1Gk8VkuBpNVrPlYrfbIIpWrWajzWC4mk1mu91qOBguRyM0YYvRajLZLIez5WIyGI6Go9EQwZDNY9yshiO3yLWbuEWTxcSt3M0sbo1ps1iNNjaXb-Jai14f08c0841cDi8SDPDci-RpkU4UG8NwtxoMJhaTZeSbbHazkWVk2ngGC5tvNhhOJmKJ5mSRTmSXfce5mxkWrtHC5HAONjbfaLTajCyeicewMflWm-W-ZPMYN6vhyC1y7SZu0WQxcSt3M4tbY9osVqONzeWbuNai18f0Mc18I5fD39gNBovNZLkb7Bu7wWCxmSx3g32HzvBdfc5GZVkl-ei0ffNiW645DQqXweJ9qU_nYcFYkE47R6fM4XgWdUa_3-_3-_1-v9_vN2g9B7NB4Xse_sLpY3kuh7PRg9hgUMQSwUU6ETzMbofp5Zb4PBu_RSxRmi7SiV7hF7oedp9b-nRLnQ6_W_h0uCVOh98tffjditdb-HT43SKn3ecWOexuicvpVjucbqnT4VY-_G7F0_WWHv12n1vktPvcyqdb67C7pU6XW_F02N3So8Puc6smLqdbenTZ3SKXW_l3vUVOh92tc_3dQtffLjS9zRaxRHC6SCeil_F0Uf-RQ-yGc8VyN5eMhnPJZpUAAAAAAAAAACzBNNNNAAAAAJwMargZLlbrdDCT2WSwWy0XwEVQli5gEAAAAAAAgGKNPdYAD7PbYXq5JT7Pxm9lABLMecw2-4wg1mq1rAEAAAhgAwAACOCmG28CwaO4_____3EAAABk5NADAACg3weEFbBe6IErxa8gFoPdav8AVIi1Wq1uN9ZqtQIWyHIx2E3g____Pw!&cmcv=&pix=undefined&cb=1700132973292&uv=3358&tms=1700132973292&abt=adxsub-out_vA!adxsub-out_vB!tbt_player!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=6ecfd590-fa4c-4ed8-87f4-55b725558a6a&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.5.7/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
518395e451c4563dcd1fb1b4504d05f84a007361cd66119b74e44102f97b9dc5

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-type
text/html;charset=ISO-8859-1
date
Thu, 16 Nov 2023 11:09:33 GMT
server
nginx
vary
Accept-Encoding
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-fra-eddf8230085-FRA
x-timer
S1700132973.359785,VS0,VE10
sync
am-match.taboola.com/ Frame 0BF4 		577 B
662 B 		Document
General
Check archive.org
Download Go to
Full URL
https://am-match.taboola.com/sync?dast=V8uHkCLAbkc88eGz07IxPI5549Nnp2Ri4AAABgYID-AImtPDaTazlYyxymjVu0MhnXwt3MtFatJr7JarUaLmwLIyCxlcdmci0Ha5nDtHGLVibjWribmdaq1cQ3Wa1Ww4VtYQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AaBmGg6HT7XvV73-90lPs9c4_cr_ELXw-5zS59uqdPhdwufDrfE6fC7pQ-_W_F6C58Ov1vktPvcIofdLXE53WqH0y11OtzKh9-teLre0qPf7nOLnHafW_l0ax12t9TpciueDrtbenTYfW7VxOV0S48uu1vkciv_rrfI6bC7da6_W-j624Wmt9kOAAAAAB78____QwAAAACIAAAAACABAAAAgEJAhX8LAhcAAAAAMPz___9rAHjmkPA20-Vp97ns_gAAAAAAAgAAAIAEAAL6YQmAGOO9E___________MQboM29k_P___98w6AHw4APgQQgAAMDHkC2spwusCtVZIgWwRRgBAAAAkC3GvzgySSeoWFT5___vtwJwBQAgYPFaGkw8i-6gxFsYAAAAgTEL9LD4_WaHXeN3u8z_________v5n_M_9ohHp64tIA9cORqvkFBABY8wsIAMBG3RTMvRmAE3QIWjEYrE5AzA4AAADAnf___389IOPczQwL12hhcjgHG5tvNFptRhbPxGPYmHyrzXJ7NrRYxyAB6ND7bAjL7PcdFJTT02N2GWQsl8kgPmgYlpNBMD8TthitJpPNcjhbLiaD4Wg4Gu2PAC4HaCIGy-VkspjsVqPVaDPcjWaDBRKIwQRRtGgwWY1Gk8VkuBpNVrPlYrfbIIpWrWajzWC4mk1mu91qOBguRyM0YYvRajLZLIez5WIyGI6Go9EQwZDNY9yshiO3yLWbuEWTxcSt3M0sbo1ps1iNNjaXb-Jai14f08c0841cDi8SDPDci-RpkU4UG8NwtxoMJhaTZeSbbHazkWVk2ngGC5tvNhhOJmKJ5mSRTmSXfce5mxkWrtHC5HAONjbfaLTajCyeicewMflWm-W-ZPMYN6vhyC1y7SZu0WQxcSt3M4tbY9osVqONzeWbuNai18f0Mc18I5fD39gNBovNZLkb7Bu7wWCxmSx3g32HzvBdfc5GZVkl-ei0ffNiW645DQqXweJ9qU_nYcFYkE47R6fM4XgWdUa_3-_3-_1-v9_vN2g9B7NB4Xse_sLpY3kuh7PRg9hgUMQSwUU6ETzMbofp5Zb4PBu_RSxRmi7SiV7hF7oedp9b-nRLnQ6_W_h0uCVOh98tffjditdb-HT43SKn3ecWOexuicvpVjucbqnT4VY-_G7F0_WWHv12n1vktPvcyqdb67C7pU6XW_F02N3So8Puc6smLqdbenTZ3SKXW_l3vUVOh92tc_3dQtffLjS9zRaxRHC6SCeil_F0Uf-RQ-yGc8VyN5eMhnPJZpUAAAAAAAAAACzBNNNNAAAAAJwMargZLlbrdDCT2WSwWy0XwEVQli5gEAAAAAAAgGKNPdYAD7PbYXq5JT7Pxm9lABLMecw2-4wg1mq1rAEAAAhgAwAACOCmG28CwaO4_____3EAAABk5NADAACg3weEFbBe6IErxa8gFoPdav8AVIi1Wq1uN9ZqtQIWyHIx2E3g____Pw!&excid=22&docw=0&cijs=1&nlb=false
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.5.7/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
07c83c2db3ceab4994ee03ebf7ef5b7650f486d4a1cafe06f7da291aad4fe799

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

content-type
text/html;charset=ISO-8859-1
date
Thu, 16 Nov 2023 11:09:33 GMT
machineid
3406
server
nginx
VideoBidRequestHandlerServlet
wf.taboola.com/ 		2 KB
674 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1700132973326&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=1&pv=1573&pt=-124501654&tz=60&viewable=true&ddast=V8uHkCLAbkc88eGz07IxPI5549Nnp2Ri4AAABgYID-AImtPDaTazlYyxymjVu0MhnXwt3MtFatJr7JarUaLmwLIyCxlcdmci0Ha5nDtHGLVibjWribmdaq1cQ3Wa1Ww4VtYQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AaBmGg6HT7XvV73-90lPs9c4_cr_ELXw-5zS59uqdPhdwufDrfE6fC7pQ-_W_F6C58Ov1vktPvcIofdLXE53WqH0y11OtzKh9-teLre0qPf7nOLnHafW_l0ax12t9TpciueDrtbenTYfW7VxOV0S48uu1vkciv_rrfI6bC7da6_W-j624Wmt9kOAAAAAB78____QwAAAACIAAAAACABAAAAgEJAhX8LAhcAAAAAMPz___9rAHjmkPA20-Vp97ns_gAAAAAAAgAAAIAEAAL6YQmAGOO9E___________MQboM29k_P___98w6AHw4APgQQgAAMDHkC2spwusCtVZIgWwRRgBAAAAkC3GvzgySSeoWFT5___vtwJwBQAgYPFaGkw8i-6gxFsYAAAAgTEL9LD4_WaHXeN3u8z_________v5n_M_9ohHp64tIA9cORqvkFBABY8wsIAMBG3RTMvRmAE3QIWjEYrE5AzA4AAADAnf___389IOPczQwL12hhcjgHG5tvNFptRhbPxGPYmHyrzXJ7NrRYxyAB6ND7bAjL7PcdFJTT02N2GWQsl8kgPmgYlpNBMD8TthitJpPNcjhbLiaD4Wg4Gu2PAC4HaCIGy-VkspjsVqPVaDPcjWaDBRKIwQRRtGgwWY1Gk8VkuBpNVrPlYrfbIIpWrWajzWC4mk1mu91qOBguRyM0YYvRajLZLIez5WIyGI6Go9EQwZDNY9yshiO3yLWbuEWTxcSt3M0sbo1ps1iNNjaXb-Jai14f08c0841cDi8SDPDci-RpkU4UG8NwtxoMJhaTZeSbbHazkWVk2ngGC5tvNhhOJmKJ5mSRTmSXfce5mxkWrtHC5HAONjbfaLTajCyeicewMflWm-W-ZPMYN6vhyC1y7SZu0WQxcSt3M4tbY9osVqONzeWbuNai18f0Mc18I5fD39gNBovNZLkb7Bu7wWCxmSx3g32HzvBdfc5GZVkl-ei0ffNiW645DQqXweJ9qU_nYcFYkE47R6fM4XgWdUa_3-_3-_1-v9_vN2g9B7NB4Xse_sLpY3kuh7PRg9hgUMQSwUU6ETzMbofp5Zb4PBu_RSxRmi7SiV7hF7oedp9b-nRLnQ6_W_h0uCVOh98tffjditdb-HT43SKn3ecWOexuicvpVjucbqnT4VY-_G7F0_WWHv12n1vktPvcyqdb67C7pU6XW_F02N3So8Puc6smLqdbenTZ3SKXW_l3vUVOh92tc_3dQtffLjS9zRaxRHC6SCeil_F0Uf-RQ-yGc8VyN5eMhnPJZpUAAAAAAAAAACzBNNNNAAAAAJwMargZLlbrdDCT2WSwWy0XwEVQli5gEAAAAAAAgGKNPdYAD7PbYXq5JT7Pxm9lABLMecw2-4wg1mq1rAEAAAhgAwAACOCmG28CwaO4_____3EAAABk5NADAACg3weEFbBe6IErxa8gFoPdav8AVIi1Wq1uN9ZqtQIWyHIx2E3g____Pw!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=3262075&dpubid=583815&abtst=adxsub-out_vA!adxsub-out_vB!tbt_player!ufm_vD&mPre=0.033&cirf=https%3A%2F%2Fwww.bg3.co&en=1&subu=3
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.5.7/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
456bc95a3265f859c7d2857f46596c29a18cb6c592c73734f1cc673bb45123a8

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
text/plain

Response headers

x-cache-hits
0
date
Thu, 16 Nov 2023 11:09:33 GMT
content-encoding
gzip
via
1.1 varnish
machineid
1466
x-cache
MISS
x-served-by
cache-fra-eddf8230085-FRA
pragma
no-cache
server
nginx
x-timer
S1700132973.464141,VS0,VE313
vary
Accept-Encoding
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
accept-ranges
bytes
expires
Sat, 26 Jul 1997 05:00:00 GMT
prebidjs
rtb.openx.net/openrtbb/ 		53 B
220 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
/
Resource Hash
f2b466fb065859af543e504c1a550f98be2dbb8d2226f4edb2a7ee54428d1523

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 16 Nov 2023 11:09:33 GMT
content-encoding
gzip
via
1.1 google
vary
Origin
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77
prebidjs
rtb.openx.net/openrtbb/ 		53 B
229 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
/
Resource Hash
f2b466fb065859af543e504c1a550f98be2dbb8d2226f4edb2a7ee54428d1523

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 16 Nov 2023 11:09:33 GMT
content-encoding
gzip
via
1.1 google
vary
Origin
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77
/
prebid.smilewanted.com/ 		0
59 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 16 Nov 2023 11:09:33 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
826f484bf8d10e1a-MXP
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
c
prebid.a-mo.net/a/ 		0
0
auction
prebid-server.rubiconproject.com/openrtb2/ 		184 B
467 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.173.144.137 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
fda31a020b1b8b9eecf3c4bd443210fe5da946d9137d03e242f176ec3da21a30

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
content-encoding
gzip
x-prebid
pbs-java/2.3.0
Content-Type
application/json
access-control-allow-origin
https://www.bg3.co
Cache-Control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
174
Expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20616&site_id=395958&zone_id=2209398&size_id=2&alt_size_ids=1%2C43%2C44%2C55&rp_schain=1.0,1!adpushup.com,062d9a21f747ddee7c25d4297776e0aa,1,,,&eid_pubcid.org=2c4219bf-0a64-43c4-813b-e4dc5de0ea0c%5E1&rf=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhuang-zi-jiao-xia-biao-zao-qu-xiao-ding-dan-bei-mai-jia-yao-qiu-zhong-ding-yi-kan-jie-qian-zhang-5bei-zhen-de-you-dian-guo-huo.html&kw=%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E%EF%BC%8C%E9%BB%83%E5%AD%90%E4%BD%BC%E4%B8%8B%E6%A8%99%E9%81%AD%E5%8F%96%E6%B6%88%E8%A8%82%E5%96%AE%EF%BC%81%E8%A2%AB%E8%B3%A3%E5%AE%B6%E8%A6%81%E6%B1%82%E9%87%8D%E8%A8%82%E2%80%A6%E4%B8%80%E7%9C%8B%E5%83%B9%E9%8C%A2%E6%BC%B25%E5%80%8D%EF%BC%9A%E7%9C%9F%E7%9A%84%E6%9C%89%E9%BB%9E%E9%81%8E%E7%81%AB&tg_i.domain=bg3.co&tg_i.page=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhuang-zi-jiao-xia-biao-zao-qu-xiao-ding-dan-bei-mai-jia-yao-qiu-zhong-ding-yi-kan-jie-qian-zhang-5bei-zhen-de-you-dian-guo-huo.html&tk_flint=pbjs_lite_v7.48.0&x_source.tid=d860475c-3ded-4aac-9404-cf219aaced00&l_pb_bid_id=59edb6b6795e9b8&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=d860475c-3ded-4aac-9404-cf219aaced00&rp_maxbids=1&slots=1&rand=0.368743249236652
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.19.162.51 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
466801a1c350bd880dcd6606402a714b174dd2e577ee4062542be4cb882cd9e0

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 16 Nov 2023 11:09:33 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
hbjson
grid.bidswitch.net/ 		24 B
361 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://grid.bidswitch.net/hbjson
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.197.219.206 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-219-206.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
4fc3fbab3a7b40af82b17037da21244ae739ecd4ec8649297117c90f912cedb0

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 16 Nov 2023 11:09:33 GMT
Content-Encoding
gzip
Server
nginx
Content-Type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
49
prebid
prebid.media.net/rtb/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUPEPKI9
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
153.63.120.34.bc.googleusercontent.com
Software
envoy /
Resource Hash
9f28e5725ed7895acff5737741fb4a98501f6189a5ee2adf4cb6cb0e555fb5f8

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 16 Nov 2023 11:09:33 GMT
via
1.1 google
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
server
envoy
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
100
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 16 Nov 2023 11:09:33 GMT
prebid
ib.adnxs.com/ut/v3/ 		138 B
813 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.12 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
3d2d5c462862cb6c0eddc68d2e5907800e6ad736a603fe91ac55f6593892fd17
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 16 Nov 2023 11:09:33 GMT
an-x-request-uuid
05870058-d50d-4935-a966-073a5e24e240
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
178.197.248.23; 178.197.248.23; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
138
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid-request
onetag-sys.com/ 		6 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
18fd75b6197f86735ed124de5e1ef3a064ffbb52700b9ed4b7e1f5dbfa79e321
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
https://www.bg3.co
content-type
application/json
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
4025
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
adreq
ads.servenobid.com/ 		592 B
669 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/adreq?cb=3018
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.212.105.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-212-105-38.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
3c8c09124801a8a9cb028d5da8386bf00f1f6daaedea22716beec6db58e62a43

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 16 Nov 2023 11:09:33 GMT
content-encoding
gzip
amp-access-control-allow-source-origin
*
vary
accept-encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
bid-request
a.teads.tv/hb/ 		16 B
378 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.21.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-21-51.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 16 Nov 2023 11:09:33 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Thu, 16 Nov 2023 11:09:33 GMT
v1
hb-api.omnitagjs.com/hb-api/prebid/ 		3 B
517 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhuang-zi-jiao-xia-biao-zao-qu-xiao-ding-dan-bei-mai-jia-yao-qiu-zhong-ding-yi-kan-jie-qian-zhang-5bei-zhen-de-you-dian-guo-huo.html&PageUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhuang-zi-jiao-xia-biao-zao-qu-xiao-ding-dan-bei-mai-jia-yao-qiu-zhong-ding-yi-kan-jie-qian-zhang-5bei-zhen-de-you-dian-guo-huo.html&PageReferrer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhuang-zi-jiao-xia-biao-zao-qu-xiao-ding-dan-bei-mai-jia-yao-qiu-zhong-ding-yi-kan-jie-qian-zhang-5bei-zhen-de-you-dian-guo-huo.html&CanonicalUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhuang-zi-jiao-xia-biao-zao-qu-xiao-ding-dan-bei-mai-jia-yao-qiu-zhong-ding-yi-kan-jie-qian-zhang-5bei-zhen-de-you-dian-guo-huo.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.19.228.53 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-228-53.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
37517e5f3dc66819f61f5a7bb8ace1921282415f10551d2defa5c3eb0985b570
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 16 Nov 2023 11:09:33 GMT
via
kong/2.8.4
x-content-type-options
nosniff
x-kong-proxy-latency
0
p3p
CP="CAO PSA OUR"
x-kong-upstream-latency
16
content-length
3
pragma
no-cache
access-control-max-age
3600
access-control-allow-methods
OPTIONS, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Accept-Encoding
access-control-allow-headers
Accept-Encoding, Content-Type
expires
0
cdb
bidder.criteo.com/ 		0
188 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=35&wv=7.48.0&cb=54503841121&lsavail=0
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.bg3.co
date
Thu, 16 Nov 2023 11:09:33 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
311 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=693656
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
876c7037c10e286c95b389b4359e891e2f03d997ae1601fc7f78420e6e29987e

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 16 Nov 2023 11:09:33 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tHKiitojJlBTZcxuyf9gjsHSb8l2soB5jgQiSp%2FIxwZc1MzLrSN1jWTqpdkRuez%2BB0q7dXAeqAAJ5iaUvZyobTg%2FHX8mf9pyZHZXJ5JXwLOhZL6VP87kpYP5r06%2BpmyZUtNqLDTF"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
826f484be8580229-ZRH
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
315 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=693656
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
876c7037c10e286c95b389b4359e891e2f03d997ae1601fc7f78420e6e29987e

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 16 Nov 2023 11:09:33 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=okXpd%2B6hQuuux%2BPHaEBFDEu5bY1dFICem0T8Bye0lklL7ZyKjlmGyZkj6K4UQjEb22MthVvWt4ZHRey%2Fo5AYCV8TAhtFUiLo0Tkr49C9WtK%2FF9I6hbHfQ1PCP7wKMRz%2BrcYyaNcX"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
826f484be85d0229-ZRH
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
309 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=693656
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
876c7037c10e286c95b389b4359e891e2f03d997ae1601fc7f78420e6e29987e

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 16 Nov 2023 11:09:33 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GSOPYDnLxRqTPywjBnHZW2ssS6yEdm4MmwS88AF%2BFs32FGFL6%2FNvAEp8iZP2BSg29Hdj38cPGUGSjkVqU2u7MsLk4Brqo0XpLVo2AjGVemnU8C6hpJo8GXGPJKQWz3fGqFKDXwsp"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
826f484be85e0229-ZRH
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
auction
tlx.3lift.com/header/ 		19 B
587 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=7.48.0&referrer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhuang-zi-jiao-xia-biao-zao-qu-xiao-ding-dan-bei-mai-jia-yao-qiu-zhong-ding-yi-kan-jie-qian-zhang-5bei-zhen-de-you-dian-guo-huo.html&tmax=2500
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.185.207.108 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-185-207-108.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 16 Nov 2023 11:09:33 GMT
accept-ch
sec-ch-downlink,sec-ch-ua-full-version-list,sec-ch-prefers-color-scheme,sec-ch-ua-platform,sec-ch-dpr,user-agent,sec-ch-width,sec-ch-viewport-height,sec-ch-save-data,sec-ch-ect,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-device-memory,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-full-version,sec-ch-ua-arch,sec-ch-rtt,sec-ch-ua-mobile,sec-ch-viewport-width
x-auction-status
29, 29, 29, 29
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
css2
fonts.googleapis.com/ Frame 172C 		4 KB
745 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: e8dcf410f0bc838e0d9790e74ac3cf4b.safeframe.googlesyndication.com
URL: https://e8dcf410f0bc838e0d9790e74ac3cf4b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f106.1e100.net
Software
ESF /
Resource Hash
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://e8dcf410f0bc838e0d9790e74ac3cf4b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 16 Nov 2023 11:09:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 16 Nov 2023 09:23:48 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 16 Nov 2023 11:09:33 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 3CE3 		478 B
531 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CJjjZhDYrrgBGL3T2PsBMAE&v=APEucNVe7ho--LeymVHSbAqk9WczmQzMLIQeZPqpPm78UULAeel5cJwHeSSgqcEbu68Ut4kZXHPoqU39CICcoUt7qBF5fyfrsQ
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/huang-zi-jiao-xia-biao-zao-qu-xiao-ding-dan-bei-mai-jia-yao-qiu-zhong-ding-yi-kan-jie-qian-zhang-5bei-zhen-de-you-dian-guo-huo.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s46-in-f2.1e100.net
Software
cafe /
Resource Hash
0414d0221112224b4c926de91a6e316f9d9aba685aa8b05fd0654848d8fcdf55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://e8dcf410f0bc838e0d9790e74ac3cf4b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
175
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 16 Nov 2023 11:09:33 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame 04C1 		172 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/huang-zi-jiao-xia-biao-zao-qu-xiao-ding-dan-bei-mai-jia-yao-qiu-zhong-ding-yi-kan-jie-qian-zhang-5bei-zhen-de-you-dian-guo-huo.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f6.1e100.net
Software
sffe /
Resource Hash
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://e8dcf410f0bc838e0d9790e74ac3cf4b.safeframe.googlesyndication.com/
Origin
https://e8dcf410f0bc838e0d9790e74ac3cf4b.safeframe.googlesyndication.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 12:29:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
81623
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61485
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:43:57 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 16 Nov 2023 12:29:11 GMT
omrhp_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/ Frame 04C1 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/omrhp_fy2021.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/huang-zi-jiao-xia-biao-zao-qu-xiao-ding-dan-bei-mai-jia-yao-qiu-zhong-ding-yi-kan-jie-qian-zhang-5bei-zhen-de-you-dian-guo-huo.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://e8dcf410f0bc838e0d9790e74ac3cf4b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 16:55:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
65615
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3071
x-xss-protection
0
server
cafe
etag
10674441169935035545
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 29 Nov 2023 16:55:58 GMT
abg_lite_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame 04C1 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite_fy2021.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/huang-zi-jiao-xia-biao-zao-qu-xiao-ding-dan-bei-mai-jia-yao-qiu-zhong-ding-yi-kan-jie-qian-zhang-5bei-zhen-de-you-dian-guo-huo.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://e8dcf410f0bc838e0d9790e74ac3cf4b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 15:57:31 GMT
content-encoding
br
x-content-type-options
nosniff
age
69122
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9282
x-xss-protection
0
server
cafe
etag
14645652906762492339
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 29 Nov 2023 15:57:31 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame 04C1 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/huang-zi-jiao-xia-biao-zao-qu-xiao-ding-dan-bei-mai-jia-yao-qiu-zhong-ding-yi-kan-jie-qian-zhang-5bei-zhen-de-you-dian-guo-huo.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f1.1e100.net
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://e8dcf410f0bc838e0d9790e74ac3cf4b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 05:44:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
537923
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 09 Nov 2024 05:44:11 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 04C1 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/huang-zi-jiao-xia-biao-zao-qu-xiao-ding-dan-bei-mai-jia-yao-qiu-zhong-ding-yi-kan-jie-qian-zhang-5bei-zhen-de-you-dian-guo-huo.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f1.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://e8dcf410f0bc838e0d9790e74ac3cf4b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 17:50:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
62339
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 29 Nov 2023 17:50:35 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 8961 		1 KB
760 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/huang-zi-jiao-xia-biao-zao-qu-xiao-ding-dan-bei-mai-jia-yao-qiu-zhong-ding-yi-kan-jie-qian-zhang-5bei-zhen-de-you-dian-guo-huo.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://e8dcf410f0bc838e0d9790e74ac3cf4b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
48760
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 15 Nov 2023 21:36:53 GMT
etag
48472445140208031
expires
Thu, 16 Nov 2023 21:36:53 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 04C1 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/huang-zi-jiao-xia-biao-zao-qu-xiao-ding-dan-bei-mai-jia-yao-qiu-zhong-ding-yi-kan-jie-qian-zhang-5bei-zhen-de-you-dian-guo-huo.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f1.1e100.net
Software
cafe /
Resource Hash
3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://e8dcf410f0bc838e0d9790e74ac3cf4b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 21:33:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
48988
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8541
x-xss-protection
0
server
cafe
etag
737174102934380276
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 29 Nov 2023 21:33:06 GMT
l
www.google.com/ads/measurement/ Frame 04C1 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRRwGJiNqam32tax8VSdu-xFsvTfNE3KcXCubB7GKaQTp0ix0LRC8uH63uDUeiAZuJHyJ0XjLDw6JQ_6FfhKjBcQqUWLg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/huang-zi-jiao-xia-biao-zao-qu-xiao-ding-dan-bei-mai-jia-yao-qiu-zhong-ding-yi-kan-jie-qian-zhang-5bei-zhen-de-you-dian-guo-huo.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f4.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://e8dcf410f0bc838e0d9790e74ac3cf4b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 04C1 		203 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/huang-zi-jiao-xia-biao-zao-qu-xiao-ding-dan-bei-mai-jia-yao-qiu-zhong-ding-yi-kan-jie-qian-zhang-5bei-zhen-de-you-dian-guo-huo.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f2.1e100.net
Software
sffe /
Resource Hash
f68b49b743e29d28f46d9321318cd1fbdc017ddd6a4bdcdac1730ffc20b9f60e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://e8dcf410f0bc838e0d9790e74ac3cf4b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 11:09:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65395
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1700052045412510"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 16 Nov 2023 11:09:33 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 04C1 		42 B
112 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CPGLTF5VnUNoH3oFv5hcrtJ5XMVtVFLJRm5dkWjzkIhMvZyNlN9P2nH07XXAgKMF42aNVFa9MgaedePNQbZxixdLMNlGs1XNUSBsvN3wJVDy89vUk
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/huang-zi-jiao-xia-biao-zao-qu-xiao-ding-dan-bei-mai-jia-yao-qiu-zhong-ding-yi-kan-jie-qian-zhang-5bei-zhen-de-you-dian-guo-huo.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://e8dcf410f0bc838e0d9790e74ac3cf4b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Nov 2023 11:09:33 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
interstitial_ad_frame_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/ Frame 172C 		21 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/interstitial_ad_frame_fy2021.js
Requested by
Host: e8dcf410f0bc838e0d9790e74ac3cf4b.safeframe.googlesyndication.com
URL: https://e8dcf410f0bc838e0d9790e74ac3cf4b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f1.1e100.net
Software
cafe /
Resource Hash
25b1b4e9934aa4cb8e8bdf5fd7911f6ec67acde6b6b39f1561aec2244f7826af
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://e8dcf410f0bc838e0d9790e74ac3cf4b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 17:53:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
62186
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8781
x-xss-protection
0
server
cafe
etag
9666818975682992898
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 29 Nov 2023 17:53:08 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame AA6E 		100 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
28ff285bbb2eab4fafcb904dea173b2a35808136651c92613326c072da49169c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 11:09:33 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31364
x-xss-protection
0
server
cafe
etag
971 / 19677 / m202311090101 / config-hash: 12061389886161084213
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 16 Nov 2023 11:09:33 GMT
generic
match.adsrvr.org/track/cmf/ Frame 22F1 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8uHkCLAbkc88eGz07IxPI5549Nnp2Ri4AAABgYID-AImtPDaTazlYyxymjVu0MhnXwt3MtFatJr7JarUaLmwLIyCxlcdmci0Ha5nDtHGLVibjWribmdaq1cQ3Wa1Ww4VtYQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AaBmGg6HT7XvV73-90lPs9c4_cr_ELXw-5zS59uqdPhdwufDrfE6fC7pQ-_W_F6C58Ov1vktPvcIofdLXE53WqH0y11OtzKh9-teLre0qPf7nOLnHafW_l0ax12t9TpciueDrtbenTYfW7VxOV0S48uu1vkciv_rrfI6bC7da6_W-j624Wmt9kOAAAAAB78____QwAAAACIAAAAACABAAAAgEJAhX8LAhcAAAAAMPz___9rAHjmkPA20-Vp97ns_gAAAAAAAgAAAIAEAAL6YQmAGOO9E___________MQboM29k_P___98w6AHw4APgQQgAAMDHkC2spwusCtVZIgWwRRgBAAAAkC3GvzgySSeoWFT5___vtwJwBQAgYPFaGkw8i-6gxFsYAAAAgTEL9LD4_WaHXeN3u8z_________v5n_M_9ohHp64tIA9cORqvkFBABY8wsIAMBG3RTMvRmAE3QIWjEYrE5AzA4AAADAnf___389IOPczQwL12hhcjgHG5tvNFptRhbPxGPYmHyrzXJ7NrRYxyAB6ND7bAjL7PcdFJTT02N2GWQsl8kgPmgYlpNBMD8TthitJpPNcjhbLiaD4Wg4Gu2PAC4HaCIGy-VkspjsVqPVaDPcjWaDBRKIwQRRtGgwWY1Gk8VkuBpNVrPlYrfbIIpWrWajzWC4mk1mu91qOBguRyM0YYvRajLZLIez5WIyGI6Go9EQwZDNY9yshiO3yLWbuEWTxcSt3M0sbo1ps1iNNjaXb-Jai14f08c0841cDi8SDPDci-RpkU4UG8NwtxoMJhaTZeSbbHazkWVk2ngGC5tvNhhOJmKJ5mSRTmSXfce5mxkWrtHC5HAONjbfaLTajCyeicewMflWm-W-ZPMYN6vhyC1y7SZu0WQxcSt3M4tbY9osVqONzeWbuNai18f0Mc18I5fD39gNBovNZLkb7Bu7wWCxmSx3g32HzvBdfc5GZVkl-ei0ffNiW645DQqXweJ9qU_nYcFYkE47R6fM4XgWdUa_3-_3-_1-v9_vN2g9B7NB4Xse_sLpY3kuh7PRg9hgUMQSwUU6ETzMbofp5Zb4PBu_RSxRmi7SiV7hF7oedp9b-nRLnQ6_W_h0uCVOh98tffjditdb-HT43SKn3ecWOexuicvpVjucbqnT4VY-_G7F0_WWHv12n1vktPvcyqdb67C7pU6XW_F02N3So8Puc6smLqdbenTZ3SKXW_l3vUVOh92tc_3dQtffLjS9zRaxRHC6SCeil_F0Uf-RQ-yGc8VyN5eMhnPJZpUAAAAAAAAAACzBNNNNAAAAAJwMargZLlbrdDCT2WSwWy0XwEVQli5gEAAAAAAAgGKNPdYAD7PbYXq5JT7Pxm9lABLMecw2-4wg1mq1rAEAAAhgAwAACOCmG28CwaO4_____3EAAABk5NADAACg3weEFbBe6IErxa8gFoPdav8AVIi1Wq1uN9ZqtQIWyHIx2E3g____Pw!&cmcv=&pix=undefined&cb=1700132973292&uv=3358&tms=1700132973292&abt=adxsub-out_vA!adxsub-out_vB!tbt_player!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=6ecfd590-fa4c-4ed8-87f4-55b725558a6a&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 11:09:33 GMT
server
Kestrel
content-length
70
content-type
image/gif
/
sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/ Frame 22F1
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/taboola/dfc8358d-d57b-421b-97fb-c43154cfe7b5-tuctc4f7dea?gdpr=1&us_privacy=1---
  • https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-_qyKQZlE2oTt.orc83JqVf5_56mCqTS14ojb3w--~A
0
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-_qyKQZlE2oTt.orc83JqVf5_56mCqTS14ojb3w--~A
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8uHkCLAbkc88eGz07IxPI5549Nnp2Ri4AAABgYID-AImtPDaTazlYyxymjVu0MhnXwt3MtFatJr7JarUaLmwLIyCxlcdmci0Ha5nDtHGLVibjWribmdaq1cQ3Wa1Ww4VtYQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AaBmGg6HT7XvV73-90lPs9c4_cr_ELXw-5zS59uqdPhdwufDrfE6fC7pQ-_W_F6C58Ov1vktPvcIofdLXE53WqH0y11OtzKh9-teLre0qPf7nOLnHafW_l0ax12t9TpciueDrtbenTYfW7VxOV0S48uu1vkciv_rrfI6bC7da6_W-j624Wmt9kOAAAAAB78____QwAAAACIAAAAACABAAAAgEJAhX8LAhcAAAAAMPz___9rAHjmkPA20-Vp97ns_gAAAAAAAgAAAIAEAAL6YQmAGOO9E___________MQboM29k_P___98w6AHw4APgQQgAAMDHkC2spwusCtVZIgWwRRgBAAAAkC3GvzgySSeoWFT5___vtwJwBQAgYPFaGkw8i-6gxFsYAAAAgTEL9LD4_WaHXeN3u8z_________v5n_M_9ohHp64tIA9cORqvkFBABY8wsIAMBG3RTMvRmAE3QIWjEYrE5AzA4AAADAnf___389IOPczQwL12hhcjgHG5tvNFptRhbPxGPYmHyrzXJ7NrRYxyAB6ND7bAjL7PcdFJTT02N2GWQsl8kgPmgYlpNBMD8TthitJpPNcjhbLiaD4Wg4Gu2PAC4HaCIGy-VkspjsVqPVaDPcjWaDBRKIwQRRtGgwWY1Gk8VkuBpNVrPlYrfbIIpWrWajzWC4mk1mu91qOBguRyM0YYvRajLZLIez5WIyGI6Go9EQwZDNY9yshiO3yLWbuEWTxcSt3M0sbo1ps1iNNjaXb-Jai14f08c0841cDi8SDPDci-RpkU4UG8NwtxoMJhaTZeSbbHazkWVk2ngGC5tvNhhOJmKJ5mSRTmSXfce5mxkWrtHC5HAONjbfaLTajCyeicewMflWm-W-ZPMYN6vhyC1y7SZu0WQxcSt3M4tbY9osVqONzeWbuNai18f0Mc18I5fD39gNBovNZLkb7Bu7wWCxmSx3g32HzvBdfc5GZVkl-ei0ffNiW645DQqXweJ9qU_nYcFYkE47R6fM4XgWdUa_3-_3-_1-v9_vN2g9B7NB4Xse_sLpY3kuh7PRg9hgUMQSwUU6ETzMbofp5Zb4PBu_RSxRmi7SiV7hF7oedp9b-nRLnQ6_W_h0uCVOh98tffjditdb-HT43SKn3ecWOexuicvpVjucbqnT4VY-_G7F0_WWHv12n1vktPvcyqdb67C7pU6XW_F02N3So8Puc6smLqdbenTZ3SKXW_l3vUVOh92tc_3dQtffLjS9zRaxRHC6SCeil_F0Uf-RQ-yGc8VyN5eMhnPJZpUAAAAAAAAAACzBNNNNAAAAAJwMargZLlbrdDCT2WSwWy0XwEVQli5gEAAAAAAAgGKNPdYAD7PbYXq5JT7Pxm9lABLMecw2-4wg1mq1rAEAAAhgAwAACOCmG28CwaO4_____3EAAABk5NADAACg3weEFbBe6IErxa8gFoPdav8AVIi1Wq1uN9ZqtQIWyHIx2E3g____Pw!&cmcv=&pix=undefined&cb=1700132973292&uv=3358&tms=1700132973292&abt=adxsub-out_vA!adxsub-out_vB!tbt_player!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=6ecfd590-fa4c-4ed8-87f4-55b725558a6a&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 11:09:34 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
20313

Redirect headers

date
Thu, 16 Nov 2023 11:09:34 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-_qyKQZlE2oTt.orc83JqVf5_56mCqTS14ojb3w--~A
content-length
0
sync
x.bidswitch.net/ Frame 22F1 		43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8uHkCLAbkc88eGz07IxPI5549Nnp2Ri4AAABgYID-AImtPDaTazlYyxymjVu0MhnXwt3MtFatJr7JarUaLmwLIyCxlcdmci0Ha5nDtHGLVibjWribmdaq1cQ3Wa1Ww4VtYQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AaBmGg6HT7XvV73-90lPs9c4_cr_ELXw-5zS59uqdPhdwufDrfE6fC7pQ-_W_F6C58Ov1vktPvcIofdLXE53WqH0y11OtzKh9-teLre0qPf7nOLnHafW_l0ax12t9TpciueDrtbenTYfW7VxOV0S48uu1vkciv_rrfI6bC7da6_W-j624Wmt9kOAAAAAB78____QwAAAACIAAAAACABAAAAgEJAhX8LAhcAAAAAMPz___9rAHjmkPA20-Vp97ns_gAAAAAAAgAAAIAEAAL6YQmAGOO9E___________MQboM29k_P___98w6AHw4APgQQgAAMDHkC2spwusCtVZIgWwRRgBAAAAkC3GvzgySSeoWFT5___vtwJwBQAgYPFaGkw8i-6gxFsYAAAAgTEL9LD4_WaHXeN3u8z_________v5n_M_9ohHp64tIA9cORqvkFBABY8wsIAMBG3RTMvRmAE3QIWjEYrE5AzA4AAADAnf___389IOPczQwL12hhcjgHG5tvNFptRhbPxGPYmHyrzXJ7NrRYxyAB6ND7bAjL7PcdFJTT02N2GWQsl8kgPmgYlpNBMD8TthitJpPNcjhbLiaD4Wg4Gu2PAC4HaCIGy-VkspjsVqPVaDPcjWaDBRKIwQRRtGgwWY1Gk8VkuBpNVrPlYrfbIIpWrWajzWC4mk1mu91qOBguRyM0YYvRajLZLIez5WIyGI6Go9EQwZDNY9yshiO3yLWbuEWTxcSt3M0sbo1ps1iNNjaXb-Jai14f08c0841cDi8SDPDci-RpkU4UG8NwtxoMJhaTZeSbbHazkWVk2ngGC5tvNhhOJmKJ5mSRTmSXfce5mxkWrtHC5HAONjbfaLTajCyeicewMflWm-W-ZPMYN6vhyC1y7SZu0WQxcSt3M4tbY9osVqONzeWbuNai18f0Mc18I5fD39gNBovNZLkb7Bu7wWCxmSx3g32HzvBdfc5GZVkl-ei0ffNiW645DQqXweJ9qU_nYcFYkE47R6fM4XgWdUa_3-_3-_1-v9_vN2g9B7NB4Xse_sLpY3kuh7PRg9hgUMQSwUU6ETzMbofp5Zb4PBu_RSxRmi7SiV7hF7oedp9b-nRLnQ6_W_h0uCVOh98tffjditdb-HT43SKn3ecWOexuicvpVjucbqnT4VY-_G7F0_WWHv12n1vktPvcyqdb67C7pU6XW_F02N3So8Puc6smLqdbenTZ3SKXW_l3vUVOh92tc_3dQtffLjS9zRaxRHC6SCeil_F0Uf-RQ-yGc8VyN5eMhnPJZpUAAAAAAAAAACzBNNNNAAAAAJwMargZLlbrdDCT2WSwWy0XwEVQli5gEAAAAAAAgGKNPdYAD7PbYXq5JT7Pxm9lABLMecw2-4wg1mq1rAEAAAhgAwAACOCmG28CwaO4_____3EAAABk5NADAACg3weEFbBe6IErxa8gFoPdav8AVIi1Wq1uN9ZqtQIWyHIx2E3g____Pw!&cmcv=&pix=undefined&cb=1700132973292&uv=3358&tms=1700132973292&abt=adxsub-out_vA!adxsub-out_vB!tbt_player!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=6ecfd590-fa4c-4ed8-87f4-55b725558a6a&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.65.51.143 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-65-51-143.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 11:09:33 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
generic
match.adsrvr.org/track/cmf/ Frame 0BF4 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8uHkCLAbkc88eGz07IxPI5549Nnp2Ri4AAABgYID-AImtPDaTazlYyxymjVu0MhnXwt3MtFatJr7JarUaLmwLIyCxlcdmci0Ha5nDtHGLVibjWribmdaq1cQ3Wa1Ww4VtYQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AaBmGg6HT7XvV73-90lPs9c4_cr_ELXw-5zS59uqdPhdwufDrfE6fC7pQ-_W_F6C58Ov1vktPvcIofdLXE53WqH0y11OtzKh9-teLre0qPf7nOLnHafW_l0ax12t9TpciueDrtbenTYfW7VxOV0S48uu1vkciv_rrfI6bC7da6_W-j624Wmt9kOAAAAAB78____QwAAAACIAAAAACABAAAAgEJAhX8LAhcAAAAAMPz___9rAHjmkPA20-Vp97ns_gAAAAAAAgAAAIAEAAL6YQmAGOO9E___________MQboM29k_P___98w6AHw4APgQQgAAMDHkC2spwusCtVZIgWwRRgBAAAAkC3GvzgySSeoWFT5___vtwJwBQAgYPFaGkw8i-6gxFsYAAAAgTEL9LD4_WaHXeN3u8z_________v5n_M_9ohHp64tIA9cORqvkFBABY8wsIAMBG3RTMvRmAE3QIWjEYrE5AzA4AAADAnf___389IOPczQwL12hhcjgHG5tvNFptRhbPxGPYmHyrzXJ7NrRYxyAB6ND7bAjL7PcdFJTT02N2GWQsl8kgPmgYlpNBMD8TthitJpPNcjhbLiaD4Wg4Gu2PAC4HaCIGy-VkspjsVqPVaDPcjWaDBRKIwQRRtGgwWY1Gk8VkuBpNVrPlYrfbIIpWrWajzWC4mk1mu91qOBguRyM0YYvRajLZLIez5WIyGI6Go9EQwZDNY9yshiO3yLWbuEWTxcSt3M0sbo1ps1iNNjaXb-Jai14f08c0841cDi8SDPDci-RpkU4UG8NwtxoMJhaTZeSbbHazkWVk2ngGC5tvNhhOJmKJ5mSRTmSXfce5mxkWrtHC5HAONjbfaLTajCyeicewMflWm-W-ZPMYN6vhyC1y7SZu0WQxcSt3M4tbY9osVqONzeWbuNai18f0Mc18I5fD39gNBovNZLkb7Bu7wWCxmSx3g32HzvBdfc5GZVkl-ei0ffNiW645DQqXweJ9qU_nYcFYkE47R6fM4XgWdUa_3-_3-_1-v9_vN2g9B7NB4Xse_sLpY3kuh7PRg9hgUMQSwUU6ETzMbofp5Zb4PBu_RSxRmi7SiV7hF7oedp9b-nRLnQ6_W_h0uCVOh98tffjditdb-HT43SKn3ecWOexuicvpVjucbqnT4VY-_G7F0_WWHv12n1vktPvcyqdb67C7pU6XW_F02N3So8Puc6smLqdbenTZ3SKXW_l3vUVOh92tc_3dQtffLjS9zRaxRHC6SCeil_F0Uf-RQ-yGc8VyN5eMhnPJZpUAAAAAAAAAACzBNNNNAAAAAJwMargZLlbrdDCT2WSwWy0XwEVQli5gEAAAAAAAgGKNPdYAD7PbYXq5JT7Pxm9lABLMecw2-4wg1mq1rAEAAAhgAwAACOCmG28CwaO4_____3EAAABk5NADAACg3weEFbBe6IErxa8gFoPdav8AVIi1Wq1uN9ZqtQIWyHIx2E3g____Pw!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 11:09:33 GMT
server
Kestrel
content-length
70
content-type
image/gif
/
sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/ Frame 0BF4
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/taboola/dfc8358d-d57b-421b-97fb-c43154cfe7b5-tuctc4f7dea?gdpr=1&us_privacy=1---
  • https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-_qyKQZlE2oTt.orc83JqVf5_56mCqTS14ojb3w--~A
0
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-_qyKQZlE2oTt.orc83JqVf5_56mCqTS14ojb3w--~A
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8uHkCLAbkc88eGz07IxPI5549Nnp2Ri4AAABgYID-AImtPDaTazlYyxymjVu0MhnXwt3MtFatJr7JarUaLmwLIyCxlcdmci0Ha5nDtHGLVibjWribmdaq1cQ3Wa1Ww4VtYQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AaBmGg6HT7XvV73-90lPs9c4_cr_ELXw-5zS59uqdPhdwufDrfE6fC7pQ-_W_F6C58Ov1vktPvcIofdLXE53WqH0y11OtzKh9-teLre0qPf7nOLnHafW_l0ax12t9TpciueDrtbenTYfW7VxOV0S48uu1vkciv_rrfI6bC7da6_W-j624Wmt9kOAAAAAB78____QwAAAACIAAAAACABAAAAgEJAhX8LAhcAAAAAMPz___9rAHjmkPA20-Vp97ns_gAAAAAAAgAAAIAEAAL6YQmAGOO9E___________MQboM29k_P___98w6AHw4APgQQgAAMDHkC2spwusCtVZIgWwRRgBAAAAkC3GvzgySSeoWFT5___vtwJwBQAgYPFaGkw8i-6gxFsYAAAAgTEL9LD4_WaHXeN3u8z_________v5n_M_9ohHp64tIA9cORqvkFBABY8wsIAMBG3RTMvRmAE3QIWjEYrE5AzA4AAADAnf___389IOPczQwL12hhcjgHG5tvNFptRhbPxGPYmHyrzXJ7NrRYxyAB6ND7bAjL7PcdFJTT02N2GWQsl8kgPmgYlpNBMD8TthitJpPNcjhbLiaD4Wg4Gu2PAC4HaCIGy-VkspjsVqPVaDPcjWaDBRKIwQRRtGgwWY1Gk8VkuBpNVrPlYrfbIIpWrWajzWC4mk1mu91qOBguRyM0YYvRajLZLIez5WIyGI6Go9EQwZDNY9yshiO3yLWbuEWTxcSt3M0sbo1ps1iNNjaXb-Jai14f08c0841cDi8SDPDci-RpkU4UG8NwtxoMJhaTZeSbbHazkWVk2ngGC5tvNhhOJmKJ5mSRTmSXfce5mxkWrtHC5HAONjbfaLTajCyeicewMflWm-W-ZPMYN6vhyC1y7SZu0WQxcSt3M4tbY9osVqONzeWbuNai18f0Mc18I5fD39gNBovNZLkb7Bu7wWCxmSx3g32HzvBdfc5GZVkl-ei0ffNiW645DQqXweJ9qU_nYcFYkE47R6fM4XgWdUa_3-_3-_1-v9_vN2g9B7NB4Xse_sLpY3kuh7PRg9hgUMQSwUU6ETzMbofp5Zb4PBu_RSxRmi7SiV7hF7oedp9b-nRLnQ6_W_h0uCVOh98tffjditdb-HT43SKn3ecWOexuicvpVjucbqnT4VY-_G7F0_WWHv12n1vktPvcyqdb67C7pU6XW_F02N3So8Puc6smLqdbenTZ3SKXW_l3vUVOh92tc_3dQtffLjS9zRaxRHC6SCeil_F0Uf-RQ-yGc8VyN5eMhnPJZpUAAAAAAAAAACzBNNNNAAAAAJwMargZLlbrdDCT2WSwWy0XwEVQli5gEAAAAAAAgGKNPdYAD7PbYXq5JT7Pxm9lABLMecw2-4wg1mq1rAEAAAhgAwAACOCmG28CwaO4_____3EAAABk5NADAACg3weEFbBe6IErxa8gFoPdav8AVIi1Wq1uN9ZqtQIWyHIx2E3g____Pw!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 11:09:34 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
20315

Redirect headers

date
Thu, 16 Nov 2023 11:09:34 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-_qyKQZlE2oTt.orc83JqVf5_56mCqTS14ojb3w--~A
content-length
0
bulk-metrics
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
243 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/bulk-metrics?tvi48=9598&tvi50=11075&route=AM%3AIL%3AV&lti=deflated&bulkSize=1
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231115-12-RELEASE.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://www.bg3.co
pragma
no-cache
date
Thu, 16 Nov 2023 11:09:33 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
profile%3Aezone-teaser940x528
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//mim.p7s1.io/pis/mw/fdebjq5FgV8h73OMk30hSmQ3ksnTujGLThfZrJTemL4yREOdH4xmFM2deImx6D... 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//mim.p7s1.io/pis/mw/fdebjq5FgV8h73OMk30hSmQ3ksnTujGLThfZrJTemL4yREOdH4xmFM2deImx6DNMg-N70eTHVG2zsG3jFxHgwMu8dUBQ9IEq7W2LjI75cilIOA/profile%3Aezone-teaser940x528
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/huang-zi-jiao-xia-biao-zao-qu-xiao-ding-dan-bei-mai-jia-yao-qiu-zhong-ding-yi-kan-jie-qian-zhang-5bei-zhen-de-you-dian-guo-huo.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
39cd2d94116bd462c6fc4bbae33b9f5a084523d19e03d79231a7af0421c274ec

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Thu, 16 Nov 2023 11:09:33 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//mim.p7s1.io/pis/mw/fdebjq5FgV8h73OMk30hSmQ3ksnTujGLThfZrJTemL4yREOdH4xmFM2deImx6DNMg-N70eTHVG2zsG3jFxHgwMu8dUBQ9IEq7W2LjI75cilIOA/profile%3Aezone-teaser940x528
age
1909688
edge-cache-tag
332148772397168287270586239145648000460,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
cache-tag
332148772397168287270586239145648000460,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
264
req-referer
https://www.news.de/
content-length
6178
x-request-id
2387b69825d4d6a9b3149f518e1a4d2f
x-backend-name
CH_nlb802
x-served-by
cache-iad-kcgs7200167-IAD, cache-iad-kiad7000057-IAD, cache-lga21931-LGA, cache-iad-kcgs7200111-IAD, cache-fra-eddf8230085-FRA
last-modified
Tue, 24 Oct 2023 13:38:36 GMT
server
nginx
surrogate-reporting
width=160,height=160,bytes=6761,owidth=940,oheight=529,obytes=98579
x-timer
S1700132974.942677,VS0,VE1
etag
"7d2cd9ee66d887ed4b782d57e006b122"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 2, 1
2369446f435814c2884566242ca9cebe.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2369446f435814c2884566242ca9cebe.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/huang-zi-jiao-xia-biao-zao-qu-xiao-ding-dan-bei-mai-jia-yao-qiu-zhong-ding-yi-kan-jie-qian-zhang-5bei-zhen-de-you-dian-guo-huo.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
4071cc9edb33dac75c471b3635d7e4660041b2534fd61b23177c77e2274a3e9c

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Thu, 16 Nov 2023 11:09:33 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2369446f435814c2884566242ca9cebe.jpg
age
1427799
edge-cache-tag
563848386788618383252994488150488470583,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
cache-tag
563848386788618383252994488150488470583,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
462
req-referer
https://manithan.com/
content-length
10264
x-request-id
8d200c1e23e3e61a09dec286f2cb04f6
x-backend-name
CH_nlb803
x-served-by
cache-iad-kjyo7100091-IAD, cache-iad-kjyo7100093-IAD, cache-iad-kiad7000143-IAD, cache-fra-eddf8230085-FRA
last-modified
Thu, 07 Sep 2023 18:54:32 GMT
server
nginx
surrogate-reporting
width=160,height=160,bytes=18208,owidth=615,oheight=460,obytes=91314
x-timer
S1700132974.942675,VS0,VE1
etag
"4c7092fc6c6d64c696a9ed90361b33b9"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 17, 1
72b4885f70b55eff9e0ea334d56db5a6.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/72b4885f70b55eff9e0ea334d56db5a6.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/huang-zi-jiao-xia-biao-zao-qu-xiao-ding-dan-bei-mai-jia-yao-qiu-zhong-ding-yi-kan-jie-qian-zhang-5bei-zhen-de-you-dian-guo-huo.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
cad345c15d9e6ff758b91b4fb6ac61e2f7f5cd80462219dc77ed5df51a742f88

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Thu, 16 Nov 2023 11:09:33 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/72b4885f70b55eff9e0ea334d56db5a6.png
age
2944432
edge-cache-tag
584044035095160462806265021726578545844,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
cache-tag
584044035095160462806265021726578545844,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
x-cache
Miss from cloudfront, MISS, MISS, MISS, MISS, HIT
x-envoy-upstream-service-time
181
expiration
expiry-date="Thu, 19 Oct 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://verliebtinkoeln.com/
content-length
5708
x-backend-name
LA_nlb203
x-served-by
cache-iad-kjyo7100059-IAD, cache-iad-kcgs7200153-IAD, cache-lax10676-LGB, cache-iad-kiad7000054-IAD, cache-fra-eddf8230085-FRA
last-modified
Mon, 18 Sep 2023 13:36:23 GMT
server
nginx
surrogate-reporting
width=160,height=160,bytes=8028,owidth=715,oheight=504,obytes=489555
x-timer
S1700132974.957405,VS0,VE1
etag
"8928ef31342aecc4e2a184126738ad31"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 0, 1
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame BA36 		150 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
e806ca5d062ac425b2f5459eb2ae5f00d48bacfb1ba73cd7e1e1d5d686eb807e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 11:09:34 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52809
x-xss-protection
0
server
cafe
etag
4492193383960392316
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 16 Nov 2023 11:09:34 GMT
rules-p-54Nt-1NAaEEe0.js
rules.quantcount.com/ 		160 B
643 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-54Nt-1NAaEEe0.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-31.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
edc30a0e05622f71d52d07a0b7b5e94e654ee06854f893be1954336730eb0db6

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 10:14:32 GMT
via
1.1 83f1b8f73f37458f38e2ee1fc0b9e68c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
3302
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
160
last-modified
Thu, 13 Oct 2022 15:29:19 GMT
server
AmazonS3
etag
"05b131079c67d484167fd1b1f6c79577"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
59G4eagOSCZ6V2iim6tOfEEuRbfyH7oJ8Bk9T1OQoaRxFUYmBEyYaQ==
usync.html
eus.rubiconproject.com/ Frame F432 		281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8uHkCLAbkc88eGz07IxPI5549Nnp2Ri4AAABgYID-AImtPDaTazlYyxymjVu0MhnXwt3MtFatJr7JarUaLmwLIyCxlcdmci0Ha5nDtHGLVibjWribmdaq1cQ3Wa1Ww4VtYQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AaBmGg6HT7XvV73-90lPs9c4_cr_ELXw-5zS59uqdPhdwufDrfE6fC7pQ-_W_F6C58Ov1vktPvcIofdLXE53WqH0y11OtzKh9-teLre0qPf7nOLnHafW_l0ax12t9TpciueDrtbenTYfW7VxOV0S48uu1vkciv_rrfI6bC7da6_W-j624Wmt9kOAAAAAB78____QwAAAACIAAAAACABAAAAgEJAhX8LAhcAAAAAMPz___9rAHjmkPA20-Vp97ns_gAAAAAAAgAAAIAEAAL6YQmAGOO9E___________MQboM29k_P___98w6AHw4APgQQgAAMDHkC2spwusCtVZIgWwRRgBAAAAkC3GvzgySSeoWFT5___vtwJwBQAgYPFaGkw8i-6gxFsYAAAAgTEL9LD4_WaHXeN3u8z_________v5n_M_9ohHp64tIA9cORqvkFBABY8wsIAMBG3RTMvRmAE3QIWjEYrE5AzA4AAADAnf___389IOPczQwL12hhcjgHG5tvNFptRhbPxGPYmHyrzXJ7NrRYxyAB6ND7bAjL7PcdFJTT02N2GWQsl8kgPmgYlpNBMD8TthitJpPNcjhbLiaD4Wg4Gu2PAC4HaCIGy-VkspjsVqPVaDPcjWaDBRKIwQRRtGgwWY1Gk8VkuBpNVrPlYrfbIIpWrWajzWC4mk1mu91qOBguRyM0YYvRajLZLIez5WIyGI6Go9EQwZDNY9yshiO3yLWbuEWTxcSt3M0sbo1ps1iNNjaXb-Jai14f08c0841cDi8SDPDci-RpkU4UG8NwtxoMJhaTZeSbbHazkWVk2ngGC5tvNhhOJmKJ5mSRTmSXfce5mxkWrtHC5HAONjbfaLTajCyeicewMflWm-W-ZPMYN6vhyC1y7SZu0WQxcSt3M4tbY9osVqONzeWbuNai18f0Mc18I5fD39gNBovNZLkb7Bu7wWCxmSx3g32HzvBdfc5GZVkl-ei0ffNiW645DQqXweJ9qU_nYcFYkE47R6fM4XgWdUa_3-_3-_1-v9_vN2g9B7NB4Xse_sLpY3kuh7PRg9hgUMQSwUU6ETzMbofp5Zb4PBu_RSxRmi7SiV7hF7oedp9b-nRLnQ6_W_h0uCVOh98tffjditdb-HT43SKn3ecWOexuicvpVjucbqnT4VY-_G7F0_WWHv12n1vktPvcyqdb67C7pU6XW_F02N3So8Puc6smLqdbenTZ3SKXW_l3vUVOh92tc_3dQtffLjS9zRaxRHC6SCeil_F0Uf-RQ-yGc8VyN5eMhnPJZpUAAAAAAAAAACzBNNNNAAAAAJwMargZLlbrdDCT2WSwWy0XwEVQli5gEAAAAAAAgGKNPdYAD7PbYXq5JT7Pxm9lABLMecw2-4wg1mq1rAEAAAhgAwAACOCmG28CwaO4_____3EAAABk5NADAACg3weEFbBe6IErxa8gFoPdav8AVIi1Wq1uN9ZqtQIWyHIx2E3g____Pw!&excid=22&docw=0&cijs=1&nlb=false
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-22-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://am-match.taboola.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 16 Nov 2023 11:09:34 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
cmOsUnit.css
vidstat.taboola.com/vpaid/units/33_5_8/assets/css/ 		60 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/units/33_5_8/assets/css/cmOsUnit.css
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.5.7/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
83ecdfb76c38605f0e3538a0a9de0f1e57a457a2dfebe0654ee2f9b13c49a2ec

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-meta-mtime
1700031478
date
Thu, 16 Nov 2023 11:09:34 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
01ZE3T7XP57151WV
age
101432
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-meta-ctime
1700031478
x-amz-meta-mode
33188
content-length
7924
x-amz-id-2
k9gB+Y29FuCyJHskv/394eW+LOyrVO+qIGhB9T9SBj9XBZsWz0mtij14fjN8fn2goV1aIx2T/Zg=
x-served-by
cache-fra-eddf8230085-FRA
last-modified
Wed, 15 Nov 2023 06:57:59 GMT
server
AmazonS3-br
x-timer
S1700132974.125502,VS0,VE0
etag
"a6067988de416f653559cce5285c7c1b"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
121669
cmTagFEED_MANAGER.js
vidstat.taboola.com/vpaid/units/33_5_8/infra/ 		604 KB
121 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/units/33_5_8/infra/cmTagFEED_MANAGER.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.5.7/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
b87f3aad27cbbca4f420872f410bde6254aa7235d6db390730f1d9f46511dd97

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-meta-mtime
1700031467
date
Thu, 16 Nov 2023 11:09:34 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
01Z2TXEZZ8JF4AVH
age
101432
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-meta-ctime
1700031468
x-amz-meta-mode
33188
content-length
123398
x-amz-id-2
NS2Ow4as7ytlYWEYMfJ1Q7B4SNOr19XVQQpMwKelifcyO9+4eIHJ+x74kkTTgqn0EVOjr+aQJUc=
x-served-by
cache-fra-eddf8230133-FRA
last-modified
Wed, 15 Nov 2023 06:57:49 GMT
server
AmazonS3-br
x-timer
S1700132974.127520,VS0,VE0
etag
"e8023cd27890386539e680dcc790152c"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
102410
usync.js
eus.rubiconproject.com/ Frame 3C81 		46 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-22-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
8d21e83361177be307d7954587f4b3cc9627ba5f7028dc4bf930d81daa356174

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=adiiix
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 16 Nov 2023 11:09:34 GMT
Content-Encoding
gzip
Last-Modified
Wed, 15 Nov 2023 15:20:13 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=15059
Connection
keep-alive
Content-Length
13230
Expires
Thu, 16 Nov 2023 15:20:33 GMT
cds-pips.js
cdn.taboola.com/scripts/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/cds-pips.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231115-12-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bce4b47b8fc12de49fac0a00e9039e38aa568aba0ee9154b93d20465f0289cfa

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
uLMchp7BESXZGZqPSJ8.FcfKBYdWFxIf
content-encoding
gzip
via
1.1 varnish
date
Thu, 16 Nov 2023 11:09:34 GMT
x-amz-request-id
9T8G4R1J257WC6ZV
age
1132
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1347
x-amz-id-2
EtXJZix6twxSRBOalXcDTYlF3ZXZJ0GOcu33LsL8+Qu9Bt435W8ywVX2VgQgr71/qWQ468QSryk=
x-served-by
cache-fra-eddf8230085-FRA
last-modified
Sun, 29 Oct 2023 14:06:32 GMT
server
AmazonS3
x-timer
S1700132974.171507,VS0,VE0
etag
"c52aa1ea682aef8ad5ebf7aff9662e35"
vary
Accept-Encoding
content-type
application/javascript
abp
36
access-control-allow-origin
*
cache-control
private, max-age=3600
accept-ranges
bytes
x-cache-hits
7190
eid.es5.js
cdn.taboola.com/scripts/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/eid.es5.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231115-12-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
12b5eaccd8a9d81a6a12512566d2b72aa7c100b4a261a08ee6aae4679a9e36b4

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
Bqo64Ai0BniIkPPSnUb8_cZLJGu.sClo
content-encoding
gzip
via
1.1 varnish
date
Thu, 16 Nov 2023 11:09:34 GMT
x-amz-request-id
AXB48TVMJDNAM2N4
age
8241
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
6467
x-amz-id-2
b7zQHJfK4QWAGCGQdkiPE/NYuw9ml5U806n4eSZBtDuFhIIlij+/yIbwvs8ktIfKYwcGiAYa9+0=
x-served-by
cache-fra-eddf8230085-FRA
last-modified
Sun, 02 Apr 2023 13:09:57 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1700132974.171492,VS0,VE0
etag
"2fdf3e79d5e851201a0d52a886453d8b"
vary
Accept-Encoding
content-type
application/javascript
abp
21
access-control-allow-origin
*
cache-control
private,max-age=14400
accept-ranges
bytes
x-cache-hits
11416
L2EvaHVhbmctemktamlhby14aWEtYmlhby16YW8tcXUteGlhby1kaW5nLWRhbi1iZWktbWFpLWppYS15YW8tcWl1LXpob25nLWRpbmcteWkta2FuLWppZS1xaWFuLXpoYW5nLTViZWktemhlbi1kZS15b3UtZGlhbi1ndW8taHVvLmh0bWw=.json
cdn.adpushup.com/42753/ 		555 B
245 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/42753/L2EvaHVhbmctemktamlhby14aWEtYmlhby16YW8tcXUteGlhby1kaW5nLWRhbi1iZWktbWFpLWppYS15YW8tcWl1LXpob25nLWRpbmcteWkta2FuLWppZS1xaWFuLXpoYW5nLTViZWktemhlbi1kZS15b3UtZGlhbi1ndW8taHVvLmh0bWw=.json
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
6d83b77c3d8c5c0ccc7078540a1fb0bd9fa43eeb82b89f83264d469aa100c088

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Fri, 15 Nov 2024 11:09:34 GMT
date
Thu, 16 Nov 2023 11:08:34 GMT
content-encoding
br
server
nginx/1.18.0
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
cache-control
max-age=31536000
x-client-device
desktop
x-client-geo
CH
f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ 		254 B
708 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/huang-zi-jiao-xia-biao-zao-qu-xiao-ding-dan-bei-mai-jia-yao-qiu-zhong-ding-yi-kan-jie-qian-zhang-5bei-zhen-de-you-dian-guo-huo.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
date
Thu, 16 Nov 2023 11:09:34 GMT
via
1.1 varnish
x-amz-request-id
1V3H9VCVPBG1B2M0
age
3712
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
254
x-amz-id-2
ecEkqIT2UiXx3kNvrYZW8vzeO4j3+ukvjDCTHGC9cb5Y1awQ9zHumBitHqhNLm54Y/VcUMLqVJ0=
x-served-by
cache-fra-eddf8230085-FRA
last-modified
Wed, 24 Jun 2015 07:14:11 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer
S1700132974.171474,VS0,VE0
etag
"dfa7b52c86e56bd67fa4002f6ed19854"
content-type
image/png
abp
41
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
2974
pixel
cm.g.doubleclick.net/ Frame 3CE3 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_dbm
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJjjZhDYrrgBGL3T2PsBMAE&v=APEucNVe7ho--LeymVHSbAqk9WczmQzMLIQeZPqpPm78UULAeel5cJwHeSSgqcEbu68Ut4kZXHPoqU39CICcoUt7qBF5fyfrsQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Nov 2023 11:09:34 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 3CE3
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOzJuiSmImVyeXS_lnvm1Ts&google_cver=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOzJuiSmImVyeXS_lnvm1Ts&google_cver=1&C=1
43 B
733 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOzJuiSmImVyeXS_lnvm1Ts&google_cver=1&C=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJjjZhDYrrgBGL3T2PsBMAE&v=APEucNVe7ho--LeymVHSbAqk9WczmQzMLIQeZPqpPm78UULAeel5cJwHeSSgqcEbu68Ut4kZXHPoqU39CICcoUt7qBF5fyfrsQ
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Nov 2023 11:09:34 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FyZGLXNLx7sWRM1dKXqEoheCEjnR9AHBLvVcSzXJTOCYP42LFPe%2FGV5FGpSPJpsTwt9MtJknEcJqh5OXQvmqhZVZFVcUFqjdGbeRiZ4L4OnwWlrzAVp6XGaJnxlyVKFy93PVer0bSSj6Sw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
826f48539b6a01df-ZRH
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 16 Nov 2023 11:09:34 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=btHSd7OQl%2BsKJ%2BDjWc6k6eFnoGB53xRpklFYmhxvSE4NL15eJ0oBjeaqh5K3kvNmT6pkX0xeRN5wtqP5%2FYyC17heyt6uQ3h2h7z5GcukWittYQU%2BmXcyBQnoJeSlfAleXr8RQTq%2BIj8x8Q%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
/rum?cm_dsp_id=45&external_user_id=CAESEOzJuiSmImVyeXS_lnvm1Ts&google_cver=1&C=1
cache-control
no-cache
cf-ray
826f485169c60229-ZRH
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
rum
dsum-sec.casalemedia.com/ Frame 3CE3
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZVX4btzE3ScfCHXUwhjfswAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOzJuiSmImVyeXS_lnvm1Ts&google_cver=1
43 B
738 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOzJuiSmImVyeXS_lnvm1Ts&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJjjZhDYrrgBGL3T2PsBMAE&v=APEucNVe7ho--LeymVHSbAqk9WczmQzMLIQeZPqpPm78UULAeel5cJwHeSSgqcEbu68Ut4kZXHPoqU39CICcoUt7qBF5fyfrsQ
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Nov 2023 11:09:34 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x4X3xR7RLEK%2FC2oYMfi%2BfgvB8I972IyUe4jTRbvJFv1wP%2FLrBvdSdyv0NTcbSZVcMMKQyzpb3AKj3JhVYNOS18FfOHvIdlV%2FOomWleGScLQtdKZu6PcuPSLyph61BC%2BGC4mG1Lb1%2F1XfOA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
826f4854ad4801df-ZRH
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 16 Nov 2023 11:09:34 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOzJuiSmImVyeXS_lnvm1Ts&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame F432 		46 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-22-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
8d21e83361177be307d7954587f4b3cc9627ba5f7028dc4bf930d81daa356174

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 16 Nov 2023 11:09:34 GMT
Content-Encoding
gzip
Last-Modified
Wed, 15 Nov 2023 15:20:13 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=15059
Connection
keep-alive
Content-Length
13230
Expires
Thu, 16 Nov 2023 15:20:33 GMT
google
match.adsrvr.org/track/cmf/ Frame 8961 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESEBCVoKXnFpAw97HELaN7ins&google_cver=1&google_push=AXcoOmQ22GzSlK92nrCgUZouble2vOtgTFBlY-r9ZQjzxhPXnMs9JP8Ok99oJC3arp4x7UXO17TPWtVn_VraWLmOqpst9OBz-hn6lA
Requested by
Host: e8dcf410f0bc838e0d9790e74ac3cf4b.safeframe.googlesyndication.com
URL: https://e8dcf410f0bc838e0d9790e74ac3cf4b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 11:09:34 GMT
server
Kestrel
content-length
70
content-type
image/gif
pixel
cm.g.doubleclick.net/ Frame 8961
Redirect Chain
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEHfjZZcYjZfzmJni8qBENbA&google_cver=1&google_push=AXcoOmQbv5O0tImZyaCTsE2GH1O4RQq-jkSCmWPyCqFYNrH8OVbtpxA63XI3fyjzaohAxmGM1RryJ5Xn0aFKULUW6...
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEHfjZZcYjZfzmJni8qBENbA&google_cver=1&google_push=AXcoOmQbv5O0tImZyaCTsE2GH1O4RQq-jkSCmWPyCqFYNrH8OVbtpxA63XI3fyjzaohAxmGM1RryJ5Xn0aFKULUW6...
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmQbv5O0tImZyaCTsE2GH1O4RQq-jkSCmWPyCqFYNrH8OVbtpxA63XI3fyjzaohAxmGM1RryJ5Xn0aFKULUW6RF0f6aQ7Otc&google_hm=Hql9uGZH1CvkZeCYQnORcCxJ
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmQbv5O0tImZyaCTsE2GH1O4RQq-jkSCmWPyCqFYNrH8OVbtpxA63XI3fyjzaohAxmGM1RryJ5Xn0aFKULUW6RF0f6aQ7Otc&google_hm=Hql9uGZH1CvkZeCYQnORcCxJ
Requested by
Host: e8dcf410f0bc838e0d9790e74ac3cf4b.safeframe.googlesyndication.com
URL: https://e8dcf410f0bc838e0d9790e74ac3cf4b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Nov 2023 11:09:35 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Thu, 16 Nov 2023 11:09:35 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmQbv5O0tImZyaCTsE2GH1O4RQq-jkSCmWPyCqFYNrH8OVbtpxA63XI3fyjzaohAxmGM1RryJ5Xn0aFKULUW6RF0f6aQ7Otc&google_hm=Hql9uGZH1CvkZeCYQnORcCxJ
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap6ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
RX-1e642822-578c-4c31-9f7e-c461572976c2-003
sync.targeting.unrulymedia.com/csync/ Frame 8961
Redirect Chain
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEMpl4jm4VrFwFI3ci-E8RDo&google_cver=1&google_push=AXcoOmRBvlW35hdOXs6CxV13RouFEDxGxaLbbZXcJgUHyMLTvna4s3rnK9yMz9XCEr0oD2UojhKIYWIB5jeIDQHY...
  • https://sync.1rx.io/usersync/smaato/572eec4f08?gdpr=0&gdpr_consent=
  • https://sync.1rx.io/usersync/smaato/572eec4f08?zcc=1&cb=1700132975613
  • https://sync.targeting.unrulymedia.com/csync/RX-1e642822-578c-4c31-9f7e-c461572976c2-003
43 B
378 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.targeting.unrulymedia.com/csync/RX-1e642822-578c-4c31-9f7e-c461572976c2-003
Requested by
Host: e8dcf410f0bc838e0d9790e74ac3cf4b.safeframe.googlesyndication.com
URL: https://e8dcf410f0bc838e0d9790e74ac3cf4b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
46.228.174.117 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 11:09:36 GMT
content-length
43
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

Redirect headers

location
https://sync.targeting.unrulymedia.com/csync/RX-1e642822-578c-4c31-9f7e-c461572976c2-003
pragma
no-cache
date
Thu, 16 Nov 2023 11:09:36 GMT
cache-control
no-store, no-cache, must-revalidate
expires
0
content-type
text/html
pixel
cm.g.doubleclick.net/ Frame 8961
Redirect Chain
  • https://ads.yieldmo.com/exptsync?google_gid=CAESEEHFwmswMsTsA6J5tBvc704&google_cver=1&google_push=AXcoOmSpv4sYS-DGcLcHFSBbgYhK5vnw6Sm786r04Hug0i3CjxVnpthL65roCMwO9_Z8UHDifT0oEBfgWITw2ezQpZ7wtkKl-LRd
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AXcoOmSpv4sYS-DGcLcHFSBbgYhK5vnw6Sm786r04Hug0i3CjxVnpthL65roCMwO9_Z8UHDifT0oEBfgWITw2ezQpZ7wtkKl-LRd&google_hm=M0Z5cERNTTY2NU1XamJC...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AXcoOmSpv4sYS-DGcLcHFSBbgYhK5vnw6Sm786r04Hug0i3CjxVnpthL65roCMwO9_Z8UHDifT0oEBfgWITw2ezQpZ7wtkKl-LRd&google_hm=M0Z5cERNTTY2NU1XamJCV1dBSjc=
Requested by
Host: e8dcf410f0bc838e0d9790e74ac3cf4b.safeframe.googlesyndication.com
URL: https://e8dcf410f0bc838e0d9790e74ac3cf4b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Nov 2023 11:09:35 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 16 Nov 2023 11:09:34 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json;charset=utf-8
location
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AXcoOmSpv4sYS-DGcLcHFSBbgYhK5vnw6Sm786r04Hug0i3CjxVnpthL65roCMwO9_Z8UHDifT0oEBfgWITw2ezQpZ7wtkKl-LRd&google_hm=M0Z5cERNTTY2NU1XamJCV1dBSjc=
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
0
pixel
cm.g.doubleclick.net/ Frame 8961
Redirect Chain
  • https://tg.socdm.com/rtb/sync_before?proto=google_ebda&google_gid=CAESEHwoODATnQ4SWC-Y5qPHCpI&google_cver=1&google_push=AXcoOmQrM-fLcXJkMv3-EVX-ZYVyKXuzhlFsfLGKh2fPuU6mxEkFPkqqB_zshnI8PODIzd9Cvgo09...
  • https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=AXcoOmQrM-fLcXJkMv3-EVX-ZYVyKXuzhlFsfLGKh2fPuU6mxEkFPkqqB_zshnI8PODIzd9Cvgo09PQQjGqycmuutVhrJtitkHb6Gg&google_hm=WlZYNGI4Q...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=AXcoOmQrM-fLcXJkMv3-EVX-ZYVyKXuzhlFsfLGKh2fPuU6mxEkFPkqqB_zshnI8PODIzd9Cvgo09PQQjGqycmuutVhrJtitkHb6Gg&google_hm=WlZYNGI4Q281dVlBQUxMRS44TUFBQUFB
Requested by
Host: e8dcf410f0bc838e0d9790e74ac3cf4b.safeframe.googlesyndication.com
URL: https://e8dcf410f0bc838e0d9790e74ac3cf4b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Nov 2023 11:09:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

X-SO-Cluster-ID
0
Date
Thu, 16 Nov 2023 11:09:35 GMT
X-SO-LB-Data
{"ban":false,"clean_query":"\/rtb\/sync_before?proto=google_ebda&google_gid=CAESEHwoODATnQ4SWC-Y5qPHCpI&google_cver=1&google_push=AXcoOmQrM-fLcXJkMv3-EVX-ZYVyKXuzhlFsfLGKh2fPuU6mxEkFPkqqB_zshnI8PODIzd9Cvgo09PQQjGqycmuutVhrJtitkHb6Gg","cluster_id":0,"gdpr":false,"ipv4":"178.197.248.23","key":"ZVX4b8Co5uYAALLE.8MAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"m-ad40"}
X-SO-Key
ZVX4b8Co5uYAALLE.8MAAAAA
Server
nginx
X-SO-Upstream-ID
m-ad40
P3P
CP="See also http://www.scaleout.jp/privacy/"
Location
https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=AXcoOmQrM-fLcXJkMv3-EVX-ZYVyKXuzhlFsfLGKh2fPuU6mxEkFPkqqB_zshnI8PODIzd9Cvgo09PQQjGqycmuutVhrJtitkHb6Gg&google_hm=WlZYNGI4Q281dVlBQUxMRS44TUFBQUFB
Cache-Control
private
X-SO-HostName
m-ad40.dc4p.scaleout.jp
Connection
keep-alive
X-SO-Ads-Time
127
Content-Length
0
X-SO-LB-Hostname
a-tgng40015.dc2p.scaleout.jp
X-SO-IP
178.197.248.23
spacer.gif
an.yandex.ru/resource/ Frame 8961
Redirect Chain
  • https://an.yandex.ru/mapuid/google/CAESEPDB76gklnqKPz6jGVieNQ0?ext-param=AXcoOmSRj-t4pf5JQYQuO56iJSG3CkcoF54x0V29Ab36ZsR6PtT04KD_H9Ow4jnQqkGJLr_biqHcJ4j2ainazKU2L3JCQCbj70fiEDA&partner-tag=yandex_a...
  • https://an.yandex.ru/mapuid/google/CAESEPDB76gklnqKPz6jGVieNQ0?redir-setuniq=1&ext-param=AXcoOmSRj-t4pf5JQYQuO56iJSG3CkcoF54x0V29Ab36ZsR6PtT04KD_H9Ow4jnQqkGJLr_biqHcJ4j2ainazKU2L3JCQCbj70fiEDA&part...
  • https://cm.g.doubleclick.net/pixel?google_nid=yandex_ag&google_hm=CAESEPDB76gklnqKPz6jGVieNQ0&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif
  • https://an.yandex.ru/resource/spacer.gif
43 B
168 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/resource/spacer.gif
Requested by
Host: e8dcf410f0bc838e0d9790e74ac3cf4b.safeframe.googlesyndication.com
URL: https://e8dcf410f0bc838e0d9790e74ac3cf4b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
87.250.250.90 , Russian Federation, ASN208398 (TELETECH, RS),
Reverse DNS
bs.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 11:09:36 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Wed, 18 Apr 2001 10:28:03 GMT
content-type
image/gif
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Thu, 31 Oct 2024 11:09:36 GMT

Redirect headers

pragma
no-cache
date
Thu, 16 Nov 2023 11:09:36 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://an.yandex.ru/resource/spacer.gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
237
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 8961
Redirect Chain
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEOmyU5y0E...
  • https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=9fda2ccc-c830-446d-93e5-b2b049761564&%%GOOGLE_PUSH_PAIR%%
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=9fda2ccc-c830-446d-93e5-b2b049761564&%%GOOGLE_PUSH_PAIR%%
Requested by
Host: e8dcf410f0bc838e0d9790e74ac3cf4b.safeframe.googlesyndication.com
URL: https://e8dcf410f0bc838e0d9790e74ac3cf4b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Nov 2023 11:09:34 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=9fda2ccc-c830-446d-93e5-b2b049761564&%%GOOGLE_PUSH_PAIR%%
date
Thu, 16 Nov 2023 11:09:34 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
attr
cm.g.doubleclick.net/pixel/ Frame 8961 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IgEWLqh-FFW5Bv48yuPt3QNt1joQA92bDFW9eT3EwKzgE3zOfNGCsNBtvnJVEFEoj2F8jMeoE
Requested by
Host: e8dcf410f0bc838e0d9790e74ac3cf4b.safeframe.googlesyndication.com
URL: https://e8dcf410f0bc838e0d9790e74ac3cf4b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 11:09:34 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/ Frame AA6E 		429 KB
134 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
b04dfae5d49297b8b6a514bd8bf1c7bea7ebe622232401a5abed5a92809a2b66
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 10:54:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
928
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
137535
x-xss-protection
0
server
cafe
etag
18342593356503948095
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Fri, 15 Nov 2024 10:54:06 GMT
prebid-request
onetag-sys.com/ 		15 B
546 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/js/achernar/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
https://www.bg3.co
content-type
application/json
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
adxprebid.1.2.aspx
inv-nets.admixer.net/ 		0
262 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://inv-nets.admixer.net/adxprebid.1.2.aspx
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/js/achernar/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
167.235.184.171 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.171.184.235.167.clients.your-server.de
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://www.bg3.co
date
Thu, 16 Nov 2023 11:09:35 GMT
access-control-allow-credentials
true
server
nginx
keep-alive
timeout=25
x-xss-protection
0
p3p
CP="NID DSP ALL COR"
index.html
s0.2mdn.net/sadbundle/2994967784453244426/ Frame 29EA 		225 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/2994967784453244426/index.html?e=69&leftOffset=0&topOffset=0&c=V0csK58Cww&t=1&renderingType=2&ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f6.1e100.net
Software
sffe /
Resource Hash
9e42b4f70aaa7375901f0808578bc14ce10189be7383d4cbb6ba3bd5e92d5e2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://e8dcf410f0bc838e0d9790e74ac3cf4b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Thu, 16 Nov 2023 11:09:36 GMT
expires
Fri, 15 Nov 2024 11:09:36 GMT
last-modified
Mon, 21 Feb 2022 09:47:27 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 340F 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f1.1e100.net
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://e8dcf410f0bc838e0d9790e74ac3cf4b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
38852
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 16 Nov 2023 00:22:02 GMT
expires
Fri, 15 Nov 2024 00:22:02 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
khaos.json
token.rubiconproject.com/ Frame 3C81 		7 B
765 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
402fba8a82f093def2459220061c8d31
Expires
0
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/ Frame BA36 		400 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
99304fe839d400cf61e4d9ebfa9c1af0bbcf225a45d48ee4c0fd62e9442d6230
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 11:09:34 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
138500
x-xss-protection
0
server
cafe
etag
13323596168925957516
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Thu, 16 Nov 2023 11:09:34 GMT
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/ Frame 4692 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s46-in-f2.1e100.net
Software
cafe /
Resource Hash
623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
12567
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4118
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 16 Nov 2023 07:40:08 GMT
etag
16674218716276178799
expires
Thu, 30 Nov 2023 07:40:08 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
js
www.googletagmanager.com/gtag/ 		271 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JLX4K2W8JS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
38d48fc88946e259a899d9e4308175a7421de908e1a17800de365f3ef83fa4bf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 11:09:35 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
91827
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 16 Nov 2023 11:09:35 GMT
/
pips.taboola.com/ 		4 B
119 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pips.taboola.com/
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-served-by
cache-fra-eddf8230133-FRA
date
Thu, 16 Nov 2023 11:09:35 GMT
via
1.1 varnish
server
Varnish
access-control-allow-methods
GET
x-cache
HIT
access-control-allow-origin
https://www.bg3.co
cache-control
no-store
accept-ranges
bytes
content-length
4
retry-after
0
x-cache-hits
0
bulk
trc.taboola.com/palmate-bg3co/log/3/ 		0
327 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/palmate-bg3co/log/3/bulk?tvi48=9598&tvi50=11075&route=AM%3AIL%3AV&lti=deflated&bulkSize=1
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231115-12-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
71
date
Thu, 16 Nov 2023 11:09:35 GMT
via
1.1 varnish
x-fastly-to-nlb-rtt
68993
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-fra-eddf8230085-FRA
pragma
no-cache
server
nginx
x-timer
S1700132975.394646,VS0,VE71
content-type
image/gif
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
auctionData
e3.adpushup.com/AdPushupFeedbackWebService/feedback/aphb/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/aphb/auctionData?data=eyJzaXRlSWQiOjQyNzUzLCJ1cmwiOiJodHRwczovL3d3dy5iZzMuY28vYS9odWFuZy16aS1qaWFvLXhpYS1iaWFvLXphby1xdS14aWFvLWRpbmctZGFuLWJlaS1tYWktamlhLXlhby1xaXUtemhvbmctZGluZy15aS1rYW4tamllLXFpYW4temhhbmctNWJlaS16aGVuLWRlLXlvdS1kaWFuLWd1by1odW8uaHRtbCIsInNpdGVEb21haW4iOiJodHRwczovL2JnMy5jby8iLCJwbGF0Zm9ybSI6IkRFU0tUT1AiLCJwYWNrZXRJZCI6IjAwMDBBNzAxLWM1YjU1YWE4LTczNDYtNGM1My04MzQwLWVhYjRhMDUyYmI4YiIsInBhZ2VHcm91cCI6IkFSVElDTEUiLCJwYWdlVmFyaWF0aW9uSWQiOiI5Njc1MDEyNS1iOTBjLTQ5N2EtODY5OS03MzE3MWY3YjQ5MzUiLCJwYWdlVmFyaWF0aW9uTmFtZSI6IkFkUHVzaHVwIiwicGFnZVZhcmlhdGlvblR5cGUiOjEsInNlY3Rpb25zIjpbeyJzZWN0aW9uSWQiOiI3N2E5YzIyZi1hYzAyLTQ1ZGQtOTZiYy1iMDg5NmE4YTdkNWEiLCJzZWN0aW9uTmFtZSI6IkFQX0xfRF9BUlRJQ0xFXzcyOFgyNTBfNzdhOWMiLCJwbGFjZW1lbnQiOjEsInJlZnJlc2hDb3VudCI6MCwicHJlYmlkQXVjdGlvbklkIjoiODY4ZjU1ZDctNGM3Mi00M2NhLWI2ZDItOTNiNDVjZDM4OTlkIiwidGltZU9mQXVjdGlvbiI6MTcwMDEzMjk3MjU2MiwiYmlkcyI6W3siY3BtIjowLjAxMzc3OTEyNjQ0OTk5OTk5OCwiYWRJZCI6Ijg5NzUyNGU5NTc1ZjZhMyIsIm9yaWdpbmFsQ3BtIjowLjAxMzc3OTEyNjQ0OTk5OTk5OCwiYmlkZGVyIjoib25ldGFnIiwicmV2ZW51ZSI6MC4wMDAwMTM3NzkxMjY0NDk5OTk5OTgsImZvcm1hdFR5cGUiOiJiYW5uZXIiLCJyZXNwb25zZVRpbWUiOjU1NywidGltZU9mQmlkUmVjZWl2ZWQiOjE3MDAxMzI5NzMyMDh9LHsiY3BtIjowLjEsImFkSWQiOiI5MDYxOGM1YTkyZWM4YmUiLCJvcmlnaW5hbENwbSI6MC4xLCJiaWRkZXIiOiJ0ZWFkcyIsInJldmVudWUiOjAuMDAwMSwiZm9ybWF0VHlwZSI6ImJhbm5lciIsInJlc3BvbnNlVGltZSI6NjY0LCJ0aW1lT2ZCaWRSZWNlaXZlZCI6MTcwMDEzMjk3MzMzNH0seyJjcG0iOjAuMSwiYWRJZCI6IjkxM2M3NDYwNTFiOWIzYiIsIm9yaWdpbmFsQ3BtIjowLjEsImJpZGRlciI6InRlYWRzIiwicmV2ZW51ZSI6MC4wMDAxLCJmb3JtYXRUeXBlIjoiYmFubmVyIiwicmVzcG9uc2VUaW1lIjo2NjUsInRpbWVPZkJpZFJlY2VpdmVkIjoxNzAwMTMyOTczMzM1fSx7ImNwbSI6MC4xLCJhZElkIjoiOTI1YzAyODgwM2Y1Mzg2Iiwib3JpZ2luYWxDcG0iOjAuMSwiYmlkZGVyIjoidGVhZHMiLCJyZXZlbnVlIjowLjAwMDEsImZvcm1hdFR5cGUiOiJiYW5uZXIiLCJyZXNwb25zZVRpbWUiOjY2NiwidGltZU9mQmlkUmVjZWl2ZWQiOjE3MDAxMzI5NzMzMzZ9LHsiY3BtIjowLjEsImFkSWQiOiI5M2VlOWExMzFkZDk5NmMiLCJvcmlnaW5hbENwbSI6MC4xLCJiaWRkZXIiOiJ0ZWFkcyIsInJldmVudWUiOjAuMDAwMSwiZm9ybWF0VHlwZSI6ImJhbm5lciIsInJlc3BvbnNlVGltZSI6NjY3LCJ0aW1lT2ZCaWRSZWNlaXZlZCI6MTcwMDEzMjk3MzMzN30seyJjcG0iOjAuMTEsImFkSWQiOiI5NDIyZjQ0ZDIwZDkxZTkiLCJvcmlnaW5hbENwbSI6MC4xMSwiYmlkZGVyIjoidGVhZHMiLCJyZXZlbnVlIjowLjAwMDExLCJmb3JtYXRUeXBlIjoiYmFubmVyIiwicmVzcG9uc2VUaW1lIjo2NjcsInRpbWVPZkJpZFJlY2VpdmVkIjoxNzAwMTMyOTczMzM3fV0sInRpbWVkT3V0QmlkZGVycyI6WyJhbXgiXSwicmVxdWVzdGVkRm9ybWF0cyI6WyJkaXNwbGF5IiwidmlkZW8iLCJuYXRpdmUiXSwicHJlYmlkV2lubmVyIjoidGVhZHMiLCJwcmViaWRXaW5uZXJBZFVuaXRJZCI6Ijk0MjJmNDRkMjBkOTFlOSIsInByZWJpZFdpbm5lckNwbSI6MC4wMDAxMX1dLCJjb3VudHJ5IjoiQ0gifQ%3D%3D&c_b=8650.699996948242
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/huang-zi-jiao-xia-biao-zao-qu-xiao-ding-dan-bei-mai-jia-yao-qiu-zhong-ding-yi-kan-jie-qian-zhang-5bei-zhen-de-you-dian-guo-huo.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Nov 2023 11:09:35 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
g_pbto
1x1.a-mo.net/hbx/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1x1.a-mo.net/hbx/g_pbto?A=undefined&bid=undefined&a=undefined&cn=undefined&aud=undefined&ts=1700132975282&eid=9756f238b8f26f6
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/huang-zi-jiao-xia-biao-zao-qu-xiao-ding-dan-bei-mai-jia-yao-qiu-zhong-ding-yi-kan-jie-qian-zhang-5bei-zhen-de-you-dian-guo-huo.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.6.176.132 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-6-176-132.compute-1.amazonaws.com
Software
MonetEngine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 11:09:35 GMT
cache-control
max-age=0, private, must-revalidate
server
MonetEngine
khaos.json
token.rubiconproject.com/ Frame F432 		7 B
380 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?gdpr=1&us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
402fba8a82f093def2459220061c8d31
Expires
0
publishertag.prebid.135.js
static.criteo.net/js/ld/ 		89 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.135.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
20678c305b50c0988193d64cb34f41e2dcb6f2fa48353106436ea301e07ce70a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 11:09:36 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 24 Feb 2023 07:57:32 GMT
server
nginx
etag
W/"63f86dec-16386"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 17 Nov 2023 11:09:36 GMT
generic
match.adsrvr.org/track/cmf/ Frame 3C81
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=adiiix&khaos=LP139Y10-G-4X8A
  • https://sync.aralego.com/idsync?ucf_nid=dsp-34BA74DB2DB8A36B0867EE4A76799A2&ucf_user_id=LP139Y10-G-4X8A
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol
H2
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 11:09:37 GMT
server
Kestrel
content-length
70
content-type
image/gif

Redirect headers

Location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
Date
Thu, 16 Nov 2023 11:09:36 GMT
Connection
close
Content-Length
111
Vary
Accept, Accept-Encoding
Content-Type
text/plain; charset=utf-8
content_v3.js
vidstat.taboola.com/ 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/content_v3.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/33_5_8/infra/cmTagFEED_MANAGER.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
12af7975664854ca36da674714083fa05297940fce71e42dabf688e2eb19a0f1

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 11:09:35 GMT
via
1.1 857b0dca772798c338c78a1be69c955c.cloudfront.net (CloudFront), 1.1 varnish
content-encoding
gzip
x-amz-cf-pop
FRA60-P1
age
1336358
x-cache
Hit from cloudfront, HIT
content-length
4839
x-served-by
cache-fra-eddf8230085-FRA
last-modified
Wed, 20 Jul 2022 13:23:50 GMT
server
AmazonS3
x-timer
S1700132976.782480,VS0,VE0
etag
"f7533e747bb02a8eb527ada4f2749620"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
WPQDSHjI0-yBKHiRyp0A6R83yvp_1Crbueri-3T9dZgaMPkT7wTTlA==
x-cache-hits
14937
sync
am-match.taboola.com/ Frame D31B 		439 B
524 B 		Document
General
Check archive.org
Download Go to
Full URL
https://am-match.taboola.com/sync?dast=V8uHkCLAbkc88eGz07IxPI5549Nnp2Ri4AAABgYID-AImtPDaTazlYyxymjVu0MhnXwt3MtFatJr7JarUaLmwLIyCxlcdmci0Ha5nDtHGLVibjWribmdaq1cQ3Wa1Ww4VtYQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AaBmGg6HT7XvV73-90lPs9c4_cr_ELXw-5zS59uqdPhdwufDrfE6fC7pQ-_W_F6C58Ov1vktPvcIofdLXE53WqH0y11OtzKh9-teLre0qPf7nOLnHafW_l0ax12t9TpciueDrtbenTYfW7VxOV0S48uu1vkciv_rrfI6bC7da6_W-j624Wmt9kOAAAAAB78____QwAAAACIAAAAACABAAAAgEJAhX8LAhcAAAAAMPz___9rAHjmkPA20-Vp97ns_gAAAAAAAgAAAIAEAAL6YQmAGOO9E___________MQboM29k_P___98w6AHw4APgQQgAAMDHkC2spwusCtVZIgWwRRgBAAAAkC3GvzgySSeoWFT5___vtwJwBQAgYPFaGkw8i-6gxFsYAAAAgTEL9LD4_WaHXeN3u8z_________v5n_M_9ohHp64tIA9cORqvkFBABY8wsIAMBG3RTMvRmAE3QIWjEYrE5AzA4AAADAnf___389IOPczQwL12hhcjgHG5tvNFptRhbPxGPYmHyrzXJ7NrRYxyAB6ND7bAjL7PcdFJTT02N2GWQsl8kgPmgYlpNBMD8TthitJpPNcjhbLiaD4Wg4Gu2PAC4HaCIGy-VkspjsVqPVaDPcjWaDBRKIwQRRtGgwWY1Gk8VkuBpNVrPlYrfbIIpWrWajzWC4mk1mu91qOBguRyM0YYvRajLZLIez5WIyGI6Go9EQwZDNY9yshiO3yLWbuEWTxcSt3M0sbo1ps1iNNjaXb-Jai14f08c0841cDi8SDPDci-RpkU4UG8NwtxoMJhaTZeSbbHazkWVk2ngGC5tvNhhOJmKJ5mSRTmSXfce5mxkWrtHC5HAONjbfaLTajCyeicewMflWm-W-ZPMYN6vhyC1y7SZu0WQxcSt3M4tbY9osVqONzeWbuNai18f0Mc18I5fD39gNBovNZLkb7Bu7wWCxmSx3g32HzvBdfc5GZVkl-ei0ffNiW645DQqXweJ9qU_nYcFYkE47R6fM4XgWdUa_3-_3-_1-v9_vN2g9B7NB4Xse_sLpY3kuh7PRg9hgUMQSwUU6ETzMbofp5Zb4PBu_RSxRmi7SiV7hF7oedp9b-nRLnQ6_W_h0uCVOh98tffjditdb-HT43SKn3ecWOexuicvpVjucbqnT4VY-_G7F0_WWHv12n1vktPvcyqdb67C7pU6XW_F02N3So8Puc6smLqdbenTZ3SKXW_l3vUVOh92tc_3dQtffLjS9zRaxRHC6SCeil_F0Uf-RQ-yGc8VyN5eMhnPJZpUAAAAAAAAAACzBNNNNAAAAAJwMargZLlbrdDCT2WSwWy0XwEVQli5gEAAAAAAAgGKNPdYAD7PbYXq5JT7Pxm9lABLMecw2-4wg1mq1rAEAAAhgAwAACOCmG28CwaO4_____3EAAABk5NADAACg3weEFbBe6IErxa8gFoPdav8AVIi1Wq1uN9ZqtQIWyHIx2E3g____Pw!&excid=22&docw=0&cijs=1&nlb=false
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/33_5_8/infra/cmTagFEED_MANAGER.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
5f3bb7d2144b8517557196ef7763e8dc3e394f490a2ef176932ed7411d8e8fb5

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

content-type
text/html;charset=ISO-8859-1
date
Thu, 16 Nov 2023 11:09:35 GMT
machineid
3401
server
nginx
OvaMediaPlayer.js
vidstat.taboola.com/vpaid/vPlayer/player/v15.7.3/ 		427 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/vPlayer/player/v15.7.3/OvaMediaPlayer.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/33_5_8/infra/cmTagFEED_MANAGER.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
f173ffc3d40264f06e43fcda7beece82038701518b76317b5a3e94ccb6f1a19d

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-meta-mtime
1700123877
date
Thu, 16 Nov 2023 11:09:36 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
TM6A5JR15KMRX4A9
age
9060
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-meta-ctime
1700123890
x-amz-meta-mode
33188
content-length
81612
x-amz-id-2
WWxa5Yx6lYIC1hyCK1wBgSijKv3fJvw5DqBFGdy/3sBBnytkWsmbSBGlIc9sKVFHPXnxfssdpCw=
x-served-by
cache-fra-eddf8230133-FRA
last-modified
Thu, 16 Nov 2023 08:38:11 GMT
server
AmazonS3-br
x-timer
S1700132977.589366,VS0,VE0
etag
"3d881848170c7ab7d2916771d7b9012f"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
13478
st
am-vid-events.taboola.com/ 		0
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=16&cisd=convusmp&cipid=66361655&crid=-1&dast=V8uHkCLAbkc88eGz07IxPI5549Nnp2Ri4AAABgYID-AImtPDaTazlYyxymjVu0MhnXwt3MtFatJr7JarUaLmwLIyCxlcdmci0Ha5nDtHGLVibjWribmdaq1cQ3Wa1Ww4VtYQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AaBmGg6HT7XvV73-90lPs9c4_cr_ELXw-5zS59uqdPhdwufDrfE6fC7pQ-_W_F6C58Ov1vktPvcIofdLXE53WqH0y11OtzKh9-teLre0qPf7nOLnHafW_l0ax12t9TpciueDrtbenTYfW7VxOV0S48uu1vkciv_rrfI6bC7da6_W-j624Wmt9kOAAAAAB78____QwAAAACIAAAAACABAAAAgEJAhX8LAhcAAAAAMPz___9rAHjmkPA20-Vp97ns_gAAAAAAAgAAAIAEAAL6YQmAGOO9E___________MQboM29k_P___98w6AHw4APgQQgAAMDHkC2spwusCtVZIgWwRRgBAAAAkC3GvzgySSeoWFT5___vtwJwBQAgYPFaGkw8i-6gxFsYAAAAgTEL9LD4_WaHXeN3u8z_________v5n_M_9ohHp64tIA9cORqvkFBABY8wsIAMBG3RTMvRmAE3QIWjEYrE5AzA4AAADAnf___389IOPczQwL12hhcjgHG5tvNFptRhbPxGPYmHyrzXJ7NrRYxyAB6ND7bAjL7PcdFJTT02N2GWQsl8kgPmgYlpNBMD8TthitJpPNcjhbLiaD4Wg4Gu2PAC4HaCIGy-VkspjsVqPVaDPcjWaDBRKIwQRRtGgwWY1Gk8VkuBpNVrPlYrfbIIpWrWajzWC4mk1mu91qOBguRyM0YYvRajLZLIez5WIyGI6Go9EQwZDNY9yshiO3yLWbuEWTxcSt3M0sbo1ps1iNNjaXb-Jai14f08c0841cDi8SDPDci-RpkU4UG8NwtxoMJhaTZeSbbHazkWVk2ngGC5tvNhhOJmKJ5mSRTmSXfce5mxkWrtHC5HAONjbfaLTajCyeicewMflWm-W-ZPMYN6vhyC1y7SZu0WQxcSt3M4tbY9osVqONzeWbuNai18f0Mc18I5fD39gNBovNZLkb7Bu7wWCxmSx3g32HzvBdfc5GZVkl-ei0ffNiW645DQqXweJ9qU_nYcFYkE47R6fM4XgWdUa_3-_3-_1-v9_vN2g9B7NB4Xse_sLpY3kuh7PRg9hgUMQSwUU6ETzMbofp5Zb4PBu_RSxRmi7SiV7hF7oedp9b-nRLnQ6_W_h0uCVOh98tffjditdb-HT43SKn3ecWOexuicvpVjucbqnT4VY-_G7F0_WWHv12n1vktPvcyqdb67C7pU6XW_F02N3So8Puc6smLqdbenTZ3SKXW_l3vUVOh92tc_3dQtffLjS9zRaxRHC6SCeil_F0Uf-RQ-yGc8VyN5eMhnPJZpUAAAAAAAAAACzBNNNNAAAAAJwMargZLlbrdDCT2WSwWy0XwEVQli5gEAAAAAAAgGKNPdYAD7PbYXq5JT7Pxm9lABLMecw2-4wg1mq1rAEAAAhgAwAACOCmG28CwaO4_____3EAAABk5NADAACg3weEFbBe6IErxa8gFoPdav8AVIi1Wq1uN9ZqtQIWyHIx2E3g____Pw!&cmcv=&pix=31579697&cb=1700132976559&uv=3358&tms=1700132976559&su=3&abt=adxsub-out_vA!adxsub-out_vB!tbt_player!ufm_vG&ft=0&unm=FEED_MANAGER&su=3&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/huang-zi-jiao-xia-biao-zao-qu-xiao-ding-dan-bei-mai-jia-yao-qiu-zhong-ding-yi-kan-jie-qian-zhang-5bei-zhen-de-you-dian-guo-huo.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 11:09:36 GMT
content-length
0
server
nginx
ads
securepubads.g.doubleclick.net/gampad/ 		28 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2954177320407704&correlator=1310658996931314&eid=31079659%2C31079666%2C31079671%2C31079527&output=ldjh&gdfp_req=1&vrg=202311090101&ptt=17&impl=fif&iu_parts=103512698%3A22574853003%2C22477626096&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C728x250%7C728x90%7C690x90%7C690x250%7C675x90%7C675x250%7C670x90%7C670x250%7C650x90%7C650x250%7C650x150%7C630x90%7C630x250%7C602x100%7C600x90%7C600x250%7C580x90%7C570x90%7C550x150%7C468x60%7C320x50%7C320x100%7C300x50%7C300x100%7C300x75%7C300x250%7C250x250%7C200x200&fluid=height&ifi=3&sfv=1-0-40&eri=1&sc=1&cookie=ID%3Db41398bdaa9909b2%3AT%3D1700132970%3ART%3D1700132970%3AS%3DALNI_MY9TDWl_IAj-r6iD6RW7pCAt1wm8w&gpic=UID%3D00000cc9e0085334%3AT%3D1700132970%3ART%3D1700132970%3AS%3DALNI_MaGHGq4gTOIhiQ9EJVN50HJyw1Ixg&arp=1&abxe=1&dt=1700132976607&lmt=1700132976&adxs=236&adys=60&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhuang-zi-jiao-xia-biao-zao-qu-xiao-ding-dan-bei-mai-jia-yao-qiu-zhong-ding-yi-kan-jie-qian-zhang-5bei-zhen-de-you-dian-guo-huo.html&vis=1&psz=728x-1&msz=728x-1&fws=4&ohw=728&ga_vid=1685989450.1700132971&ga_sid=1700132971&ga_hid=611753072&ga_fc=true&dlt=1700132969807&idt=946&prev_scp=stopUnfilledRefresh3%3Dd_g0_u0%26adpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D1%26fluid%3D0%26vacant_variation%3Dexperiment_bp_0%26vacant_RCA%3DE_0%26refreshcount%3D0%26refreshrate%3D27%26control_reporting%3Dchrome_DESKTOP_3_0%26cluster_reporting%3Dchrome_DESKTOP_3_1_active_0%26refresh27Split%3Drefresh_experiment_3_pv%26ap_refresh_type%3DAV_1%26hb_ap_format%3Dbanner%26hb_ap_pb%3D0.11%26hb_ap_adid%3D9422f44d20d91e9%26hb_ap_bidder%3Dteads%26fcEnabled%3D0&cust_params=da%3Dadx%26outbrain%3Dtrue%26ap_product%3Dadpushup%26pubmatic_eb_disable%3Dfalse%26ap_fp_engine_ran%3D0%26fp_engine_ran%3D0_2%26ap_fp_engine_type%3Dnone%26ap_fp_engine_temp%3Dnone_2%26faid%3Dfalse%26adro%3Dv8_e&adks=2102018513&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
243f903a4419497e746b70ab4c95b562e36c02e273048abb00965524b4a65a6b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 11:09:36 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12072
x-xss-protection
0
google-lineitem-id
5221733915
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138440835875
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel;r=1676027801;rf=0;a=p-54Nt-1NAaEEe0;url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhuang-zi-jiao-xia-biao-zao-qu-xiao-ding-dan-bei-mai-jia-yao-qiu-zhong-ding-yi-kan-jie-qian-zhang-5bei-zhen-de-you-dian-g...
pixel.quantserve.com/ 		35 B
372 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=1676027801;rf=0;a=p-54Nt-1NAaEEe0;url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhuang-zi-jiao-xia-biao-zao-qu-xiao-ding-dan-bei-mai-jia-yao-qiu-zhong-ding-yi-kan-jie-qian-zhang-5bei-zhen-de-you-dian-guo-huo.html;uh=e51ed67dfb8d91dc24b15e2ace0c3bc33bc53c3e1dfb09200d6c2f8387d67ea6;uht=2;fpan=1;fpa=P0-1577893644-1700132974069;pbc=2c4219bf-0a64-43c4-813b-e4dc5de0ea0c;ns=0;ce=1;qjs=1;qv=6076e8c2-20231114150359;cm=;gdpr=0;ref=;d=bg3.co;dst=1;et=1700132976620;tzo=-60;ogl=;ses=b7a289a1-e453-452b-b384-f4867839e67c;mdl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/huang-zi-jiao-xia-biao-zao-qu-xiao-ding-dan-bei-mai-jia-yao-qiu-zhong-ding-yi-kan-jie-qian-zhang-5bei-zhen-de-you-dian-guo-huo.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.228.74.244 , United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Nov 2023 11:09:36 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
/
cds.taboola.com/ 		0
82 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cds.taboola.com/?uid=dfc8358d-d57b-421b-97fb-c43154cfe7b5-tuctc4f7dea&mbl=ZmFsc2U=
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 16 Nov 2023 11:09:37 GMT
cache-control
no-store
server
nginx
blackScreen5.mp4
vidstatb.taboola.com/vid/ 		89 KB
89 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://vidstatb.taboola.com/vid/blackScreen5.mp4
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/huang-zi-jiao-xia-biao-zao-qu-xiao-ding-dan-bei-mai-jia-yao-qiu-zhong-ding-yi-kan-jie-qian-zhang-5bei-zhen-de-you-dian-guo-huo.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0407dafc112212a135d1aa4dd9b40ba0208c6bb6b1959f5535af093254189d66

Request headers

Referer
https://www.bg3.co/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

x-amz-meta-mtime
1497790207
date
Thu, 16 Nov 2023 11:09:36 GMT
via
1.1 795296520f6c881b9bc43c02feb87e9a.cloudfront.net (CloudFront), 1.1 varnish
x-amz-cf-pop
WAW51-P3
age
4584322
x-cache
Hit from cloudfront, HIT
Content-Range
bytes 0-90783/90784
x-amz-meta-mode
33188
Content-Length
90784
x-served-by
cache-fra-eddf8230085-FRA
last-modified
Sun, 02 Jul 2017 20:40:57 GMT
server
AmazonS3
x-timer
S1700132977.722842,VS0,VE0
etag
"b2b087fe4ae638c533731c347fcd4df8"
x-amz-meta-uid
0
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
video/mp4
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
xtvdtXdg65Tse6z_ZJhus8xqGCETujMuNl_HaJqQ-1vnBjJJMisxCQ==
x-cache-hits
1196533
pixel
cm.g.doubleclick.net/ Frame 3C81
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TFAxMzlZMTAtRy00WDhB
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESELESqAZMqHhjndHKasEjweU&google_cver=1
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFAxMzlZMTAtRy00WDhB&google_push=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFAxMzlZMTAtRy00WDhB&google_push=
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol
H3
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Nov 2023 11:09:37 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFAxMzlZMTAtRy00WDhB&google_push=
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4b510f0cc5fcbc9800016ef543086418
Expires
0
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 3C81
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=wgTyuLMnT8eRb-LRROjpPw&rk=usync-other
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=wgTyuLMnT8eRb-LRROjpPw
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=wgTyuLMnT8eRb-LRROjpPw
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol
HTTP/1.1
Server
52.95.118.179 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 16 Nov 2023 11:09:37 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
408E9KAD0BHNPNH2G7ZS
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=wgTyuLMnT8eRb-LRROjpPw
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4b510f0cc5fcbc9800016ef543086418
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 3C81
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OWIzMTA1MjVhNjJkZTEwMDliZjE0ZTc5NmEwMWIyZmE2MmM5ZTU1OQ
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OWIzMTA1MjVhNjJkZTEwMDliZjE0ZTc5NmEwMWIyZmE2MmM5ZTU1OQ
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol
H3
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Nov 2023 11:09:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OWIzMTA1MjVhNjJkZTEwMDliZjE0ZTc5NmEwMWIyZmE2MmM5ZTU1OQ
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
402fba8a82f093def2459220061c8d31
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
s.amazon-adsystem.com/ Frame 3C81
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=z2PAeBDSTga006kSrO5Z2Q&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=z2PAeBDSTga006kSrO5Z2Q
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=z2PAeBDSTga006kSrO5Z2Q
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 16 Nov 2023 11:09:37 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
1707W3ZJC8SKFE1J05N3
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=z2PAeBDSTga006kSrO5Z2Q
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4b510f0cc5fcbc9800016ef543086418
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
setuid
px.ads.linkedin.com/ Frame 3C81
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LP139Y10-G-4X8A
0
864 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LP139Y10-G-4X8A
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 11:09:37 GMT
nel
{"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: 126C4D3369F94BB0AFD20562A3A00753 Ref B: ZRHEDGE1111 Ref C: 2023-11-16T11:09:37Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric
prod-lor1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYKQw4zpB5eRWGxG/mbdQ==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LP139Y10-G-4X8A
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
402fba8a82f093def2459220061c8d31
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
rubicon
match.adsrvr.org/track/cmf/ Frame 3C81 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/rubicon
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 11:09:36 GMT
server
Kestrel
content-length
70
content-type
image/gif
tap.php
pixel.rubiconproject.com/ Frame 3C81
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEBl4p-QVEOyJR1DSTpel2ZA&google_cver=1
42 B
678 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEBl4p-QVEOyJR1DSTpel2ZA&google_cver=1
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol
HTTP/1.1
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
4b510f0cc5fcbc9800016ef543086418
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Thu, 16 Nov 2023 11:09:36 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEBl4p-QVEOyJR1DSTpel2ZA&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ecm3
s.amazon-adsystem.com/ Frame 3C81
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=a9us
  • https://s.amazon-adsystem.com/ecm3?id=LP139Y10-G-4X8A&ex=d-rubiconproject.com&status=ok
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=LP139Y10-G-4X8A&ex=d-rubiconproject.com&status=ok
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 16 Nov 2023 11:09:36 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
EZE5T914SV9RBJZSQC62
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://s.amazon-adsystem.com/ecm3?id=LP139Y10-G-4X8A&ex=d-rubiconproject.com&status=ok
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4b510f0cc5fcbc9800016ef543086418
Expires
0
tap.php
pixel.rubiconproject.com/ Frame 3C81
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/--Hv_-WbwvRfm87RLKZnQg?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-exibmptE2oIH54XHGhxWJxQK_WI1NeJ1A.k1Tw--~A
42 B
678 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-exibmptE2oIH54XHGhxWJxQK_WI1NeJ1A.k1Tw--~A
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol
HTTP/1.1
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
4b510f0cc5fcbc9800016ef543086418
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Thu, 16 Nov 2023 11:09:37 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-exibmptE2oIH54XHGhxWJxQK_WI1NeJ1A.k1Tw--~A
content-length
0
tap.php
pixel.rubiconproject.com/ Frame 3C81
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&_bee_ppp=1
  • https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAHXxE7Kq_EAABTv7sfYQQ&expires=30
42 B
678 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAHXxE7Kq_EAABTv7sfYQQ&expires=30
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol
HTTP/1.1
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
4b510f0cc5fcbc9800016ef543086418
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAHXxE7Kq_EAABTv7sfYQQ&expires=30
Date
Thu, 16 Nov 2023 11:09:37 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
tap.php
pixel.rubiconproject.com/ Frame 3C81
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=${ADELPHIC_CUID}&expires=30
  • https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=443381ad-be1b-4ff1-8521-3fb3045f3de8&expires=30
42 B
678 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=443381ad-be1b-4ff1-8521-3fb3045f3de8&expires=30
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol
HTTP/1.1
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
e8e3ec71b160ae7345e4e302cc752a77
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Location
https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=443381ad-be1b-4ff1-8521-3fb3045f3de8&expires=30
Date
Thu, 16 Nov 2023 11:09:37 GMT
Connection
keep-alive
X-CI-RTID
12d06a10-d339-4e8b-92e1-406f248ea1a9
Content-Length
144
Content-Type
text/html; charset=utf-8
merge
ce.lijit.com/ Frame 3C81
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=sovrn
  • https://ce.lijit.com/merge?pid=80&3pid=LP139Y10-G-4X8A
0
465 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=80&3pid=LP139Y10-G-4X8A
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol
HTTP/1.1
Server
216.52.2.39 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Expires
Fri, 20 Mar 2009 00:00:00 GMT
Pragma
no-cache
Date
Thu, 16 Nov 2023 11:09:37 GMT
X-MERGE
GDPR Optout true
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap7ams1
P3P
CP="CUR ADM OUR NOR STA NID"

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ce.lijit.com/merge?pid=80&3pid=LP139Y10-G-4X8A
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4b510f0cc5fcbc9800016ef543086418
Expires
0
liveCS.php
live.primis.tech/live/ Frame 3C81
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=primis
  • https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LP139Y10-G-4X8A
0
525 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LP139Y10-G-4X8A
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol
H2
Server
13.32.99.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-20.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Nov 2023 11:09:37 GMT
content-encoding
gzip
via
1.1 68b2682a924ac399aa2724b5b439e75c.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA60-P3
age
0
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/html; charset=utf-8
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
SdtPF8kOiLRU3d9JZOBKtcZA7tcU8tQVbrQkjUPvaZ1KjGq7su1DQg==

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LP139Y10-G-4X8A
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4b510f0cc5fcbc9800016ef543086418
Expires
0
cksync
hb.yahoo.net/ Frame 3C81
Redirect Chain
  • https://token.rubiconproject.com/token?pid=26594
  • https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LP139Y10-G-4X8A&redir=true
  • https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=58160&ovsid=LP139Y10-G-4X8A&redir=true
  • https://hb.yahoo.net/cksync?cs=63&axid_e=eS14cVRpQWhwRTJ1SHpodzRXNUR0TEJDWUd4ZlFXQS4wcH5B&ovsid=LP139Y10-G-4X8A&dpid=58160
52 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hb.yahoo.net/cksync?cs=63&axid_e=eS14cVRpQWhwRTJ1SHpodzRXNUR0TEJDWUd4ZlFXQS4wcH5B&ovsid=LP139Y10-G-4X8A&dpid=58160
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol
H2
Server
23.48.23.44 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-48-23-44.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
5f20338b9aab2f5f33562eb3b0b23d999896ce426cacd2231b4123510571df4e
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains, max-age=604800

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=86400 ; includeSubDomains, max-age=604800
date
Thu, 16 Nov 2023 11:09:37 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
52
x-mnet-hl2
E
expires
Thu, 16 Nov 2023 11:09:37 GMT

Redirect headers

location
https://hb.yahoo.net/cksync?cs=63&axid_e=eS14cVRpQWhwRTJ1SHpodzRXNUR0TEJDWUd4ZlFXQS4wcH5B&ovsid=LP139Y10-G-4X8A&dpid=58160
date
Thu, 16 Nov 2023 11:09:37 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
setuid
ib.adnxs.com/prebid/ Frame 3C81
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-apn
  • https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LP139Y10-G-4X8A
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LP139Y10-G-4X8A
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol
H2
Server
185.89.211.12 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Nov 2023 11:09:37 GMT
an-x-request-uuid
4bd262db-dd83-42a8-b91d-87dcdfb88055
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
178.197.248.23; 178.197.248.23; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LP139Y10-G-4X8A
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4b510f0cc5fcbc9800016ef543086418
Expires
0
v1
match.sharethrough.com/sync/ Frame 3C81
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=18694
  • https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LP139Y10-G-4X8A
0
35 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LP139Y10-G-4X8A
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol
H2
Server
52.28.38.5 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-38-5.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 11:09:37 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LP139Y10-G-4X8A
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4b510f0cc5fcbc9800016ef543086418
Expires
0
gwdpage_style.css
s0.2mdn.net/sadbundle/2994967784453244426/ Frame 29EA 		55 B
140 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/2994967784453244426/gwdpage_style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2994967784453244426/index.html?e=69&leftOffset=0&topOffset=0&c=V0csK58Cww&t=1&renderingType=2&ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f6.1e100.net
Software
sffe /
Resource Hash
2afb3cf38deea01d461f29b961c8aab0da4f121a84a9c843f49dc7cced99b6a5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2994967784453244426/index.html?e=69&leftOffset=0&topOffset=0&c=V0csK58Cww&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 23:06:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
129778
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
74
x-xss-protection
0
last-modified
Mon, 21 Feb 2022 09:47:27 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 13 Nov 2024 23:06:38 GMT
gwdpagedeck_style.css
s0.2mdn.net/sadbundle/2994967784453244426/ Frame 29EA 		731 B
330 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/2994967784453244426/gwdpagedeck_style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2994967784453244426/index.html?e=69&leftOffset=0&topOffset=0&c=V0csK58Cww&t=1&renderingType=2&ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f6.1e100.net
Software
sffe /
Resource Hash
3974624ff80521dbd81d3ed32f8ec10c7baef11c272f46626a6284538e90e44b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2994967784453244426/index.html?e=69&leftOffset=0&topOffset=0&c=V0csK58Cww&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 23:06:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
129778
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
234
x-xss-protection
0
last-modified
Mon, 21 Feb 2022 09:47:27 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 13 Nov 2024 23:06:38 GMT
gwdgooglead_style.css
s0.2mdn.net/sadbundle/2994967784453244426/ Frame 29EA 		24 B
139 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/2994967784453244426/gwdgooglead_style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2994967784453244426/index.html?e=69&leftOffset=0&topOffset=0&c=V0csK58Cww&t=1&renderingType=2&ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f6.1e100.net
Software
sffe /
Resource Hash
e52ad60cf8269c44381d5e0833e69b9b8f3b9f9346b7066b1dc5a52b390feedc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2994967784453244426/index.html?e=69&leftOffset=0&topOffset=0&c=V0csK58Cww&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 21:32:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
567429
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
44
x-xss-protection
0
last-modified
Mon, 21 Feb 2022 09:47:27 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 08 Nov 2024 21:32:27 GMT
gwdtaparea_style.css
s0.2mdn.net/sadbundle/2994967784453244426/ Frame 29EA 		157 B
217 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/2994967784453244426/gwdtaparea_style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2994967784453244426/index.html?e=69&leftOffset=0&topOffset=0&c=V0csK58Cww&t=1&renderingType=2&ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f6.1e100.net
Software
sffe /
Resource Hash
20160b923de864cdf44fa26bfd6281a9e0aba7eb800fac86804d9a41a93c2394
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2994967784453244426/index.html?e=69&leftOffset=0&topOffset=0&c=V0csK58Cww&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 21:16:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
136374
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
115
x-xss-protection
0
last-modified
Mon, 21 Feb 2022 09:47:27 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 13 Nov 2024 21:16:42 GMT
gwdgesture_style.css
s0.2mdn.net/sadbundle/2994967784453244426/ Frame 29EA 		57 B
168 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/2994967784453244426/gwdgesture_style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2994967784453244426/index.html?e=69&leftOffset=0&topOffset=0&c=V0csK58Cww&t=1&renderingType=2&ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f6.1e100.net
Software
sffe /
Resource Hash
f058ecc947d0bc01e2855afaff0be17a2e30ae1e067ad3a5389b986a62225e26
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2994967784453244426/index.html?e=69&leftOffset=0&topOffset=0&c=V0csK58Cww&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 11 Nov 2023 01:58:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
465057
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
73
x-xss-protection
0
last-modified
Mon, 21 Feb 2022 09:47:27 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 10 Nov 2024 01:58:39 GMT
gwdimage_style.css
s0.2mdn.net/sadbundle/2994967784453244426/ Frame 29EA 		281 B
254 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/2994967784453244426/gwdimage_style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2994967784453244426/index.html?e=69&leftOffset=0&topOffset=0&c=V0csK58Cww&t=1&renderingType=2&ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f6.1e100.net
Software
sffe /
Resource Hash
3d3251d937d209def48e958bfeec683ca39dc0f15eb22f99bc3e7035995cd552
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2994967784453244426/index.html?e=69&leftOffset=0&topOffset=0&c=V0csK58Cww&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 13 Nov 2023 23:46:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
213774
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
158
x-xss-protection
0
last-modified
Mon, 21 Feb 2022 09:47:27 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 12 Nov 2024 23:46:42 GMT
gwdgallerynavigation_style.css
s0.2mdn.net/sadbundle/2994967784453244426/ Frame 29EA 		1 KB
558 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/2994967784453244426/gwdgallerynavigation_style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2994967784453244426/index.html?e=69&leftOffset=0&topOffset=0&c=V0csK58Cww&t=1&renderingType=2&ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f6.1e100.net
Software
sffe /
Resource Hash
86ee0e760c043b495df32283b44ba844e416df4ac5189fe6a0d801c781e35125
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2994967784453244426/index.html?e=69&leftOffset=0&topOffset=0&c=V0csK58Cww&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 06:15:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
536060
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
462
x-xss-protection
0
last-modified
Mon, 21 Feb 2022 09:47:27 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 09 Nov 2024 06:15:16 GMT
gwdswipegallery_style.css
s0.2mdn.net/sadbundle/2994967784453244426/ Frame 29EA 		830 B
409 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/2994967784453244426/gwdswipegallery_style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2994967784453244426/index.html?e=69&leftOffset=0&topOffset=0&c=V0csK58Cww&t=1&renderingType=2&ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f6.1e100.net
Software
sffe /
Resource Hash
a09b079f1734cc7dd62f8d037c600dffb6ee43176186d8a1480d2ea0c65d0f33
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2994967784453244426/index.html?e=69&leftOffset=0&topOffset=0&c=V0csK58Cww&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 01:01:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
554858
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
last-modified
Mon, 21 Feb 2022 09:47:27 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 09 Nov 2024 01:01:58 GMT
gwdattached_style.css
s0.2mdn.net/sadbundle/2994967784453244426/ Frame 29EA 		26 B
112 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/2994967784453244426/gwdattached_style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2994967784453244426/index.html?e=69&leftOffset=0&topOffset=0&c=V0csK58Cww&t=1&renderingType=2&ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f6.1e100.net
Software
sffe /
Resource Hash
fffa14e9a3c576087a9202af54e8f11669f29c37617df0c6f728ca24d95f60bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2994967784453244426/index.html?e=69&leftOffset=0&topOffset=0&c=V0csK58Cww&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 13 Nov 2023 23:46:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
213774
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
46
x-xss-protection
0
last-modified
Mon, 21 Feb 2022 09:47:27 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 12 Nov 2024 23:46:42 GMT
googbase_min.js
s0.2mdn.net/sadbundle/2994967784453244426/ Frame 29EA 		400 B
371 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/2994967784453244426/googbase_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2994967784453244426/index.html?e=69&leftOffset=0&topOffset=0&c=V0csK58Cww&t=1&renderingType=2&ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f6.1e100.net
Software
sffe /
Resource Hash
e13459782d7fc46c73821602bedc17cc2b3a2dc5ec07e91e30ed715193698a94
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2994967784453244426/index.html?e=69&leftOffset=0&topOffset=0&c=V0csK58Cww&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 02:24:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
549897
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
275
x-xss-protection
0
last-modified
Mon, 21 Feb 2022 09:47:27 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 09 Nov 2024 02:24:39 GMT
gwd_webcomponents_v1_min.js
s0.2mdn.net/sadbundle/2994967784453244426/ Frame 29EA 		20 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/2994967784453244426/gwd_webcomponents_v1_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2994967784453244426/index.html?e=69&leftOffset=0&topOffset=0&c=V0csK58Cww&t=1&renderingType=2&ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f6.1e100.net
Software
sffe /
Resource Hash
9c27626364eeaffb44ad2decb980dace7bedb3c8ea1575f81927fc9409cb5b49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2994967784453244426/index.html?e=69&leftOffset=0&topOffset=0&c=V0csK58Cww&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 13 Nov 2023 23:46:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
213774
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6276
x-xss-protection
0
last-modified
Mon, 21 Feb 2022 09:47:27 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 12 Nov 2024 23:46:42 GMT
gwdpage_min.js
s0.2mdn.net/sadbundle/2994967784453244426/ Frame 29EA 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/2994967784453244426/gwdpage_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2994967784453244426/index.html?e=69&leftOffset=0&topOffset=0&c=V0csK58Cww&t=1&renderingType=2&ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f6.1e100.net
Software
sffe /
Resource Hash
f3260225ba132e9bf8956514e81f6136265ee05250271a027bb2029cbbf4651d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2994967784453244426/index.html?e=69&leftOffset=0&topOffset=0&c=V0csK58Cww&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 13 Nov 2023 04:12:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
284207
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1308
x-xss-protection
0
last-modified
Mon, 21 Feb 2022 09:47:27 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 12 Nov 2024 04:12:49 GMT
gwdpagedeck_min.js
s0.2mdn.net/sadbundle/2994967784453244426/ Frame 29EA 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/2994967784453244426/gwdpagedeck_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2994967784453244426/index.html?e=69&leftOffset=0&topOffset=0&c=V0csK58Cww&t=1&renderingType=2&ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f6.1e100.net
Software
sffe /
Resource Hash
4eefdd923f73deeaec9e4ecb4cc3fae74379145f0fd3f5892165326bce8ed0ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2994967784453244426/index.html?e=69&leftOffset=0&topOffset=0&c=V0csK58Cww&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 22:13:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
132994
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3191
x-xss-protection
0
last-modified
Mon, 21 Feb 2022 09:47:27 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 13 Nov 2024 22:13:02 GMT
Enabler_01_247.js
s0.2mdn.net/879366/ Frame 29EA 		118 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2994967784453244426/index.html?e=69&leftOffset=0&topOffset=0&c=V0csK58Cww&t=1&renderingType=2&ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f6.1e100.net
Software
sffe /
Resource Hash
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2994967784453244426/index.html?e=69&leftOffset=0&topOffset=0&c=V0csK58Cww&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 21:40:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
48552
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
41099
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 16 Nov 2023 21:40:24 GMT
gwdgooglead_min.js
s0.2mdn.net/sadbundle/2994967784453244426/ Frame 29EA 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/2994967784453244426/gwdgooglead_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2994967784453244426/index.html?e=69&leftOffset=0&topOffset=0&c=V0csK58Cww&t=1&renderingType=2&ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f6.1e100.net
Software
sffe /
Resource Hash
b671e2140966063715d21667867d60de45adc723cd1b31e0d2f7466105a90247
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2994967784453244426/index.html?e=69&leftOffset=0&topOffset=0&c=V0csK58Cww&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 10:14:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
521713
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4481
x-xss-protection
0
last-modified
Mon, 21 Feb 2022 09:47:27 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 09 Nov 2024 10:14:23 GMT
gwdtaparea_min.js
s0.2mdn.net/sadbundle/2994967784453244426/ Frame 29EA 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/2994967784453244426/gwdtaparea_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2994967784453244426/index.html?e=69&leftOffset=0&topOffset=0&c=V0csK58Cww&t=1&renderingType=2&ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f6.1e100.net
Software
sffe /
Resource Hash
0f2aac94d011ec45570ef1245e5fc8df73ebd09b1c6859c5a8393df5336e01b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2994967784453244426/index.html?e=69&leftOffset=0&topOffset=0&c=V0csK58Cww&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 17:11:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
583115
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1356
x-xss-protection
0
last-modified
Mon, 21 Feb 2022 09:47:27 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 08 Nov 2024 17:11:01 GMT
gwdgesture_min.js
s0.2mdn.net/sadbundle/2994967784453244426/ Frame 29EA 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/2994967784453244426/gwdgesture_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2994967784453244426/index.html?e=69&leftOffset=0&topOffset=0&c=V0csK58Cww&t=1&renderingType=2&ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f6.1e100.net
Software
sffe /
Resource Hash
8a7f4d0dace49ce143b43f43372cf0b58d479e4393523bb91ceaae407142e4cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2994967784453244426/index.html?e=69&leftOffset=0&topOffset=0&c=V0csK58Cww&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 20:08:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
572473
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2420
x-xss-protection
0
last-modified
Mon, 21 Feb 2022 09:47:27 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 08 Nov 2024 20:08:23 GMT
gwdimage_min.js
s0.2mdn.net/sadbundle/2994967784453244426/ Frame 29EA 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/2994967784453244426/gwdimage_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2994967784453244426/index.html?e=69&leftOffset=0&topOffset=0&c=V0csK58Cww&t=1&renderingType=2&ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f6.1e100.net
Software
sffe /
Resource Hash
32ab0a5c85cabdb695704b5128a8fb7c9a8dfa3242cc36ceda6bb0650a45b35f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2994967784453244426/index.html?e=69&leftOffset=0&topOffset=0&c=V0csK58Cww&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 22:09:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
46787
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2014
x-xss-protection
0
last-modified
Mon, 21 Feb 2022 09:47:27 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 14 Nov 2024 22:09:49 GMT
gwdgallerynavigation_min.js
s0.2mdn.net/sadbundle/2994967784453244426/ Frame 29EA 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/2994967784453244426/gwdgallerynavigation_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2994967784453244426/index.html?e=69&leftOffset=0&topOffset=0&c=V0csK58Cww&t=1&renderingType=2&ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f6.1e100.net
Software
sffe /
Resource Hash
6c0fb5e316629a9a2a31e0fb9003d57a5f743c0894e029ba3a6e92a3f1179da8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2994967784453244426/index.html?e=69&leftOffset=0&topOffset=0&c=V0csK58Cww&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 17:11:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
583115
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1832
x-xss-protection
0
last-modified
Mon, 21 Feb 2022 09:47:27 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 08 Nov 2024 17:11:01 GMT
gwdswipegallery_min.js
s0.2mdn.net/sadbundle/2994967784453244426/ Frame 29EA 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/2994967784453244426/gwdswipegallery_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2994967784453244426/index.html?e=69&leftOffset=0&topOffset=0&c=V0csK58Cww&t=1&renderingType=2&ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f6.1e100.net
Software
sffe /
Resource Hash
7f568d8264dadea5781e90e648a3b0ee036c0bd1c6f810fd109883b7984c9577
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2994967784453244426/index.html?e=69&leftOffset=0&topOffset=0&c=V0csK58Cww&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 21:42:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
134839
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6283
x-xss-protection
0
last-modified
Mon, 21 Feb 2022 09:47:27 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 13 Nov 2024 21:42:17 GMT
gwdid.min.1.0.js
s0.2mdn.net/sadbundle/2994967784453244426/ Frame 29EA 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/2994967784453244426/gwdid.min.1.0.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2994967784453244426/index.html?e=69&leftOffset=0&topOffset=0&c=V0csK58Cww&t=1&renderingType=2&ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f6.1e100.net
Software
sffe /
Resource Hash
bab745658ba458848b2d2df5e0557b98b70867124fd5a059fd25f9801e01a87c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2994967784453244426/index.html?e=69&leftOffset=0&topOffset=0&c=V0csK58Cww&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 23:06:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
129778
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1125
x-xss-protection
0
last-modified
Mon, 21 Feb 2022 09:47:27 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 13 Nov 2024 23:06:38 GMT
gwd-events-support.1.0.js
s0.2mdn.net/sadbundle/2994967784453244426/ Frame 29EA 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/2994967784453244426/gwd-events-support.1.0.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2994967784453244426/index.html?e=69&leftOffset=0&topOffset=0&c=V0csK58Cww&t=1&renderingType=2&ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f6.1e100.net
Software
sffe /
Resource Hash
df0ee37b33dc0fd12e59141d6dfe26084afa9f17cc505cfea3c95bf7adec7959
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2994967784453244426/index.html?e=69&leftOffset=0&topOffset=0&c=V0csK58Cww&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 20:46:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
51771
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1525
x-xss-protection
0
last-modified
Mon, 21 Feb 2022 09:47:27 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 14 Nov 2024 20:46:45 GMT
gwdgpadataprovider_min.js
s0.2mdn.net/sadbundle/2994967784453244426/ Frame 29EA 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/2994967784453244426/gwdgpadataprovider_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2994967784453244426/index.html?e=69&leftOffset=0&topOffset=0&c=V0csK58Cww&t=1&renderingType=2&ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f6.1e100.net
Software
sffe /
Resource Hash
8a170f5913eecb1afeda4cccca5d5b9589c8f068a04ae2c517b602e1484982b4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2994967784453244426/index.html?e=69&leftOffset=0&topOffset=0&c=V0csK58Cww&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 12:55:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
512055
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1293
x-xss-protection
0
last-modified
Mon, 21 Feb 2022 09:47:27 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 09 Nov 2024 12:55:21 GMT
gwdattached_min.js
s0.2mdn.net/sadbundle/2994967784453244426/ Frame 29EA 		1 KB
701 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/2994967784453244426/gwdattached_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2994967784453244426/index.html?e=69&leftOffset=0&topOffset=0&c=V0csK58Cww&t=1&renderingType=2&ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f6.1e100.net
Software
sffe /
Resource Hash
dd50ba290f74d344ad0d04ade63c55b02360bf4db99c0a2749f34deb0c8dcec9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2994967784453244426/index.html?e=69&leftOffset=0&topOffset=0&c=V0csK58Cww&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 15:44:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
588326
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
590
x-xss-protection
0
last-modified
Mon, 21 Feb 2022 09:47:27 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 08 Nov 2024 15:44:10 GMT
gwdtexthelper_min.js
s0.2mdn.net/sadbundle/2994967784453244426/ Frame 29EA 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/2994967784453244426/gwdtexthelper_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2994967784453244426/index.html?e=69&leftOffset=0&topOffset=0&c=V0csK58Cww&t=1&renderingType=2&ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f6.1e100.net
Software
sffe /
Resource Hash
dea5d8ba9e54379b26e109f61ceba20a0781d4f80eed75fce6ad0993d4784195
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2994967784453244426/index.html?e=69&leftOffset=0&topOffset=0&c=V0csK58Cww&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 10:43:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
519951
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2823
x-xss-protection
0
last-modified
Mon, 21 Feb 2022 09:47:27 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 09 Nov 2024 10:43:45 GMT
gwddatabinder_min.js
s0.2mdn.net/sadbundle/2994967784453244426/ Frame 29EA 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/2994967784453244426/gwddatabinder_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2994967784453244426/index.html?e=69&leftOffset=0&topOffset=0&c=V0csK58Cww&t=1&renderingType=2&ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f6.1e100.net
Software
sffe /
Resource Hash
d3460d76a3013a4bb9c689877b41f3eadbf5e780ed9230fb8f8bbd16fcc59842
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2994967784453244426/index.html?e=69&leftOffset=0&topOffset=0&c=V0csK58Cww&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 21:16:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
136374
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2351
x-xss-protection
0
last-modified
Mon, 21 Feb 2022 09:47:27 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 13 Nov 2024 21:16:42 GMT
gwd-dynamic-binders.js
s0.2mdn.net/sadbundle/2994967784453244426/ Frame 29EA 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/2994967784453244426/gwd-dynamic-binders.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2994967784453244426/index.html?e=69&leftOffset=0&topOffset=0&c=V0csK58Cww&t=1&renderingType=2&ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f6.1e100.net
Software
sffe /
Resource Hash
df544db2e8b010512a5ec168d3a9b91355c7197d04a1b29325510e29405e6e0f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2994967784453244426/index.html?e=69&leftOffset=0&topOffset=0&c=V0csK58Cww&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 12:39:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
513008
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9229
x-xss-protection
0
last-modified
Mon, 21 Feb 2022 09:47:27 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 09 Nov 2024 12:39:28 GMT
auctionData
e3.adpushup.com/AdPushupFeedbackWebService/feedback/aphb/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/aphb/auctionData?data=eyJzaXRlSWQiOjQyNzUzLCJ1cmwiOiJodHRwczovL3d3dy5iZzMuY28vYS9odWFuZy16aS1qaWFvLXhpYS1iaWFvLXphby1xdS14aWFvLWRpbmctZGFuLWJlaS1tYWktamlhLXlhby1xaXUtemhvbmctZGluZy15aS1rYW4tamllLXFpYW4temhhbmctNWJlaS16aGVuLWRlLXlvdS1kaWFuLWd1by1odW8uaHRtbCIsInNpdGVEb21haW4iOiJodHRwczovL2JnMy5jby8iLCJwbGF0Zm9ybSI6IkRFU0tUT1AiLCJwYWNrZXRJZCI6IjAwMDBBNzAxLWM1YjU1YWE4LTczNDYtNGM1My04MzQwLWVhYjRhMDUyYmI4YiIsInBhZ2VHcm91cCI6IkFSVElDTEUiLCJwYWdlVmFyaWF0aW9uSWQiOiI5Njc1MDEyNS1iOTBjLTQ5N2EtODY5OS03MzE3MWY3YjQ5MzUiLCJwYWdlVmFyaWF0aW9uTmFtZSI6IkFkUHVzaHVwIiwicGFnZVZhcmlhdGlvblR5cGUiOjEsInNlY3Rpb25zIjpbeyJzZWN0aW9uSWQiOiJkMWMxMGE3Mi0yN2I0LTQ5MzEtOGNlNy05OWExOGViYmRiYWUiLCJzZWN0aW9uTmFtZSI6IkFQX0lfRF9BUlRJQ0xFXzcyOFg5MF9kMWMxMCIsInBsYWNlbWVudCI6MSwicmVmcmVzaENvdW50IjowLCJwcmViaWRBdWN0aW9uSWQiOiJmMjUwN2U0YS02Zjk5LTRlZDItOTcyYS1mYmQyNDQ1NGQ5MjAiLCJ0aW1lT2ZBdWN0aW9uIjoxNzAwMTMyOTcyNzM3LCJiaWRzIjpbeyJjcG0iOjAuMDEyODU4OTg0NDQ5OTk5OTk4LCJhZElkIjoiOTUxMDU2ZmEzM2FkMjQ2Iiwib3JpZ2luYWxDcG0iOjAuMDEyODU4OTg0NDQ5OTk5OTk4LCJiaWRkZXIiOiJvbmV0YWciLCJyZXZlbnVlIjowLjAwMDAxMjg1ODk4NDQ0OTk5OTk5OCwiZm9ybWF0VHlwZSI6ImJhbm5lciIsInJlc3BvbnNlVGltZSI6NTE3LCJ0aW1lT2ZCaWRSZWNlaXZlZCI6MTcwMDEzMjk3Mzg4OX0seyJjcG0iOjAuMDksImFkSWQiOiI5NmM2Y2NkMmYxZTlmMDUiLCJvcmlnaW5hbENwbSI6MC4wOSwiYmlkZGVyIjoicnViaWNvbiIsInJldmVudWUiOjAuMDAwMDg5OTk5OTk5OTk5OTk5OTksImZvcm1hdFR5cGUiOiJiYW5uZXIiLCJyZXNwb25zZVRpbWUiOjY4MSwidGltZU9mQmlkUmVjZWl2ZWQiOjE3MDAxMzI5NzQwNDh9XSwidGltZWRPdXRCaWRkZXJzIjpbImFteCJdLCJyZXF1ZXN0ZWRGb3JtYXRzIjpbImRpc3BsYXkiLCJ2aWRlbyIsIm5hdGl2ZSJdLCJwcmViaWRXaW5uZXIiOiJydWJpY29uIiwicHJlYmlkV2lubmVyQWRVbml0SWQiOiI5NmM2Y2NkMmYxZTlmMDUiLCJwcmViaWRXaW5uZXJDcG0iOjAuMDAwMDg5OTk5OTk5OTk5OTk5OTl9XSwiY291bnRyeSI6IkNIIn0%3D&c_b=10215.400001525879
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/huang-zi-jiao-xia-biao-zao-qu-xiao-ding-dan-bei-mai-jia-yao-qiu-zhong-ding-yi-kan-jie-qian-zhang-5bei-zhen-de-you-dian-guo-huo.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Nov 2023 11:09:36 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
g_pbto
1x1.a-mo.net/hbx/ 		0
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1x1.a-mo.net/hbx/g_pbto?A=undefined&bid=undefined&a=undefined&cn=undefined&aud=undefined&ts=1700132976846&eid=98b8f8d5600d106
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/huang-zi-jiao-xia-biao-zao-qu-xiao-ding-dan-bei-mai-jia-yao-qiu-zhong-ding-yi-kan-jie-qian-zhang-5bei-zhen-de-you-dian-guo-huo.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.6.176.132 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-6-176-132.compute-1.amazonaws.com
Software
MonetEngine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 11:09:36 GMT
cache-control
max-age=0, private, must-revalidate
server
MonetEngine
generic
match.adsrvr.org/track/cmf/ Frame D31B 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8uHkCLAbkc88eGz07IxPI5549Nnp2Ri4AAABgYID-AImtPDaTazlYyxymjVu0MhnXwt3MtFatJr7JarUaLmwLIyCxlcdmci0Ha5nDtHGLVibjWribmdaq1cQ3Wa1Ww4VtYQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AaBmGg6HT7XvV73-90lPs9c4_cr_ELXw-5zS59uqdPhdwufDrfE6fC7pQ-_W_F6C58Ov1vktPvcIofdLXE53WqH0y11OtzKh9-teLre0qPf7nOLnHafW_l0ax12t9TpciueDrtbenTYfW7VxOV0S48uu1vkciv_rrfI6bC7da6_W-j624Wmt9kOAAAAAB78____QwAAAACIAAAAACABAAAAgEJAhX8LAhcAAAAAMPz___9rAHjmkPA20-Vp97ns_gAAAAAAAgAAAIAEAAL6YQmAGOO9E___________MQboM29k_P___98w6AHw4APgQQgAAMDHkC2spwusCtVZIgWwRRgBAAAAkC3GvzgySSeoWFT5___vtwJwBQAgYPFaGkw8i-6gxFsYAAAAgTEL9LD4_WaHXeN3u8z_________v5n_M_9ohHp64tIA9cORqvkFBABY8wsIAMBG3RTMvRmAE3QIWjEYrE5AzA4AAADAnf___389IOPczQwL12hhcjgHG5tvNFptRhbPxGPYmHyrzXJ7NrRYxyAB6ND7bAjL7PcdFJTT02N2GWQsl8kgPmgYlpNBMD8TthitJpPNcjhbLiaD4Wg4Gu2PAC4HaCIGy-VkspjsVqPVaDPcjWaDBRKIwQRRtGgwWY1Gk8VkuBpNVrPlYrfbIIpWrWajzWC4mk1mu91qOBguRyM0YYvRajLZLIez5WIyGI6Go9EQwZDNY9yshiO3yLWbuEWTxcSt3M0sbo1ps1iNNjaXb-Jai14f08c0841cDi8SDPDci-RpkU4UG8NwtxoMJhaTZeSbbHazkWVk2ngGC5tvNhhOJmKJ5mSRTmSXfce5mxkWrtHC5HAONjbfaLTajCyeicewMflWm-W-ZPMYN6vhyC1y7SZu0WQxcSt3M4tbY9osVqONzeWbuNai18f0Mc18I5fD39gNBovNZLkb7Bu7wWCxmSx3g32HzvBdfc5GZVkl-ei0ffNiW645DQqXweJ9qU_nYcFYkE47R6fM4XgWdUa_3-_3-_1-v9_vN2g9B7NB4Xse_sLpY3kuh7PRg9hgUMQSwUU6ETzMbofp5Zb4PBu_RSxRmi7SiV7hF7oedp9b-nRLnQ6_W_h0uCVOh98tffjditdb-HT43SKn3ecWOexuicvpVjucbqnT4VY-_G7F0_WWHv12n1vktPvcyqdb67C7pU6XW_F02N3So8Puc6smLqdbenTZ3SKXW_l3vUVOh92tc_3dQtffLjS9zRaxRHC6SCeil_F0Uf-RQ-yGc8VyN5eMhnPJZpUAAAAAAAAAACzBNNNNAAAAAJwMargZLlbrdDCT2WSwWy0XwEVQli5gEAAAAAAAgGKNPdYAD7PbYXq5JT7Pxm9lABLMecw2-4wg1mq1rAEAAAhgAwAACOCmG28CwaO4_____3EAAABk5NADAACg3weEFbBe6IErxa8gFoPdav8AVIi1Wq1uN9ZqtQIWyHIx2E3g____Pw!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 11:09:36 GMT
server
Kestrel
content-length
70
content-type
image/gif
/
sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/ Frame D31B
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/taboola/dfc8358d-d57b-421b-97fb-c43154cfe7b5-tuctc4f7dea?gdpr=1&us_privacy=1---
  • https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-h0sDRshE2oQ56YHTIu5NZV5P94vMGl0E0E0AAQ--~A
0
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-h0sDRshE2oQ56YHTIu5NZV5P94vMGl0E0E0AAQ--~A
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8uHkCLAbkc88eGz07IxPI5549Nnp2Ri4AAABgYID-AImtPDaTazlYyxymjVu0MhnXwt3MtFatJr7JarUaLmwLIyCxlcdmci0Ha5nDtHGLVibjWribmdaq1cQ3Wa1Ww4VtYQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AaBmGg6HT7XvV73-90lPs9c4_cr_ELXw-5zS59uqdPhdwufDrfE6fC7pQ-_W_F6C58Ov1vktPvcIofdLXE53WqH0y11OtzKh9-teLre0qPf7nOLnHafW_l0ax12t9TpciueDrtbenTYfW7VxOV0S48uu1vkciv_rrfI6bC7da6_W-j624Wmt9kOAAAAAB78____QwAAAACIAAAAACABAAAAgEJAhX8LAhcAAAAAMPz___9rAHjmkPA20-Vp97ns_gAAAAAAAgAAAIAEAAL6YQmAGOO9E___________MQboM29k_P___98w6AHw4APgQQgAAMDHkC2spwusCtVZIgWwRRgBAAAAkC3GvzgySSeoWFT5___vtwJwBQAgYPFaGkw8i-6gxFsYAAAAgTEL9LD4_WaHXeN3u8z_________v5n_M_9ohHp64tIA9cORqvkFBABY8wsIAMBG3RTMvRmAE3QIWjEYrE5AzA4AAADAnf___389IOPczQwL12hhcjgHG5tvNFptRhbPxGPYmHyrzXJ7NrRYxyAB6ND7bAjL7PcdFJTT02N2GWQsl8kgPmgYlpNBMD8TthitJpPNcjhbLiaD4Wg4Gu2PAC4HaCIGy-VkspjsVqPVaDPcjWaDBRKIwQRRtGgwWY1Gk8VkuBpNVrPlYrfbIIpWrWajzWC4mk1mu91qOBguRyM0YYvRajLZLIez5WIyGI6Go9EQwZDNY9yshiO3yLWbuEWTxcSt3M0sbo1ps1iNNjaXb-Jai14f08c0841cDi8SDPDci-RpkU4UG8NwtxoMJhaTZeSbbHazkWVk2ngGC5tvNhhOJmKJ5mSRTmSXfce5mxkWrtHC5HAONjbfaLTajCyeicewMflWm-W-ZPMYN6vhyC1y7SZu0WQxcSt3M4tbY9osVqONzeWbuNai18f0Mc18I5fD39gNBovNZLkb7Bu7wWCxmSx3g32HzvBdfc5GZVkl-ei0ffNiW645DQqXweJ9qU_nYcFYkE47R6fM4XgWdUa_3-_3-_1-v9_vN2g9B7NB4Xse_sLpY3kuh7PRg9hgUMQSwUU6ETzMbofp5Zb4PBu_RSxRmi7SiV7hF7oedp9b-nRLnQ6_W_h0uCVOh98tffjditdb-HT43SKn3ecWOexuicvpVjucbqnT4VY-_G7F0_WWHv12n1vktPvcyqdb67C7pU6XW_F02N3So8Puc6smLqdbenTZ3SKXW_l3vUVOh92tc_3dQtffLjS9zRaxRHC6SCeil_F0Uf-RQ-yGc8VyN5eMhnPJZpUAAAAAAAAAACzBNNNNAAAAAJwMargZLlbrdDCT2WSwWy0XwEVQli5gEAAAAAAAgGKNPdYAD7PbYXq5JT7Pxm9lABLMecw2-4wg1mq1rAEAAAhgAwAACOCmG28CwaO4_____3EAAABk5NADAACg3weEFbBe6IErxa8gFoPdav8AVIi1Wq1uN9ZqtQIWyHIx2E3g____Pw!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 11:09:37 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
24153

Redirect headers

date
Thu, 16 Nov 2023 11:09:36 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-h0sDRshE2oQ56YHTIu5NZV5P94vMGl0E0E0AAQ--~A
content-length
0
sync
ups.analytics.yahoo.com/ups/58785/ Frame D31B 		0
38 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58785/sync?redir=true&gdpr=1&us_privacy=1---
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8uHkCLAbkc88eGz07IxPI5549Nnp2Ri4AAABgYID-AImtPDaTazlYyxymjVu0MhnXwt3MtFatJr7JarUaLmwLIyCxlcdmci0Ha5nDtHGLVibjWribmdaq1cQ3Wa1Ww4VtYQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AaBmGg6HT7XvV73-90lPs9c4_cr_ELXw-5zS59uqdPhdwufDrfE6fC7pQ-_W_F6C58Ov1vktPvcIofdLXE53WqH0y11OtzKh9-teLre0qPf7nOLnHafW_l0ax12t9TpciueDrtbenTYfW7VxOV0S48uu1vkciv_rrfI6bC7da6_W-j624Wmt9kOAAAAAB78____QwAAAACIAAAAACABAAAAgEJAhX8LAhcAAAAAMPz___9rAHjmkPA20-Vp97ns_gAAAAAAAgAAAIAEAAL6YQmAGOO9E___________MQboM29k_P___98w6AHw4APgQQgAAMDHkC2spwusCtVZIgWwRRgBAAAAkC3GvzgySSeoWFT5___vtwJwBQAgYPFaGkw8i-6gxFsYAAAAgTEL9LD4_WaHXeN3u8z_________v5n_M_9ohHp64tIA9cORqvkFBABY8wsIAMBG3RTMvRmAE3QIWjEYrE5AzA4AAADAnf___389IOPczQwL12hhcjgHG5tvNFptRhbPxGPYmHyrzXJ7NrRYxyAB6ND7bAjL7PcdFJTT02N2GWQsl8kgPmgYlpNBMD8TthitJpPNcjhbLiaD4Wg4Gu2PAC4HaCIGy-VkspjsVqPVaDPcjWaDBRKIwQRRtGgwWY1Gk8VkuBpNVrPlYrfbIIpWrWajzWC4mk1mu91qOBguRyM0YYvRajLZLIez5WIyGI6Go9EQwZDNY9yshiO3yLWbuEWTxcSt3M0sbo1ps1iNNjaXb-Jai14f08c0841cDi8SDPDci-RpkU4UG8NwtxoMJhaTZeSbbHazkWVk2ngGC5tvNhhOJmKJ5mSRTmSXfce5mxkWrtHC5HAONjbfaLTajCyeicewMflWm-W-ZPMYN6vhyC1y7SZu0WQxcSt3M4tbY9osVqONzeWbuNai18f0Mc18I5fD39gNBovNZLkb7Bu7wWCxmSx3g32HzvBdfc5GZVkl-ei0ffNiW645DQqXweJ9qU_nYcFYkE47R6fM4XgWdUa_3-_3-_1-v9_vN2g9B7NB4Xse_sLpY3kuh7PRg9hgUMQSwUU6ETzMbofp5Zb4PBu_RSxRmi7SiV7hF7oedp9b-nRLnQ6_W_h0uCVOh98tffjditdb-HT43SKn3ecWOexuicvpVjucbqnT4VY-_G7F0_WWHv12n1vktPvcyqdb67C7pU6XW_F02N3So8Puc6smLqdbenTZ3SKXW_l3vUVOh92tc_3dQtffLjS9zRaxRHC6SCeil_F0Uf-RQ-yGc8VyN5eMhnPJZpUAAAAAAAAAACzBNNNNAAAAAJwMargZLlbrdDCT2WSwWy0XwEVQli5gEAAAAAAAgGKNPdYAD7PbYXq5JT7Pxm9lABLMecw2-4wg1mq1rAEAAAhgAwAACOCmG28CwaO4_____3EAAABk5NADAACg3weEFbBe6IErxa8gFoPdav8AVIi1Wq1uN9ZqtQIWyHIx2E3g____Pw!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-75-62-37.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.87 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 11:09:37 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
ads
googleads.g.doubleclick.net/pagead/ Frame 3623 		27 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301107&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1700132976&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhuang-zi-jiao-xia-biao-zao-qu-xiao-ding-dan-bei-mai-jia-yao-qiu-zhong-ding-yi-kan-jie-qian-zhang-5bei-zhen-de-you-dian-guo-huo.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700132973992&bpp=941&bdt=1668&idt=2920&shv=r20231109&mjsv=m202311090101&ptt=5&saldr=sd&cookie=ID%3Db41398bdaa9909b2%3AT%3D1700132970%3ART%3D1700132970%3AS%3DALNI_MY9TDWl_IAj-r6iD6RW7pCAt1wm8w&gpic=UID%3D00000cc9e0085334%3AT%3D1700132970%3ART%3D1700132970%3AS%3DALNI_MaGHGq4gTOIhiQ9EJVN50HJyw1Ixg&correlator=1789034463196&frm=23&ife=1&pv=2&ga_vid=1685989450.1700132971&ga_sid=1700132977&ga_hid=279756116&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1544&biw=1600&bih=1200&isw=336&ish=280&ifk=904434799&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31078301%2C44807763%2C44808148%2C44808285%2C44809055%2C31079698&oid=2&pvsid=2215057882865319&tmod=1229521688&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.139s2rqhl1tc&btvi=1&fsb=1&dtd=2965
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s46-in-f2.1e100.net
Software
cafe /
Resource Hash
7599f08b4af8d99f71adc6d59584ad14c0ecedec984ca2307710e0b6110efe13
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
12611
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 16 Nov 2023 11:09:37 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
video_playlist.js
ad.vidverto.io/vidverto/player/ui/js/ 		112 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/vidverto/player/ui/js/video_playlist.js?v=1698683788
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/player/vidvertoplayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.132.133.134 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-132-133-134.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
1a1d718d37cfe41f443875b0e534554d59fc224d8ea838cfbfcb5d9d426a2a59

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 11:09:37 GMT
content-encoding
gzip
last-modified
Mon, 30 Oct 2023 17:37:37 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"653fe9e1-1bee3"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600, public, max-age=3600
expires
Thu, 16 Nov 2023 12:09:37 GMT
video_playlist.css
ad.vidverto.io/vidverto/player/ui/css/ 		61 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/vidverto/player/ui/css/video_playlist.css?v=1698683788
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/player/vidvertoplayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.132.133.134 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-132-133-134.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
79e5889c36479f99096a96a61cbfa92fc35ecf12d233635e0224b2c415859de1

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 11:09:37 GMT
content-encoding
gzip
last-modified
Sun, 28 Feb 2021 22:32:40 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"603c1a08-f52f"
vary
Accept-Encoding
content-type
text/css
bridge3.605.0_en.html
imasdk.googleapis.com/js/core/ Frame 4FA7 		752 KB
241 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.202 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f10.1e100.net
Software
sffe /
Resource Hash
a2eacbd0a55e794d92e79a03b68c07f613a0ab710ffaffe5f1d12d67aac843a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
116095
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
246766
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Wed, 15 Nov 2023 02:54:42 GMT
expires
Thu, 14 Nov 2024 02:54:42 GMT
last-modified
Wed, 15 Nov 2023 02:49:47 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/ 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f6.1e100.net
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 11:09:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 16 Nov 2023 11:09:37 GMT
truncated
/ 		71 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a79afc8be38c66a19e0dcfce66ec28d53571f8aec65320785f790910cd068141

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 3F2B 		40 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
sffe /
Resource Hash
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 10:12:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3414
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13893
x-xss-protection
0
last-modified
Wed, 09 Aug 2023 15:57:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Thu, 16 Nov 2023 11:12:43 GMT
video
ad.vidverto.io/delivery/rtb/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.vidverto.io/delivery/rtb/video?data=6lZMDNJiet7z4ZIDcymVeqnOyPYJRV4SrQ0R%2Fv9xfyB%2F5Pvs3k%2FwFwo4lzm8qhBfloYwKafMhgCejqWSprYVM25qkMQEje6oF5oaZATf4w0nP9Lb4MhFvyDVJfBqcDQr%2Fv8vjvRGlaNNKQNH23CeqIP7%2B3%2F3uIsTysMC8kHC3wilJ5rvnQ0%2FWX4ZCyVmOrVDDXhzcZe8kvcaLVqZGjhtRRvXEe3CUKh1kOi%2BcbDrB8nmH96sCL%2BSDKQ0BNLR%2B9RVtj2vuOLIbLezNKverouN7Q%2BDr1yJIuwgHCe86bgxQYbvxx7tqaOSehn013NRgQIqxOYTLQWbN%2BNHTnjLFS16T1UCs2nm9jGHisfXk634pNEpA1MEQGvhZ8ODHDgMScbl%2Bo47sYP41WagFNy%2Fs4p6RQpTdnZyGnQG67ygMtANKiGhwX7BGP27Ze69%2BxlKsOo06UPpidAZ9aq4yZz2u2f4RrtkcGOpCUM3zlKAK14GYvV4V3zxUIMcF6UQJMymszBb5%2BpKr8FKtwJ1rCsdT43YzaJW2Fd1cnBGIHWd8V2ES%2Fx3F7m7M4xgbMVaNpV4sXzPt6w%2F%2FYHOYJkNpIuqAggs4w%3D%3D
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/huang-zi-jiao-xia-biao-zao-qu-xiao-ding-dan-bei-mai-jia-yao-qiu-zhong-ding-yi-kan-jie-qian-zhang-5bei-zhen-de-you-dian-guo-huo.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.132.133.134 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-132-133-134.hosted-by-worldstream.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
ads
securepubads.g.doubleclick.net/gampad/ 		28 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2954177320407704&correlator=778160672284691&eid=31079659%2C31079666%2C31079671%2C31079527&output=ldjh&gdfp_req=1&vrg=202311090101&ptt=17&impl=fif&iu_parts=103512698%3A22574853003%2C22479095528&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C970x90%7C900x90%7C728x90%7C690x90%7C675x90%7C670x90%7C650x90%7C630x90%7C600x90%7C580x90%7C570x90%7C468x60%7C320x50%7C300x50%7C300x75&fluid=height&ifi=4&sfv=1-0-40&eri=1&sc=1&cookie=ID%3Db41398bdaa9909b2%3AT%3D1700132970%3ART%3D1700132970%3AS%3DALNI_MY9TDWl_IAj-r6iD6RW7pCAt1wm8w&gpic=UID%3D00000cc9e0085334%3AT%3D1700132970%3ART%3D1700132970%3AS%3DALNI_MaGHGq4gTOIhiQ9EJVN50HJyw1Ixg&arp=1&abxe=1&dt=1700132977124&lmt=1700132977&adxs=315&adys=1110&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhuang-zi-jiao-xia-biao-zao-qu-xiao-ding-dan-bei-mai-jia-yao-qiu-zhong-ding-yi-kan-jie-qian-zhang-5bei-zhen-de-you-dian-guo-huo.html&vis=1&psz=970x-1&msz=970x-1&fws=516&ohw=1600&ga_vid=1685989450.1700132971&ga_sid=1700132971&ga_hid=611753072&ga_fc=true&dlt=1700132969807&idt=946&prev_scp=stopUnfilledRefresh3%3Dd_g0_u0%26adpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D1%26fluid%3D0%26vacant_variation%3Dexperiment_bp_0%26vacant_RCA%3DE_0%26refreshcount%3D0%26refreshrate%3D30%26control_reporting%3Dchrome_DESKTOP_3_0%26cluster_reporting%3Dchrome_DESKTOP_3_1_active_0%26ap_refresh_type%3DAV_3%26hb_ap_format%3Dbanner%26hb_ap_pb%3D0.09%26hb_ap_adid%3D96c6ccd2f1e9f05%26hb_ap_bidder%3Drubicon%26fcEnabled%3D0&cust_params=da%3Dadx%26outbrain%3Dtrue%26ap_product%3Dadpushup%26pubmatic_eb_disable%3Dfalse%26ap_fp_engine_ran%3D0%26fp_engine_ran%3D0_2%26ap_fp_engine_type%3Dnone%26ap_fp_engine_temp%3Dnone_2%26faid%3Dfalse%26adro%3Dv8_e&adks=3374688892&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
6a127535540d42eae82ee476f77f64e3cf99980bb3f9bc18c296cc8593734556
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 11:09:37 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12362
x-xss-protection
0
google-lineitem-id
5221734848
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138441548914
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
pagead2.googlesyndication.com/bg/ Frame 340F 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
sffe /
Resource Hash
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 09:57:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
4337
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15296
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 16:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 15 Nov 2024 09:57:20 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame AA6E 		492 B
350 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2881380289823243&correlator=1409687504760005&eid=31079631%2C31079665%2C31079669%2C31079671%2C31079674%2C44807409&output=ldjh&gdfp_req=1&vrg=202311090101&ptt=17&impl=fifs&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&sfv=1-0-40&sc=1&cdm=cdn.aralego.net&abxe=1&dt=1700132977160&lmt=1644386353&adxs=-12245933&adys=-12245933&biw=-12245933&bih=-12245933&scr_x=-12245933&scr_y=-12245933&ucis=malq0qj2jo78&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&nhd=1&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2FcookieSyncIframe.html&ref=https%3A%2F%2Fwww.bg3.co%2F&top=https%3A%2F%2Fwww.bg3.co%2F&etu=AA-V4qPH-x2n0a2gGNOGlI9HCfKqZoIfdhBRXF2bvoam1rXQw6l3a4vKRPdRt7G4eK0IqLh1sOgi_5TDNhUb_r4VTVIv4zZlBlWJ_zGgeBDp1e_7pVPl64mgi2UKLik4f1oUaBbPU98n-o_gd1phh7KCUs_I8uWm97xJx3q1su6GqPESLFa9TzjcvwIZsy7f9debJWreX7TjTtRzZDlnpYX1hWyh0pGESHjFth1IWZL0dOihXiRbvjMy8XAf&vis=1&psz=0x0&msz=0x-1&fws=256&ohw=0&ea=0&ga_vid=1322223181.1700132977&ga_sid=1700132977&ga_hid=1289341379&ga_fc=false&dlt=1700132973598&idt=3038&adks=64515409&frm=24
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
3c779dc3b98ab34f2dfde9caa9b2ddd17ba1a1c5b9c9d28d677965b9a54a2362
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 11:09:37 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
233
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://cdn.aralego.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame AA6E 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202311090101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
f26606d504135cdfe78224755a10d0e4e5420014779e717d035b50341e66f76d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 11:09:37 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12354
x-xss-protection
0
container.html
b6b8a151ac2a3038939ef9cb3e6a97ce.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 314A 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://b6b8a151ac2a3038939ef9cb3e6a97ce.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f1.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 16 Nov 2023 11:09:37 GMT
expires
Fri, 15 Nov 2024 11:09:37 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
480_650.mp4
cdn.vidverto.io/secured2/c8x7ovkNzHlnQ1u2rFs72g:1700136572/1327/video/1811/ 		960 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.vidverto.io/secured2/c8x7ovkNzHlnQ1u2rFs72g:1700136572/1327/video/1811/480_650.mp4
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/huang-zi-jiao-xia-biao-zao-qu-xiao-ding-dan-bei-mai-jia-yao-qiu-zhong-ding-yi-kan-jie-qian-zhang-5bei-zhen-de-you-dian-guo-huo.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
175.110.113.214 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
175-110-113-214.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash

Request headers

Referer
https://www.bg3.co/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

Date
Thu, 16 Nov 2023 11:09:37 GMT
Last-Modified
Thu, 02 Sep 2021 16:34:58 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"6130fd32-101dff4"
Content-Type
video/mp4
Access-Control-Allow-Origin
*
Content-Range
bytes 0-16900083/16900084
Connection
keep-alive
Content-Length
16900084
collect
region1.google-analytics.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-Z0TZ7TDHS1&gtm=45je3b81v886690812&_p=1700132969829&gcd=11l1l1l1l1&dma=0&cid=1685989450.1700132971&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1700132977&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhuang-zi-jiao-xia-biao-zao-qu-xiao-ding-dan-bei-mai-jia-yao-qiu-zhong-ding-yi-kan-jie-qian-zhang-5bei-zhen-de-you-dian-guo-huo.html&dt=%E9%BB%83%E5%AD%90%E4%BD%BC%E4%B8%8B%E6%A8%99%E9%81%AD%E5%8F%96%E6%B6%88%E8%A8%82%E5%96%AE%EF%BC%81%E8%A2%AB%E8%B3%A3%E5%AE%B6%E8%A6%81%E6%B1%82%E9%87%8D%E8%A8%82%E2%80%A6%E4%B8%80%E7%9C%8B%E5%83%B9%E9%8C%A2%E6%BC%B25%E5%80%8D%EF%BC%9A%E7%9C%9F%E7%9A%84%E6%9C%89%E9%BB%9E%E9%81%8E%E7%81%AB%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&en=link_preview&_fv=1&_ss=1&_ee=1&epn.value=1&epn.siteid=42753&ep.error_msg=no_mapping_success&tfd=10755
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.32.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Nov 2023 11:09:37 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
VideoBidRequestHandlerServlet
wf.taboola.com/ 		2 KB
817 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1700132977522&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=2&pv=1573&pt=1637683408&tz=60&viewable=true&ddast=V8uHkCLAbkc88eGz07IxPI5549Nnp2Ri4AAABgYID-AImtPDaTazlYyxymjVu0MhnXwt3MtFatJr7JarUaLmwLIyCxlcdmci0Ha5nDtHGLVibjWribmdaq1cQ3Wa1Ww4VtYQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AaBmGg6HT7XvV73-90lPs9c4_cr_ELXw-5zS59uqdPhdwufDrfE6fC7pQ-_W_F6C58Ov1vktPvcIofdLXE53WqH0y11OtzKh9-teLre0qPf7nOLnHafW_l0ax12t9TpciueDrtbenTYfW7VxOV0S48uu1vkciv_rrfI6bC7da6_W-j624Wmt9kOAAAAAB78____QwAAAACIAAAAACABAAAAgEJAhX8LAhcAAAAAMPz___9rAHjmkPA20-Vp97ns_gAAAAAAAgAAAIAEAAL6YQmAGOO9E___________MQboM29k_P___98w6AHw4APgQQgAAMDHkC2spwusCtVZIgWwRRgBAAAAkC3GvzgySSeoWFT5___vtwJwBQAgYPFaGkw8i-6gxFsYAAAAgTEL9LD4_WaHXeN3u8z_________v5n_M_9ohHp64tIA9cORqvkFBABY8wsIAMBG3RTMvRmAE3QIWjEYrE5AzA4AAADAnf___389IOPczQwL12hhcjgHG5tvNFptRhbPxGPYmHyrzXJ7NrRYxyAB6ND7bAjL7PcdFJTT02N2GWQsl8kgPmgYlpNBMD8TthitJpPNcjhbLiaD4Wg4Gu2PAC4HaCIGy-VkspjsVqPVaDPcjWaDBRKIwQRRtGgwWY1Gk8VkuBpNVrPlYrfbIIpWrWajzWC4mk1mu91qOBguRyM0YYvRajLZLIez5WIyGI6Go9EQwZDNY9yshiO3yLWbuEWTxcSt3M0sbo1ps1iNNjaXb-Jai14f08c0841cDi8SDPDci-RpkU4UG8NwtxoMJhaTZeSbbHazkWVk2ngGC5tvNhhOJmKJ5mSRTmSXfce5mxkWrtHC5HAONjbfaLTajCyeicewMflWm-W-ZPMYN6vhyC1y7SZu0WQxcSt3M4tbY9osVqONzeWbuNai18f0Mc18I5fD39gNBovNZLkb7Bu7wWCxmSx3g32HzvBdfc5GZVkl-ei0ffNiW645DQqXweJ9qU_nYcFYkE47R6fM4XgWdUa_3-_3-_1-v9_vN2g9B7NB4Xse_sLpY3kuh7PRg9hgUMQSwUU6ETzMbofp5Zb4PBu_RSxRmi7SiV7hF7oedp9b-nRLnQ6_W_h0uCVOh98tffjditdb-HT43SKn3ecWOexuicvpVjucbqnT4VY-_G7F0_WWHv12n1vktPvcyqdb67C7pU6XW_F02N3So8Puc6smLqdbenTZ3SKXW_l3vUVOh92tc_3dQtffLjS9zRaxRHC6SCeil_F0Uf-RQ-yGc8VyN5eMhnPJZpUAAAAAAAAAACzBNNNNAAAAAJwMargZLlbrdDCT2WSwWy0XwEVQli5gEAAAAAAAgGKNPdYAD7PbYXq5JT7Pxm9lABLMecw2-4wg1mq1rAEAAAhgAwAACOCmG28CwaO4_____3EAAABk5NADAACg3weEFbBe6IErxa8gFoPdav8AVIi1Wq1uN9ZqtQIWyHIx2E3g____Pw!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=1&dtagid=3262075&dpubid=583815&abtst=adxsub-out_vA!adxsub-out_vB!tbt_player!ufm_vG&mPre=0.033&cirf=https%3A%2F%2Fwww.bg3.co&en=1&subu=3
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.5.7/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
2adee87fcb8a2f7509abdc4b195a1c0b73d8967ed7b507a05337f6badb5133d6

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
text/plain

Response headers

x-cache-hits
0
date
Thu, 16 Nov 2023 11:09:37 GMT
content-encoding
gzip
via
1.1 varnish
machineid
1458
x-cache
MISS
x-served-by
cache-fra-eddf8230085-FRA
pragma
no-cache
server
nginx
x-timer
S1700132978.599518,VS0,VE33
vary
Accept-Encoding
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
accept-ranges
bytes
expires
Sat, 26 Jul 1997 05:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame AE17 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuA4pTC5p6n4nmBB9MYPZi7_Q5YzfesLCe2Ywl2k2dfvK3q5EKveYG-ktfOEgXOJR7UY3LD0wJao3nejzgcAEf4dlv3cHe3kwOxTEWr12TEnOXoT_q_zQQDmHnVauWA4TVsqT9PuR0nXD3YauVDo7Y6lWRR9e7TQnIfUUq593dZbg9B-tTjOMEj3EC8sOJ4kuFdoKrgwBFAlgoRLHL8KjPnYoWtL2RruPutrqJkVROqCoSQJe53wLjyJKFMQnl_QXaJpuv3yTz7Umm7D9NEVHOqcWVdiY8EFzdNNU99j3K5pk3m3Wox17W8JUx4whD3rMastQ81HAEQsdiNOKSQhPQjpYM26wLU&sai=AMfl-YQYkDvnaH2r3YUbrVzWAKdR8uHQ0ecLX-BRAPsf1RL1dDoNtxEKIrBqY36o3wEa8XDrfpCEmrwovu9a3SGW0bONvjcrbOO5uQgFhQwsDOhFbe0wLKf9vnkKgSBpYvY&sig=Cg0ArKJSzNvkxr9iQSiBEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/huang-zi-jiao-xia-biao-zao-qu-xiao-ding-dan-bei-mai-jia-yao-qiu-zhong-ding-yi-kan-jie-qian-zhang-5bei-zhen-de-you-dian-guo-huo.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 11:09:37 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
logs
http-intake.logs.datadoghq.com/api/v2/ 		2 B
252 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://http-intake.logs.datadoghq.com/api/v2/logs?dd-api-key=pub6b45632781dd758b20e9d8357c39efab&ddsource=nodejs&service=adpushup.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.233.156.160 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-233-156-160.compute-1.amazonaws.com
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 16 Nov 2023 11:09:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
accept-encoding
identity,gzip,x-gzip,deflate,x-deflate,zstd
content-type
application/json
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
2
a47ef0db-25e0-4f94-81af-19922be34ec7_41c71f8a-9c4e-493a-8dfc-1ddc38e617eb
a.teads.tv/hb/ad/ Frame AE17 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/ad/a47ef0db-25e0-4f94-81af-19922be34ec7_41c71f8a-9c4e-493a-8dfc-1ddc38e617eb
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.21.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-21-51.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
f753787fb0442f9c45d641ee39306397a412a16447961a4137918b85e264d112

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Nov 2023 11:09:37 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
2547
expires
Thu, 16 Nov 2023 11:09:37 GMT
logs
http-intake.logs.datadoghq.com/api/v2/ 		2 B
252 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://http-intake.logs.datadoghq.com/api/v2/logs?dd-api-key=pub6b45632781dd758b20e9d8357c39efab&ddsource=nodejs&service=adpushup.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.233.156.160 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-233-156-160.compute-1.amazonaws.com
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 16 Nov 2023 11:09:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
accept-encoding
identity,gzip,x-gzip,deflate,x-deflate,zstd
content-type
application/json
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
2
a47ef0db-25e0-4f94-81af-19922be34ec7_86b8abf0-5054-4ede-94d0-97be783571fe
a.teads.tv/hb/ad/ Frame 3EBE 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/ad/a47ef0db-25e0-4f94-81af-19922be34ec7_86b8abf0-5054-4ede-94d0-97be783571fe
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.21.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-21-51.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
4f8b3eb92715fed34676ceecb8604536538241f7b633e7d00034e7c9dde9c8c6

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Nov 2023 11:09:37 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
2561
expires
Thu, 16 Nov 2023 11:09:37 GMT
logs
http-intake.logs.datadoghq.com/api/v2/ 		2 B
252 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://http-intake.logs.datadoghq.com/api/v2/logs?dd-api-key=pub6b45632781dd758b20e9d8357c39efab&ddsource=nodejs&service=adpushup.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.233.156.160 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-233-156-160.compute-1.amazonaws.com
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 16 Nov 2023 11:09:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
accept-encoding
identity,gzip,x-gzip,deflate,x-deflate,zstd
content-type
application/json
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
2
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame AE17 		203 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f2.1e100.net
Software
sffe /
Resource Hash
f68b49b743e29d28f46d9321318cd1fbdc017ddd6a4bdcdac1730ffc20b9f60e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 11:09:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65395
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1700052045412510"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 16 Nov 2023 11:09:37 GMT
aphb
e3.adpushup.com/AdPushupFeedbackWebService/feedback/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/aphb?data=eyJzaXRlSWQiOjQyNzUzLCJ1cmwiOiJodHRwczovL3d3dy5iZzMuY28vYS9odWFuZy16aS1qaWFvLXhpYS1iaWFvLXphby1xdS14aWFvLWRpbmctZGFuLWJlaS1tYWktamlhLXlhby1xaXUtemhvbmctZGluZy15aS1rYW4tamllLXFpYW4temhhbmctNWJlaS16aGVuLWRlLXlvdS1kaWFuLWd1by1odW8uaHRtbCIsInNpdGVEb21haW4iOiJodHRwczovL2JnMy5jby8iLCJwbGF0Zm9ybSI6IkRFU0tUT1AiLCJwYWNrZXRJZCI6IjAwMDBBNzAxLWM1YjU1YWE4LTczNDYtNGM1My04MzQwLWVhYjRhMDUyYmI4YiIsInBhZ2VHcm91cCI6IkFSVElDTEUiLCJwYWdlVmFyaWF0aW9uSWQiOiI5Njc1MDEyNS1iOTBjLTQ5N2EtODY5OS03MzE3MWY3YjQ5MzUiLCJwYWdlVmFyaWF0aW9uTmFtZSI6IkFkUHVzaHVwIiwicGFnZVZhcmlhdGlvblR5cGUiOjEsImJpZHMiOlt7ImJpZGRlciI6InRlYWRzIiwicmV2ZW51ZSI6MC4wMDAxMSwicmVzcG9uc2VUaW1lIjo2NjcsIm5ldHdvcmtSZWxhdGlvbiI6MX1dLCJtb2RlIjoxLCJlcnJvckNvZGUiOjEsIndpbm5lciI6InRlYWRzIiwid2lubmVyTmV0d29ya1JlbGF0aW9uIjoxLCJ3aW5uaW5nUmV2ZW51ZSI6MC4wMDAxMSwid2lubmVyQWRVbml0SWQiOiI5NDIyZjQ0ZDIwZDkxZTkiLCJ0aW1lZE91dEJpZGRlcnMiOltdLCJzZXJ2aWNlcyI6WzEsM10sInNlY3Rpb25JZCI6Ijc3YTljMjJmLWFjMDItNDVkZC05NmJjLWIwODk2YThhN2Q1YSIsInNlY3Rpb25OYW1lIjoiQVBfTF9EX0FSVElDTEVfNzI4WDI1MF83N2E5YyIsImZvcm1hdFR5cGUiOiJiYW5uZXIiLCJyZWZyZXNoQ291bnQiOjAsInBsYWNlbWVudCI6MSwicmVuZGVyZWRBZFNpemUiOiI3Mjh4OTAiLCJwcmViaWRBdWN0aW9uSWQiOiI4NjhmNTVkNy00YzcyLTQzY2EtYjZkMi05M2I0NWNkMzg5OWQiLCJoZWFkZXJCaWRkaW5nVHlwZSI6MSwiY291bnRyeSI6IkNIIn0%3D&c_b=10934.5
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/huang-zi-jiao-xia-biao-zao-qu-xiao-ding-dan-bei-mai-jia-yao-qiu-zhong-ding-yi-kan-jie-qian-zhang-5bei-zhen-de-you-dian-guo-huo.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Nov 2023 11:09:37 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
aphb
e3.adpushup.com/AdPushupFeedbackWebService/feedback/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/aphb?data=eyJzaXRlSWQiOjQyNzUzLCJ1cmwiOiJodHRwczovL3d3dy5iZzMuY28vYS9odWFuZy16aS1qaWFvLXhpYS1iaWFvLXphby1xdS14aWFvLWRpbmctZGFuLWJlaS1tYWktamlhLXlhby1xaXUtemhvbmctZGluZy15aS1rYW4tamllLXFpYW4temhhbmctNWJlaS16aGVuLWRlLXlvdS1kaWFuLWd1by1odW8uaHRtbCIsInNpdGVEb21haW4iOiJodHRwczovL2JnMy5jby8iLCJwbGF0Zm9ybSI6IkRFU0tUT1AiLCJwYWNrZXRJZCI6IjAwMDBBNzAxLWM1YjU1YWE4LTczNDYtNGM1My04MzQwLWVhYjRhMDUyYmI4YiIsInBhZ2VHcm91cCI6IkFSVElDTEUiLCJwYWdlVmFyaWF0aW9uSWQiOiI5Njc1MDEyNS1iOTBjLTQ5N2EtODY5OS03MzE3MWY3YjQ5MzUiLCJwYWdlVmFyaWF0aW9uTmFtZSI6IkFkUHVzaHVwIiwicGFnZVZhcmlhdGlvblR5cGUiOjEsImJpZHMiOlt7ImJpZGRlciI6InRlYWRzIiwicmV2ZW51ZSI6MC4wMDAxLCJyZXNwb25zZVRpbWUiOjY2NCwibmV0d29ya1JlbGF0aW9uIjoxfV0sIm1vZGUiOjEsImVycm9yQ29kZSI6MSwid2lubmVyIjoidGVhZHMiLCJ3aW5uZXJOZXR3b3JrUmVsYXRpb24iOjEsIndpbm5pbmdSZXZlbnVlIjowLjAwMDEsIndpbm5lckFkVW5pdElkIjoiOTA2MThjNWE5MmVjOGJlIiwidGltZWRPdXRCaWRkZXJzIjpbXSwic2VydmljZXMiOlsxLDNdLCJzZWN0aW9uSWQiOiI3N2E5YzIyZi1hYzAyLTQ1ZGQtOTZiYy1iMDg5NmE4YTdkNWEiLCJzZWN0aW9uTmFtZSI6IkFQX0xfRF9BUlRJQ0xFXzcyOFgyNTBfNzdhOWMiLCJmb3JtYXRUeXBlIjoiYmFubmVyIiwicmVmcmVzaENvdW50IjowLCJwbGFjZW1lbnQiOjEsInJlbmRlcmVkQWRTaXplIjoiNzI4eDkwIiwicHJlYmlkQXVjdGlvbklkIjoiODY4ZjU1ZDctNGM3Mi00M2NhLWI2ZDItOTNiNDVjZDM4OTlkIiwiaGVhZGVyQmlkZGluZ1R5cGUiOjEsImNvdW50cnkiOiJDSCJ9&c_b=10956.199996948242
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/huang-zi-jiao-xia-biao-zao-qu-xiao-ding-dan-bei-mai-jia-yao-qiu-zhong-ding-yi-kan-jie-qian-zhang-5bei-zhen-de-you-dian-guo-huo.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Nov 2023 11:09:37 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
publishertag.prebid.js
static.criteo.net/js/ld/ 		96 KB
31 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.135.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
66776998b10e583a72f8fd29391a50e2c80eb3bc9a65b0dafe97e576d7d88507
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 11:09:38 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 27 Oct 2023 06:43:26 GMT
server
nginx
etag
W/"653b5c0e-1811e"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 17 Nov 2023 11:09:38 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3623 		42 B
117 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BLr-uPFq0rk4_9-DODCNwwL54hg7AIpeuNCeiESO5Eeb6g0Bb7pROaQ3RkTkjF8kfy2FCFbmpFJQSp8CL9JNz1KcJ1I_9RaabisVGUmM4ysFWBY-o
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301107&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1700132976&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhuang-zi-jiao-xia-biao-zao-qu-xiao-ding-dan-bei-mai-jia-yao-qiu-zhong-ding-yi-kan-jie-qian-zhang-5bei-zhen-de-you-dian-guo-huo.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700132973992&bpp=941&bdt=1668&idt=2920&shv=r20231109&mjsv=m202311090101&ptt=5&saldr=sd&cookie=ID%3Db41398bdaa9909b2%3AT%3D1700132970%3ART%3D1700132970%3AS%3DALNI_MY9TDWl_IAj-r6iD6RW7pCAt1wm8w&gpic=UID%3D00000cc9e0085334%3AT%3D1700132970%3ART%3D1700132970%3AS%3DALNI_MaGHGq4gTOIhiQ9EJVN50HJyw1Ixg&correlator=1789034463196&frm=23&ife=1&pv=2&ga_vid=1685989450.1700132971&ga_sid=1700132977&ga_hid=279756116&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1544&biw=1600&bih=1200&isw=336&ish=280&ifk=904434799&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31078301%2C44807763%2C44808148%2C44808285%2C44809055%2C31079698&oid=2&pvsid=2215057882865319&tmod=1229521688&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.139s2rqhl1tc&btvi=1&fsb=1&dtd=2965
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Nov 2023 11:09:37 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3623 		0
67 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=5713786660072100304&x=1&ct=77
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301107&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1700132976&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhuang-zi-jiao-xia-biao-zao-qu-xiao-ding-dan-bei-mai-jia-yao-qiu-zhong-ding-yi-kan-jie-qian-zhang-5bei-zhen-de-you-dian-guo-huo.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700132973992&bpp=941&bdt=1668&idt=2920&shv=r20231109&mjsv=m202311090101&ptt=5&saldr=sd&cookie=ID%3Db41398bdaa9909b2%3AT%3D1700132970%3ART%3D1700132970%3AS%3DALNI_MY9TDWl_IAj-r6iD6RW7pCAt1wm8w&gpic=UID%3D00000cc9e0085334%3AT%3D1700132970%3ART%3D1700132970%3AS%3DALNI_MaGHGq4gTOIhiQ9EJVN50HJyw1Ixg&correlator=1789034463196&frm=23&ife=1&pv=2&ga_vid=1685989450.1700132971&ga_sid=1700132977&ga_hid=279756116&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1544&biw=1600&bih=1200&isw=336&ish=280&ifk=904434799&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31078301%2C44807763%2C44808148%2C44808285%2C44809055%2C31079698&oid=2&pvsid=2215057882865319&tmod=1229521688&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.139s2rqhl1tc&btvi=1&fsb=1&dtd=2965
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Nov 2023 11:09:37 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 3623 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301107&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1700132976&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhuang-zi-jiao-xia-biao-zao-qu-xiao-ding-dan-bei-mai-jia-yao-qiu-zhong-ding-yi-kan-jie-qian-zhang-5bei-zhen-de-you-dian-guo-huo.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700132973992&bpp=941&bdt=1668&idt=2920&shv=r20231109&mjsv=m202311090101&ptt=5&saldr=sd&cookie=ID%3Db41398bdaa9909b2%3AT%3D1700132970%3ART%3D1700132970%3AS%3DALNI_MY9TDWl_IAj-r6iD6RW7pCAt1wm8w&gpic=UID%3D00000cc9e0085334%3AT%3D1700132970%3ART%3D1700132970%3AS%3DALNI_MaGHGq4gTOIhiQ9EJVN50HJyw1Ixg&correlator=1789034463196&frm=23&ife=1&pv=2&ga_vid=1685989450.1700132971&ga_sid=1700132977&ga_hid=279756116&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1544&biw=1600&bih=1200&isw=336&ish=280&ifk=904434799&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31078301%2C44807763%2C44808148%2C44808285%2C44809055%2C31079698&oid=2&pvsid=2215057882865319&tmod=1229521688&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.139s2rqhl1tc&btvi=1&fsb=1&dtd=2965
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 11:09:37 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31485
x-xss-protection
0
server
cafe
etag
7119415641918660631
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Thu, 16 Nov 2023 11:09:37 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 3623 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301107&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1700132976&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhuang-zi-jiao-xia-biao-zao-qu-xiao-ding-dan-bei-mai-jia-yao-qiu-zhong-ding-yi-kan-jie-qian-zhang-5bei-zhen-de-you-dian-guo-huo.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700132973992&bpp=941&bdt=1668&idt=2920&shv=r20231109&mjsv=m202311090101&ptt=5&saldr=sd&cookie=ID%3Db41398bdaa9909b2%3AT%3D1700132970%3ART%3D1700132970%3AS%3DALNI_MY9TDWl_IAj-r6iD6RW7pCAt1wm8w&gpic=UID%3D00000cc9e0085334%3AT%3D1700132970%3ART%3D1700132970%3AS%3DALNI_MaGHGq4gTOIhiQ9EJVN50HJyw1Ixg&correlator=1789034463196&frm=23&ife=1&pv=2&ga_vid=1685989450.1700132971&ga_sid=1700132977&ga_hid=279756116&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1544&biw=1600&bih=1200&isw=336&ish=280&ifk=904434799&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31078301%2C44807763%2C44808148%2C44808285%2C44809055%2C31079698&oid=2&pvsid=2215057882865319&tmod=1229521688&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.139s2rqhl1tc&btvi=1&fsb=1&dtd=2965
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f1.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 17:50:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
62343
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 29 Nov 2023 17:50:35 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 3623 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301107&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1700132976&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhuang-zi-jiao-xia-biao-zao-qu-xiao-ding-dan-bei-mai-jia-yao-qiu-zhong-ding-yi-kan-jie-qian-zhang-5bei-zhen-de-you-dian-guo-huo.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700132973992&bpp=941&bdt=1668&idt=2920&shv=r20231109&mjsv=m202311090101&ptt=5&saldr=sd&cookie=ID%3Db41398bdaa9909b2%3AT%3D1700132970%3ART%3D1700132970%3AS%3DALNI_MY9TDWl_IAj-r6iD6RW7pCAt1wm8w&gpic=UID%3D00000cc9e0085334%3AT%3D1700132970%3ART%3D1700132970%3AS%3DALNI_MaGHGq4gTOIhiQ9EJVN50HJyw1Ixg&correlator=1789034463196&frm=23&ife=1&pv=2&ga_vid=1685989450.1700132971&ga_sid=1700132977&ga_hid=279756116&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1544&biw=1600&bih=1200&isw=336&ish=280&ifk=904434799&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31078301%2C44807763%2C44808148%2C44808285%2C44809055%2C31079698&oid=2&pvsid=2215057882865319&tmod=1229521688&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.139s2rqhl1tc&btvi=1&fsb=1&dtd=2965
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f1.1e100.net
Software
cafe /
Resource Hash
3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 21:33:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
48991
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8541
x-xss-protection
0
server
cafe
etag
737174102934380276
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 29 Nov 2023 21:33:06 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 3623 		203 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301107&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1700132976&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhuang-zi-jiao-xia-biao-zao-qu-xiao-ding-dan-bei-mai-jia-yao-qiu-zhong-ding-yi-kan-jie-qian-zhang-5bei-zhen-de-you-dian-guo-huo.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700132973992&bpp=941&bdt=1668&idt=2920&shv=r20231109&mjsv=m202311090101&ptt=5&saldr=sd&cookie=ID%3Db41398bdaa9909b2%3AT%3D1700132970%3ART%3D1700132970%3AS%3DALNI_MY9TDWl_IAj-r6iD6RW7pCAt1wm8w&gpic=UID%3D00000cc9e0085334%3AT%3D1700132970%3ART%3D1700132970%3AS%3DALNI_MaGHGq4gTOIhiQ9EJVN50HJyw1Ixg&correlator=1789034463196&frm=23&ife=1&pv=2&ga_vid=1685989450.1700132971&ga_sid=1700132977&ga_hid=279756116&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1544&biw=1600&bih=1200&isw=336&ish=280&ifk=904434799&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31078301%2C44807763%2C44808148%2C44808285%2C44809055%2C31079698&oid=2&pvsid=2215057882865319&tmod=1229521688&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.139s2rqhl1tc&btvi=1&fsb=1&dtd=2965
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f2.1e100.net
Software
sffe /
Resource Hash
f68b49b743e29d28f46d9321318cd1fbdc017ddd6a4bdcdac1730ffc20b9f60e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 11:09:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65395
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1700052045412510"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 16 Nov 2023 11:09:38 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame AA6E 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f1.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 11:09:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 16 Nov 2023 11:09:37 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame D497 		611 B
310 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxiXwojGATAB&v=APEucNX40iiXE3SCuivYyCcrpHw6S1B9z7U2b5uX792MZpLwRD1rkdT6-Yjd9X8dyjTpqCWxO2syRbxxQMxU9UrabKQo0VsmiQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301107&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1700132976&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhuang-zi-jiao-xia-biao-zao-qu-xiao-ding-dan-bei-mai-jia-yao-qiu-zhong-ding-yi-kan-jie-qian-zhang-5bei-zhen-de-you-dian-guo-huo.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700132973992&bpp=941&bdt=1668&idt=2920&shv=r20231109&mjsv=m202311090101&ptt=5&saldr=sd&cookie=ID%3Db41398bdaa9909b2%3AT%3D1700132970%3ART%3D1700132970%3AS%3DALNI_MY9TDWl_IAj-r6iD6RW7pCAt1wm8w&gpic=UID%3D00000cc9e0085334%3AT%3D1700132970%3ART%3D1700132970%3AS%3DALNI_MaGHGq4gTOIhiQ9EJVN50HJyw1Ixg&correlator=1789034463196&frm=23&ife=1&pv=2&ga_vid=1685989450.1700132971&ga_sid=1700132977&ga_hid=279756116&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1544&biw=1600&bih=1200&isw=336&ish=280&ifk=904434799&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31078301%2C44807763%2C44808148%2C44808285%2C44809055%2C31079698&oid=2&pvsid=2215057882865319&tmod=1229521688&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.139s2rqhl1tc&btvi=1&fsb=1&dtd=2965
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s46-in-f2.1e100.net
Software
cafe /
Resource Hash
55b198b5ed1bd02e77f84c6971a69d5c2160c0c32fd770ce33405e194750f5fd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301107&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1700132976&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhuang-zi-jiao-xia-biao-zao-qu-xiao-ding-dan-bei-mai-jia-yao-qiu-zhong-ding-yi-kan-jie-qian-zhang-5bei-zhen-de-you-dian-guo-huo.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700132973992&bpp=941&bdt=1668&idt=2920&shv=r20231109&mjsv=m202311090101&ptt=5&saldr=sd&cookie=ID%3Db41398bdaa9909b2%3AT%3D1700132970%3ART%3D1700132970%3AS%3DALNI_MY9TDWl_IAj-r6iD6RW7pCAt1wm8w&gpic=UID%3D00000cc9e0085334%3AT%3D1700132970%3ART%3D1700132970%3AS%3DALNI_MaGHGq4gTOIhiQ9EJVN50HJyw1Ixg&correlator=1789034463196&frm=23&ife=1&pv=2&ga_vid=1685989450.1700132971&ga_sid=1700132977&ga_hid=279756116&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1544&biw=1600&bih=1200&isw=336&ish=280&ifk=904434799&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31078301%2C44807763%2C44808148%2C44808285%2C44809055%2C31079698&oid=2&pvsid=2215057882865319&tmod=1229521688&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.139s2rqhl1tc&btvi=1&fsb=1&dtd=2965
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
243
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 16 Nov 2023 11:09:38 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame 9326 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstFQQZ97nfIOm3J3Dv1RhXKxVqwpbq-UWncR2osS9HvjwV2M4Xo50hrGudunfFYVw2nfsTB7WR5EdPcvmoVI0oPgIaXAv5xS-rNEAmU2el_qRR2v3GNdgmxQdhZoDeHGGn-rISyWnnvqqcF0zkPco9zXYe89jj9phY2lQzPKeOcSeLT19Fk2_oQtq97jdtmFeiYMz_azdkAS2jWvrZqUajMme3HNy9XLbf1llV7xl1jYmIh-aU1Wp0VXVH7MgsPECJ24va4xDA8qYKXU9FA7NUZkfEsI2sY4JMpqpZcrrF6Q_yFvAAuCuOw7LydYhDr6OsKpHy91kq6zpOA4yEbFswgi_fGOi_Y&sai=AMfl-YS0kJv32kGShwyc1-tkpG_ESIxMin7nYu27GnWtl3uh42tR-GDq-wVtUOQlTcu7sqPo5pI8Js4H7iG-GzRRURJBaO1ZPOsHMnVPzJiT5ZYk-hf3v6LndtROLSzWaAM&sig=Cg0ArKJSzHtxSmAkJ5VREAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/huang-zi-jiao-xia-biao-zao-qu-xiao-ding-dan-bei-mai-jia-yao-qiu-zhong-ding-yi-kan-jie-qian-zhang-5bei-zhen-de-you-dian-guo-huo.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 11:09:38 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
logs
http-intake.logs.datadoghq.com/api/v2/ 		2 B
252 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://http-intake.logs.datadoghq.com/api/v2/logs?dd-api-key=pub6b45632781dd758b20e9d8357c39efab&ddsource=nodejs&service=adpushup.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.233.156.160 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-233-156-160.compute-1.amazonaws.com
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 16 Nov 2023 11:09:38 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
accept-encoding
identity,gzip,x-gzip,deflate,x-deflate,zstd
content-type
application/json
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
2
/
track.adform.net/adfscript/ Frame 9326 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfscript/?bn=66923274;rtbwp=BCEE3F9130A56961;rtbdata=hAxtzyjYKd_C6hKhR1NLv-E0nr5e6MRHl6NisnqPJ5KebmIOlerPH7ZHmuUYXv7bf-pnVStFmnN0Zxk_viZ5aLOPs15HlbU0fir2436mV1bPZuuJDArjiM9NmQqbe6gZyqLfjJG1F8LbhvCEIMVFhZlkfych4hZI9VbzYw3tmzrSyapRn6d62CK-FrR29mhIoxzemDu0Q3fJ4n9O5t0IdCl9OhsYcUR17FO1hAlZdsvA41ylanR56WScaBh6rtCDv5FTk8G4x54sbOKfgecpXeEYjG_N21jOnGUIBPPUN2mPOFniYvy3OroeDehiJxP16R7UzS-NJGniH-f8xpRkzahY_zJp1rn7GO2DzdV9Q5NU-rh9SZR-zGjaWJPaE6InEiIfYSqsStTAvO8molaN6d96MaC3lux9nkibjpk2krfkhszg31y2U9XGBrJrSoRDf5Q_yH46D8DXVeRygR7ZPeyk21BazGM4iqYzEXZ90qPDeIjrSAcYFw2;;OOBClickTrack=https://beacon-nf.rubiconproject.com/beacon/v3/t/ams3/0/6cfb3b4a-7c6a-4764-84a7-00f6fdf9e5d8/
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/huang-zi-jiao-xia-biao-zao-qu-xiao-ding-dan-bei-mai-jia-yao-qiu-zhong-ding-yi-kan-jie-qian-zhang-5bei-zhen-de-you-dian-guo-huo.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.228 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
144576d3f889133adc55e4730a2f0528206d62e7a5e9c17f4ae564886ce9cd38
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Nov 2023 11:09:38 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
1158
expires
-1
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 9326 		203 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f2.1e100.net
Software
sffe /
Resource Hash
f68b49b743e29d28f46d9321318cd1fbdc017ddd6a4bdcdac1730ffc20b9f60e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 11:09:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65395
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1700052045412510"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 16 Nov 2023 11:09:38 GMT
aphb
e3.adpushup.com/AdPushupFeedbackWebService/feedback/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/aphb?data=eyJzaXRlSWQiOjQyNzUzLCJ1cmwiOiJodHRwczovL3d3dy5iZzMuY28vYS9odWFuZy16aS1qaWFvLXhpYS1iaWFvLXphby1xdS14aWFvLWRpbmctZGFuLWJlaS1tYWktamlhLXlhby1xaXUtemhvbmctZGluZy15aS1rYW4tamllLXFpYW4temhhbmctNWJlaS16aGVuLWRlLXlvdS1kaWFuLWd1by1odW8uaHRtbCIsInNpdGVEb21haW4iOiJodHRwczovL2JnMy5jby8iLCJwbGF0Zm9ybSI6IkRFU0tUT1AiLCJwYWNrZXRJZCI6IjAwMDBBNzAxLWM1YjU1YWE4LTczNDYtNGM1My04MzQwLWVhYjRhMDUyYmI4YiIsInBhZ2VHcm91cCI6IkFSVElDTEUiLCJwYWdlVmFyaWF0aW9uSWQiOiI5Njc1MDEyNS1iOTBjLTQ5N2EtODY5OS03MzE3MWY3YjQ5MzUiLCJwYWdlVmFyaWF0aW9uTmFtZSI6IkFkUHVzaHVwIiwicGFnZVZhcmlhdGlvblR5cGUiOjEsImJpZHMiOlt7ImJpZGRlciI6InJ1Ymljb24iLCJyZXZlbnVlIjowLjAwMDA4OTk5OTk5OTk5OTk5OTk5LCJyZXNwb25zZVRpbWUiOjY4MSwibmV0d29ya1JlbGF0aW9uIjoxfV0sIm1vZGUiOjEsImVycm9yQ29kZSI6MSwid2lubmVyIjoicnViaWNvbiIsIndpbm5lck5ldHdvcmtSZWxhdGlvbiI6MSwid2lubmluZ1JldmVudWUiOjAuMDAwMDg5OTk5OTk5OTk5OTk5OTksIndpbm5lckFkVW5pdElkIjoiOTZjNmNjZDJmMWU5ZjA1IiwidGltZWRPdXRCaWRkZXJzIjpbXSwic2VydmljZXMiOls1LDNdLCJzZWN0aW9uSWQiOiJkMWMxMGE3Mi0yN2I0LTQ5MzEtOGNlNy05OWExOGViYmRiYWUiLCJzZWN0aW9uTmFtZSI6IkFQX0lfRF9BUlRJQ0xFXzcyOFg5MF9kMWMxMCIsImZvcm1hdFR5cGUiOiJiYW5uZXIiLCJyZWZyZXNoQ291bnQiOjAsInBsYWNlbWVudCI6MSwicmVuZGVyZWRBZFNpemUiOiI3Mjh4OTAiLCJwcmViaWRBdWN0aW9uSWQiOiJmMjUwN2U0YS02Zjk5LTRlZDItOTcyYS1mYmQyNDQ1NGQ5MjAiLCJoZWFkZXJCaWRkaW5nVHlwZSI6MSwiY291bnRyeSI6IkNIIn0%3D&c_b=11685.300003051758
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/huang-zi-jiao-xia-biao-zao-qu-xiao-ding-dan-bei-mai-jia-yao-qiu-zhong-ding-yi-kan-jie-qian-zhang-5bei-zhen-de-you-dian-guo-huo.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Nov 2023 11:09:38 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
/
track.adform.net/rtb/billing/ Frame 9326 		35 B
211 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.adform.net/rtb/billing/?bn=66923274&rtbwp=BCEE3F9130A56961&rtbdata=hAxtzyjYKd_C6hKhR1NLv-E0nr5e6MRHl6NisnqPJ5KebmIOlerPH7ZHmuUYXv7bf-pnVStFmnN0Zxk_viZ5aLOPs15HlbU0fir2436mV1bPZuuJDArjiM9NmQqbe6gZyqLfjJG1F8LbhvCEIMVFhZlkfych4hZI9VbzYw3tmzrSyapRn6d62CK-FrR29mhIoxzemDu0Q3fJ4n9O5t0IdCl9OhsYcUR17FO1hAlZdsvA41ylanR56WScaBh6rtCDv5FTk8G4x54sbOKfgecpXeEYjG_N21jOnGUIBPPUN2mPOFniYvy3OroeDehiJxP16R7UzS-NJGniH-f8xpRkzahY_zJp1rn7GO2DzdV9Q5NU-rh9SZR-zGjaWJPaE6InEiIfYSqsStTAvO8molaN6d96MaC3lux9nkibjpk2krfkhszg31y2U9XGBrJrSoRDf5Q_yH46D8DXVeRygR7ZPeyk21BazGM4iqYzEXZ90qPDeIjrSAcYFw2&winparams=-RusDNRRK4txURYYTdNpB4p9HM83XWaiy2nYn4UiJoNxC31HnPXspgsptvGhoNX88SToQFloQbO8U7EuhrBf8VX0b5KNHciw286-tUrNWNyoy-4otgeXJ66ULKRXfpdmXEDQ0DWF9WL0bDtFsQztHPV6eYhim5Red353ju5HzbuZp89vo7QYWduG8IQgxUWFmWR_JyHiFkj1VvNjDe2bOtLJqlGfp3rYIr4WtHb2aEijHN6YO7RDd8nif07m3Qh0KX06GxhxRHXsU7WECVl2y8DjXKVqdHnpZJxoGHqu0IO_kVOTwbjHnixs4p-B5yld4RiMb83bWM6cZQgE89Q3aY84WeJi_Lc6uh4N6GInE_XpHtTNL40kaeIf5_zGlGTNtomMlY76ahI1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/huang-zi-jiao-xia-biao-zao-qu-xiao-ding-dan-bei-mai-jia-yao-qiu-zhong-ding-yi-kan-jie-qian-zhang-5bei-zhen-de-you-dian-guo-huo.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.228 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 16 Nov 2023 11:09:38 GMT
cache-control
no-cache, no-store, must-revalidate, no-transform
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
expires
-1
6cfb3b4a-7c6a-4764-84a7-00f6fdf9e5d8
beacon-ams3.rubiconproject.com/beacon/d/ Frame 9326 		43 B
227 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon-ams3.rubiconproject.com/beacon/d/6cfb3b4a-7c6a-4764-84a7-00f6fdf9e5d8?oo=0&accountId=20616&siteId=395958&zoneId=2209398&sizeId=2&e=6A1E40E384DA563BB4C51846406C540544D8B62EA5183A9A28786EF9A2BA73DA95A9D1EA6C2757ADD84F92650BF447F4683D50851BF2EEDF8DD261D81E2B743C047AF3EDF6C995CF01BCD94F5EF80214641BEF83CA9F06FD0EA297BEA25D8B6FAFC9BE5E72258559EB529D0FD8A712466C40B8E70B71B31BB49E099E356383515122A0C8F3F98D767E625848872D964AE88D14A8E282D0F9659CA2ACEB11BC9C600321EA49D8C05E49046246CFF1F1F60F81BD3198B428E39D157D4F7F3E0C4E9DA5FA8A755BAEB9
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/huang-zi-jiao-xia-biao-zao-qu-xiao-ding-dan-bei-mai-jia-yao-qiu-zhong-ding-yi-kan-jie-qian-zhang-5bei-zhen-de-you-dian-guo-huo.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.19.162.37 , United Kingdom, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Nov 2023 11:09:38 GMT
x-content-type-options
nosniff
x-frame-options
DENY
content-type
image/avif
cache-control
private, max-age=0, no-cache
content-length
43
x-xss-protection
1; mode=block
expires
01 Jan 1970 10:00:00 GMT
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v12/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v12/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/player/ui/css/video_playlist.css?v=1698683788
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f3.1e100.net
Software
sffe /
Resource Hash
4ab7918478793ceb022d3f5449e401b44b78d87bc4429058ebb8b64163640da2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ad.vidverto.io/
Origin
https://www.bg3.co
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 20:23:04 GMT
x-content-type-options
nosniff
age
312395
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18684
x-xss-protection
0
last-modified
Tue, 07 Nov 2017 15:24:32 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 11 Nov 2024 20:23:04 GMT
JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v12/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v12/JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/player/ui/css/video_playlist.css?v=1698683788
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f3.1e100.net
Software
sffe /
Resource Hash
746589ecfb4406519933a6aea5f1149224afcba81e3c3ef0541e7ad6c8111b7e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ad.vidverto.io/
Origin
https://www.bg3.co
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 04:52:20 GMT
x-content-type-options
nosniff
age
195439
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18956
x-xss-protection
0
last-modified
Tue, 07 Nov 2017 15:27:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 13 Nov 2024 04:52:20 GMT
logo.svg
ad.vidverto.io/vidverto/player/ 		414 B
551 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.vidverto.io/vidverto/player/logo.svg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/huang-zi-jiao-xia-biao-zao-qu-xiao-ding-dan-bei-mai-jia-yao-qiu-zhong-ding-yi-kan-jie-qian-zhang-5bei-zhen-de-you-dian-guo-huo.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.132.133.134 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-132-133-134.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
8d5d4d2769bdb28802f4309747ef6a358007eeb37daadc66a78ba0ca81cd4bce

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 11:09:38 GMT
last-modified
Wed, 04 May 2022 14:39:21 GMT
server
nginx/1.14.0 (Ubuntu)
accept-ranges
bytes
etag
"62729019-19e"
content-length
414
content-type
image/svg+xml
ima3.js
imasdk.googleapis.com/js/sdkloader/ 		365 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/player/vidvertoplayer.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.202 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f10.1e100.net
Software
sffe /
Resource Hash
4b11a3cb86b8e90ee13ac577dbb1a2398373c7d7777a18066cf50b991ecae129
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 11:09:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
128095
x-xss-protection
0
expires
Thu, 16 Nov 2023 11:09:38 GMT
setuid
ib.adnxs.com/ Frame D497
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEKIVUNGGJAOne0m3cGey8NY&google_cver=1
43 B
878 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEKIVUNGGJAOne0m3cGey8NY&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxiXwojGATAB&v=APEucNX40iiXE3SCuivYyCcrpHw6S1B9z7U2b5uX792MZpLwRD1rkdT6-Yjd9X8dyjTpqCWxO2syRbxxQMxU9UrabKQo0VsmiQ
Protocol
H2
Server
185.89.211.12 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Nov 2023 11:09:39 GMT
an-x-request-uuid
7a5b593b-bcc3-4048-b72a-0b8465fec601
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
178.197.248.23; 178.197.248.23; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 16 Nov 2023 11:09:38 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEKIVUNGGJAOne0m3cGey8NY&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame D497
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTAwODQ1MjE1OTMzMTMxNDAz
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTAwODQ1MjE1OTMzMTMxNDAz
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxiXwojGATAB&v=APEucNX40iiXE3SCuivYyCcrpHw6S1B9z7U2b5uX792MZpLwRD1rkdT6-Yjd9X8dyjTpqCWxO2syRbxxQMxU9UrabKQo0VsmiQ
Protocol
H3
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Nov 2023 11:09:39 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 16 Nov 2023 11:09:38 GMT
an-x-request-uuid
4e5db0db-9291-4b7e-a780-985031bb5a38
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTAwODQ1MjE1OTMzMTMxNDAz
x-proxy-origin
178.197.248.23; 178.197.248.23; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame D497
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEKTdiBhnS5gIM9IZQZnWDg&google_cver=1
  • https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESEEKTdiBhnS5gIM9IZQZnWDg&google_cver=1
43 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESEEKTdiBhnS5gIM9IZQZnWDg&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxiXwojGATAB&v=APEucNX40iiXE3SCuivYyCcrpHw6S1B9z7U2b5uX792MZpLwRD1rkdT6-Yjd9X8dyjTpqCWxO2syRbxxQMxU9UrabKQo0VsmiQ
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Nov 2023 11:09:39 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESEEKTdiBhnS5gIM9IZQZnWDg&google_cver=1
date
Thu, 16 Nov 2023 11:09:39 GMT
via
1.1 google
server
OXGW/0.0.0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
p3p
CP="CUR ADM OUR NOR STA NID"
pixel
cm.g.doubleclick.net/ Frame D497
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
  • https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NTRkMDBkNjMtMmU1NS0yZmFiLWUxY2MtOWJmNDkzZWY5OWVk
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NTRkMDBkNjMtMmU1NS0yZmFiLWUxY2MtOWJmNDkzZWY5OWVk
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxiXwojGATAB&v=APEucNX40iiXE3SCuivYyCcrpHw6S1B9z7U2b5uX792MZpLwRD1rkdT6-Yjd9X8dyjTpqCWxO2syRbxxQMxU9UrabKQo0VsmiQ
Protocol
H3
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Nov 2023 11:09:40 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 16 Nov 2023 11:09:39 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NTRkMDBkNjMtMmU1NS0yZmFiLWUxY2MtOWJmNDkzZWY5OWVk
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.bg3.co%2F&domain=www.bg3.co&cw=1&pbt=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.bg3.co
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Thu, 16 Nov 2023 11:09:38 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
230192
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
json
gum.criteo.com/sid/ 		2 B
368 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.bg3.co%2F&domain=www.bg3.co&cw=1&pbt=1&lsw=1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Thu, 16 Nov 2023 11:09:39 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
217930
expires
0
rid
match.adsrvr.org/track/ 		63 B
418 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
db4ea43b983441b1815a54eb8600018aeba63f1fbd579ed6aa5745c0069eeb9d

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 16 Nov 2023 11:09:38 GMT
content-encoding
gzip
server
Kestrel
vary
Origin, Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
expires
Sat, 16 Dec 2023 11:09:38 GMT
sync
eb2.3lift.com/ Frame 74A0 		37 B
140 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
date
Thu, 16 Nov 2023 11:09:39 GMT
async_usersync.html
acdn.adnxs.com/dmp/ Frame DB2F 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
9125
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Thu, 16 Nov 2023 11:09:39 GMT
ETag
W/"623de86a-cf34"
Expires
Thu, 16 Nov 2023 08:37:34 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
453, 67900
X-Served-By
cache-lga13626-LGA, cache-fra-etou8220035-FRA
X-Timer
S1700132979.302735,VS0,VE0
isyn
prebid.a-mo.net/ Frame 50B3 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=&gpp=&gpp_sid=
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.84.158 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
max-age=0, private, must-revalidate
date
Thu, 16 Nov 2023 11:09:46 GMT
server
envoy
vary
Accept-Encoding
x-envoy-upstream-service-time
0
ixmatch.html
js-sec.indexww.com/um/ Frame 67EF 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.149.180 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
1148
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
826f48709f3c24c0-ZRH
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 16 Nov 2023 11:09:39 GMT
expires
Thu, 16 Nov 2023 15:09:39 GMT
last-modified
Mon, 25 Jul 2022 19:18:19 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame E24B 		281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-22-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 16 Nov 2023 11:09:38 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
checksync.php
contextual.media.net/ Frame F3EB 		24 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C2045%2C3012%2C2043%2C2040%2C244%2C2039%2C3007%2C246%2C4%2C203%2C446%2C9%2C2055%2C2099%2C173%2C294%2C251%2C175%2C450%2C132%2C374%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C459%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C461%2C222%2C345%2C468%2C10000%2C80%2C108%2C229%2C307%2C508&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.20.22 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-22.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ef6ca8dad8a63869fec190ce7949b92b367981f281677daf118b588e2313fb93
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
8530
content-type
text/html; charset=UTF-8
date
Thu, 16 Nov 2023 11:09:39 GMT
expires
Sat, 18 Nov 2023 11:09:39 GMT
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
/
csync.smilewanted.com/ Frame 2E51 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a2b996fdc66d9abf1696965fbb8afdcb5b7b9aea5219da13e11d11512f3a101c

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
826f486dba410e1a-MXP
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 16 Nov 2023 11:09:38 GMT
server
cloudflare
vary
Accept-Encoding
/
onetag-sys.com/usync/ Frame 0213 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1700132973214
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
8cfe14e7074a46d8408f88dc93aab82bdb40b40a9409d81a72041d4c3529012c
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
1208
content-type
text/html
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security
max-age=15552000
sync.html
public.servenobid.com/ Frame 7367 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://public.servenobid.com/sync.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-7.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1c20d54555b098aef8269b6fa89b316fa731aac67e6926c1203c27edf8cf9dbd

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
22844
cache-control
max-age=86400
content-encoding
br
content-type
text/html
date
Thu, 16 Nov 2023 04:48:56 GMT
etag
W/"ea81456e0a6e1fca0e7a864b1d3121aa"
last-modified
Mon, 02 Oct 2023 23:54:30 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 2e4a0520ad8fe16707823b20e9441e08.cloudfront.net (CloudFront)
x-amz-cf-id
EqaEWMNQnEDFcKo8Q9OZk5pmANHosqlDRZ3B03DpCJT8kuD-M-3kVg==
x-amz-cf-pop
FRA56-C2
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:us-east-1:559734745816:build/adserver-public-prod:58584356-ee8f-4de0-abcc-b50f847fba2c
x-amz-meta-codebuild-content-md5
d3f9c0952d74faa30fada14e06b377b0
x-amz-meta-codebuild-content-sha256
8aa4841af9e8588faa6f0e126d94acab1f39eb0115dfa16eac2daccf149690d0
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
pd
adpushup-d.openx.net/w/1.0/ Frame D89E
Redirect Chain
  • https://adpushup-d.openx.net/w/1.0/pd
  • https://adpushup-d.openx.net/w/1.0/pd?cc=1
653 B
744 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adpushup-d.openx.net/w/1.0/pd?cc=1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
6a04994b6b871bef6278fe594026f7f5b75baadedff3526b6d00240486d991a2

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
410
content-type
text/html
date
Thu, 16 Nov 2023 11:09:39 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Thu, 16 Nov 2023 11:09:39 GMT
location
https://adpushup-d.openx.net/w/1.0/pd?cc=1
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
via
1.1 google
native.js
a.teads.tv/media/flavors/ Frame AE17 		98 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/media/flavors/native.js
Requested by
Host: a.teads.tv
URL: https://a.teads.tv/hb/ad/a47ef0db-25e0-4f94-81af-19922be34ec7_41c71f8a-9c4e-493a-8dfc-1ddc38e617eb
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.21.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-21-51.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
178016cb77a837b388ae8023f396047c8105054f9bde9462731318b47a5392d6

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 11:09:38 GMT
content-encoding
gzip
last-modified
Thu, 16 Nov 2023 10:10:13 GMT
x-amz-request-id
FH3XKQK4595D3PTY
etag
"96eebebab31b09f81c49dacb559ce02a"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
private, must-revalidate, max-age=1800, no-transform
x-bucket
7
accept-ranges
bytes
content-length
24641
x-amz-id-2
KHd7ZnTXUfrac/gQjCIdNiI3/vrxueoF7a6N3G6YEgHtiAuY6F3N2veo5xh9RnpTpNuA2vVa5HY=
expires
Thu, 16 Nov 2023 11:39:38 GMT
native.js
a.teads.tv/media/flavors/ Frame 3EBE 		98 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/media/flavors/native.js
Requested by
Host: a.teads.tv
URL: https://a.teads.tv/hb/ad/a47ef0db-25e0-4f94-81af-19922be34ec7_86b8abf0-5054-4ede-94d0-97be783571fe
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.21.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-21-51.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
178016cb77a837b388ae8023f396047c8105054f9bde9462731318b47a5392d6

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 11:09:38 GMT
content-encoding
gzip
last-modified
Thu, 16 Nov 2023 10:10:13 GMT
x-amz-request-id
FH3XKQK4595D3PTY
etag
"96eebebab31b09f81c49dacb559ce02a"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
private, must-revalidate, max-age=1800, no-transform
x-bucket
7
accept-ranges
bytes
content-length
24641
x-amz-id-2
KHd7ZnTXUfrac/gQjCIdNiI3/vrxueoF7a6N3G6YEgHtiAuY6F3N2veo5xh9RnpTpNuA2vVa5HY=
expires
Thu, 16 Nov 2023 11:39:38 GMT
480_650.mp4
cdn.vidverto.io/secured2/c8x7ovkNzHlnQ1u2rFs72g:1700136572/1327/video/1811/ 		720 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.vidverto.io/secured2/c8x7ovkNzHlnQ1u2rFs72g:1700136572/1327/video/1811/480_650.mp4
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/huang-zi-jiao-xia-biao-zao-qu-xiao-ding-dan-bei-mai-jia-yao-qiu-zhong-ding-yi-kan-jie-qian-zhang-5bei-zhen-de-you-dian-guo-huo.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
175.110.113.214 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
175-110-113-214.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash

Request headers

Referer
https://www.bg3.co/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

Date
Thu, 16 Nov 2023 11:09:39 GMT
Last-Modified
Thu, 02 Sep 2021 16:34:58 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"6130fd32-101dff4"
Content-Type
video/mp4
Access-Control-Allow-Origin
*
Content-Range
bytes 0-16900083/16900084
Connection
keep-alive
Content-Length
16900084
ox7brPCjZwTpltdpq3%2BZAqt%2BvRZiY%2FtapBx9mzdVTy8UE4WIk%2BAZ%2BM6%2FQHauPlwSdIyGwlUOOYIsOUc3xPkjQUI37%2B8DpVM%2F%2FzrUEGo28DoTr2Ry%2FkmPNB1H0LcFPkKI%2BABVwLFnPvAJ8V4mcCeCZ3YT0cENr0xbYD6K3e%2FfqO%2F...
ad.vidverto.io/delivery/video/pod/ Frame 4FA7 		53 KB
22 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/delivery/video/pod/ox7brPCjZwTpltdpq3%2BZAqt%2BvRZiY%2FtapBx9mzdVTy8UE4WIk%2BAZ%2BM6%2FQHauPlwSdIyGwlUOOYIsOUc3xPkjQUI37%2B8DpVM%2F%2FzrUEGo28DoTr2Ry%2FkmPNB1H0LcFPkKI%2BABVwLFnPvAJ8V4mcCeCZ3YT0cENr0xbYD6K3e%2FfqO%2FVfGn2BfSMrw7RFfSwJzmeJzryWjgkycEZMtDHnS%2FicFsK1%2FBCFksJTyzZUaQLjkt4FgxxnniK9iePXTR%2Bt%2BPqfLISE3sn%2Bm%2FVVUQ%2BiJxiPDI9FnQfcJUsigiRRd3FBlwUMflUsDU7m54zdrA9Xe%2FvbH1mwBzNNNv3WqzA7CKSB3pPIp7KoRufZ8812DJDh30zDSeghLItEh97FJk3CdVvmBLTLWC2%2BxUZ%2BgIV0IqqV0y%2BDn8HoJ%2BQD9ECOtQ3nESp%2BiFq2ziP%2BJ4SLBpX1UJicn%2Fc%2Bv7O7sQPyi9Vy3G3jIUv%2BrfnS7Docp7aBnBGvCoi0zHGEZo%2Bvql2sjCPx8hLgZijJ5Qgwi3%2FOYAmjXWH3mP7dJ%2FRdFGxNOz2Jf6UjBrLi1pj1qxa6%2FK4PAA78v%2BB%2FqLKoijwK2We8xiXyE3MqXLNQiHgRqr7RAWn5RYrPeUj96WPkDLSgY7uiirAmjW8TgVAXJisZc1YCBOtxvTfW9SnMjzS3FfSZSfvNSKjWphVmx0mAdsszcHCo4JsPplAsC0V8wYYQSypB15uPYW48iCXjEHjOIO%2BCKj0u0YHbduHMmAAyQKhk4PqnabHL1xRmcUaaK24gqU1DhYf7WP2z20irn4xqa8c%2B4Biig7UeCMOqPyDSO56VafG4PA7i%2BMwmfbZH4EJNyMNRQlN3GW1fA%3D%3D?bids=%7B%7D
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.132.133.134 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-132-133-134.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
9a864fae4acda991c0772fc5bc87bcf10f61bd3903a45283ea0a51287b5813fd

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://imasdk.googleapis.com
date
Thu, 16 Nov 2023 11:09:38 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/xml;charset=UTF-8
480_650.mp4
cdn.vidverto.io/secured2/c8x7ovkNzHlnQ1u2rFs72g:1700136572/1327/video/1811/ 		152 KB
152 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.vidverto.io/secured2/c8x7ovkNzHlnQ1u2rFs72g:1700136572/1327/video/1811/480_650.mp4
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/huang-zi-jiao-xia-biao-zao-qu-xiao-ding-dan-bei-mai-jia-yao-qiu-zhong-ding-yi-kan-jie-qian-zhang-5bei-zhen-de-you-dian-guo-huo.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
175.110.113.214 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
175-110-113-214.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
834547203256db310a21bd6c541e05b13c741da4f7aec1c65e6d9d43f5eefef6

Request headers

Referer
https://www.bg3.co/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=16744448-

Response headers

Date
Thu, 16 Nov 2023 11:09:39 GMT
Last-Modified
Thu, 02 Sep 2021 16:34:58 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"6130fd32-101dff4"
Content-Type
video/mp4
Access-Control-Allow-Origin
*
Content-Range
bytes 16744448-16900083/16900084
Connection
keep-alive
Content-Length
155636
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3623 		0
67 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=7797412441361&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Nov 2023 11:09:38 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3623 		0
67 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=7797412441361&version=m202309260101&ct=77&x=1&cor=5713786660072100000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Nov 2023 11:09:38 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 3623 		20 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Amxi7vKwIkzyVSKCdt1zp8Yf0edK8nzS6DwP1MrmnVoxb6NeGTnOzBYudk5ia9cmrUTHTpna95XZsKNjn21uSAQ7b0R-DEWftCVHrSl0O4GSLbVyA4yWuVsDAxTUF442Z8L8vyWbjNzgK32UrjMVKr9Dw1uWP7vLTL-eQFzYyt9GSXKFY&cry=1&dbm_d=AKAmf-AwImAqUL3w-u-xuLF2HMWxzeDzI4jcYyiYrCyjZo8-tOYIzWy5CEu-rV7bOGkOycJ8VdnBE3YRmzTmB2_xT5-SxE7cJyyBwxfiowKDcYhyUOA_DLc8o6EPA3ECxxq-WPXEQ3TWVWLxhDT3A5wN8Q39IthLso-qMb67oN1JL8AcPhgMAcIuyPvUL06DkEv40s7hyIfTKc-6P-DReb5MkuIEE6Etx2BbKbSZCWGQOuwTo4SlghhUwopPn0DlQDvPN6HPmlaAiI9AngHAcNmLj_bJXDvsdDUxse0C5Asj6SZzEM-IhVR3GB98Xsf9y9UggV2gBm2MMGwTAHDO11O5VgirNj0ED1hRmWtYEllralP9SULoif43dFhZZA106Fo4qNzuoTxq8eiL-AX7o6wcqxoHGSfjHDjScYAz5jRLt5UD-ZXKuQOs_3CdJwnyOVbpfgxyAHJ-I57PbMkdfGXB0yE5JtMgKpGQmnhnXwJnNXRqsiqg2-byWlPm-LxlkthRvSg8sb06HjiTQMElu0ycqtxd7RSf7jy1h9z9Hll26dgjjDKEB7H7bkS5RiEyo-IH2XahQDrvpticcj_pkxW7PiJVA9twGlt7c4UNGF3WN6MKK1TFHe_UXDBMG-_OQg_zS8dCvAVLdWeSd9WEfg4WIp8CTmUvOBDFshxvWXgtRymCEVrNVgx44bLsVszj-QQxEd1naJ41HbkYd6vFjRsldqm4AO9vDqlQIGZ-jZDMeJS6nury7QiysC3L6r8DfCEbWaZsxe6MkFMZwzrd9MndvjsKBJe2prxKukfVDAwoWDb50mdyEBdzJaeaQEv7KfnRuJFEk7VPnR5VplFM7ieQ9jpj5g3qN9S9TipMnrxJZD5QvemOwsTtYAd4svW-GmDPUD9-UpK-PjtlJDD3lqjqEBCblE0MQjfD9dzvz8dUCeQCBGC9G33zleFVzkSw3MBKaGwUekg-sTAzI_KrieLXFGzvolPKCKzInFn-0zUD6LvWrK5uzWyFtn2rPEE-KBvWKlR6sFsvc4fLz2VeF4Nr53CggfJHArQdp5c1UD2B7-rt7brUu-M_5eNkhp2NzhzQhwZFkdWrPUPP-Z5NBC6kgcELaj-b6t0L9b5BVb4jlQ7udqJv9p5rfIMHjFmDNtmNjcEPWJCgzbheCXxn68j3J1HCyW6SjASFP7YhAUvVqka3HWIgTFyyUqT5_-ScM6SbwYWUsFeG7PS1JTvyWxJufRm3o8H4vyEqVHcZGWzXa9AmQb-wMq2OymMxHHS3bqFI1MFGhRrJJiZAIaVsMvQpWzizhPeMvOiOSq_faOJ_057hNmK0lLOTiM5FBk_PiV1byoW8ivzmloP2Qzcfw8EHw9O1twVFAHzAgBk3k6LAbSwulVGpA4wBUvEgy4J1Ookmb8bf6YnmeTQWbz8Chnn67wk0YW0XeV19HaAlw0h9Fw9GOXjedotn_TZi2hvbJkVjtdw-mWEpWQgx28PCpMC_IbnhjULJdGt1EYgN_EX44ZQPfDb7lOQHLwjGf8OZln6eX1hH3_V-DUqARSI6D9dhN91SQQPg9uORa2bW6u-XzicUri6h9I2I-K89L3ovogtvQMKhJuyfBoB_1Yi2SpdXQW0rf6ZOaZAQC8WxaholhdXT9qRWiRhIXORlBvmREwd1GIX_-JyS1d3_hHRFbK9lY1VvhKLr2Uu6krJgy6I6kjdLcSO9PvnqqZdGTezd2lPVEOacUQTiOW2ospn_Msy81_dE97BQhlaSS_u9z11fWB1og3dZX1P0UOQGJHi6wU_nLQ7beK1ttz37Gc8vzIZlDM4WkOhsZ7WKhS5tzgR4y8S4_E8hvTGhSeOI5NGlL_XvI7xUZvqMGCWHUjcgmd_0G0DY1hOxYzKFkJQw15LDU_iXg9at1OqAMM5ZCJdQEcTf1Vy8iBIjbpZ5sdfLceE6LqvExD1izYqS8Zm6fqx_84hqaK1fM3bfjri9zSIwvVLw2Dn7FkxRCLziTZC6YuIkdtsreG8QFjjhxHTyKy8IA8RC-vyFEND7Tn9u57sNhmYrIpqJYTHFNMdB4yUL2fKYekR7aJ77Sdsuwn4i_Ecp324I4cf7Q0g6VYe6PnpxQqKsPxtIc5WmvrKpu7aefYrkcyFTRpxrJ7OaR5yBNjMlHiz9wQO3P9HdSDjE0Ur2_IdhlEtEH9jDQ9cQendZoZkzFtJ_YT6xGmop-2X3GuWab3nbVP8WmietkYy7UlnPzVwl2RDNp8aCJBz_FJ-hAGAkRHY3rNhsBe9BX9k7ep0pGQNeI55ktICYFkua1l1cLqCRXMlxTrBcvQ22t_BCOz9K73UvHROsPFz5111Mop9q_llwn9md671VwOtwTrpPQyNk7QCcjtiLxrpIxF53tZ6GORj9AwQdqxiCHfNgCIPdC2rmTOIAhVndG2HmXRcmlgXvKFM9bAsqp5K_l-Do4VSo9RxUu--3bAb3NRUMEcktHYBPShgs4E3CK3YtnszqpgCaqqhLUVmxkIRrBEKukfJDXpRIH1zpEcp0o9txY1P68QGYWl44qNDKSq-Ad1v6B6TBVtu4IM5qZx6LSt-m977fwPBOpiGLTGVpiFd2tNLtUYhZ5d0oPDgqdKKZyGguYU-4-yjgBmjP0kO-d8B_w8hl1B8D3sreUcrX20Lg9zEmf2P50BItuhYHd7dy8Rmx5oJdNm1APgn-zZhlG2aRFfWhzVsHowOcAyIVxB5Uv02YIDPaCmibUueDIQLUpNlmI0HmvsLubrQs8eDaVzO-H_hsbdaf-g_WqHc-fv0dXrvWeioOzoxWGpqsFk-Fd-HVS_Gem_q65aZOmzj_pO3IGP4hRtapZFzov2wFJRoUocWYDj2Psv2WGuvFNwkoP2UrNP-4y9_I_Mk-6HOvNfokR06OktTPkZ4f82XUjb1hJaGpMVuDr_tCfYRslgl5c9IVY11bGsGbN6w2wzpD2CUo3T-5Uq13kp-NkMrtlqYqEWFwNFiWhHnJ4sRhMRjZPV5h5sYYE0p9swH6PDfvIkpyrc0uNw4qk0b3ZfaNEMUeqVpys-yGnC9I4aO0EIu1Q4glZ9SUhrn4Ub_Br95j4zsfX0qS-KxR77Q_IQZ2iQaglbBt0i52oCay3FswwBpZesfBWCQC9fJRs52ux-veWuSABWujVpLBqrghvnCoeyomc5iDUBxsNyfqcT4RN5tVbxIF7zAZVMAjEJCjmdOl9Wa5Rn_9JrloxusOQykw1ofzJfv9bdrvoRs2l1ubzedeYclnskc2ecgj4-9K2k2E-jq2RuRbl1yt6NYq2hoxmOs6HeHp68qcSa5GTkV-SDgMQfC_EoAYamAJtSU3dlaG4wo17ymWB2-ABNGgHQJ8Tf__SQZ_XhUJxuJZU8euBzAYQJISeD5MrKKIgiAY19GLrt_VCezBnkBteUcyg0XXd1NygK3tMRV7KHJt02ZLR0LIMim0qxpHaDq8sdQTmzyya00Y5du76JTkk6XNjbiS6TrFKNEG3tHZs-wCzp2dhiUHh1sDVNDMCGbGc2iSYcSbUwZfLZKLOEXt62wQ1aMnTPOt81dwrxlUnw30KFf4-1uF1wMC4DQLoSIGFpfwzWHcPw1gkqweAl92tkqtY892OsRP1h-sD1NhqxmIdMJD4amWgMtlESqU-jX2yBeIWQyjPCeNhA0kqP5S10IojJTm6S0UjGWlY_MtIYh-W-v7maTArm2VT8z9plIIQB-yMShEsDtTZ-GP8ylosWjaKJizXCF2dZrQ5Z9tM-4QY-Fqq-fbqXeH6ezcM87sOLOiywEehF76o7DyZyuqXuD2MmXd5yuax2KZ7JDRQqpzHByoLUjMup9FNZLGF8I3tEA2SzTZHglap7o9l_9BKEbY0wQcmUn_IydX-_dKy9XRJeFmpLwbeFazJ5R8uwIkbqIe62F9T4OQvOeBlX9N4dSnMQotZTugXajl76ItSOVVPphu8MrmMLYEunTCOb-g8Q1FdT3rFzonnr--ZDK60wguAA&cid=CAQSPADICaaNen2ulRd4LXLlSvD7FssKAhQxgICobLolEYhcW4D1lkvUNkW2E-sN0xkhdWexZ3rqieBpiUX17hgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.bg3.co&ds=l&xdt=1&iif=1&cor=5713786660072100000&adk=676413724&idt=180&cac=0&dtd=147
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s46-in-f2.1e100.net
Software
cafe /
Resource Hash
92fbdc7996a6d9d64e1b84878ae3f5aa22fd38de3614c6d9c42f3a7047b464cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301107&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1700132976&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhuang-zi-jiao-xia-biao-zao-qu-xiao-ding-dan-bei-mai-jia-yao-qiu-zhong-ding-yi-kan-jie-qian-zhang-5bei-zhen-de-you-dian-guo-huo.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700132973992&bpp=941&bdt=1668&idt=2920&shv=r20231109&mjsv=m202311090101&ptt=5&saldr=sd&cookie=ID%3Db41398bdaa9909b2%3AT%3D1700132970%3ART%3D1700132970%3AS%3DALNI_MY9TDWl_IAj-r6iD6RW7pCAt1wm8w&gpic=UID%3D00000cc9e0085334%3AT%3D1700132970%3ART%3D1700132970%3AS%3DALNI_MaGHGq4gTOIhiQ9EJVN50HJyw1Ixg&correlator=1789034463196&frm=23&ife=1&pv=2&ga_vid=1685989450.1700132971&ga_sid=1700132977&ga_hid=279756116&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1544&biw=1600&bih=1200&isw=336&ish=280&ifk=904434799&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31078301%2C44807763%2C44808148%2C44808285%2C44809055%2C31079698&oid=2&pvsid=2215057882865319&tmod=1229521688&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.139s2rqhl1tc&btvi=1&fsb=1&dtd=2965
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Nov 2023 11:09:39 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13999
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame AE17 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dfb08c1bf8540e8c6421be9f272690207e8e2642d8e1e3ff9a6e47b09cbecbda

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 3489 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f1.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
77
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 16 Nov 2023 11:08:22 GMT
expires
Fri, 15 Nov 2024 11:08:22 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame C29A 		829 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f4.1e100.net
Software
GSE /
Resource Hash
3e4a1da0bd53c2d9cd2079dc0f47c9b591591a83d10e8cf5d5fe24c9c6cd95dd
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-fJcCqndvTxTtO_sk7b5mtg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-fJcCqndvTxTtO_sk7b5mtg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 16 Nov 2023 11:09:39 GMT
expires
Thu, 16 Nov 2023 11:09:39 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
usync.js
eus.rubiconproject.com/ Frame E24B 		46 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-22-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
8d21e83361177be307d7954587f4b3cc9627ba5f7028dc4bf930d81daa356174

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 16 Nov 2023 11:09:39 GMT
Content-Encoding
gzip
Last-Modified
Wed, 15 Nov 2023 15:20:13 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=15054
Connection
keep-alive
Content-Length
13230
Expires
Thu, 16 Nov 2023 15:20:33 GMT
csi
csi.gstatic.com/ Frame 4FA7 		0
234 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~lp13a1cw&c=1789034463196&slotId=894517231598&eee=missing-element&bi=missing-id&vast_v=3.0&lima_p_ich=0&lima_p_icu=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.26.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bom05s09-in-f3.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Nov 2023 11:09:40 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bootstrap.js
s1.adform.net/stoat/630/s1.adform.net/ Frame 9326 		37 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/630/s1.adform.net/bootstrap.js
Requested by
Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=66923274;rtbwp=BCEE3F9130A56961;rtbdata=hAxtzyjYKd_C6hKhR1NLv-E0nr5e6MRHl6NisnqPJ5KebmIOlerPH7ZHmuUYXv7bf-pnVStFmnN0Zxk_viZ5aLOPs15HlbU0fir2436mV1bPZuuJDArjiM9NmQqbe6gZyqLfjJG1F8LbhvCEIMVFhZlkfych4hZI9VbzYw3tmzrSyapRn6d62CK-FrR29mhIoxzemDu0Q3fJ4n9O5t0IdCl9OhsYcUR17FO1hAlZdsvA41ylanR56WScaBh6rtCDv5FTk8G4x54sbOKfgecpXeEYjG_N21jOnGUIBPPUN2mPOFniYvy3OroeDehiJxP16R7UzS-NJGniH-f8xpRkzahY_zJp1rn7GO2DzdV9Q5NU-rh9SZR-zGjaWJPaE6InEiIfYSqsStTAvO8molaN6d96MaC3lux9nkibjpk2krfkhszg31y2U9XGBrJrSoRDf5Q_yH46D8DXVeRygR7ZPeyk21BazGM4iqYzEXZ90qPDeIjrSAcYFw2;;OOBClickTrack=https://beacon-nf.rubiconproject.com/beacon/v3/t/ams3/0/6cfb3b4a-7c6a-4764-84a7-00f6fdf9e5d8/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.234 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
577bbeb02edadd6a6119ee367adac8fd8b43b40a3763939f1d01e3cb9dd9a9a8

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 11:09:39 GMT
content-encoding
gzip
last-modified
Thu, 12 Oct 2023 13:27:00 GMT
server
nginx
x-cache-status
STALE
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Tue, 17 Oct 2023 16:09:58 GMT
img
sync.mathtag.com/sync/ Frame 0213 		43 B
442 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D1%26gdpr_consent%3D
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1700132973214
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.132.241 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MT3 1075 283b7e3 master zrh zrh-pixel-x4 config_version:"1369" /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 16 Nov 2023 11:09:39 GMT
Server
MT3 1075 283b7e3 master zrh zrh-pixel-x4 config_version:"1369"
Content-Type
image/gif
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
43
Expires
Thu, 16 Nov 2023 11:09:38 GMT
tap.php
pixel.rubiconproject.com/ Frame 0213 		42 B
678 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=mnDCyDbfnTRAUffBjESs9sowWjAW5HlICxSTsgEr1q8
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1700132973214
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
4b510f0cc5fcbc9800016ef543086418
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 0213
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABi9fSgwy4U0Ufgdd7md16YCmOGyb4qQYrFQ
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABi9fSgwy4U0Ufgdd7md16YCmOGyb4qQYrFQ
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1700132973214
Protocol
H3
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Nov 2023 11:09:39 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABi9fSgwy4U0Ufgdd7md16YCmOGyb4qQYrFQ
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
sync
ssbsync-global.smartadserver.com/api/ Frame 0213 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=1&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid]
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1700132973214
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.93 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 11:09:38 GMT
content-length
0
711916.gif
id.rlcdn.com/ Frame 0213 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/711916.gif?ct=4&cv=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1700132973214
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
ecm3
s.amazon-adsystem.com/ Frame 0213
Redirect Chain
  • https://onetag-sys.com/match/?int_id=113&gdpr=1&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=AMav111NabHvOyK5A3wtEK7Azazdyj1DoLAFcN-6NC8
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=AMav111NabHvOyK5A3wtEK7Azazdyj1DoLAFcN-6NC8
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1700132973214
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 16 Nov 2023 11:09:39 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
R2C9EYWPGGKM66D5C4GJ
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=AMav111NabHvOyK5A3wtEK7Azazdyj1DoLAFcN-6NC8
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
occ
ups.analytics.yahoo.com/ups/58488/ Frame 0213 		0
38 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1700132973214
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-75-62-37.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.87 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 11:09:39 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
generic
match.adsrvr.org/track/cmf/ Frame 0213 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1700132973214
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 11:09:39 GMT
server
Kestrel
content-length
70
content-type
image/gif
sodar
pagead2.googlesyndication.com/getconfig/ Frame 29EA 		8 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
f1dac38e5b87f11a63623e57b99f09fde3d7c082a374c5f7a3cf92d9ec84e029
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 11:09:39 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5848
x-xss-protection
0
decode_consent.js
static.smilewanted.com/js/decode_consent/ Frame 2E51 		48 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.smilewanted.com/js/decode_consent/decode_consent.js
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://csync.smilewanted.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 11:09:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
age
1322757
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Thu, 15 Apr 2021 17:11:55 GMT
server
cloudflare
etag
W/"607873db-c1ce"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
cf-ray
826f4872bde70e1a-MXP
expires
Thu, 31 Dec 2037 23:55:55 GMT
/
adx3.adform.net/adx/ Frame 4FA7 		65 B
748 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx3.adform.net/adx/?mid=1743473&t=2
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.84.60.20 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
cecd140859fded0e3056368fb89485ec9b8a63ea24c6a8dfb3d18f6a5f407772
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 11:09:40 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma
no-cache
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary
Accept-Encoding
access-control-allow-methods
GET,OPTIONS
content-type
text/xml
access-control-allow-origin
https://imasdk.googleapis.com
access-control-max-age
86400
access-control-allow-credentials
true
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
ads
pubads.g.doubleclick.net/gampad/ Frame 4FA7 		156 B
201 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F52555387%2C22574853003%2Fbg3.co_video_preroll&description_url=https%3A%2F%2Fbg3.co&tfcd=0&npa=0&sz=400x300%7C640x480&max_ad_duration=30000&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=254215743174824&sdkv=h.3.605.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&u_so=l&ctv=0&mpt=vidvertoplayer&mpv=1.0.0&sdki=445&ptt=20&adk=2251205480&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.605.0&media_url=https%3A%2F%2Fcdn.vidverto.io%2Fsecured2%2Fc8x7ovkNzHlnQ1u2rFs72g%3A1700136572%2F1327%2Fvideo%2F1811%2F480_650.mp4&sid=782CD5D8-F6C7-4D86-ABFF-ED4F4E66E6B1&nel=0&eid=44715336%2C44772139%2C44777649%2C44781409%2C44801480%2C44802074%2C44802463%2C44804291%2C44804615%2C44804617&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhuang-zi-jiao-xia-biao-zao-qu-xiao-ding-dan-bei-mai-jia-yao-qiu-zhong-ding-yi-kan-jie-qian-zhang-5bei-zhen-de-you-dian-guo-huo.html&dt=1700132979624&cookie=ID%3Db41398bdaa9909b2%3AT%3D1700132970%3ART%3D1700132970%3AS%3DALNI_MY9TDWl_IAj-r6iD6RW7pCAt1wm8w&gpic=UID%3D00000cc9e0085334%3AT%3D1700132970%3ART%3D1700132970%3AS%3DALNI_MaGHGq4gTOIhiQ9EJVN50HJyw1Ixg&scor=2423833650937467&ged=ve4_td9_tt1_pd9_la9000_er741.400.742.800_vi0.0.1200.1600_vp100_ts0_eb24171
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 11:09:39 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/live/ Frame 4FA7 		156 B
269 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/live/ads?iu=%2F21986089839%2C22574853003%2Fivm_video%2Fivm_bg3.co_video&description_url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhuang-zi-jiao-xia-biao-zao-qu-xiao-ding-dan-bei-mai-jia-yao-qiu-zhong-ding-yi-kan-jie-qian-zhang-5bei-zhen-de-you-dian-guo-huo.html&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhuang-zi-jiao-xia-biao-zao-qu-xiao-ding-dan-bei-mai-jia-yao-qiu-zhong-ding-yi-kan-jie-qian-zhang-5bei-zhen-de-you-dian-guo-huo.html&tfcd=0&npa=0&sz=1x1%7C300x250%7C320x480%7C400x300%7C480x320%7C480x360%7C600x338%7C640x480%7C720x405&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=254215743174824&cust_params=mt_fln%3D1.5&sdkv=h.3.605.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&u_so=l&ctv=0&mpt=vidvertoplayer&mpv=1.0.0&sdki=445&ptt=20&adk=2251205480&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.605.0&media_url=https%3A%2F%2Fcdn.vidverto.io%2Fsecured2%2Fc8x7ovkNzHlnQ1u2rFs72g%3A1700136572%2F1327%2Fvideo%2F1811%2F480_650.mp4&sid=782CD5D8-F6C7-4D86-ABFF-ED4F4E66E6B1&nel=0&eid=44715336%2C44772139%2C44777649%2C44781409%2C44801480%2C44802074%2C44802463%2C44804291%2C44804615%2C44804617&top=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhuang-zi-jiao-xia-biao-zao-qu-xiao-ding-dan-bei-mai-jia-yao-qiu-zhong-ding-yi-kan-jie-qian-zhang-5bei-zhen-de-you-dian-guo-huo.html&loc=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhuang-zi-jiao-xia-biao-zao-qu-xiao-ding-dan-bei-mai-jia-yao-qiu-zhong-ding-yi-kan-jie-qian-zhang-5bei-zhen-de-you-dian-guo-huo.html&dt=1700132979632&cookie=ID%3Db41398bdaa9909b2%3AT%3D1700132970%3ART%3D1700132970%3AS%3DALNI_MY9TDWl_IAj-r6iD6RW7pCAt1wm8w&gpic=UID%3D00000cc9e0085334%3AT%3D1700132970%3ART%3D1700132970%3AS%3DALNI_MaGHGq4gTOIhiQ9EJVN50HJyw1Ixg&scor=2423833650937467&ged=ve4_td9_tt1_pd9_la9000_er741.400.742.800_vi0.0.1200.1600_vp100_ts0_eb24171
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
ltt /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 11:09:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
153
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
ltt
google-mediationtag-id
-2
google-creative-id
-2
x-frame-options
SAMEORIGIN
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/live/ Frame 4FA7 		156 B
240 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/live/ads?iu=%2F21679382043%2C22574853003%2Fmt_video_NPR%2Fmt_bg3.co_video&description_url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhuang-zi-jiao-xia-biao-zao-qu-xiao-ding-dan-bei-mai-jia-yao-qiu-zhong-ding-yi-kan-jie-qian-zhang-5bei-zhen-de-you-dian-guo-huo.html&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhuang-zi-jiao-xia-biao-zao-qu-xiao-ding-dan-bei-mai-jia-yao-qiu-zhong-ding-yi-kan-jie-qian-zhang-5bei-zhen-de-you-dian-guo-huo.html&tfcd=0&npa=0&sz=1x1%7C300x250%7C320x480%7C400x300%7C480x320%7C480x360%7C600x338%7C640x480%7C720x405&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=254215743174824&cust_params=mt_fln%3D1.3&sdkv=h.3.605.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&u_so=l&ctv=0&mpt=vidvertoplayer&mpv=1.0.0&sdki=445&ptt=20&adk=2251205480&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.605.0&media_url=https%3A%2F%2Fcdn.vidverto.io%2Fsecured2%2Fc8x7ovkNzHlnQ1u2rFs72g%3A1700136572%2F1327%2Fvideo%2F1811%2F480_650.mp4&sid=782CD5D8-F6C7-4D86-ABFF-ED4F4E66E6B1&nel=0&eid=44715336%2C44772139%2C44777649%2C44781409%2C44801480%2C44802074%2C44802463%2C44804291%2C44804615%2C44804617&top=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhuang-zi-jiao-xia-biao-zao-qu-xiao-ding-dan-bei-mai-jia-yao-qiu-zhong-ding-yi-kan-jie-qian-zhang-5bei-zhen-de-you-dian-guo-huo.html&loc=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhuang-zi-jiao-xia-biao-zao-qu-xiao-ding-dan-bei-mai-jia-yao-qiu-zhong-ding-yi-kan-jie-qian-zhang-5bei-zhen-de-you-dian-guo-huo.html&dt=1700132979636&cookie=ID%3Db41398bdaa9909b2%3AT%3D1700132970%3ART%3D1700132970%3AS%3DALNI_MY9TDWl_IAj-r6iD6RW7pCAt1wm8w&gpic=UID%3D00000cc9e0085334%3AT%3D1700132970%3ART%3D1700132970%3AS%3DALNI_MaGHGq4gTOIhiQ9EJVN50HJyw1Ixg&scor=2423833650937467&ged=ve4_td9_tt1_pd9_la9000_er741.400.742.800_vi0.0.1200.1600_vp100_ts0_eb24171
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
ltt /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 11:09:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
153
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
ltt
google-mediationtag-id
-2
google-creative-id
-2
x-frame-options
SAMEORIGIN
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame 4FA7 		156 B
201 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21830442390%2C22574853003%2Fbg3.co%2Fvast_1.0&description_url=http%3A%2F%2Fbg3.co&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=254215743174824&sdkv=h.3.605.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&u_so=l&ctv=0&mpt=vidvertoplayer&mpv=1.0.0&sdki=445&ptt=20&adk=2251205480&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.605.0&media_url=https%3A%2F%2Fcdn.vidverto.io%2Fsecured2%2Fc8x7ovkNzHlnQ1u2rFs72g%3A1700136572%2F1327%2Fvideo%2F1811%2F480_650.mp4&sid=782CD5D8-F6C7-4D86-ABFF-ED4F4E66E6B1&nel=0&eid=44715336%2C44772139%2C44777649%2C44781409%2C44801480%2C44802074%2C44802463%2C44804291%2C44804615%2C44804617&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhuang-zi-jiao-xia-biao-zao-qu-xiao-ding-dan-bei-mai-jia-yao-qiu-zhong-ding-yi-kan-jie-qian-zhang-5bei-zhen-de-you-dian-guo-huo.html&dt=1700132979655&cookie=ID%3Db41398bdaa9909b2%3AT%3D1700132970%3ART%3D1700132970%3AS%3DALNI_MY9TDWl_IAj-r6iD6RW7pCAt1wm8w&gpic=UID%3D00000cc9e0085334%3AT%3D1700132970%3ART%3D1700132970%3AS%3DALNI_MaGHGq4gTOIhiQ9EJVN50HJyw1Ixg&scor=2423833650937467&ged=ve4_td9_tt1_pd9_la9000_er741.400.742.800_vi0.0.1200.1600_vp100_ts0_eb24171
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 11:09:40 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame 4FA7 		156 B
245 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21830442390%2C22574853003%2Fbg3.co%2Fvast_0.7&description_url=https%3A%2F%2Fbg3.co&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=254215743174824&sdkv=h.3.605.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&u_so=l&ctv=0&mpt=vidvertoplayer&mpv=1.0.0&sdki=445&ptt=20&adk=2251205480&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.605.0&media_url=https%3A%2F%2Fcdn.vidverto.io%2Fsecured2%2Fc8x7ovkNzHlnQ1u2rFs72g%3A1700136572%2F1327%2Fvideo%2F1811%2F480_650.mp4&sid=782CD5D8-F6C7-4D86-ABFF-ED4F4E66E6B1&nel=0&eid=44715336%2C44772139%2C44777649%2C44781409%2C44801480%2C44802074%2C44802463%2C44804291%2C44804615%2C44804617&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhuang-zi-jiao-xia-biao-zao-qu-xiao-ding-dan-bei-mai-jia-yao-qiu-zhong-ding-yi-kan-jie-qian-zhang-5bei-zhen-de-you-dian-guo-huo.html&dt=1700132979658&cookie=ID%3Db41398bdaa9909b2%3AT%3D1700132970%3ART%3D1700132970%3AS%3DALNI_MY9TDWl_IAj-r6iD6RW7pCAt1wm8w&gpic=UID%3D00000cc9e0085334%3AT%3D1700132970%3ART%3D1700132970%3AS%3DALNI_MaGHGq4gTOIhiQ9EJVN50HJyw1Ixg&scor=2423833650937467&ged=ve4_td9_tt1_pd9_la9000_er741.400.742.800_vi0.0.1200.1600_vp100_ts0_eb24171
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 11:09:39 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/live/ Frame 4FA7 		156 B
240 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/live/ads?iu=%2F21679382043%2C22574853003%2Fmt_video_NPR%2Fmt_bg3.co_video&description_url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhuang-zi-jiao-xia-biao-zao-qu-xiao-ding-dan-bei-mai-jia-yao-qiu-zhong-ding-yi-kan-jie-qian-zhang-5bei-zhen-de-you-dian-guo-huo.html&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhuang-zi-jiao-xia-biao-zao-qu-xiao-ding-dan-bei-mai-jia-yao-qiu-zhong-ding-yi-kan-jie-qian-zhang-5bei-zhen-de-you-dian-guo-huo.html&tfcd=0&npa=0&sz=1x1%7C300x250%7C320x480%7C400x300%7C480x320%7C480x360%7C600x338%7C640x480%7C720x405&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=254215743174824&cust_params=mt_fln%3D0.8&sdkv=h.3.605.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&u_so=l&ctv=0&mpt=vidvertoplayer&mpv=1.0.0&sdki=445&ptt=20&adk=2251205480&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.605.0&media_url=https%3A%2F%2Fcdn.vidverto.io%2Fsecured2%2Fc8x7ovkNzHlnQ1u2rFs72g%3A1700136572%2F1327%2Fvideo%2F1811%2F480_650.mp4&sid=782CD5D8-F6C7-4D86-ABFF-ED4F4E66E6B1&nel=0&eid=44715336%2C44772139%2C44777649%2C44781409%2C44801480%2C44802074%2C44802463%2C44804291%2C44804615%2C44804617&top=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhuang-zi-jiao-xia-biao-zao-qu-xiao-ding-dan-bei-mai-jia-yao-qiu-zhong-ding-yi-kan-jie-qian-zhang-5bei-zhen-de-you-dian-guo-huo.html&loc=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhuang-zi-jiao-xia-biao-zao-qu-xiao-ding-dan-bei-mai-jia-yao-qiu-zhong-ding-yi-kan-jie-qian-zhang-5bei-zhen-de-you-dian-guo-huo.html&dt=1700132979678&cookie=ID%3Db41398bdaa9909b2%3AT%3D1700132970%3ART%3D1700132970%3AS%3DALNI_MY9TDWl_IAj-r6iD6RW7pCAt1wm8w&gpic=UID%3D00000cc9e0085334%3AT%3D1700132970%3ART%3D1700132970%3AS%3DALNI_MaGHGq4gTOIhiQ9EJVN50HJyw1Ixg&scor=2423833650937467&ged=ve4_td9_tt1_pd9_la9000_er741.400.742.800_vi0.0.1200.1600_vp100_ts0_eb24171
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
ltt /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 11:09:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
153
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
ltt
google-mediationtag-id
-2
google-creative-id
-2
x-frame-options
SAMEORIGIN
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/live/ Frame 4FA7 		34 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/live/ads?iu=%2F21679382043%2C22574853003%2Fmt_video_NPR%2Fmt_bg3.co_video&description_url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhuang-zi-jiao-xia-biao-zao-qu-xiao-ding-dan-bei-mai-jia-yao-qiu-zhong-ding-yi-kan-jie-qian-zhang-5bei-zhen-de-you-dian-guo-huo.html&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhuang-zi-jiao-xia-biao-zao-qu-xiao-ding-dan-bei-mai-jia-yao-qiu-zhong-ding-yi-kan-jie-qian-zhang-5bei-zhen-de-you-dian-guo-huo.html&tfcd=0&npa=0&sz=1x1%7C300x250%7C320x480%7C400x300%7C480x320%7C480x360%7C600x338%7C640x480%7C720x405&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=254215743174824&cust_params=target%3D0.5&sdkv=h.3.605.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&u_so=l&ctv=0&mpt=vidvertoplayer&mpv=1.0.0&sdki=445&ptt=20&adk=2251205480&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.605.0&media_url=https%3A%2F%2Fcdn.vidverto.io%2Fsecured2%2Fc8x7ovkNzHlnQ1u2rFs72g%3A1700136572%2F1327%2Fvideo%2F1811%2F480_650.mp4&sid=782CD5D8-F6C7-4D86-ABFF-ED4F4E66E6B1&nel=0&eid=44715336%2C44772139%2C44777649%2C44781409%2C44801480%2C44802074%2C44802463%2C44804291%2C44804615%2C44804617&top=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhuang-zi-jiao-xia-biao-zao-qu-xiao-ding-dan-bei-mai-jia-yao-qiu-zhong-ding-yi-kan-jie-qian-zhang-5bei-zhen-de-you-dian-guo-huo.html&loc=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhuang-zi-jiao-xia-biao-zao-qu-xiao-ding-dan-bei-mai-jia-yao-qiu-zhong-ding-yi-kan-jie-qian-zhang-5bei-zhen-de-you-dian-guo-huo.html&dt=1700132979713&cookie=ID%3Db41398bdaa9909b2%3AT%3D1700132970%3ART%3D1700132970%3AS%3DALNI_MY9TDWl_IAj-r6iD6RW7pCAt1wm8w&gpic=UID%3D00000cc9e0085334%3AT%3D1700132970%3ART%3D1700132970%3AS%3DALNI_MaGHGq4gTOIhiQ9EJVN50HJyw1Ixg&scor=2423833650937467&ged=ve4_td9_tt1_pd9_la9000_er741.400.742.800_vi0.0.1200.1600_vp100_ts0_eb24171
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
ltt /
Resource Hash
70d904c770393729e15856ee04c32e100fe50982a4de36d540a7fd7096afe6f9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 11:09:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5041
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
ltt
google-creative-id
-1
x-frame-options
SAMEORIGIN
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
track
t2.teads.tv/ Frame 3EBE 		23 B
134 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t2.teads.tv/track?action=hbSlotAvailable&pid=169092&pageId=154680&vid=e749febd-847a-46f3-ae87-f65a1c76e7b9&pfid=68&env=js-web&ut=1&cid=1159743&gid=1098415&auctid=a47ef0db-25e0-4f94-81af-19922be34ec7_86b8abf0-5054-4ede-94d0-97be783571fe&sid=174681&scid=7024&hb_provider=prebid&hb_ad_unit_code=ADP_42753_728X250_77a9c22f-ac02-45dd-96bc-b0896a8a7d5a&pscid=20204&psid=415253&cost=-7NEzr7s6yBX_pU_bGW88fSI&cost_curr=USD&analyticsOnly=false&brid=7119&ad_source_id=128&dsp_campaign_id=1098415&dsp_creative_id=1159743&fms=9&p=yxLs_7GR44pQ3HQUYIJa3mAUV_l8yL4cL3TPoP5zPbIXAQ&cts=1700132973105&cs=869993016909289065305&1700132973105=&slot=native&fv=1288&ts=1700132979992&plft=flv&hb_w=728&hb_h=90&referer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhuang-zi-jiao-xia-biao-zao-qu-xiao-ding-dan-bei-mai-jia-yao-qiu-zhong-ding-yi-kan-jie-qian-zhang-5bei-zhen-de-you-dian-guo-huo.html
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/huang-zi-jiao-xia-biao-zao-qu-xiao-ding-dan-bei-mai-jia-yao-qiu-zhong-ding-yi-kan-jie-qian-zhang-5bei-zhen-de-you-dian-guo-huo.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.161.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-161-51.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Sat, 26 Jul 1997 05:00:00 GMT
date
Thu, 16 Nov 2023 11:09:40 GMT
cache-control
max-age=0, no-cache, no-store
content-length
23
content-type
image/gif
track
t.teads.tv/ Frame 3EBE 		23 B
134 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.teads.tv/track?action=adReceived&env=js-web&auctid=a47ef0db-25e0-4f94-81af-19922be34ec7_86b8abf0-5054-4ede-94d0-97be783571fe&pageId=154680&pid=169092&hb_provider=prebid&vid=e749febd-847a-46f3-ae87-f65a1c76e7b9&pfid=68&f=1&slot=native&fv=1288&ts=1700132979992&plft=flv&hb_w=728&hb_h=90&referer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhuang-zi-jiao-xia-biao-zao-qu-xiao-ding-dan-bei-mai-jia-yao-qiu-zhong-ding-yi-kan-jie-qian-zhang-5bei-zhen-de-you-dian-guo-huo.html
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/huang-zi-jiao-xia-biao-zao-qu-xiao-ding-dan-bei-mai-jia-yao-qiu-zhong-ding-yi-kan-jie-qian-zhang-5bei-zhen-de-you-dian-guo-huo.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.161.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-161-51.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Sat, 26 Jul 1997 05:00:00 GMT
date
Thu, 16 Nov 2023 11:09:40 GMT
cache-control
max-age=0, no-cache, no-store
content-length
23
content-type
image/gif
nurl
a.teads.tv/be-ms/ Frame 3EBE 		9 KB
10 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/be-ms/nurl?payload=GISpCiC_5EYor4VDMkoJAAAAAAAIKz8hmpmZmZmZ6T8omq6t1AkyGyoZChUI2Z0KEgNVU0QaCmltcHJlc3Npb24YATjmtR9YBWDmtR9w_LsfeLLyKZgBADgBQgNDSEZIAVAAWAByBmpzLXdlYngAgAFEkgFqCAUQ9AUYp08g-KEQKgQ1NDI1MP___________wE6Bm1vYmlsZUITc3dpc3Njb20gc2Nod2VpeiBhZ0oIc3dpc3Njb21SDWV1cm9wZS96dXJpY2haDHNjaG5laXNpbmdlbmIHc2Nod2VpepoBCnd3dy5iZzMuY2-gAQKoAQO4Ac83wgEGcHJlYmlk4AEB-gE0EjAKFgiUn4Gvspu8v6QBEMedjd-issbXgQESFgjendGChf6q3IYBEP7j1cHn96XolAEYAIAC6NPJvr0xigIHV2luZG93c5ICBDEwLjCYAgCqAjZBRFBfNDI3NTNfNzI4WDI1MF83N2E5YzIyZi1hYzAyLTQ1ZGQtOTZiYy1iMDg5NmE4YTdkNWGyAhoKFgjzjemj2Nf_pOcBELnP2-Ohy_3DrgEgANgCAeACAPECDCJ3TpPi5z_4AgGAAwCiA5gBaHR0cHM6Ly93d3cuYmczLmNvL2EvaHVhbmctemktamlhby14aWEtYmlhby16YW8tcXUteGlhby1kaW5nLWRhbi1iZWktbWFpLWppYS15YW8tcWl1LXpob25nLWRpbmcteWkta2FuLWppZS1xaWFuLXpoYW5nLTViZWktemhlbi1kZS15b3UtZGlhbi1ndW8taHVvLmh0bWyoAwCyAwJjaLoDBkNocm9tZcADWcgDANADAOoDJwoHCAAQARj_ARIECAIQARoECAQQACIECAMQACoECAUQADIECAEQAPIDDjE3OC4xOTcuMjQ4LjIz-AMCgAQA&auction_currency=USD&pscid=20204&scid=7024&sid=174681&auction_price=GBWTDfj__KganGhfyFpzocmZa0cFvm3JamKZB58DIBSt7g&psid=415253&checksum=-1457791312
Requested by
Host: a.teads.tv
URL: https://a.teads.tv/media/flavors/native.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.21.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-21-51.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
bc1af57161c4472d8685665535dd20c2bf6456bd17264e782582da673abd666e

Request headers

Accept
application/json; charset=UTF-8
Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Nov 2023 11:09:40 GMT
access-control-max-age
1728000
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Accept-Encoding, Accept-Language, Host, Referer, User-Agent
content-length
9498
expires
Thu, 16 Nov 2023 11:09:40 GMT
async_usersync
ib.adnxs.com/ Frame DB2F 		0
596 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.12 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Nov 2023 11:09:40 GMT
an-x-request-uuid
f0b5d391-34db-4264-8b23-30c95a1a5f69
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
178.197.248.23; 178.197.248.23; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
13926
g2.gumgum.com/usync/ Frame E34F 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.203.132.178 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-132-178.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
4a99098366c1444ebbebb98877a97632f7fc529bb3869dcc6825bf07fd76cd0a

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Thu, 16 Nov 2023 11:09:40 GMT
etag
W/"0ea661e402e440095a8bc491bd190fed5"
server
nginx
timing-allow-origin
*
/
onetag-sys.com/usync/ Frame EEE2 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
70d5fbcd70005c02611c87715a5dddb1bdd69f8b89d817b2562b8dce42386877
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
1134
content-type
text/html
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security
max-age=15552000
sync
ssbsync.smartadserver.com/api/ Frame 06DD 		919 B
985 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.93 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
8b38a35e782e5a5b7e8551d198d849ce7998585901c25ee90802ffb3e7e9dbf4

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

content-length
919
content-type
text/html
date
Thu, 16 Nov 2023 11:09:40 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 60FB 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7c2817288f01a2a5b60287ffd311855262da7663f5e579a8cc2b108db189c089

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
826f4877f9730229-ZRH
content-encoding
br
content-type
text/html
date
Thu, 16 Nov 2023 11:09:40 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6BzXdfYtwP4ylxJ%2Bqer4iPXO9XTPgfKdCpPlBEK8koZbBUDYCD7qf3xJdKcqJpQ1BP%2BhpbTuMbv8eq9m%2BEPxpJDoGXjCD2gsZG9eYi2gsVW%2FbWCPRBuqxT9CAtNufd2RJTRr8AbjVPvVJQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 6187
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-22-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 16 Nov 2023 11:09:40 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Thu, 16 Nov 2023 11:09:40 GMT
location
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
server
AkamaiGHost
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 598D 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=166235
content-encoding
gzip
content-length
5622
content-type
text/html
date
Thu, 16 Nov 2023 11:09:40 GMT
expires
Sat, 18 Nov 2023 09:20:15 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
sync-iframe
cs-rtb.minutemedia-prebid.com/ Frame 26F3 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-58.fra56.r.cloudfront.net
Software
istio-envoy /
Resource Hash
a11c9ad208f3730d8e94ac082c08e4741650425e7273f450c45055f84a39e12b

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://public.servenobid.com/
content-encoding
gzip
content-type
text/html
date
Thu, 16 Nov 2023 11:09:41 GMT
server
istio-envoy
vary
Accept-Encoding
via
1.1 ab985bb6f3435d42701015dfa6015878.cloudfront.net (CloudFront)
x-amz-cf-id
43ypIURySRoXZ7YpF2SoDlboPegl2SBgZ06j19DP5lb9CDnbfm-ZUw==
x-amz-cf-pop
FRA56-P5
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
2
user-sync
sync.adkernel.com/ Frame C7DE 		0
0
sync-iframe
cs-server-s2s.yellowblue.io/ Frame 9E21 		728 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
44.198.128.71 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-198-128-71.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
072cf9c4e19bc722c3c45a42bbf606c47dca29a7b00c3e4f7f18b6e69ffb6c3e

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://public.servenobid.com/
content-length
728
content-type
text/html
date
Thu, 16 Nov 2023 11:09:41 GMT
server
istio-envoy
x-envoy-upstream-service-time
2
sync
ads.servenobid.com/ Frame 7367
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID
  • https://ads.servenobid.com/sync?pid=312&uid=500845215933131403
0
343 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=312&uid=500845215933131403
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.212.105.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-212-105-38.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 11:09:40 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

pragma
no-cache
date
Thu, 16 Nov 2023 11:09:40 GMT
an-x-request-uuid
6fde90ef-f606-4b92-8649-a8993e3ba641
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://ads.servenobid.com/sync?pid=312&uid=500845215933131403
x-proxy-origin
178.197.248.23; 178.197.248.23; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
ads.servenobid.com/ Frame 7367
Redirect Chain
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D
  • https://ads.servenobid.com/sync?pid=310&uid=Hql9uGZH1CvkZeCYQnORcCxJ
0
351 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=310&uid=Hql9uGZH1CvkZeCYQnORcCxJ
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.212.105.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-212-105-38.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 11:09:40 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Pragma
no-cache
Date
Thu, 16 Nov 2023 11:09:40 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Location
https://ads.servenobid.com/sync?pid=310&uid=Hql9uGZH1CvkZeCYQnORcCxJ
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap7ams1
Content-Length
0
Expires
Fri, 20 Mar 2009 00:00:00 GMT
pixel
ap.lijit.com/ Frame 7367 		0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Thu, 16 Nov 2023 11:09:40 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap6ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
/
rtb-csync.smartadserver.com/redir/ Frame 7367
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D
  • https://ad.turn.com/r/cs?pid=45&rndcb=6795921952
  • https://sync.1rx.io/usersync/turn/8640911169531480051?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-1e642822-578c-4c31-9f7e-c461572976c2-003?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fpartnerid%3D113%26partneruserid%3DRX-1e642822-5...
  • https://rtb-csync.smartadserver.com/redir/?partnerid=113&partneruserid=RX-1e642822-578c-4c31-9f7e-c461572976c2-003
43 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=113&partneruserid=RX-1e642822-578c-4c31-9f7e-c461572976c2-003
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
185.86.139.93 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 16 Nov 2023 11:09:41 GMT
cache-control
no-cache,no-store
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

location
https://rtb-csync.smartadserver.com/redir/?partnerid=113&partneruserid=RX-1e642822-578c-4c31-9f7e-c461572976c2-003
date
Thu, 16 Nov 2023 11:09:42 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX1e642822578c4c319f7ec461572976c2003
content-type
text/html
sync
ads.servenobid.com/ Frame 7367
Redirect Chain
  • https://p.rfihub.com/cm?pub=44007&in=1
  • https://ads.servenobid.com/sync?pid=324&uid=5144588527489820076
0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=324&uid=5144588527489820076
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.212.105.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-212-105-38.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 11:09:41 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Location
https://ads.servenobid.com/sync?pid=324&uid=5144588527489820076
Date
Thu, 16 Nov 2023 11:09:41 GMT
Server
Jetty(9.4.51.v20230217)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
sync
ads.servenobid.com/ Frame 7367
Redirect Chain
  • https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D332%26uid%3D
  • https://ads.servenobid.com/sync?pid=332&uid=6d7abaa9-6b75-434e-8d6f-8026df56dbea
0
357 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=332&uid=6d7abaa9-6b75-434e-8d6f-8026df56dbea
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.212.105.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-212-105-38.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 11:09:41 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

pragma
no-cache
date
Thu, 16 Nov 2023 11:09:40 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-18
content-type
text/plain; charset=utf8
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://ads.servenobid.com/sync?pid=332&uid=6d7abaa9-6b75-434e-8d6f-8026df56dbea
cache-control
no-cache, no-store, private
tcn
Choice
content-length
0
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
sync
ads.servenobid.com/ Frame 7367
Redirect Chain
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D
  • https://ads.servenobid.com/sync?pid=327&uid=&us_privacy=1YN-&gdpr=0
0
252 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=327&uid=&us_privacy=1YN-&gdpr=0
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.212.105.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-212-105-38.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 11:09:46 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=327&uid=&us_privacy=1YN-&gdpr=0
date
Thu, 16 Nov 2023 11:09:46 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
0
server
envoy
content-length
0
sync
ads.servenobid.com/ Frame 7367
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58559/occ
  • https://ads.servenobid.com/sync?pid=337&uid=y-cgQFRH5E2uFD5FZ1OqfDLRF14AGHdV6woLNDAHA-~A
0
367 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=337&uid=y-cgQFRH5E2uFD5FZ1OqfDLRF14AGHdV6woLNDAHA-~A
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.212.105.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-212-105-38.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 11:09:40 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=337&uid=y-cgQFRH5E2uFD5FZ1OqfDLRF14AGHdV6woLNDAHA-~A
date
Thu, 16 Nov 2023 11:09:40 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sync
ads.servenobid.com/ Frame 7367
Redirect Chain
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID
  • https://bh.contextweb.com/bh/rtset?pid=562894&ev=1&us_privacy=&rurl=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D29%26buyeruid%3D%25%25VGUID%25%25%26r%3DCid1YS1hYmM0OWY2Yy0xNzgxLTNjYjUtYTFlMS1lY...
  • https://ssp.disqus.com/match?bidder=29&buyeruid=LT3Ny37GwtSv&r=Cid1YS1hYmM0OWY2Yy0xNzgxLTNjYjUtYTFlMS1lYzZlNzc1MzZmMzEQ____________ASpTaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzQ2JnVpZD11YS...
  • https://us.ck-ie.com/ztg897.gif?gdpr=&gdpr_consent=&us_privacy=&coppa={$COPPA}&redir=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D30%26buyeruid%3D%7B%24PARTNER_UID%7D%26r%3DCid1YS1hYmM0OWY2Yy0xN...
  • https://ssp.disqus.com/match?bidder=30&buyeruid=e7263fa27e5f17dd1d81f8150f3d92e488a577f3ae8578e3e855f1f99803fb18&r=Cid1YS1hYmM0OWY2Yy0xNzgxLTNjYjUtYTFlMS1lYzZlNzc1MzZmMzEQ____________ASpTaHR0cHM6Ly...
  • https://ads.servenobid.com/sync?pid=346&uid=ua-abc49f6c-1781-3cb5-a1e1-ec6e77536f31
0
358 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=346&uid=ua-abc49f6c-1781-3cb5-a1e1-ec6e77536f31
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.212.105.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-212-105-38.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 11:09:42 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=346&uid=ua-abc49f6c-1781-3cb5-a1e1-ec6e77536f31
pragma
no-cache
date
Thu, 16 Nov 2023 11:09:42 GMT
cache-control
no-store
content-length
0
expires
0
sync
ads.servenobid.com/ Frame 7367
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58632/occ
  • https://ads.servenobid.com/sync?pid=339&uid=y-cgQFRH5E2uFD5FZ1OqfDLRF14AGHdV6woLNDAHA-~A
0
367 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=339&uid=y-cgQFRH5E2uFD5FZ1OqfDLRF14AGHdV6woLNDAHA-~A
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.212.105.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-212-105-38.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 11:09:40 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=339&uid=y-cgQFRH5E2uFD5FZ1OqfDLRF14AGHdV6woLNDAHA-~A
date
Thu, 16 Nov 2023 11:09:40 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
v1
match.sharethrough.com/universal/ Frame 7367 		0
34 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/universal/v1?supply_id=KW3eSFMR&gdpr=0&gdpr_consent=&us_privacy=1YN-&
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.28.38.5 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-38-5.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 11:09:40 GMT
sync
ads.servenobid.com/ Frame 7367
Redirect Chain
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D353%26uid%3D%3Cvsid%3E
  • https://ads.servenobid.com/sync?pid=353&uid=0000EEA
0
336 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=353&uid=0000EEA
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.212.105.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-212-105-38.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 11:09:41 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

pragma
no-cache
strict-transport-security
max-age=86400 ; includeSubDomains, max-age=604800
date
Thu, 16 Nov 2023 11:09:40 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
location
https://ads.servenobid.com/sync?pid=353&uid=0000EEA
content-type
text/html
cache-control
max-age=0, no-cache, no-store
content-length
154
x-mnet-hl2
E
expires
Thu, 16 Nov 2023 11:09:40 GMT
Logo.png
s0.2mdn.net/ads/richmedia/studio/pv2/87219646/dirty/ Frame 29EA 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/pv2/87219646/dirty/Logo.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/huang-zi-jiao-xia-biao-zao-qu-xiao-ding-dan-bei-mai-jia-yao-qiu-zhong-ding-yi-kan-jie-qian-zhang-5bei-zhen-de-you-dian-guo-huo.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f6.1e100.net
Software
sffe /
Resource Hash
fe2d5eca696d0eee3aba2ff6a6c41931a3825cac085ed49385ba22d06ed52b2b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2994967784453244426/index.html?e=69&leftOffset=0&topOffset=0&c=V0csK58Cww&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 23:09:34 GMT
x-content-type-options
nosniff
age
43206
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5830
x-xss-protection
0
last-modified
Fri, 07 Jan 2022 16:17:12 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 16 Nov 2023 23:09:34 GMT
60001484_20231027051743962_prod_03.jpg
s0.2mdn.net/ads/richmedia/studio/60001484/ Frame 29EA 		139 KB
139 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/60001484/60001484_20231027051743962_prod_03.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/huang-zi-jiao-xia-biao-zao-qu-xiao-ding-dan-bei-mai-jia-yao-qiu-zhong-ding-yi-kan-jie-qian-zhang-5bei-zhen-de-you-dian-guo-huo.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f6.1e100.net
Software
sffe /
Resource Hash
3b35fdd96e2f5653cd23a72bb5f0de5f3c9e5ad5dc6770259c27c902ec6de2a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2994967784453244426/index.html?e=69&leftOffset=0&topOffset=0&c=V0csK58Cww&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 21:17:02 GMT
x-content-type-options
nosniff
age
49958
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
142595
x-xss-protection
0
last-modified
Fri, 27 Oct 2023 12:17:44 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 16 Nov 2023 21:17:02 GMT
60001484_20231027051740206_prod_02.jpg
s0.2mdn.net/ads/richmedia/studio/60001484/ Frame 29EA 		119 KB
120 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/60001484/60001484_20231027051740206_prod_02.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/huang-zi-jiao-xia-biao-zao-qu-xiao-ding-dan-bei-mai-jia-yao-qiu-zhong-ding-yi-kan-jie-qian-zhang-5bei-zhen-de-you-dian-guo-huo.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f6.1e100.net
Software
sffe /
Resource Hash
0ad1b7c562fef991ebd6d45c32d120ab2799c448db22d95b15528a35af9ff69f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2994967784453244426/index.html?e=69&leftOffset=0&topOffset=0&c=V0csK58Cww&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 21:17:02 GMT
x-content-type-options
nosniff
age
49958
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
122357
x-xss-protection
0
last-modified
Fri, 27 Oct 2023 12:17:40 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 16 Nov 2023 21:17:02 GMT
60001484_20231027051736555_prod_01.jpg
s0.2mdn.net/ads/richmedia/studio/60001484/ Frame 29EA 		237 KB
237 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/60001484/60001484_20231027051736555_prod_01.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/huang-zi-jiao-xia-biao-zao-qu-xiao-ding-dan-bei-mai-jia-yao-qiu-zhong-ding-yi-kan-jie-qian-zhang-5bei-zhen-de-you-dian-guo-huo.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f6.1e100.net
Software
sffe /
Resource Hash
69f29a3e2fa1f86f96fb1270fde16b4596ad4cfde81be067e46ef777bec1ae84
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2994967784453244426/index.html?e=69&leftOffset=0&topOffset=0&c=V0csK58Cww&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 16:20:42 GMT
x-content-type-options
nosniff
age
67738
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
242592
x-xss-protection
0
last-modified
Fri, 27 Oct 2023 12:17:36 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 16 Nov 2023 16:20:42 GMT
60001484_20230921233850223_visual_ingenieur.jpg
s0.2mdn.net/ads/richmedia/studio/60001484/ Frame 29EA 		251 KB
251 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/60001484/60001484_20230921233850223_visual_ingenieur.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/huang-zi-jiao-xia-biao-zao-qu-xiao-ding-dan-bei-mai-jia-yao-qiu-zhong-ding-yi-kan-jie-qian-zhang-5bei-zhen-de-you-dian-guo-huo.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f6.1e100.net
Software
sffe /
Resource Hash
44603e9bad4a7793dae8bb50619434b2dd6871174632f8486291230e2c3bcba5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2994967784453244426/index.html?e=69&leftOffset=0&topOffset=0&c=V0csK58Cww&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 04:05:48 GMT
x-content-type-options
nosniff
age
25432
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
256992
x-xss-protection
0
last-modified
Fri, 22 Sep 2023 06:38:50 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 17 Nov 2023 04:05:48 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame 3623 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Amxi7vKwIkzyVSKCdt1zp8Yf0edK8nzS6DwP1MrmnVoxb6NeGTnOzBYudk5ia9cmrUTHTpna95XZsKNjn21uSAQ7b0R-DEWftCVHrSl0O4GSLbVyA4yWuVsDAxTUF442Z8L8vyWbjNzgK32UrjMVKr9Dw1uWP7vLTL-eQFzYyt9GSXKFY&cry=1&dbm_d=AKAmf-AwImAqUL3w-u-xuLF2HMWxzeDzI4jcYyiYrCyjZo8-tOYIzWy5CEu-rV7bOGkOycJ8VdnBE3YRmzTmB2_xT5-SxE7cJyyBwxfiowKDcYhyUOA_DLc8o6EPA3ECxxq-WPXEQ3TWVWLxhDT3A5wN8Q39IthLso-qMb67oN1JL8AcPhgMAcIuyPvUL06DkEv40s7hyIfTKc-6P-DReb5MkuIEE6Etx2BbKbSZCWGQOuwTo4SlghhUwopPn0DlQDvPN6HPmlaAiI9AngHAcNmLj_bJXDvsdDUxse0C5Asj6SZzEM-IhVR3GB98Xsf9y9UggV2gBm2MMGwTAHDO11O5VgirNj0ED1hRmWtYEllralP9SULoif43dFhZZA106Fo4qNzuoTxq8eiL-AX7o6wcqxoHGSfjHDjScYAz5jRLt5UD-ZXKuQOs_3CdJwnyOVbpfgxyAHJ-I57PbMkdfGXB0yE5JtMgKpGQmnhnXwJnNXRqsiqg2-byWlPm-LxlkthRvSg8sb06HjiTQMElu0ycqtxd7RSf7jy1h9z9Hll26dgjjDKEB7H7bkS5RiEyo-IH2XahQDrvpticcj_pkxW7PiJVA9twGlt7c4UNGF3WN6MKK1TFHe_UXDBMG-_OQg_zS8dCvAVLdWeSd9WEfg4WIp8CTmUvOBDFshxvWXgtRymCEVrNVgx44bLsVszj-QQxEd1naJ41HbkYd6vFjRsldqm4AO9vDqlQIGZ-jZDMeJS6nury7QiysC3L6r8DfCEbWaZsxe6MkFMZwzrd9MndvjsKBJe2prxKukfVDAwoWDb50mdyEBdzJaeaQEv7KfnRuJFEk7VPnR5VplFM7ieQ9jpj5g3qN9S9TipMnrxJZD5QvemOwsTtYAd4svW-GmDPUD9-UpK-PjtlJDD3lqjqEBCblE0MQjfD9dzvz8dUCeQCBGC9G33zleFVzkSw3MBKaGwUekg-sTAzI_KrieLXFGzvolPKCKzInFn-0zUD6LvWrK5uzWyFtn2rPEE-KBvWKlR6sFsvc4fLz2VeF4Nr53CggfJHArQdp5c1UD2B7-rt7brUu-M_5eNkhp2NzhzQhwZFkdWrPUPP-Z5NBC6kgcELaj-b6t0L9b5BVb4jlQ7udqJv9p5rfIMHjFmDNtmNjcEPWJCgzbheCXxn68j3J1HCyW6SjASFP7YhAUvVqka3HWIgTFyyUqT5_-ScM6SbwYWUsFeG7PS1JTvyWxJufRm3o8H4vyEqVHcZGWzXa9AmQb-wMq2OymMxHHS3bqFI1MFGhRrJJiZAIaVsMvQpWzizhPeMvOiOSq_faOJ_057hNmK0lLOTiM5FBk_PiV1byoW8ivzmloP2Qzcfw8EHw9O1twVFAHzAgBk3k6LAbSwulVGpA4wBUvEgy4J1Ookmb8bf6YnmeTQWbz8Chnn67wk0YW0XeV19HaAlw0h9Fw9GOXjedotn_TZi2hvbJkVjtdw-mWEpWQgx28PCpMC_IbnhjULJdGt1EYgN_EX44ZQPfDb7lOQHLwjGf8OZln6eX1hH3_V-DUqARSI6D9dhN91SQQPg9uORa2bW6u-XzicUri6h9I2I-K89L3ovogtvQMKhJuyfBoB_1Yi2SpdXQW0rf6ZOaZAQC8WxaholhdXT9qRWiRhIXORlBvmREwd1GIX_-JyS1d3_hHRFbK9lY1VvhKLr2Uu6krJgy6I6kjdLcSO9PvnqqZdGTezd2lPVEOacUQTiOW2ospn_Msy81_dE97BQhlaSS_u9z11fWB1og3dZX1P0UOQGJHi6wU_nLQ7beK1ttz37Gc8vzIZlDM4WkOhsZ7WKhS5tzgR4y8S4_E8hvTGhSeOI5NGlL_XvI7xUZvqMGCWHUjcgmd_0G0DY1hOxYzKFkJQw15LDU_iXg9at1OqAMM5ZCJdQEcTf1Vy8iBIjbpZ5sdfLceE6LqvExD1izYqS8Zm6fqx_84hqaK1fM3bfjri9zSIwvVLw2Dn7FkxRCLziTZC6YuIkdtsreG8QFjjhxHTyKy8IA8RC-vyFEND7Tn9u57sNhmYrIpqJYTHFNMdB4yUL2fKYekR7aJ77Sdsuwn4i_Ecp324I4cf7Q0g6VYe6PnpxQqKsPxtIc5WmvrKpu7aefYrkcyFTRpxrJ7OaR5yBNjMlHiz9wQO3P9HdSDjE0Ur2_IdhlEtEH9jDQ9cQendZoZkzFtJ_YT6xGmop-2X3GuWab3nbVP8WmietkYy7UlnPzVwl2RDNp8aCJBz_FJ-hAGAkRHY3rNhsBe9BX9k7ep0pGQNeI55ktICYFkua1l1cLqCRXMlxTrBcvQ22t_BCOz9K73UvHROsPFz5111Mop9q_llwn9md671VwOtwTrpPQyNk7QCcjtiLxrpIxF53tZ6GORj9AwQdqxiCHfNgCIPdC2rmTOIAhVndG2HmXRcmlgXvKFM9bAsqp5K_l-Do4VSo9RxUu--3bAb3NRUMEcktHYBPShgs4E3CK3YtnszqpgCaqqhLUVmxkIRrBEKukfJDXpRIH1zpEcp0o9txY1P68QGYWl44qNDKSq-Ad1v6B6TBVtu4IM5qZx6LSt-m977fwPBOpiGLTGVpiFd2tNLtUYhZ5d0oPDgqdKKZyGguYU-4-yjgBmjP0kO-d8B_w8hl1B8D3sreUcrX20Lg9zEmf2P50BItuhYHd7dy8Rmx5oJdNm1APgn-zZhlG2aRFfWhzVsHowOcAyIVxB5Uv02YIDPaCmibUueDIQLUpNlmI0HmvsLubrQs8eDaVzO-H_hsbdaf-g_WqHc-fv0dXrvWeioOzoxWGpqsFk-Fd-HVS_Gem_q65aZOmzj_pO3IGP4hRtapZFzov2wFJRoUocWYDj2Psv2WGuvFNwkoP2UrNP-4y9_I_Mk-6HOvNfokR06OktTPkZ4f82XUjb1hJaGpMVuDr_tCfYRslgl5c9IVY11bGsGbN6w2wzpD2CUo3T-5Uq13kp-NkMrtlqYqEWFwNFiWhHnJ4sRhMRjZPV5h5sYYE0p9swH6PDfvIkpyrc0uNw4qk0b3ZfaNEMUeqVpys-yGnC9I4aO0EIu1Q4glZ9SUhrn4Ub_Br95j4zsfX0qS-KxR77Q_IQZ2iQaglbBt0i52oCay3FswwBpZesfBWCQC9fJRs52ux-veWuSABWujVpLBqrghvnCoeyomc5iDUBxsNyfqcT4RN5tVbxIF7zAZVMAjEJCjmdOl9Wa5Rn_9JrloxusOQykw1ofzJfv9bdrvoRs2l1ubzedeYclnskc2ecgj4-9K2k2E-jq2RuRbl1yt6NYq2hoxmOs6HeHp68qcSa5GTkV-SDgMQfC_EoAYamAJtSU3dlaG4wo17ymWB2-ABNGgHQJ8Tf__SQZ_XhUJxuJZU8euBzAYQJISeD5MrKKIgiAY19GLrt_VCezBnkBteUcyg0XXd1NygK3tMRV7KHJt02ZLR0LIMim0qxpHaDq8sdQTmzyya00Y5du76JTkk6XNjbiS6TrFKNEG3tHZs-wCzp2dhiUHh1sDVNDMCGbGc2iSYcSbUwZfLZKLOEXt62wQ1aMnTPOt81dwrxlUnw30KFf4-1uF1wMC4DQLoSIGFpfwzWHcPw1gkqweAl92tkqtY892OsRP1h-sD1NhqxmIdMJD4amWgMtlESqU-jX2yBeIWQyjPCeNhA0kqP5S10IojJTm6S0UjGWlY_MtIYh-W-v7maTArm2VT8z9plIIQB-yMShEsDtTZ-GP8ylosWjaKJizXCF2dZrQ5Z9tM-4QY-Fqq-fbqXeH6ezcM87sOLOiywEehF76o7DyZyuqXuD2MmXd5yuax2KZ7JDRQqpzHByoLUjMup9FNZLGF8I3tEA2SzTZHglap7o9l_9BKEbY0wQcmUn_IydX-_dKy9XRJeFmpLwbeFazJ5R8uwIkbqIe62F9T4OQvOeBlX9N4dSnMQotZTugXajl76ItSOVVPphu8MrmMLYEunTCOb-g8Q1FdT3rFzonnr--ZDK60wguAA&cid=CAQSPADICaaNen2ulRd4LXLlSvD7FssKAhQxgICobLolEYhcW4D1lkvUNkW2E-sN0xkhdWexZ3rqieBpiUX17hgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.bg3.co&ds=l&xdt=1&iif=1&cor=5713786660072100000&adk=676413724&idt=180&cac=0&dtd=147
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f1.1e100.net
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 05:44:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
537929
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 09 Nov 2024 05:44:11 GMT
attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwMDEzMjk3OTEzOTk4OQogIHNlcnZlcl9pcDogMTc1NjI1NDc5CiAgcHJvY2Vzc19pZDogMjUzMzQwMjQ2Nwp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiAxMTg2ODk0...
ad.doubleclick.net/ddm/activity/ Frame 3623 		0
859 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/ddm/activity/attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwMDEzMjk3OTEzOTk4OQogIHNlcnZlcl9pcDogMTc1NjI1NDc5CiAgcHJvY2Vzc19pZDogMjUzMzQwMjQ2Nwp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiAxMTg2ODk0MwphZHZlcnRpc2VyX2RvbWFpbjogImh0dHBzOi8vcmVkaW50ZWxsaWdlbmNlLm5ldCIKeGZhX2F0dHJpYnV0aW9uX2ludGVyYWN0aW9uX3R5cGU6IFZJRVcKaW1wcmVzc2lvbl9wcmlvcml0eTogMAppbXByZXNzaW9uX2V4cGlyeV9pbl9kYXlzOiAzMApldmVudF9pbXByZXNzaW9uX2lkOiAxNDc5NjcyNTc1NjU1MjAwODU1NwpkZWJ1Z19rZXk6IDExMDYyNjY4MjE0MDM3MzgxMzE1CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1BST0RVQ1RfVFlQRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9JTlRFUkFDVElPTl9UWVBFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAzCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0lOVEVSQUNUSU9OX0RBVEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgc3RyaW5nX3ZhbHVlOiAiMjAyMy0xMS0xNiIKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRkxPT0RMSUdIVF9DT05GSUdfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDExODY4OTQzCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0NPUkVfUExBVEZPUk1fU0VSVklDRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMAogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9QTEFURk9STV9UWVBFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAwCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1FVRVJZX0NPVU5UUlkKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgc3RyaW5nX3ZhbHVlOiAiVVMiCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1BMQUNFTUVOVF9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMzMyMDU4OTM1CiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0RWM19BRFZFUlRJU0VSX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiA4NzgyNDM2OTYKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRFYzX0xJTkVfSVRFTV9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMTY2MjY3OTAyMDkKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRFYzX0NSRUFUSVZFX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiA0MTUzNzU2MzkKICB9Cn0KYXJjaGV0eXBlX2lkOiAxMgphcmNoZXR5cGVfaWQ6IDEzCmFyY2hldHlwZV9pZDogMTQKYXJjaGV0eXBlX2lkOiAxNQphZHZlcnRpc2VyX2NvbnZlcnNpb25fZG9tYWluczogImh0dHBzOi8vcmVkaW50ZWxsaWdlbmNlLm5ldCIKYWR2ZXJ0aXNlcl9jb252ZXJzaW9uX2RvbWFpbnM6ICJodHRwczovL2FkLXNydi5uZXQiCmFkdmVydGlzZXJfY29udmVyc2lvbl9kb21haW5zOiAiaHR0cHM6Ly9rbGljay13ZWx0LmRlIgppbXByZXNzaW9uX2V2ZW50X3JlcG9ydGluZ193aW5kb3dfZGF5czogNApicm93c2VyX2F0dHJpYnV0aW9uX2FwaV9yZXF1ZXN0X3Byb2Nlc3NpbmdfYml0czogNzU0OTc0NzIwCg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301107&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1700132976&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhuang-zi-jiao-xia-biao-zao-qu-xiao-ding-dan-bei-mai-jia-yao-qiu-zhong-ding-yi-kan-jie-qian-zhang-5bei-zhen-de-you-dian-guo-huo.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700132973992&bpp=941&bdt=1668&idt=2920&shv=r20231109&mjsv=m202311090101&ptt=5&saldr=sd&cookie=ID%3Db41398bdaa9909b2%3AT%3D1700132970%3ART%3D1700132970%3AS%3DALNI_MY9TDWl_IAj-r6iD6RW7pCAt1wm8w&gpic=UID%3D00000cc9e0085334%3AT%3D1700132970%3ART%3D1700132970%3AS%3DALNI_MaGHGq4gTOIhiQ9EJVN50HJyw1Ixg&correlator=1789034463196&frm=23&ife=1&pv=2&ga_vid=1685989450.1700132971&ga_sid=1700132977&ga_hid=279756116&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1544&biw=1600&bih=1200&isw=336&ish=280&ifk=904434799&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31078301%2C44807763%2C44808148%2C44808285%2C44809055%2C31079698&oid=2&pvsid=2215057882865319&tmod=1229521688&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.139s2rqhl1tc&btvi=1&fsb=1&dtd=2965
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.6 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f6.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Nov 2023 11:09:40 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"aggregation_keys":{"12":"0xf592583487e57c4e0000000000000000","13":"0xf2270847e08a2b9e0000000000000000","14":"0x71f32625e04d52e60000000000000000","15":"0x6338d1354d09e6d00000000000000000"},"debug_key":"11062668214037381315","debug_reporting":true,"destination":"https://redintelligence.net","event_report_window":"345600","expiry":"2592000","filter_data":{"14":[],"8":["11868943"]},"priority":"0","source_event_id":"14796725756552008557"}
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
image/png
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 29EA 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f1.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 11:09:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 16 Nov 2023 11:09:40 GMT
usermatch
ssum-sec.casalemedia.com/ Frame B068 		2 KB
859 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1ca3a96a6cd254e9abe986a1eeafd65644b11b0de41b80f10bc9c46e321ef249

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
826f48789a880229-ZRH
content-encoding
br
content-type
text/html
date
Thu, 16 Nov 2023 11:09:40 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2WwV%2FYfk1%2BfUKnrWPSqr9lkVm1ExoniYaeObG%2BwhDr65lyeotU%2FDVvQovstfkCa5qjmuIQuHXPFGn2ns4Q3SjK2MyYYjGWsVbKCBht0LMfFVeGcgm8nUZhnVw011Ih7WGd04tvOOkSUkKQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
sd
us-u.openx.net/w/1.0/ Frame D89E
Redirect Chain
  • https://cms.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=qVqIgvlXioeyDo6B-w2Q0a5c39SyXIyP-VczmBGO
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=qVqIgvlXioeyDo6B-w2Q0a5c39SyXIyP-VczmBGO
Requested by
Host: adpushup-d.openx.net
URL: https://adpushup-d.openx.net/w/1.0/pd?cc=1
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://adpushup-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Nov 2023 11:09:40 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 16 Nov 2023 11:09:40 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=qVqIgvlXioeyDo6B-w2Q0a5c39SyXIyP-VczmBGO
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame D89E
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=22
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=2077481175515758965
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=2077481175515758965
Requested by
Host: adpushup-d.openx.net
URL: https://adpushup-d.openx.net/w/1.0/pd?cc=1
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://adpushup-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Nov 2023 11:09:41 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 16 Nov 2023 11:09:41 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=2077481175515758965
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
dcm
aax-eu.amazon-adsystem.com/s/ Frame D89E 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=edd77cc0-ab86-84b7-a680-17025a4dc710
Requested by
Host: adpushup-d.openx.net
URL: https://adpushup-d.openx.net/w/1.0/pd?cc=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.118.179 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://adpushup-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 16 Nov 2023 11:09:40 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
FAZEDAZAVKGSTHY62VTY
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
openx
match.adsrvr.org/track/cmf/ Frame D89E 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/openx?oxid=b50100bd-b72c-3f4d-668e-9595327e0cf0&gdpr=0
Requested by
Host: adpushup-d.openx.net
URL: https://adpushup-d.openx.net/w/1.0/pd?cc=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://adpushup-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 11:09:40 GMT
server
Kestrel
content-length
70
content-type
image/gif
pixel
cm.g.doubleclick.net/ Frame D89E 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=OTk2ZWQzNzctN2U1Yi02MWU5LTczNmUtY2YyY2Y4OWNjMjkw
Requested by
Host: adpushup-d.openx.net
URL: https://adpushup-d.openx.net/w/1.0/pd?cc=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://adpushup-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Nov 2023 11:09:40 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame D89E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEKTdiBhnS5gIM9IZQZnWDg&google_cver=1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEKTdiBhnS5gIM9IZQZnWDg&google_cver=1
Requested by
Host: adpushup-d.openx.net
URL: https://adpushup-d.openx.net/w/1.0/pd?cc=1
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://adpushup-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Nov 2023 11:09:41 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 16 Nov 2023 11:09:40 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEKTdiBhnS5gIM9IZQZnWDg&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
onetag-sys.com/usync/ Frame CC49 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1700132976870
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/js/achernar/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
e18ced8c602ad6449e62c9022238946d78d0c8a351190504d119ad353e997d1b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
1209
content-type
text/html
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security
max-age=15552000
track
t.teads.tv/ Frame 3EBE 		23 B
134 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.teads.tv/track?action=adCall&pid=169092&pageId=154680&auctid=a47ef0db-25e0-4f94-81af-19922be34ec7_86b8abf0-5054-4ede-94d0-97be783571fe&vid=e749febd-847a-46f3-ae87-f65a1c76e7b9&hb_provider=prebid&hb_ad_unit_code=ADP_42753_728X250_77a9c22f-ac02-45dd-96bc-b0896a8a7d5a&env=js-web&gtc=1&gdpr_apply=false&gac=1&gap=1&ca=false&bsg=uncat&bsias=uncat&pfid=68&gid=1098415&sid=174681&brid=7119&cid=1159743&rpm_reason=3&ut=1&p=wTqRhmVR8UOvmna_2LbbCPI848Odx50j3VfZq5BN_YMXFK95oEaqfHAlK9B6etSszn0&cts=1700132973107&cs=-286826924108079309905&slot=native&fv=1288&ts=1700132980626&plft=flv&hb_w=728&hb_h=90&referer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhuang-zi-jiao-xia-biao-zao-qu-xiao-ding-dan-bei-mai-jia-yao-qiu-zhong-ding-yi-kan-jie-qian-zhang-5bei-zhen-de-you-dian-guo-huo.html
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/huang-zi-jiao-xia-biao-zao-qu-xiao-ding-dan-bei-mai-jia-yao-qiu-zhong-ding-yi-kan-jie-qian-zhang-5bei-zhen-de-you-dian-guo-huo.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.161.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-161-51.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Sat, 26 Jul 1997 05:00:00 GMT
date
Thu, 16 Nov 2023 11:09:40 GMT
cache-control
max-age=0, no-cache, no-store
content-length
23
content-type
image/gif
bridge3.605.0_en.html
imasdk.googleapis.com/js/core/ Frame E59D 		752 KB
241 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.202 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f10.1e100.net
Software
sffe /
Resource Hash
a2eacbd0a55e794d92e79a03b68c07f613a0ab710ffaffe5f1d12d67aac843a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
116098
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
246766
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Wed, 15 Nov 2023 02:54:42 GMT
expires
Thu, 14 Nov 2024 02:54:42 GMT
last-modified
Wed, 15 Nov 2023 02:49:47 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 5057 		40 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
sffe /
Resource Hash
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 10:12:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3417
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13893
x-xss-protection
0
last-modified
Wed, 09 Aug 2023 15:57:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Thu, 16 Nov 2023 11:12:43 GMT
track
t2.teads.tv/ Frame AE17 		23 B
134 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t2.teads.tv/track?action=hbSlotAvailable&pid=169092&pageId=154680&vid=e749febd-847a-46f3-ae87-f65a1c76e7b9&pfid=68&env=js-web&ut=1&cid=1139714&gid=1076044&auctid=a47ef0db-25e0-4f94-81af-19922be34ec7_41c71f8a-9c4e-493a-8dfc-1ddc38e617eb&sid=174681&scid=7024&hb_provider=prebid&hb_ad_unit_code=ADP_42753_728X250_77a9c22f-ac02-45dd-96bc-b0896a8a7d5a&pscid=20204&psid=415253&cost=qHs7sK1iGqYweU1tlXX74ZTz&cost_curr=USD&analyticsOnly=false&brid=7119&ad_source_id=128&dsp_campaign_id=1076044&dsp_creative_id=1139714&fms=9&p=meHaFsSVsyee2MJZbwyHMLICutBgaUHpeCI1jENJC4IFWA&cts=1700132973092&cs=-907757985579002742405&1700132973092=&slot=native&fv=1288&ts=1700132980735&plft=flv&hb_w=728&hb_h=90&referer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhuang-zi-jiao-xia-biao-zao-qu-xiao-ding-dan-bei-mai-jia-yao-qiu-zhong-ding-yi-kan-jie-qian-zhang-5bei-zhen-de-you-dian-guo-huo.html
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/huang-zi-jiao-xia-biao-zao-qu-xiao-ding-dan-bei-mai-jia-yao-qiu-zhong-ding-yi-kan-jie-qian-zhang-5bei-zhen-de-you-dian-guo-huo.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.161.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-161-51.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Sat, 26 Jul 1997 05:00:00 GMT
date
Thu, 16 Nov 2023 11:09:40 GMT
cache-control
max-age=0, no-cache, no-store
content-length
23
content-type
image/gif
track
t.teads.tv/ Frame AE17 		23 B
134 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.teads.tv/track?action=adReceived&env=js-web&auctid=a47ef0db-25e0-4f94-81af-19922be34ec7_41c71f8a-9c4e-493a-8dfc-1ddc38e617eb&pageId=154680&pid=169092&hb_provider=prebid&vid=e749febd-847a-46f3-ae87-f65a1c76e7b9&pfid=68&f=1&slot=native&fv=1288&ts=1700132980735&plft=flv&hb_w=728&hb_h=90&referer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhuang-zi-jiao-xia-biao-zao-qu-xiao-ding-dan-bei-mai-jia-yao-qiu-zhong-ding-yi-kan-jie-qian-zhang-5bei-zhen-de-you-dian-guo-huo.html
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/huang-zi-jiao-xia-biao-zao-qu-xiao-ding-dan-bei-mai-jia-yao-qiu-zhong-ding-yi-kan-jie-qian-zhang-5bei-zhen-de-you-dian-guo-huo.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.161.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-161-51.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Sat, 26 Jul 1997 05:00:00 GMT
date
Thu, 16 Nov 2023 11:09:40 GMT
cache-control
max-age=0, no-cache, no-store
content-length
23
content-type
image/gif
nurl
a.teads.tv/be-ms/ Frame AE17 		9 KB
10 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/be-ms/nurl?payload=GISpCiCCyEUozNZBMkoJAAAAAACZKD8hmpmZmZmZ6T8on4TQywsyGyoZChUIt-MHEgNVU0QaCmltcHJlc3Npb24YATjf8BdYBWDf8BdwtK4ieNvRI5gBADgBQgNDSEZIAVAAWAByBmpzLXdlYngAgAFEkgFqCAUQ9AUYp08g-KEQKgQ1NDI1MP___________wE6Bm1vYmlsZUITc3dpc3Njb20gc2Nod2VpeiBhZ0oIc3dpc3Njb21SDWV1cm9wZS96dXJpY2haDHNjaG5laXNpbmdlbmIHc2Nod2VpepoBCnd3dy5iZzMuY2-gAQKoAQO4Ac83wgEGcHJlYmlk4AEB-gEzEi8KFgiUn4Gvspu8v6QBEMedjd-issbXgQESFQi6krniqfHH40EQ66-Yx8O7h_6NARgAgAL808m-vTGKAgdXaW5kb3dzkgIEMTAuMJgCAKoCNkFEUF80Mjc1M183MjhYMjUwXzc3YTljMjJmLWFjMDItNDVkZC05NmJjLWIwODk2YThhN2Q1YbICGgoWCPON6aPY1_-k5wEQuc_b46HL_cOuASAA2AIA4AIA8QIAAAAAAADwP_gCAYADAKIDmAFodHRwczovL3d3dy5iZzMuY28vYS9odWFuZy16aS1qaWFvLXhpYS1iaWFvLXphby1xdS14aWFvLWRpbmctZGFuLWJlaS1tYWktamlhLXlhby1xaXUtemhvbmctZGluZy15aS1rYW4tamllLXFpYW4temhhbmctNWJlaS16aGVuLWRlLXlvdS1kaWFuLWd1by1odW8uaHRtbKgDALIDAmNougMGQ2hyb21lwANZyAMA0AMA6gMnCgcIABABGP8BEgQIAhABGgQIBBAAIgQIAxAAKgQIBRAAMgQIARAA8gMOMTc4LjE5Ny4yNDguMjP4AwKABAA=&auction_currency=USD&pscid=20204&scid=7024&sid=174681&auction_price=DzDpTMedm11793YTZjFAc2AkPKoySUmEI6VD6WtCpXhCnw&psid=415253&checksum=280795408
Requested by
Host: a.teads.tv
URL: https://a.teads.tv/media/flavors/native.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.21.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-21-51.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
189abb7ba495caf93baceba77b945913ed763e67902af69f79381afdaba5c7cd

Request headers

Accept
application/json; charset=UTF-8
Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Nov 2023 11:09:40 GMT
access-control-max-age
1728000
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Accept-Encoding, Accept-Language, Host, Referer, User-Agent
content-length
9406
expires
Thu, 16 Nov 2023 11:09:40 GMT
8w7qrx09r0fs
hal9000.redintelligence.net/zone/ Frame 3623 		0
0
VideoBidRequestHandlerServlet
am-wf.taboola.com/ 		2 KB
797 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://am-wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1700132980803&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=3&pv=1573&pt=1637683408&tz=60&viewable=true&ddast=V8uHkCLAbkc88eGz07IxPI5549Nnp2Ri4AAABgYID-AImtPDaTazlYyxymjVu0MhnXwt3MtFatJr7JarUaLmwLIyCxlcdmci0Ha5nDtHGLVibjWribmdaq1cQ3Wa1Ww4VtYQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AaBmGg6HT7XvV73-90lPs9c4_cr_ELXw-5zS59uqdPhdwufDrfE6fC7pQ-_W_F6C58Ov1vktPvcIofdLXE53WqH0y11OtzKh9-teLre0qPf7nOLnHafW_l0ax12t9TpciueDrtbenTYfW7VxOV0S48uu1vkciv_rrfI6bC7da6_W-j624Wmt9kOAAAAAB78____QwAAAACIAAAAACABAAAAgEJAhX8LAhcAAAAAMPz___9rAHjmkPA20-Vp97ns_gAAAAAAAgAAAIAEAAL6YQmAGOO9E___________MQboM29k_P___98w6AHw4APgQQgAAMDHkC2spwusCtVZIgWwRRgBAAAAkC3GvzgySSeoWFT5___vtwJwBQAgYPFaGkw8i-6gxFsYAAAAgTEL9LD4_WaHXeN3u8z_________v5n_M_9ohHp64tIA9cORqvkFBABY8wsIAMBG3RTMvRmAE3QIWjEYrE5AzA4AAADAnf___389IOPczQwL12hhcjgHG5tvNFptRhbPxGPYmHyrzXJ7NrRYxyAB6ND7bAjL7PcdFJTT02N2GWQsl8kgPmgYlpNBMD8TthitJpPNcjhbLiaD4Wg4Gu2PAC4HaCIGy-VkspjsVqPVaDPcjWaDBRKIwQRRtGgwWY1Gk8VkuBpNVrPlYrfbIIpWrWajzWC4mk1mu91qOBguRyM0YYvRajLZLIez5WIyGI6Go9EQwZDNY9yshiO3yLWbuEWTxcSt3M0sbo1ps1iNNjaXb-Jai14f08c0841cDi8SDPDci-RpkU4UG8NwtxoMJhaTZeSbbHazkWVk2ngGC5tvNhhOJmKJ5mSRTmSXfce5mxkWrtHC5HAONjbfaLTajCyeicewMflWm-W-ZPMYN6vhyC1y7SZu0WQxcSt3M4tbY9osVqONzeWbuNai18f0Mc18I5fD39gNBovNZLkb7Bu7wWCxmSx3g32HzvBdfc5GZVkl-ei0ffNiW645DQqXweJ9qU_nYcFYkE47R6fM4XgWdUa_3-_3-_1-v9_vN2g9B7NB4Xse_sLpY3kuh7PRg9hgUMQSwUU6ETzMbofp5Zb4PBu_RSxRmi7SiV7hF7oedp9b-nRLnQ6_W_h0uCVOh98tffjditdb-HT43SKn3ecWOexuicvpVjucbqnT4VY-_G7F0_WWHv12n1vktPvcyqdb67C7pU6XW_F02N3So8Puc6smLqdbenTZ3SKXW_l3vUVOh92tc_3dQtffLjS9zRaxRHC6SCeil_F0Uf-RQ-yGc8VyN5eMhnPJZpUAAAAAAAAAACzBNNNNAAAAAJwMargZLlbrdDCT2WSwWy0XwEVQli5gEAAAAAAAgGKNPdYAD7PbYXq5JT7Pxm9lABLMecw2-4wg1mq1rAEAAAhgAwAACOCmG28CwaO4_____3EAAABk5NADAACg3weEFbBe6IErxa8gFoPdav8AVIi1Wq1uN9ZqtQIWyHIx2E3g____Pw!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=1&dtagid=3262075&dpubid=583815&abtst=adxsub-out_vA!adxsub-out_vB!tbt_player!ufm_vG&mPre=0.033&cirf=https%3A%2F%2Fwww.bg3.co&en=1&subu=3
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.5.7/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
5caee3aaa1a04aac55e465614f4329486f5f2a3626706f000b61cc434ad92838

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
text/plain

Response headers

pragma
no-cache
date
Thu, 16 Nov 2023 11:09:40 GMT
content-encoding
gzip
server
nginx
machineid
1412
vary
Accept-Encoding
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
expires
Sat, 26 Jul 1997 05:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame 60FB
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZVX4btzE3ScfCHXUwhjfswAAFHUAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESENj41yeJ4fJ2W4FQNdauhEw&google_cver=1
43 B
738 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESENj41yeJ4fJ2W4FQNdauhEw&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Nov 2023 11:09:41 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LLqTIK8j3HosrY%2BsSlQm%2BX0fAv7WZHwwfxygZpdsvQLEsDtXj3HOC1HJRXdAhwmt0Yvn%2B9l6NLydMcVlvfAvC5fUwbshYLmgNB%2BUdRisz8HeCyvtOi3%2BIf%2BNsItkdc4kUXppDzjHbyVdrg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
826f487e7aa601df-ZRH
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 16 Nov 2023 11:09:40 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESENj41yeJ4fJ2W4FQNdauhEw&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
pippio.com/api/ Frame 60FB
Redirect Chain
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZVX4btzE3ScfCHXUwhjfswAA%265237&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
  • https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZVX4btzE3ScfCHXUwhjfswAA%265237&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=6685f683996d48458eb1972bc255fa2e
  • https://pippio.com/api/sync?pid=710914&_=2&it=4&it=4&it=4&iv=cd8996eced116af71651e4eedd6865840605caf0e6b0219d0a43ded30f06bb93
0
42 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pippio.com/api/sync?pid=710914&_=2&it=4&it=4&it=4&iv=cd8996eced116af71651e4eedd6865840605caf0e6b0219d0a43ded30f06bb93
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Server
107.178.254.65 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
65.254.178.107.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 11:09:42 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0

Redirect headers

Location
https://pippio.com/api/sync?pid=710914&_=2&it=4&it=4&it=4&iv=cd8996eced116af71651e4eedd6865840605caf0e6b0219d0a43ded30f06bb93
Date
Thu, 16 Nov 2023 11:09:41 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
0
Request-Time
2
casale
match.adsrvr.org/track/cmf/ Frame 60FB 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 11:09:41 GMT
server
Kestrel
content-length
70
content-type
image/gif
dcm
s.amazon-adsystem.com/ Frame 60FB 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZVX4btzE3ScfCHXUwhjfswAAFHUAAAAB&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 16 Nov 2023 11:09:41 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
557EY7R1N7FS6C6W9FM4
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 60FB
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=82&gdpr=$%7bGDPR%7d&gdpr_consent=$%7bGDPR_CONSENT%7d
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=1022322488938986752&gdpr=0&gdpr_consent=
43 B
735 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=1022322488938986752&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Nov 2023 11:09:41 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YzV0CBBds1qNVz45zvYQAa0eF9yZrSu%2B%2Flq5631h5p%2ByFF8RiHms6M4B0ks1U9QUn8J7CFJJIa1RZETZUwtIr6FKSmPeAq14tv%2BQ8qN%2Boi6J6Pi3L2dp6NSi3aDkN9zoPExfAMMfU7yORA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
826f487dd97101df-ZRH
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=1022322488938986752&gdpr=0&gdpr_consent=
date
Thu, 16 Nov 2023 11:09:40 GMT
content-length
0
crum
dsum-sec.casalemedia.com/ Frame 60FB
Redirect Chain
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=92ECAA55306B4FD395D26EC89C178274
43 B
739 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=92ECAA55306B4FD395D26EC89C178274
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Nov 2023 11:09:41 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BDIKyV%2F%2BuE5zxSRr1KpNEKiqhFcwZaV%2Bmt7l%2Frijnv01kVtmbzWoYvNpeQiOMoKUjBjbbaSwgGHFvhK2fVT681gY24%2FVpPbJXp%2F1YRCIBfCW6wX07F1jYxCd7H6w9gdt3EMDJTYGUx%2FIXw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
826f487fbcb301df-ZRH
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

date
Thu, 16 Nov 2023 11:09:41 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=92ECAA55306B4FD395D26EC89C178274
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Wed, 15 Nov 2023 11:09:41 GMT
CookieIndex
rtb.adentifi.com/ Frame 60FB 		0
287 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adentifi.com/CookieIndex
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.216.57.210 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-216-57-210.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 11:09:41 GMT
rum
r.casalemedia.com/ Frame 60FB
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=48
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=118381f6-8542-441e-8997-93e63d54d767-6555f875-4348&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%...
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=118381f6-8542-441e-8997-93e63d54d767-6555f875-4348&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%...
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=118381f6-8542-441e-8997-93e63d54d767-6555f875-4348&partner_url=https%3A%2F%2Fr.casalemedia.com%2Frum%3Fcm_dsp_id%3D64%26exte...
  • https://pixel.tapad.com/idsync/ex/push/check?partner_id=2499&partner_device_id=118381f6-8542-441e-8997-93e63d54d767-6555f875-4348&partner_url=https%3A%2F%2Fr.casalemedia.com%2Frum%3Fcm_dsp_id%3D64%...
  • https://r.casalemedia.com/rum?cm_dsp_id=64&external_user_id=118381f6-8542-441e-8997-93e63d54d767-6555f875-4348&gdpr=0&gdpr_consent=
43 B
552 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.casalemedia.com/rum?cm_dsp_id=64&external_user_id=118381f6-8542-441e-8997-93e63d54d767-6555f875-4348&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Nov 2023 11:09:42 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xljJeq3aIIVf27IvNVpZn%2FpUb%2B62Km1fIFaTOGYqOZ7w%2B%2BENs43IgdlxLJqute9JVuOnuedyN8gf0Qg9phOYPXjjOhWk6VK%2BlA%2FPs79KJYgZZpzCJMvet1Pisz4%2FYbM3MjCP"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
826f488678a60229-ZRH
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

date
Thu, 16 Nov 2023 11:09:42 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin
*
location
https://r.casalemedia.com/rum?cm_dsp_id=64&external_user_id=118381f6-8542-441e-8997-93e63d54d767-6555f875-4348&gdpr=0&gdpr_consent=
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sync
ads.servenobid.com/ Frame 60FB 		0
357 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=333&uid=ZVX4btzE3ScfCHXUwhjfswAAFHUAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.212.105.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-212-105-38.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 11:09:41 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
sync
pippio.com/api/ Frame B068
Redirect Chain
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZVX4btzE3ScfCHXUwhjfswAA%265237&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
  • https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZVX4btzE3ScfCHXUwhjfswAA%265237&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=61f9850ba7034904a6a79668bd7d6ffa
  • https://pippio.com/api/sync?pid=710914&_=2&it=4&it=4&it=4&iv=cd8996eced116af71651e4eedd6865840605caf0e6b0219d0a43ded30f06bb93
0
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pippio.com/api/sync?pid=710914&_=2&it=4&it=4&it=4&iv=cd8996eced116af71651e4eedd6865840605caf0e6b0219d0a43ded30f06bb93
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Server
107.178.254.65 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
65.254.178.107.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 11:09:42 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0

Redirect headers

Location
https://pippio.com/api/sync?pid=710914&_=2&it=4&it=4&it=4&iv=cd8996eced116af71651e4eedd6865840605caf0e6b0219d0a43ded30f06bb93
Date
Thu, 16 Nov 2023 11:09:41 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
0
Request-Time
3
ZVX4btzE3ScfCHXUwhjfswAAFHUAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame B068 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/ZVX4btzE3ScfCHXUwhjfswAAFHUAAAAB?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.17.168.131 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-17-168-131.eu-west-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 11:09:40 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
crum
dsum-sec.casalemedia.com/ Frame B068
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=500845215933131403
43 B
734 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=500845215933131403
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Nov 2023 11:09:41 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E3OtoXCb86KIBBGQD0oIpWPpG4Pb6cPY41pkZMsLE1BUVOKcEDp%2FeqvLRT849WUuUpG9XIum59HpUxcGR1kBouRihYhvXPAPXYjb20YVIC1CBe0uv%2BCoAcb4h5QEEfMZTpl%2F%2BqlCff9ayg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
826f487d182d01df-ZRH
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 16 Nov 2023 11:09:41 GMT
an-x-request-uuid
d349f77d-c63b-4bfd-8a70-c5412b3fb7a6
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=500845215933131403
x-proxy-origin
178.197.248.23; 178.197.248.23; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame B068
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ie
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAHXxE7Kq_EAABTv7sfYQQ&expiration=1701342581
43 B
733 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAHXxE7Kq_EAABTv7sfYQQ&expiration=1701342581
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Nov 2023 11:09:41 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Bd3e8kWzRNltAqfe3ixhqImWF5eclNS8MXArPtxbawUeUoLjVcrg4km7okHiqL3QMpvRM1No7gw0h3GErAoKB6Iw9bB2ebgNckshkCumaPDyq5ZybD%2FxpZbWJYt%2Fvh3%2BwaRFTIWQ8ZY4MQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
826f487e7aa101df-ZRH
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAHXxE7Kq_EAABTv7sfYQQ&expiration=1701342581
Date
Thu, 16 Nov 2023 11:09:41 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
usermatchredir
ssum-sec.casalemedia.com/ Frame B068
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZVX4btzE3ScfCHXUwhjfswAAFHUAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESENj41yeJ4fJ2W4FQNdauhEw&google_cver=1
43 B
736 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESENj41yeJ4fJ2W4FQNdauhEw&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Nov 2023 11:09:41 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wsOJqdyo1giE%2BXRbr1am24yr4iRFa7hvum%2FwQHfHDJfCX6K68ZOfVbiUV5jZz4sCTj%2FtDxe3h83qwv%2F2fWZTxhXRyLvSmfSV%2Fpa5sHWvLhbzoJMw9p7dcsKdZg8rgVDsUN93QxseZXwW3A%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
826f487ffd2f01df-ZRH
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 16 Nov 2023 11:09:41 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESENj41yeJ4fJ2W4FQNdauhEw&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame B068
Redirect Chain
  • https://sync.adotmob.com/cookie/indexexchange?gdpr=&gdpr_consent=&r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7Bamob_user_id%7D%26expiration%3D%5BEXPIRATI...
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&expiration=%5BEXPIRATION%5D&gdprConsent=
43 B
730 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&expiration=%5BEXPIRATION%5D&gdprConsent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Nov 2023 11:09:41 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=crykGFxSiySgaLF20HigLlZ3OE9LAONilhJxOQ06WOem4EBMaHQUfy9dZzlInFnJXi5IXbmwKQLie%2BOyRZcI2BnA1EQVcaO1q0VIWe6kav03HQt5lLS2XMiznA6LLEV0ABHOJnmjDvZymQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
826f487f9c7c01df-ZRH
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&expiration=%5BEXPIRATION%5D&gdprConsent=
date
Thu, 16 Nov 2023 11:09:41 GMT
access-control-allow-credentials
true
x-powered-by
Express
keep-alive
timeout=5
vary
Origin
content-length
0
crum
dsum-sec.casalemedia.com/ Frame B068
Redirect Chain
  • https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=
43 B
736 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Nov 2023 11:09:42 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RrTYWDCKGuMVLQKZYKYvo3zRIkX%2Bq2%2BCpClrf6qapuTnQWWMxHGxSngiphkaek3m6dLGNU1o2P60Y5%2F9KkSvQncw74pnLBIgqqkwCA0mIh%2B7ppA45xnqYyYXZPFydu4inljXJInRfTC2Ew%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
826f488248c801df-ZRH
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=
Pragma
no-cache
Date
Thu, 16 Nov 2023 11:09:41 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Content-Length
95
Content-Type
text/html; charset=utf-8
rum
dsum-sec.casalemedia.com/ Frame B068
Redirect Chain
  • https://csync.loopme.me/?pubid=11466&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=f194886c-a459-4bca-b87e-fa585f8f6de2&gpp_sid=null&gpp=null&us_privacy=null&gdpr_consent=null&gdpr=null
43 B
740 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=f194886c-a459-4bca-b87e-fa585f8f6de2&gpp_sid=null&gpp=null&us_privacy=null&gdpr_consent=null&gdpr=null
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Nov 2023 11:09:41 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3ZXkC7vyEK0gHYo1v0ZhyeOcQKojjE%2B4jB6vnlqHDJjBeYEQVwQAqc89BEqoB4XI69m0mknY3tgx3wFpSssQKs%2BXRr%2BnjcU%2FJpr5YG%2Ft19JzOgO7RW8nEZ6MiUrziG%2B0D3meI%2Fs%2BvqIIoQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
826f487ffd2d01df-ZRH
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=f194886c-a459-4bca-b87e-fa585f8f6de2&gpp_sid=null&gpp=null&us_privacy=null&gdpr_consent=null&gdpr=null
date
Thu, 16 Nov 2023 11:09:41 GMT
server
_
content-length
0
htw-pixel.gif
cdn.indexww.com/ht/ Frame B068 		43 B
252 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?ZVX4btzE3ScfCHXUwhjfswAA%265237
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.149.180 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 11:09:41 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
30251
etag
"761e21-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
826f487ce9f024c0-ZRH
content-length
43
expires
Fri, 17 Nov 2023 11:09:41 GMT
sync
ads.servenobid.com/ Frame 06DD 		0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=317&uid=1022322488938986752&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.212.105.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-212-105-38.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 11:09:40 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
/
rtb-csync.smartadserver.com/redir/ Frame 06DD
Redirect Chain
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=76&partneruserid=GOOGLE_HOSTED_SI&redirurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsmartrtb_dbm%26google_cm%26google_sc...
  • https://cm.g.doubleclick.net/pixel?google_nid=smartrtb_dbm&google_cm&google_sc&google_hm=MTAyMjMyMjQ4ODkzODk4Njc1Mg==&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEFtILp1V2GFKdwBJi0JP504&gdpr=0&gdpr_consent=&google_cver=1
43 B
361 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEFtILp1V2GFKdwBJi0JP504&gdpr=0&gdpr_consent=&google_cver=1
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Server
185.86.139.93 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 16 Nov 2023 11:09:41 GMT
cache-control
no-cache,no-store
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma
no-cache
date
Thu, 16 Nov 2023 11:09:41 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEFtILp1V2GFKdwBJi0JP504&gdpr=0&gdpr_consent=&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
345
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
rtb-csync.smartadserver.com/redir/ Frame 06DD
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=10&sspurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D22%26partneruserid%3DYOUR_USER_ID&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=22&partneruserid=4296390461623842244&gdpr=0&gdpr_consent=
43 B
350 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=22&partneruserid=4296390461623842244&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Server
185.86.139.93 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 16 Nov 2023 11:09:41 GMT
cache-control
no-cache,no-store
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma
no-cache
date
Thu, 16 Nov 2023 11:09:41 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=22&partneruserid=4296390461623842244&gdpr=0&gdpr_consent=
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame 06DD
Redirect Chain
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=134&partneruserid=OB_OK&redirurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsmart_adserver_eb%26google_hm%3DSMART_USER_ID_...
  • https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_hm=MTAyMjMyMjQ4ODkzODk4Njc1Mg==&gdpr=0&gdpr_consent=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_hm=MTAyMjMyMjQ4ODkzODk4Njc1Mg==&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H3
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Nov 2023 11:09:41 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_hm=MTAyMjMyMjQ4ODkzODk4Njc1Mg==&gdpr=0&gdpr_consent=
pragma
no-cache
date
Thu, 16 Nov 2023 11:09:41 GMT
cache-control
no-cache,no-store
content-length
0
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
/
rtb-csync.smartadserver.com/redir/ Frame 06DD
Redirect Chain
  • https://sync.1rx.io/usersync2/smartadserver?gdpr=0&gdpr_consent=
  • https://ad.turn.com/r/cs?pid=45&rndcb=7834643693
  • https://sync.1rx.io/usersync/turn/8424738387417696243?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-1e642822-578c-4c31-9f7e-c461572976c2-003?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fpartnerid%3D113%26partneruserid%3DRX-1e642822-5...
  • https://rtb-csync.smartadserver.com/redir/?partnerid=113&partneruserid=RX-1e642822-578c-4c31-9f7e-c461572976c2-003
43 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=113&partneruserid=RX-1e642822-578c-4c31-9f7e-c461572976c2-003
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Server
185.86.139.93 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 16 Nov 2023 11:09:41 GMT
cache-control
no-cache,no-store
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

location
https://rtb-csync.smartadserver.com/redir/?partnerid=113&partneruserid=RX-1e642822-578c-4c31-9f7e-c461572976c2-003
date
Thu, 16 Nov 2023 11:09:42 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX1e642822578c4c319f7ec461572976c2003
content-type
text/html
sodar
pagead2.googlesyndication.com/pagead/ Frame C29A 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202311090101&jk=2881380289823243&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/huang-zi-jiao-xia-biao-zao-qu-xiao-ding-dan-bei-mai-jia-yao-qiu-zhong-ding-yi-kan-jie-qian-zhang-5bei-zhen-de-you-dian-guo-huo.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
/
track.adform.net/adfserve/ Frame 9326 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfserve/?CC=1&bn=66923274;rtbwp=BCEE3F9130A56961;rtbdata=hAxtzyjYKd_C6hKhR1NLv-E0nr5e6MRHl6NisnqPJ5KebmIOlerPH7ZHmuUYXv7bf-pnVStFmnN0Zxk_viZ5aLOPs15HlbU0fir2436mV1bPZuuJDArjiM9NmQqbe6gZyqLfjJG1F8LbhvCEIMVFhZlkfych4hZI9VbzYw3tmzrSyapRn6d62CK-FrR29mhIoxzemDu0Q3fJ4n9O5t0IdCl9OhsYcUR17FO1hAlZdsvA41ylanR56WScaBh6rtCDv5FTk8G4x54sbOKfgecpXeEYjG_N21jOnGUIBPPUN2mPOFniYvy3OroeDehiJxP16R7UzS-NJGniH-f8xpRkzahY_zJp1rn7GO2DzdV9Q5NU-rh9SZR-zGjaWJPaE6InEiIfYSqsStTAvO8molaN6d96MaC3lux9nkibjpk2krfkhszg31y2U9XGBrJrSoRDf5Q_yH46D8DXVeRygR7ZPeyk21BazGM4iqYzEXZ90qPDeIjrSAcYFw2;;oobclicktrack=https%3a%2f%2fbeacon-nf.rubiconproject.com%2fbeacon%2fv3%2ft%2fams3%2f0%2f6cfb3b4a-7c6a-4764-84a7-00f6fdf9e5d8%2f;js=1;adfxid=1x;9434;set=en-US|en-US|1600X1200|0|750|100|24|8|3|7|0|0;fd=0|2&CREFURL=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhuang-zi-jiao-xia-biao-zao-qu-xiao-ding-dan-bei-mai-jia-yao-qiu-zhong-ding-yi-kan-jie-qian-zhang-5bei-zhen-de-you-dian-guo-huo.html
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.228 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
07bbebd59e313af27f217a7b805716c87cf554d6efca2bab2af7723d21809c88
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Nov 2023 11:09:41 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
2870
expires
-1
usync.js
eus.rubiconproject.com/ Frame 6187 		46 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-22-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
8d21e83361177be307d7954587f4b3cc9627ba5f7028dc4bf930d81daa356174

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 16 Nov 2023 11:09:41 GMT
Content-Encoding
gzip
Last-Modified
Wed, 15 Nov 2023 15:20:13 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=15052
Connection
keep-alive
Content-Length
13230
Expires
Thu, 16 Nov 2023 15:20:33 GMT
csi
csi.gstatic.com/ Frame 4FA7 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~lp13a2ls&c=1789034463196&slotId=894517231598&ghmsh_eids=44715336%2C44772139%2C44777649%2C44781409%2C44801480%2C44802074%2C44802463%2C44804291%2C44804615%2C44804617&vast_v=4.0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.26.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bom05s09-in-f3.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Nov 2023 11:09:41 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel.gif
ad.vidverto.io/vidverto/test/ Frame 4FA7 		42 B
175 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/vidverto/test/pixel.gif
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.132.133.134 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-132-133-134.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 11:09:41 GMT
last-modified
Mon, 26 Oct 2020 16:14:05 GMT
server
nginx/1.14.0 (Ubuntu)
accept-ranges
bytes
etag
"5f96f5cd-2a"
content-length
42
content-type
image/gif
csi
csi.gstatic.com/ Frame 4FA7 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=3~lp13a3v7&c=1789034463196&slotId=894517231598&faa=1
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.26.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bom05s09-in-f3.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Nov 2023 11:09:41 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel.gif
ad.vidverto.io/vidverto/test/ Frame 4FA7 		42 B
174 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/vidverto/test/pixel.gif
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.132.133.134 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-132-133-134.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 11:09:41 GMT
last-modified
Mon, 26 Oct 2020 16:14:05 GMT
server
nginx/1.14.0 (Ubuntu)
accept-ranges
bytes
etag
"5f96f5cd-2a"
content-length
42
content-type
image/gif
pixel.gif
ad.vidverto.io/vidverto/test/ Frame 4FA7 		42 B
174 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/vidverto/test/pixel.gif
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.132.133.134 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-132-133-134.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 11:09:41 GMT
last-modified
Mon, 26 Oct 2020 16:14:05 GMT
server
nginx/1.14.0 (Ubuntu)
accept-ranges
bytes
etag
"5f96f5cd-2a"
content-length
42
content-type
image/gif
pixel.gif
ad.vidverto.io/vidverto/test/ Frame 4FA7 		42 B
174 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/vidverto/test/pixel.gif
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.132.133.134 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-132-133-134.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 11:09:41 GMT
last-modified
Mon, 26 Oct 2020 16:14:05 GMT
server
nginx/1.14.0 (Ubuntu)
accept-ranges
bytes
etag
"5f96f5cd-2a"
content-length
42
content-type
image/gif
pixel.gif
ad.vidverto.io/vidverto/test/ Frame 4FA7 		42 B
174 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/vidverto/test/pixel.gif
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.132.133.134 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-132-133-134.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 11:09:41 GMT
last-modified
Mon, 26 Oct 2020 16:14:05 GMT
server
nginx/1.14.0 (Ubuntu)
accept-ranges
bytes
etag
"5f96f5cd-2a"
content-length
42
content-type
image/gif
pixel.gif
ad.vidverto.io/vidverto/test/ Frame 4FA7 		42 B
174 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/vidverto/test/pixel.gif
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.132.133.134 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-132-133-134.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 11:09:41 GMT
last-modified
Mon, 26 Oct 2020 16:14:05 GMT
server
nginx/1.14.0 (Ubuntu)
accept-ranges
bytes
etag
"5f96f5cd-2a"
content-length
42
content-type
image/gif
csi
csi.gstatic.com/ Frame 4FA7 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=4~lp13a3vj&c=1789034463196&slotId=894517231598&nlc=1&nlrh=0&nlri=0&nlrs=1&nlru=0&nlrhc=false&wta=1
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.26.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bom05s09-in-f3.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Nov 2023 11:09:41 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
track
t.teads.tv/ Frame AE17 		23 B
134 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.teads.tv/track?action=adCall&pid=169092&pageId=154680&auctid=a47ef0db-25e0-4f94-81af-19922be34ec7_41c71f8a-9c4e-493a-8dfc-1ddc38e617eb&vid=e749febd-847a-46f3-ae87-f65a1c76e7b9&hb_provider=prebid&hb_ad_unit_code=ADP_42753_728X250_77a9c22f-ac02-45dd-96bc-b0896a8a7d5a&env=js-web&gtc=1&gdpr_apply=false&gac=1&gap=1&ca=false&bsg=uncat&bsias=uncat&pfid=68&gid=1076044&sid=174681&brid=7119&cid=1139714&rpm_reason=3&ut=1&p=HMHpCLtiUz4px0Fryu3LJBNeUaHy-5ogOotMCp4pogZtRVBUss8Bm5j38jJjC-Iardc&cts=1700132973096&cs=-766654375246833854905&slot=native&fv=1288&ts=1700132981168&plft=flv&hb_w=728&hb_h=90&referer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhuang-zi-jiao-xia-biao-zao-qu-xiao-ding-dan-bei-mai-jia-yao-qiu-zhong-ding-yi-kan-jie-qian-zhang-5bei-zhen-de-you-dian-guo-huo.html
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/huang-zi-jiao-xia-biao-zao-qu-xiao-ding-dan-bei-mai-jia-yao-qiu-zhong-ding-yi-kan-jie-qian-zhang-5bei-zhen-de-you-dian-guo-huo.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.161.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-161-51.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Sat, 26 Jul 1997 05:00:00 GMT
date
Thu, 16 Nov 2023 11:09:41 GMT
cache-control
max-age=0, no-cache, no-store
content-length
23
content-type
image/gif
pixel
cm.g.doubleclick.net/ Frame EEE2
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABi9fSieDBFX19xk-PXYiqOH1TTbdkL5X4OA
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABi9fSieDBFX19xk-PXYiqOH1TTbdkL5X4OA
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H3
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Nov 2023 11:09:41 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABi9fSieDBFX19xk-PXYiqOH1TTbdkL5X4OA
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
img
sync.mathtag.com/sync/ Frame EEE2 		43 B
443 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D0%26gdpr_consent%3D
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.132.241 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MT3 1075 283b7e3 master zrh zrh-pixel-x25 config_version:"1369" /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 16 Nov 2023 11:09:41 GMT
Server
MT3 1075 283b7e3 master zrh zrh-pixel-x25 config_version:"1369"
Content-Type
image/gif
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
43
Expires
Thu, 16 Nov 2023 11:09:40 GMT
tap.php
pixel.rubiconproject.com/ Frame EEE2 		42 B
678 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=AMav111NabHvOyK5A3wtEK7Azazdyj1DoLAFcN-6NC8
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
4b510f0cc5fcbc9800016ef543086418
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
711916.gif
id.rlcdn.com/ Frame EEE2 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/711916.gif?ct=4&cv=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
ecm3
s.amazon-adsystem.com/ Frame EEE2
Redirect Chain
  • https://onetag-sys.com/match/?int_id=113&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=P7izp4317_tKBUmF2jkjgDBVxc2fEsy87MZ5HnKEOdA
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=P7izp4317_tKBUmF2jkjgDBVxc2fEsy87MZ5HnKEOdA
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 16 Nov 2023 11:09:41 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
GXZ60BJDT6M8DJXKH2DE
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=P7izp4317_tKBUmF2jkjgDBVxc2fEsy87MZ5HnKEOdA
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
generic
match.adsrvr.org/track/cmf/ Frame EEE2 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=0&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 11:09:41 GMT
server
Kestrel
content-length
70
content-type
image/gif
sync
ads.servenobid.com/ Frame EEE2 		0
364 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=318&uid=AMav111NabHvOyK5A3wtEK7Azazdyj1DoLAFcN-6NC8
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.212.105.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-212-105-38.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 11:09:41 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
iframe
sync.teads.tv/ Frame D011 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.teads.tv/iframe?pid=169092&fromFormat=true&env=js-web&hb_provider=prebid&auctid=a47ef0db-25e0-4f94-81af-19922be34ec7_86b8abf0-5054-4ede-94d0-97be783571fe&viewerId=e749febd-847a-46f3-ae87-f65a1c76e7b9
Requested by
Host: a.teads.tv
URL: https://a.teads.tv/media/flavors/native.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.97.41 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-16-97-41.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.0 /
Resource Hash
87d8ca2fb4873aab80c639cc801e6482a11c9259dfa81609ba8f0d6a7774f63b

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
date
Thu, 16 Nov 2023 11:09:41 GMT
expires
Thu, 16 Nov 2023 11:09:41 GMT
pragma
no-cache
server
pekko-http/1.0.0
vary
Accept-Encoding
track
t.teads.tv/ Frame 3EBE 		23 B
134 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.teads.tv/track?action=adAvailable-success&gid=1098415&sid=174681&env=js-web&auctid=a47ef0db-25e0-4f94-81af-19922be34ec7_86b8abf0-5054-4ede-94d0-97be783571fe&pageId=154680&pid=169092&hb_provider=prebid&vid=e749febd-847a-46f3-ae87-f65a1c76e7b9&pfid=68&f=1&slot=native&fv=1288&ts=1700132981178&plft=flv&hb_w=728&hb_h=90&referer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhuang-zi-jiao-xia-biao-zao-qu-xiao-ding-dan-bei-mai-jia-yao-qiu-zhong-ding-yi-kan-jie-qian-zhang-5bei-zhen-de-you-dian-guo-huo.html
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/huang-zi-jiao-xia-biao-zao-qu-xiao-ding-dan-bei-mai-jia-yao-qiu-zhong-ding-yi-kan-jie-qian-zhang-5bei-zhen-de-you-dian-guo-huo.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.161.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-161-51.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Sat, 26 Jul 1997 05:00:00 GMT
date
Thu, 16 Nov 2023 11:09:41 GMT
cache-control
max-age=0, no-cache, no-store
content-length
23
content-type
image/gif
performance-image-dco-facf32d3-740d-48bf-adf2-4048ed2453eb.jpg
s8t.teads.tv/creative-e7ab6051-78c6-11ee-b1b1-1b6012379357/ Frame 2A19 		174 KB
175 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s8t.teads.tv/creative-e7ab6051-78c6-11ee-b1b1-1b6012379357/performance-image-dco-facf32d3-740d-48bf-adf2-4048ed2453eb.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/huang-zi-jiao-xia-biao-zao-qu-xiao-ding-dan-bei-mai-jia-yao-qiu-zhong-ding-yi-kan-jie-qian-zhang-5bei-zhen-de-you-dian-guo-huo.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.97.41 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-16-97-41.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
d33dd352a622c15dc19cb9ba8202dccdeaaa64859acdb38eafb01eca72fac0c0

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 11:09:41 GMT
x-amz-request-id
DMXR2BT53GW8Q5ZJ
x-amz-server-side-encryption
AES256
content-length
178620
x-amz-id-2
2JF4QWJ7QoM0sP/PimVjt+cpwpLsOtkQIU1uk+yZQwScNQw0TbyWZtpXhBWVY8acgShammGZ3Ow=
last-modified
Wed, 01 Nov 2023 14:59:40 GMT
server
AmazonS3
etag
"1a30b6984990689cb83a43a171586ed1"
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
access-control-allow-origin
*
cache-control
max-age=31540000
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
expires
Fri, 15 Nov 2024 12:16:21 GMT
track
t2.teads.tv/ Frame 3EBE 		23 B
134 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t2.teads.tv/track?action=impression&vid=e749febd-847a-46f3-ae87-f65a1c76e7b9&gid=1098415&studio_cid=e7ab6051-78c6-11ee-b1b1-1b6012379357&piv=100&ut=1&hb_provider=prebid&psid=415253&auctid=a47ef0db-25e0-4f94-81af-19922be34ec7_86b8abf0-5054-4ede-94d0-97be783571fe&pscid=20204&scid=7024&pfid=68&mediaFileType=js&sid=174681&env=js-web&hb_ad_unit_code=ADP_42753_728X250_77a9c22f-ac02-45dd-96bc-b0896a8a7d5a&cts=1700132980046&cid=1159743&pid=169092&erevenue=NIW_frVhv-4ZV1P7DwtaLp6d&erevenue_curr=CHF&fms=9&p=fNgrXm05b7-8zpKW2Ot5HF-4kYJXN9MgDX4WkI3V3WL2qXpwIxT17uC4onmWBLDpVgy0RdALOlQjABJkOnLXmyZx7utjuSEq5WS8Otx5eQPLFmUISLrnXEUlJ6IIa95BLHBgCNabrhR5-hplzSmuOVm0imD9aKGlpyqDTaCpCQl0IkbTivstmg6ujPOJeJFzr_sje5KdtwbF_KdTI2d3aUTB0L81C_RW3tXmxkgIxqfrfjYTCzD6nCVkiYUpu5XEpiTCytnsXS9BksDL3dnClnkjbmpbtCT1YLudeRgTquSjmwVqqawYGtq0SiQ4fxibQaKsznJiWTJ7KVWIOlb2NyFHSTXhmCnf-1ok0MXJG_LxmA&cs=347100082367134096305&slot=native&fv=1288&ts=1700132981221&plft=flv&hb_w=728&hb_h=90&referer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhuang-zi-jiao-xia-biao-zao-qu-xiao-ding-dan-bei-mai-jia-yao-qiu-zhong-ding-yi-kan-jie-qian-zhang-5bei-zhen-de-you-dian-guo-huo.html
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/huang-zi-jiao-xia-biao-zao-qu-xiao-ding-dan-bei-mai-jia-yao-qiu-zhong-ding-yi-kan-jie-qian-zhang-5bei-zhen-de-you-dian-guo-huo.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.161.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-161-51.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Sat, 26 Jul 1997 05:00:00 GMT
date
Thu, 16 Nov 2023 11:09:41 GMT
cache-control
max-age=0, no-cache, no-store
content-length
23
content-type
image/gif
B30649609.380086671;dc_pre=CIKLrfOwyIIDFaeJ_QcdOxcMOQ;dc_trk_aid=570662925;dc_trk_cid=203460367;ord=1700132980045;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_cons...
ad.doubleclick.net/ddm/trackimp/N1595888.2664817TEADSCH/ Frame 3EBE
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N1595888.2664817TEADSCH/B30649609.380086671;dc_trk_aid=570662925;dc_trk_cid=203460367;ord=1700132980045;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tf...
  • https://ad.doubleclick.net/ddm/trackimp/N1595888.2664817TEADSCH/B30649609.380086671;dc_pre=CIKLrfOwyIIDFaeJ_QcdOxcMOQ;dc_trk_aid=570662925;dc_trk_cid=203460367;ord=1700132980045;dc_lat=;dc_rdid=;ta...
42 B
118 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/ddm/trackimp/N1595888.2664817TEADSCH/B30649609.380086671;dc_pre=CIKLrfOwyIIDFaeJ_QcdOxcMOQ;dc_trk_aid=570662925;dc_trk_cid=203460367;ord=1700132980045;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=;dc_tdv=1?
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/huang-zi-jiao-xia-biao-zao-qu-xiao-ding-dan-bei-mai-jia-yao-qiu-zhong-ding-yi-kan-jie-qian-zhang-5bei-zhen-de-you-dian-guo-huo.html
Protocol
H2
Server
172.217.18.6 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f6.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Nov 2023 11:09:41 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 16 Nov 2023 11:09:41 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ad.doubleclick.net/ddm/trackimp/N1595888.2664817TEADSCH/B30649609.380086671;dc_pre=CIKLrfOwyIIDFaeJ_QcdOxcMOQ;dc_trk_aid=570662925;dc_trk_cid=203460367;ord=1700132980045;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=;dc_tdv=1?
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
follow-only-when-prerender-shown
1
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame 2A19 		669 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
35463ce93e7c820faa404db98d939ff640ae78ca0e29be043861853c9e07c586

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
pixel.gif
ad.vidverto.io/vidverto/test/ Frame 4FA7 		42 B
174 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/vidverto/test/pixel.gif
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.132.133.134 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-132-133-134.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 11:09:41 GMT
last-modified
Mon, 26 Oct 2020 16:14:05 GMT
server
nginx/1.14.0 (Ubuntu)
accept-ranges
bytes
etag
"5f96f5cd-2a"
content-length
42
content-type
image/gif
img
sync.mathtag.com/sync/ Frame CC49 		43 B
443 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D1%26gdpr_consent%3D
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1700132976870
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.132.241 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MT3 1075 283b7e3 master zrh zrh-pixel-x11 config_version:"1369" /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 16 Nov 2023 11:09:41 GMT
Server
MT3 1075 283b7e3 master zrh zrh-pixel-x11 config_version:"1369"
Content-Type
image/gif
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
43
Expires
Thu, 16 Nov 2023 11:09:40 GMT
pixel
cm.g.doubleclick.net/ Frame CC49
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABi9fSizt6dHOwGlhtpi5TioZh2LbIQBKB5g
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABi9fSizt6dHOwGlhtpi5TioZh2LbIQBKB5g
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1700132976870
Protocol
H3
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Nov 2023 11:09:41 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABi9fSizt6dHOwGlhtpi5TioZh2LbIQBKB5g
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
ecm3
s.amazon-adsystem.com/ Frame CC49
Redirect Chain
  • https://onetag-sys.com/match/?int_id=113&gdpr=1&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=P7izp4317_tKBUmF2jkjgDBVxc2fEsy87MZ5HnKEOdA
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=P7izp4317_tKBUmF2jkjgDBVxc2fEsy87MZ5HnKEOdA
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1700132976870
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 16 Nov 2023 11:09:41 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
6TM1B377A1N4MQJSG4XJ
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=P7izp4317_tKBUmF2jkjgDBVxc2fEsy87MZ5HnKEOdA
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
generic
match.adsrvr.org/track/cmf/ Frame CC49 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1700132976870
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 11:09:41 GMT
server
Kestrel
content-length
70
content-type
image/gif
tap.php
pixel.rubiconproject.com/ Frame CC49 		42 B
678 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=1U8f_bMO6uk-n_MBm8QsGzmFvhxCtZeq_8QGBmLQ_dE
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1700132976870
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
4b510f0cc5fcbc9800016ef543086418
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
sync
ssbsync-global.smartadserver.com/api/ Frame CC49 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=1&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid]
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1700132976870
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.93 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 11:09:41 GMT
content-length
0
711916.gif
id.rlcdn.com/ Frame CC49 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/711916.gif?ct=4&cv=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1700132976870
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
occ
ups.analytics.yahoo.com/ups/58488/ Frame CC49 		0
38 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1700132976870
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-75-62-37.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.87 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 11:09:41 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
usersync
usersync.gumgum.com/ Frame E34F
Redirect Chain
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID
  • https://usersync.gumgum.com/usersync?b=apn&i=500845215933131403
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=apn&i=500845215933131403
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 16 Nov 2023 11:09:42 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

pragma
no-cache
date
Thu, 16 Nov 2023 11:09:41 GMT
an-x-request-uuid
c7a8feee-68c0-4d67-9af1-4167c0d7299b
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://usersync.gumgum.com/usersync?b=apn&i=500845215933131403
x-proxy-origin
178.197.248.23; 178.197.248.23; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame E34F
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_9d726155-dce4-4d7f-b50a-496a4d8438bc&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://u.ipw.metadsp.co.uk/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2&bsw_user_id=${BSW_USER_UD}&bsw_param=9fda2ccc-c830-446d-93e5-b2b049761564&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=1---
  • https://u.ipw.metadsp.co.uk/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2&bsw_user_id=${BSW_USER_UD}&bsw_param=9fda2ccc-c830-446d-93e5-b2b049761564&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=1---
  • https://x.bidswitch.net/sync?dsp_id=339&expires=14&gdpr=0&gdpr_consent=&user_group=1&user_id=dc3c1384-0302-4d38-99dd-0a9e2e8a8312&ssp=gumgum2&bsw_param=9fda2ccc-c830-446d-93e5-b2b049761564
  • https://usersync.gumgum.com/usersync?b=bsw&i=9fda2ccc-c830-446d-93e5-b2b049761564&gdpr=0&gdpr_consent=&us_privacy=
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=bsw&i=9fda2ccc-c830-446d-93e5-b2b049761564&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 16 Nov 2023 11:09:42 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
//usersync.gumgum.com/usersync?b=bsw&i=9fda2ccc-c830-446d-93e5-b2b049761564&gdpr=0&gdpr_consent=&us_privacy=
date
Thu, 16 Nov 2023 11:09:42 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
usersync
usersync.gumgum.com/ Frame E34F
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://usersync.gumgum.com/usersync?b=opx&i=8f827ad9-cf37-4959-9357-d1a0915d56cb
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=opx&i=8f827ad9-cf37-4959-9357-d1a0915d56cb
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 16 Nov 2023 11:09:42 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Thu, 16 Nov 2023 11:09:42 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://usersync.gumgum.com/usersync?b=opx&i=8f827ad9-cf37-4959-9357-d1a0915d56cb
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
usersync
usersync.gumgum.com/ Frame E34F
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sta&i=0-8d088009-e5eb-4ede-5f07-e3c376857bf2$cell
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sta&i=0-8d088009-e5eb-4ede-5f07-e3c376857bf2$cell
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 16 Nov 2023 11:09:42 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=sta&i=0-8d088009-e5eb-4ede-5f07-e3c376857bf2$cell
Date
Thu, 16 Nov 2023 11:09:42 GMT
Connection
keep-alive
Content-Length
115
Content-Type
text/html; charset=utf-8
usersync
usersync.gumgum.com/ Frame E34F
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=oth&i=y-Z5MDfmNE2pdcEW6YUdmewv7GWAQNlKMHw_T7~A
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=oth&i=y-Z5MDfmNE2pdcEW6YUdmewv7GWAQNlKMHw_T7~A
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 16 Nov 2023 11:09:42 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Thu, 16 Nov 2023 11:09:42 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://usersync.gumgum.com/usersync?b=oth&i=y-Z5MDfmNE2pdcEW6YUdmewv7GWAQNlKMHw_T7~A
content-length
0
usersync
usersync.gumgum.com/ Frame E34F
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fuser...
  • https://usersync.gumgum.com/usersync?b=vnt&i=443381ad-be1b-4ff1-8521-3fb3045f3de8
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=vnt&i=443381ad-be1b-4ff1-8521-3fb3045f3de8
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 16 Nov 2023 11:09:42 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=vnt&i=443381ad-be1b-4ff1-8521-3fb3045f3de8
Date
Thu, 16 Nov 2023 11:09:42 GMT
Connection
keep-alive
X-CI-RTID
b27539a6-6c35-4c05-86c8-8dc794b2f465
Content-Length
108
Content-Type
text/html; charset=utf-8
142
match.deepintent.com/usersync/ Frame E34F 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.8 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
a /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 11:09:42 GMT
content-length
0
server
a
usersync
usersync.gumgum.com/ Frame E34F
Redirect Chain
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_9d726155-dce4-4d7f-b50a-496a4d8438bc&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__
  • https://b1sync.zemanta.com/usersync/gumgum/?cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__&gdpr=0&gdpr_consent=&puid=e_9d726155-dce4-4d7f-b50a-496a4d8438bc&s=2&us_privacy=...
  • https://usersync.gumgum.com/usersync?b=zem&i=CsLcpeFZxukIyenoxtIY&gdpr=0&us_privacy=1---
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=zem&i=CsLcpeFZxukIyenoxtIY&gdpr=0&us_privacy=1---
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 16 Nov 2023 11:09:42 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
Date
Thu, 16 Nov 2023 11:09:42 GMT
Content-Type
text/html; charset=utf-8
Location
https://usersync.gumgum.com/usersync?b=zem&i=CsLcpeFZxukIyenoxtIY&gdpr=0&us_privacy=1---
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
123
Expires
Thu, 01 Dec 1994 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame E34F
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
  • https://usersync.gumgum.com/usersync?b=pln&i=LT3Ny37GwtSv&ev=1&pid=558355
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=pln&i=LT3Ny37GwtSv&ev=1&pid=558355
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 16 Nov 2023 11:09:42 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
de-CH
location
https://usersync.gumgum.com/usersync?b=pln&i=LT3Ny37GwtSv&ev=1&pid=558355
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-6b57df6cd5-qk6sm
expires
-1
usersync
usersync.gumgum.com/ Frame E34F
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sad&i=1022322488938986752
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sad&i=1022322488938986752
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 16 Nov 2023 11:09:42 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=sad&i=1022322488938986752
date
Thu, 16 Nov 2023 11:09:41 GMT
content-length
0
sync
ads.servenobid.com/ Frame E34F 		0
358 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=309&uid=e_9d726155-dce4-4d7f-b50a-496a4d8438bc
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.212.105.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-212-105-38.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 11:09:42 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
drop_cookie_sw.php
csync.smilewanted.com/ Frame 7A66 		0
346 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/drop_cookie_sw.php
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
826f487fb8e30e1a-MXP
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 16 Nov 2023 11:09:41 GMT
server
cloudflare
vary
Accept-Encoding
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 98DA 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f1.1e100.net
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
38859
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 16 Nov 2023 00:22:02 GMT
expires
Fri, 15 Nov 2024 00:22:02 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
pagead2.googlesyndication.com/bg/ Frame 3489 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
sffe /
Resource Hash
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 09:57:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
4341
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15296
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 16:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 15 Nov 2024 09:57:20 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame AE17 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsswTK4rUN7esesk0DuxE31SDvYx6LK4pt6hBn4_AYyQxT2HH8ubRmkvNmcbpEe_R6yP0JvNTI3ANXoD9RJqhD52-ZiHZjw2YbZX3U_-L7rdVK_cvB6qUuyKKNOPjmudZWIUoyw-M5ueOs1Xa5Q0wX5YmsDoqCzgODKXW-llv6pYycc1btIWqT0BVnMISmYiySNcD2YTdzrPoyRphsGEx4mH8vEi1dQoS0fv9_rzPHZ1DrXhYM4hj_diRPR_AswOqoLRind4YD8i_65ExAiXzrj02t_a30PZayl--_TWhqZbooNGYD43Ts8k5O0JLrdMAvPNGI7GqIfWYPLuMwHLjF_pdjucRihDDWk&sai=AMfl-YQjZkM6Dnwt2sIBA7FVKeVZ9UNErZRQPWAYQ4D9qi_HXPcD8npRajTfSxPPqOEPSQFube3i1KCJIM8Iu4zhNnUCtTUTtKK8e_sxeqFO8DRXsBCnT9vQkyaaEA9YHnE&sig=Cg0ArKJSzFLg0-sd6Ew3EAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 11:09:41 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 16 Nov 2023 11:09:41 GMT
truncated
/ 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f94611f7a8ded4e97166e42539e2559b0ed5b4454f6dc1a0f0ef29410e54c20c

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
PugMaster
image6.pubmatic.com/AdServer/ Frame 598D 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=15353580&p=162412&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1YN-
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
0c4175a1c0a4f94d269222c6a1fcbc076014834b21113fd5d1e14dbca3c0f550

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Thu, 16 Nov 2023 11:09:41 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cs
cs.yellowblue.io/ Frame 9E21
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=3663&gdpr=0&gdpr_consent=
  • https://cs.yellowblue.io/cs?aid=11601&id=b66f21b54857ce7ad1d8d01265367bc&gdpr_consent=&gdpr=0
0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.yellowblue.io/cs?aid=11601&id=b66f21b54857ce7ad1d8d01265367bc&gdpr_consent=&gdpr=0
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
54.171.40.33 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-171-40-33.eu-west-1.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 11:09:42 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

Pragma
no-cache
Date
Thu, 16 Nov 2023 11:09:41 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://cs.yellowblue.io/cs?aid=11601&id=b66f21b54857ce7ad1d8d01265367bc&gdpr_consent=&gdpr=0
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1700132981839044-361
v1
match.sharethrough.com/universal/ Frame 9E21 		0
34 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/universal/v1?supply_id=5926d422&gdpr=0&gdpr_consent=
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.28.38.5 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-38-5.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 11:09:41 GMT
pubmatic
um.simpli.fi/ Frame 9E21
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160295&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11576%26id%3D%23PMUID
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEIUZ9nAZfANXXa8siAXkIWk&google_cver=1
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
43 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
35.204.74.118 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
118.74.204.35.bc.googleusercontent.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 11:09:42 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Wed, 15 Nov 2023 11:09:42 GMT

Redirect headers

location
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
date
Thu, 16 Nov 2023 11:09:42 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
207
content-type
text/html; charset=utf-8
sync
ads.servenobid.com/ Frame 9E21 		0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=352&uid=83PWX3--Cp_s
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.212.105.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-212-105-38.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 11:09:42 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
async_usersync
ib.adnxs.com/ Frame DB2F 		0
596 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.12 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Nov 2023 11:09:41 GMT
an-x-request-uuid
421a92c7-7bb6-4483-a80c-d1f9537480b9
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
178.197.248.23; 178.197.248.23; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
cs
cs-rtb.minutemedia-prebid.com/ Frame 26F3
Redirect Chain
  • https://eb2.3lift.com/getuid?cmp_cs=&gdpr=0&ismms2s=1&redir=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21480%26id%3D%24UID
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21480%26id%3D%24UID
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21480&id=4067064112270208969257
0
485 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-rtb.minutemedia-prebid.com/cs?aid=21480&id=4067064112270208969257
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
18.66.112.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-58.fra56.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 11:09:42 GMT
via
1.1 ab985bb6f3435d42701015dfa6015878.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
FRA56-P5
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
x-cache
Miss from cloudfront
access-control-allow-credentials
true
x-envoy-upstream-service-time
4
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0
x-amz-cf-id
j1_JvSNGbL_tkg4DtDz9Wi2c_yxbG-KI6T98_0lR9yvomB9p4_YSmA==

Redirect headers

location
https://cs-rtb.minutemedia-prebid.com/cs?aid=21480&id=4067064112270208969257
date
Thu, 16 Nov 2023 11:09:42 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
cs
cs-rtb.minutemedia-prebid.com/ Frame 26F3
Redirect Chain
  • https://u.openx.net/w/1.0/cm?gdpr=0&gdpr_consent=&id=29975467-6f1b-4e06-b545-920b22ea49b2&ismms2s=1&r=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21477%26id%3D
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21477&id=e1e63cad-98b0-4e5b-8cb4-d8ba190edd68
0
484 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-rtb.minutemedia-prebid.com/cs?aid=21477&id=e1e63cad-98b0-4e5b-8cb4-d8ba190edd68
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
18.66.112.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-58.fra56.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 11:09:42 GMT
via
1.1 ab985bb6f3435d42701015dfa6015878.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
FRA56-P5
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
x-cache
Miss from cloudfront
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0
x-amz-cf-id
0Va0fxXXWOspl_ScicgkIeMb70m5SUpuk8KnjpapvQsvmYlZ70s12g==

Redirect headers

date
Thu, 16 Nov 2023 11:09:41 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://cs-rtb.minutemedia-prebid.com/cs?aid=21477&id=e1e63cad-98b0-4e5b-8cb4-d8ba190edd68
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
pixel
ap.lijit.com/ Frame 26F3 		0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&ismms2s=1&redir=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21488%26id%3D%24UID
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Thu, 16 Nov 2023 11:09:42 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap6ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
cs
cs-rtb.minutemedia-prebid.com/ Frame 26F3
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&ismms2s=1&p=161683&pu=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21482%26id%3D%23PMUID
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21482&id=0C12FB58-4C26-466B-B2C8-B7995E65D171
0
487 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-rtb.minutemedia-prebid.com/cs?aid=21482&id=0C12FB58-4C26-466B-B2C8-B7995E65D171
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
18.66.112.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-58.fra56.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 11:09:42 GMT
via
1.1 ab985bb6f3435d42701015dfa6015878.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
FRA56-P5
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
x-cache
Miss from cloudfront
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0
x-amz-cf-id
TDsj3PKfgWCA8BoIIrfjPRe9AmTlkvqIZHzPIemRH7ZmMLT2258wYg==

Redirect headers

location
https://cs-rtb.minutemedia-prebid.com/cs?aid=21482&id=0C12FB58-4C26-466B-B2C8-B7995E65D171
date
Thu, 16 Nov 2023 11:09:41 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
117
content-type
text/html; charset=utf-8
cs
cs-rtb.minutemedia-prebid.com/ Frame 26F3
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21476%26id%3D&ismms2s=1&s=196326
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21476&id=ZVX4btzE3ScfCHXUwhjfswAA%265237
0
486 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-rtb.minutemedia-prebid.com/cs?aid=21476&id=ZVX4btzE3ScfCHXUwhjfswAA%265237
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
18.66.112.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-58.fra56.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 11:09:42 GMT
via
1.1 ab985bb6f3435d42701015dfa6015878.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
FRA56-P5
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
x-cache
Miss from cloudfront
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0
x-amz-cf-id
BlXeayaGlKwjg04_FOxI4Md6s0h2wM39jiGCZaVlnYmkPr-0fRlwxA==

Redirect headers

pragma
no-cache
date
Thu, 16 Nov 2023 11:09:42 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BYVNUJRmwPMuvkFeobezlynx7F4DPmdtIli%2BO7tJ1y%2BOZULIYQeCZh3JBikVPSxadZe7bd4w5GrN6e8cr6bKVvAuyktWc4imQW0fqxJ6%2BLF4Ka3e88hIomPcHgqr6sewWWzxJJUo2XzYUA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://cs-rtb.minutemedia-prebid.com/cs?aid=21476&id=ZVX4btzE3ScfCHXUwhjfswAA%265237
cache-control
no-cache
cf-ray
826f48840b6301df-ZRH
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
cs
cs-rtb.minutemedia-prebid.com/ Frame 26F3
Redirect Chain
  • https://visitor.omnitagjs.com/visitor/bsync?gdpr=0&gdpr_consent=&ismms2s=1&name=MinuteMedia&uid=a1aca1d7a7acd80e26595e82223f1e6f&url=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21502%2...
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21502&id=b8a1d49d298f6c37e0b62b5d2edb130f
0
487 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-rtb.minutemedia-prebid.com/cs?aid=21502&id=b8a1d49d298f6c37e0b62b5d2edb130f
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
18.66.112.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-58.fra56.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 11:09:42 GMT
via
1.1 ab985bb6f3435d42701015dfa6015878.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
FRA56-P5
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
x-cache
Miss from cloudfront
access-control-allow-credentials
true
x-envoy-upstream-service-time
3
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0
x-amz-cf-id
3ELkNoDPDolhH7XH6E9WOFGFPfjt5UQrlQAbAzLvXhS9W9x1kj4CWw==

Redirect headers

pragma
no-cache
date
Thu, 16 Nov 2023 11:09:42 GMT
via
kong/2.8.4
x-content-type-options
nosniff
x-kong-proxy-latency
0
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
location
https://cs-rtb.minutemedia-prebid.com/cs?aid=21502&id=b8a1d49d298f6c37e0b62b5d2edb130f
x-kong-upstream-latency
11
content-type
text/html; charset=UTF-8
cache-control
no-cache, no-store, must-revalidate
content-length
0
expires
0
cs
cs-rtb.minutemedia-prebid.com/ Frame 26F3
Redirect Chain
  • https://prebid.a-mo.net/cchain/0?cb=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21492%26uid%3D&gdpr=0&gdpr_consent=&ismms2s=1
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21492&uid=&gdpr=0
0
534 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-rtb.minutemedia-prebid.com/cs?aid=21492&uid=&gdpr=0
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
18.66.112.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-58.fra56.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 11:09:46 GMT
via
1.1 ab985bb6f3435d42701015dfa6015878.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
FRA56-P5
x-reason
missing buyer cookie sync value, buyer id: '21492'
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
x-cache
Miss from cloudfront
content-type
application/javascript
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0
x-amz-cf-id
j8ZZigj64ODJ-owVP4wqrzTL1OvpKiR7IXmwYX6nXuMmZ-5AR0eqsw==

Redirect headers

location
https://cs-rtb.minutemedia-prebid.com/cs?aid=21492&uid=&gdpr=0
date
Thu, 16 Nov 2023 11:09:46 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
0
server
envoy
content-length
0
sync
ads.servenobid.com/ Frame 26F3 		0
342 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=348&uid=TKPWX3--Cj_mm
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.212.105.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-212-105-38.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 11:09:42 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
usync.html
eus.rubiconproject.com/ Frame 7C0F 		281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&geo=eu&co=ch
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/huang-zi-jiao-xia-biao-zao-qu-xiao-ding-dan-bei-mai-jia-yao-qiu-zhong-ding-yi-kan-jie-qian-zhang-5bei-zhen-de-you-dian-guo-huo.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-22-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 16 Nov 2023 11:09:42 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
truncated
/ Frame 9326 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dcd7def1ceb013e45752ad9ccda3ef2e8dd5d41351d61a5d262fb431b9d9a677

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
1022322488938986752
csync.smilewanted.com/set_partner_userid_get/smart/ Frame C586
Redirect Chain
  • https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]
  • https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
  • https://csync.smilewanted.com/set_partner_userid_get/smart/1022322488938986752
0
400 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/smart/1022322488938986752
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
826f48845c8d0e1a-MXP
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 16 Nov 2023 11:09:42 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

content-length
0
date
Thu, 16 Nov 2023 11:09:41 GMT
location
https://csync.smilewanted.com/set_partner_userid_get/smart/1022322488938986752
500845215933131403
csync.smilewanted.com/set_partner_userid_get/appnexus/ Frame C2AD
Redirect Chain
  • https://secure.adnxs.com/getuid?https://csync.smilewanted.com/set_partner_userid_get/appnexus/$UID
  • https://csync.smilewanted.com/set_partner_userid_get/appnexus/500845215933131403
0
395 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/appnexus/500845215933131403
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
826f48834bd20e1a-MXP
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 16 Nov 2023 11:09:42 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
access-control-allow-origin
*
an-x-request-uuid
fd93c7ab-963e-4cd8-bb05-cd4b8d95a446
cache-control
no-store, no-cache, private
content-length
0
content-type
text/html; charset=utf-8
date
Thu, 16 Nov 2023 11:09:42 GMT
expires
Sat, 15 Nov 2008 16:00:00 GMT
location
https://csync.smilewanted.com/set_partner_userid_get/appnexus/500845215933131403
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma
no-cache
server
nginx/1.21.3
x-proxy-origin
178.197.248.23; 178.197.248.23; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
x-xss-protection
0
GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
pagead2.googlesyndication.com/bg/ Frame 1174 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
sffe /
Resource Hash
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 09:57:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
4342
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15296
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 16:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 15 Nov 2024 09:57:20 GMT
LP139Y10-G-4X8A
csync.smilewanted.com/set_partner_userid_get/rubicon/ Frame 42F0
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-smilewanted&gdpr=0&gdpr_consent=
  • https://csync.smilewanted.com/set_partner_userid_get/rubicon/LP139Y10-G-4X8A?gdpr=0
0
379 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/rubicon/LP139Y10-G-4X8A?gdpr=0
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
826f4883ac0b0e1a-MXP
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 16 Nov 2023 11:09:42 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
Expires
0
Location
https://csync.smilewanted.com/set_partner_userid_get/rubicon/LP139Y10-G-4X8A?gdpr=0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma
no-cache
X-RPHost
4b510f0cc5fcbc9800016ef543086418
content-length
0
visible
trc.taboola.com/palmate-bg3co/log/3/ 		0
253 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/palmate-bg3co/log/3/visible?tvi48=9598&tvi50=11075&route=AM%3AIL%3AV&lti=deflated
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231115-12-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
72
date
Thu, 16 Nov 2023 11:09:42 GMT
via
1.1 varnish
x-fastly-to-nlb-rtt
69038
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-fra-eddf8230085-FRA
pragma
no-cache
server
nginx
x-timer
S1700132982.274472,VS0,VE72
content-type
image/gif
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
4072496958553746652
tpc.googlesyndication.com/daca_images/simgad/ Frame 4FA7 		100 KB
100 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/daca_images/simgad/4072496958553746652
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/huang-zi-jiao-xia-biao-zao-qu-xiao-ding-dan-bei-mai-jia-yao-qiu-zhong-ding-yi-kan-jie-qian-zhang-5bei-zhen-de-you-dian-guo-huo.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f1.1e100.net
Software
sffe /
Resource Hash
35c214f925928346f704baed1b7f12e1ba193d1e614e1b9dd36f5c8c5f4ff276
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 05:19:50 GMT
x-content-type-options
nosniff
age
193792
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
101964
x-xss-protection
0
last-modified
Wed, 18 Oct 2023 17:49:27 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 13 Nov 2024 05:19:50 GMT
pixel.gif
ad.vidverto.io/vidverto/test/ Frame 4FA7 		42 B
174 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.vidverto.io/vidverto/test/pixel.gif
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/huang-zi-jiao-xia-biao-zao-qu-xiao-ding-dan-bei-mai-jia-yao-qiu-zhong-ding-yi-kan-jie-qian-zhang-5bei-zhen-de-you-dian-guo-huo.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.132.133.134 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-132-133-134.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 11:09:42 GMT
last-modified
Mon, 26 Oct 2020 16:14:05 GMT
server
nginx/1.14.0 (Ubuntu)
accept-ranges
bytes
etag
"5f96f5cd-2a"
content-length
42
content-type
image/gif
/
googleads.g.doubleclick.net/pagead/live/interaction/ Frame 4FA7 		42 B
147 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/live/interaction/?ai=CWI5pc_hVZZXROZCFiQbvk5GYCLj1mJ10qqzn-JAS29keEAEgn5f8YmD1hYCA1ASgAYihx44pyAEC4AIAqAMBmAQAqgTxA0_Ql7fI-EB5KH86qSK09he7sQ1AzJBY7vV8HqLN1w7O5cwpJqRxY7Qx0D6xL1IMjUUm4VwxvQexPOXknhe3_JVRooECOLY9yTyL37bB8G7jM8HBmfCLPKQMLxaSHfsmAKzMxmlORu1kwfCCoXLvx9hHOWnuf-7cJ0IHPOV-qqKDckAuWBoXEccJREh0IjDKjZfEgTxQj9StxQQm_RI4nfkiHcb6lu_cLL5_pAMu0miLETI0oSkMze9bt3oqVuep9NBSrs0BscLc6ze2NUba2Vspzds_3AbxYZNTzLteMt5FFns-aBSg2Zlu5BPr3SZTc2RSlhY50dJP-wWI6xSPFtS2mruIZ6VwiqhBKAuyHYr7LCd2AbPTeN-Qngkq9amelLeMg6FTswJI7Z62V3_pHtq6iBgqhcU1bt8wNdOucVsbSd-FIhEv3fxzP1E6suZvsbcPXO88C07zZE7a3DPOl6SLtEX1k4dURpqWFSlaVzAbMIkgzkafRoQBey76j4FeTT-enSq1aVFbdapp7ObJFIZQY36fBnA8fMguh3gporekAefdG3FlbYCEiVqjS74qL-VRbGxGfVskbqEz1gFspaWnvLmyS-S9WIFoPTrQXg_gw3hBRLtquho1pbjXbYFiT_tpA7fT_M_iSppu1LLk9BwbwAS8z5Dc1QTgBAGIBYGv5qBNoAYCgAeI2ZfuA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwHSCBQIgGEQARgdMgKKAjoCgEBIvf3BOoAKA8gLAaIMECoOCgzktLEC7rWxArW4sQKqDQJDSOINEwiiy9vysMiCAxWQQsIKHe9JBIPYEwLQFQGYFgH4FgGAFwE&sigh=6JR0rJJvbng&cmd=Ch1jYS12aWRlby1wdWItMzE5MTI4OTg4MjA0NTE1NRAAGAI&label=videoplayfailed501
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/huang-zi-jiao-xia-biao-zao-qu-xiao-ding-dan-bei-mai-jia-yao-qiu-zhong-ding-yi-kan-jie-qian-zhang-5bei-zhen-de-you-dian-guo-huo.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s46-in-f2.1e100.net
Software
ltt /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Nov 2023 11:09:42 GMT
x-content-type-options
nosniff
server
ltt
x-frame-options
SAMEORIGIN
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 0173 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=166233
content-encoding
gzip
content-length
5622
content-type
text/html
date
Thu, 16 Nov 2023 11:09:42 GMT
expires
Sat, 18 Nov 2023 09:20:15 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame FFCF 		1 KB
691 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301107&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1700132976&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhuang-zi-jiao-xia-biao-zao-qu-xiao-ding-dan-bei-mai-jia-yao-qiu-zhong-ding-yi-kan-jie-qian-zhang-5bei-zhen-de-you-dian-guo-huo.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700132973992&bpp=941&bdt=1668&idt=2920&shv=r20231109&mjsv=m202311090101&ptt=5&saldr=sd&cookie=ID%3Db41398bdaa9909b2%3AT%3D1700132970%3ART%3D1700132970%3AS%3DALNI_MY9TDWl_IAj-r6iD6RW7pCAt1wm8w&gpic=UID%3D00000cc9e0085334%3AT%3D1700132970%3ART%3D1700132970%3AS%3DALNI_MaGHGq4gTOIhiQ9EJVN50HJyw1Ixg&correlator=1789034463196&frm=23&ife=1&pv=2&ga_vid=1685989450.1700132971&ga_sid=1700132977&ga_hid=279756116&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1544&biw=1600&bih=1200&isw=336&ish=280&ifk=904434799&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31078301%2C44807763%2C44808148%2C44808285%2C44809055%2C31079698&oid=2&pvsid=2215057882865319&tmod=1229521688&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.139s2rqhl1tc&btvi=1&fsb=1&dtd=2965
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
48769
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 15 Nov 2023 21:36:53 GMT
etag
48472445140208031
expires
Thu, 16 Nov 2023 21:36:53 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 3623 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
94606ddffa35b68c215a48d35c6f855ad235934983d77062c6d2cdfc0592df12

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
favicon.ico
sdk.streamrail.com/ Frame 5C4D 		18 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sdk.streamrail.com/favicon.ico?r=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11563%26id%3D&rid=[COOKIE_ID]
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.60.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-60-57.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
21faa9449ef1623392c20a946bd97779c2dc14b2cb986e2ed4a75be5f6ceadc1

Request headers

Referer
https://cs-server-s2s.yellowblue.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
600060
cache-control
max-age=604800
content-length
18237
content-type
image/x-icon
date
Thu, 09 Nov 2023 12:28:43 GMT
etag
"626d005588001b1ebb66fdabdd10ab2f"
last-modified
Mon, 20 Apr 2015 14:58:52 GMT
server
AmazonS3
via
1.1 a51af242bb87a51c6b17ed13ee788db8.cloudfront.net (CloudFront)
x-amz-cf-id
L_2uAYOmXowLgIXBkQCQdv2ShT0TTguh0bPLz5L29DI5V1YmwWsHSw==
x-amz-cf-pop
FRA60-P5
x-cache
Hit from cloudfront
79fa1d23-cc90-49bd-ad79-8a4547142217&partner_id=1010
csync.smilewanted.com/set_partner_userid_get/improve/ Frame 323A
Redirect Chain
  • https://ice.360yield.com/server_match?r=https://csync.smilewanted.com/set_partner_userid_get/improve/{PUB_USER_ID}&partner_id=1010
  • https://csync.smilewanted.com/set_partner_userid_get/improve/79fa1d23-cc90-49bd-ad79-8a4547142217&partner_id=1010
0
660 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/improve/79fa1d23-cc90-49bd-ad79-8a4547142217&partner_id=1010
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
826f48859db90e1a-MXP
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 16 Nov 2023 11:09:42 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

access-control-allow-origin
*
content-length
0
content-type
text/plain
date
Thu, 16 Nov 2023 11:09:42 GMT
location
https://csync.smilewanted.com/set_partner_userid_get/improve/79fa1d23-cc90-49bd-ad79-8a4547142217&partner_id=1010
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
khaos.json
token.rubiconproject.com/ Frame 6187 		7 B
765 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?khaos=LP139Y10-G-4X8A
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
28e1e7d28d06b07ec669bc9e43057b8e
Expires
0
iframe
sync.teads.tv/ Frame EF49 		1 KB
736 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.teads.tv/iframe?pid=169092&fromFormat=true&env=js-web&hb_provider=prebid&auctid=a47ef0db-25e0-4f94-81af-19922be34ec7_41c71f8a-9c4e-493a-8dfc-1ddc38e617eb&viewerId=e749febd-847a-46f3-ae87-f65a1c76e7b9
Requested by
Host: a.teads.tv
URL: https://a.teads.tv/media/flavors/native.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.97.41 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-16-97-41.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.0 /
Resource Hash
73f430d20ee21e59fe0849395c4a36691c5cf737b5926f49af1c26b75d2f0103

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store
content-encoding
gzip
content-length
564
content-type
text/html; charset=UTF-8
date
Thu, 16 Nov 2023 11:09:42 GMT
expires
Thu, 16 Nov 2023 11:09:42 GMT
pragma
no-cache
server
pekko-http/1.0.0
vary
Accept-Encoding
track
t.teads.tv/ Frame AE17 		23 B
134 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.teads.tv/track?action=adAvailable-success&gid=1076044&sid=174681&env=js-web&auctid=a47ef0db-25e0-4f94-81af-19922be34ec7_41c71f8a-9c4e-493a-8dfc-1ddc38e617eb&pageId=154680&pid=169092&hb_provider=prebid&vid=e749febd-847a-46f3-ae87-f65a1c76e7b9&pfid=68&f=1&slot=native&fv=1288&ts=1700132982546&plft=flv&hb_w=728&hb_h=90&referer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhuang-zi-jiao-xia-biao-zao-qu-xiao-ding-dan-bei-mai-jia-yao-qiu-zhong-ding-yi-kan-jie-qian-zhang-5bei-zhen-de-you-dian-guo-huo.html
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/huang-zi-jiao-xia-biao-zao-qu-xiao-ding-dan-bei-mai-jia-yao-qiu-zhong-ding-yi-kan-jie-qian-zhang-5bei-zhen-de-you-dian-guo-huo.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.161.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-161-51.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Sat, 26 Jul 1997 05:00:00 GMT
date
Thu, 16 Nov 2023 11:09:42 GMT
cache-control
max-age=0, no-cache, no-store
content-length
23
content-type
image/gif
performance-image-dco-81e6ea03-82fb-4931-8988-5cc9d350c476.jpg
s8t.teads.tv/creative-5fadf0b0-6420-11ee-b7d4-e3f027d50924/ Frame 6CB4 		174 KB
174 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s8t.teads.tv/creative-5fadf0b0-6420-11ee-b7d4-e3f027d50924/performance-image-dco-81e6ea03-82fb-4931-8988-5cc9d350c476.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/huang-zi-jiao-xia-biao-zao-qu-xiao-ding-dan-bei-mai-jia-yao-qiu-zhong-ding-yi-kan-jie-qian-zhang-5bei-zhen-de-you-dian-guo-huo.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.97.41 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-16-97-41.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
ca9570223f515e4fe0512cf1a9114c204b8d555cc17704d1c6b5b22fb59dd102

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 11:09:42 GMT
x-amz-request-id
07MA88GV3ENJM4DQ
x-amz-server-side-encryption
AES256
content-length
177726
x-amz-id-2
yMBv4ocCTu8ROLLVW3oIZ1h6GjOmSeTM1UUnbGL227EdaixQVgHuvECUYF0EK9VbwwUoD1G99g8=
last-modified
Fri, 06 Oct 2023 08:15:20 GMT
server
AmazonS3
etag
"d7217dd54b7ae8800a05ba9e0e80ce89"
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
access-control-allow-origin
*
cache-control
max-age=31540000
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
expires
Fri, 15 Nov 2024 12:16:22 GMT
track
t2.teads.tv/ Frame AE17 		23 B
134 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t2.teads.tv/track?action=impression&vid=e749febd-847a-46f3-ae87-f65a1c76e7b9&gid=1076044&studio_cid=5fadf0b0-6420-11ee-b7d4-e3f027d50924&piv=100&ut=1&hb_provider=prebid&psid=415253&auctid=a47ef0db-25e0-4f94-81af-19922be34ec7_41c71f8a-9c4e-493a-8dfc-1ddc38e617eb&pscid=20204&scid=7024&pfid=68&mediaFileType=js&sid=174681&env=js-web&hb_ad_unit_code=ADP_42753_728X250_77a9c22f-ac02-45dd-96bc-b0896a8a7d5a&cts=1700132980795&cid=1139714&pid=169092&erevenue=MpNE-zGfjAA3OihQr0EgAmJ4&erevenue_curr=CHF&fms=9&p=psPB9ybl5S0t4hQO9y_WjMeVnlkk4WxPLBGkgYhoI6m2PzaEXCh30RuN3_C59PvUJC_Rg-S0zee95e5UlMhORye1sxCK5lzsXELfmaGEWtF7uWjqm_DLEALz-ZbZyu6yyDtJsjw0ezNaK3rBNos14vDRHQkaG0YURpJNmiLIYTKv---UHQwuBfOz29iOB4Ho1G2_wMOYqZwC-uMh7uHIoj8OG9qU7U4m1xqa8cy9I0_c71Pld5VGVfOpfPk0rwgefaIRqNTURiwMHrqZrj8EoPdC_BRm-oUQPb5HPrZKKdW0jW8iJ_pPSwelOjEvN5Y5RMGG-oneHj0gjmw6Cgs6SlHTl26rY02ujhMcdEk2jkY_AA&cs=-585364465516799072605&slot=native&fv=1288&ts=1700132982569&plft=flv&hb_w=728&hb_h=90&referer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhuang-zi-jiao-xia-biao-zao-qu-xiao-ding-dan-bei-mai-jia-yao-qiu-zhong-ding-yi-kan-jie-qian-zhang-5bei-zhen-de-you-dian-guo-huo.html
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/huang-zi-jiao-xia-biao-zao-qu-xiao-ding-dan-bei-mai-jia-yao-qiu-zhong-ding-yi-kan-jie-qian-zhang-5bei-zhen-de-you-dian-guo-huo.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.161.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-161-51.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Sat, 26 Jul 1997 05:00:00 GMT
date
Thu, 16 Nov 2023 11:09:42 GMT
cache-control
max-age=0, no-cache, no-store
content-length
23
content-type
image/gif
B30596275.377000711;dc_pre=CITC_vOwyIIDFdmh_QcdkewPSQ;dc_trk_aid=567962966;dc_trk_cid=200017129;ord=1700132980794;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_cons...
ad.doubleclick.net/ddm/trackimp/N1138786.3391166TEADS_CHE_105603/ Frame AE17
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N1138786.3391166TEADS_CHE_105603/B30596275.377000711;dc_trk_aid=567962966;dc_trk_cid=200017129;ord=1700132980794;dc_lat=;dc_rdid=;tag_for_child_directed_trea...
  • https://ad.doubleclick.net/ddm/trackimp/N1138786.3391166TEADS_CHE_105603/B30596275.377000711;dc_pre=CITC_vOwyIIDFdmh_QcdkewPSQ;dc_trk_aid=567962966;dc_trk_cid=200017129;ord=1700132980794;dc_lat=;dc...
42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/ddm/trackimp/N1138786.3391166TEADS_CHE_105603/B30596275.377000711;dc_pre=CITC_vOwyIIDFdmh_QcdkewPSQ;dc_trk_aid=567962966;dc_trk_cid=200017129;ord=1700132980794;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=;dc_tdv=1?
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/huang-zi-jiao-xia-biao-zao-qu-xiao-ding-dan-bei-mai-jia-yao-qiu-zhong-ding-yi-kan-jie-qian-zhang-5bei-zhen-de-you-dian-guo-huo.html
Protocol
H3
Server
172.217.18.6 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f6.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Nov 2023 11:09:42 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 16 Nov 2023 11:09:42 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ad.doubleclick.net/ddm/trackimp/N1138786.3391166TEADS_CHE_105603/B30596275.377000711;dc_pre=CITC_vOwyIIDFdmh_QcdkewPSQ;dc_trk_aid=567962966;dc_trk_cid=200017129;ord=1700132980794;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=;dc_tdv=1?
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
follow-only-when-prerender-shown
1
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame 6CB4 		669 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
35463ce93e7c820faa404db98d939ff640ae78ca0e29be043861853c9e07c586

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
ddf51c3f-d747-4f91-b259-06a127b1ffff
csync.smilewanted.com/set_partner_userid_get/openx/ Frame CD6D
Redirect Chain
  • https://u.openx.net/w/1.0/cm?id=158474f5-20ec-4fcc-8ba8-4c101c556b25&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fopenx%2F
  • https://csync.smilewanted.com/set_partner_userid_get/openx/ddf51c3f-d747-4f91-b259-06a127b1ffff
0
548 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/openx/ddf51c3f-d747-4f91-b259-06a127b1ffff
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
826f48871edf0e1a-MXP
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 16 Nov 2023 11:09:42 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
0
content-type
text/html
date
Thu, 16 Nov 2023 11:09:42 GMT
location
https://csync.smilewanted.com/set_partner_userid_get/openx/ddf51c3f-d747-4f91-b259-06a127b1ffff
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
pixel
cm.g.doubleclick.net/ Frame D011
Redirect Chain
  • https://sync.teads.tv/um?eid=3&fp=1&uid=&vid=e749febd-847a-46f3-ae87-f65a1c76e7b9&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D&gdpr=0&_t=1700...
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=ZTc0OWZlYmQtODQ3YS00NmYzLWFlODctZjY1YTFjNzZlN2I5
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=ZTc0OWZlYmQtODQ3YS00NmYzLWFlODctZjY1YTFjNzZlN2I5
Requested by
Host: sync.teads.tv
URL: https://sync.teads.tv/iframe?pid=169092&fromFormat=true&env=js-web&hb_provider=prebid&auctid=a47ef0db-25e0-4f94-81af-19922be34ec7_86b8abf0-5054-4ede-94d0-97be783571fe&viewerId=e749febd-847a-46f3-ae87-f65a1c76e7b9
Protocol
H3
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://sync.teads.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Nov 2023 11:09:42 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 16 Nov 2023 11:09:42 GMT
server
pekko-http/1.0.0
content-type
text/html; charset=UTF-8
location
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=ZTc0OWZlYmQtODQ3YS00NmYzLWFlODctZjY1YTFjNzZlN2I5
cache-control
max-age=0, no-cache, no-store
content-length
189
expires
Thu, 16 Nov 2023 11:09:42 GMT
generic
match.adsrvr.org/track/cmf/ Frame D011 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=teads&ttd_tpi=1&gdpr=0&_t=1700132981546
Requested by
Host: sync.teads.tv
URL: https://sync.teads.tv/iframe?pid=169092&fromFormat=true&env=js-web&hb_provider=prebid&auctid=a47ef0db-25e0-4f94-81af-19922be34ec7_86b8abf0-5054-4ede-94d0-97be783571fe&viewerId=e749febd-847a-46f3-ae87-f65a1c76e7b9
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://sync.teads.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 11:09:42 GMT
server
Kestrel
content-length
70
content-type
image/gif
um
sync.teads.tv/ Frame D011
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=79&p=145&cp=teads&cu=1&url=https%3A%2F%2Fsync.teads.tv%2Fum%3Ffp%3D1%26eid%3D80%26uid%3D%40%40CRITEO_USERID%40%40&gdpr=0&_t=1700132981546
  • https://sync.teads.tv/um?fp=1&eid=80&uid=271aa54b-560d-4d1f-a1ae-a3997c7daf96&gdpr=0
23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?fp=1&eid=80&uid=271aa54b-560d-4d1f-a1ae-a3997c7daf96&gdpr=0
Requested by
Host: sync.teads.tv
URL: https://sync.teads.tv/iframe?pid=169092&fromFormat=true&env=js-web&hb_provider=prebid&auctid=a47ef0db-25e0-4f94-81af-19922be34ec7_86b8abf0-5054-4ede-94d0-97be783571fe&viewerId=e749febd-847a-46f3-ae87-f65a1c76e7b9
Protocol
H2
Server
2.16.97.41 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-16-97-41.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.0 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://sync.teads.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Thu, 16 Nov 2023 11:09:43 GMT
pragma
no-cache
date
Thu, 16 Nov 2023 11:09:43 GMT
cache-control
max-age=0, no-cache, no-store
server
pekko-http/1.0.0
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 16 Nov 2023 11:09:42 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://sync.teads.tv/um?fp=1&eid=80&uid=271aa54b-560d-4d1f-a1ae-a3997c7daf96&gdpr=0
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
894175
content-length
0
expires
Thu, 16 Nov 2023 00:00:00 GMT
um
sync.teads.tv/ Frame D011
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/teads/e749febd-847a-46f3-ae87-f65a1c76e7b9?gdpr=0&_t=1700132981546
  • https://sync.teads.tv/um?eid=132&uid=y-ZfC2ErFE2oRp9TEzoNrAA6.54WD3DNRJjEs-~A
23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=132&uid=y-ZfC2ErFE2oRp9TEzoNrAA6.54WD3DNRJjEs-~A
Requested by
Host: sync.teads.tv
URL: https://sync.teads.tv/iframe?pid=169092&fromFormat=true&env=js-web&hb_provider=prebid&auctid=a47ef0db-25e0-4f94-81af-19922be34ec7_86b8abf0-5054-4ede-94d0-97be783571fe&viewerId=e749febd-847a-46f3-ae87-f65a1c76e7b9
Protocol
H2
Server
2.16.97.41 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-16-97-41.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.0 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://sync.teads.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Thu, 16 Nov 2023 11:09:43 GMT
pragma
no-cache
date
Thu, 16 Nov 2023 11:09:43 GMT
cache-control
max-age=0, no-cache, no-store
server
pekko-http/1.0.0
content-length
23
content-type
image/gif

Redirect headers

date
Thu, 16 Nov 2023 11:09:43 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://sync.teads.tv/um?eid=132&uid=y-ZfC2ErFE2oRp9TEzoNrAA6.54WD3DNRJjEs-~A
content-length
0
/
loadm.exelator.com/load/ Frame D011 		0
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://loadm.exelator.com/load/?p=204&g=810&j=0&buid=e749febd-847a-46f3-ae87-f65a1c76e7b9_eu_ch&_t=1700132981546
Requested by
Host: sync.teads.tv
URL: https://sync.teads.tv/iframe?pid=169092&fromFormat=true&env=js-web&hb_provider=prebid&auctid=a47ef0db-25e0-4f94-81af-19922be34ec7_86b8abf0-5054-4ede-94d0-97be783571fe&viewerId=e749febd-847a-46f3-ae87-f65a1c76e7b9
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.78.254.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-78-254-47.eu-west-1.compute.amazonaws.com
Software
nginx / Undertow/1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://sync.teads.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 11:09:43 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
44858
tags.bluekai.com/site/ Frame D011 		62 B
485 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.bluekai.com/site/44858?id=e749febd-847a-46f3-ae87-f65a1c76e7b9_eu_ch&limit=1&_t=1700132981546
Requested by
Host: sync.teads.tv
URL: https://sync.teads.tv/iframe?pid=169092&fromFormat=true&env=js-web&hb_provider=prebid&auctid=a47ef0db-25e0-4f94-81af-19922be34ec7_86b8abf0-5054-4ede-94d0-97be783571fe&viewerId=e749febd-847a-46f3-ae87-f65a1c76e7b9
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.192.160.219 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a69-192-160-219.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://sync.teads.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date
Thu, 16 Nov 2023 11:09:43 GMT
content-length
62
content-type
image/gif
362358.gif
idsync.rlcdn.com/ Frame D011
Redirect Chain
  • https://idsync.rlcdn.com/474599.gif?partner_uid=e749febd-847a-46f3-ae87-f65a1c76e7b9_ch&_t=1700132981546
  • https://idsync.rlcdn.com/1000.gif?memo=COf7HBIzCi8IARCzmAkaJ2U3NDlmZWJkLTg0N2EtNDZmMy1hZTg3LWY2NWExYzc2ZTdiOV9jaBAAGg0I9_DXqgYSBQjoBxAAQgBKAA
  • https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm
  • https://idsync.rlcdn.com/362358.gif?google_gid=CAESEJ08tgnOmRTApn5AARlw89I&google_cver=1
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/362358.gif?google_gid=CAESEJ08tgnOmRTApn5AARlw89I&google_cver=1
Requested by
Host: sync.teads.tv
URL: https://sync.teads.tv/iframe?pid=169092&fromFormat=true&env=js-web&hb_provider=prebid&auctid=a47ef0db-25e0-4f94-81af-19922be34ec7_86b8abf0-5054-4ede-94d0-97be783571fe&viewerId=e749febd-847a-46f3-ae87-f65a1c76e7b9
Protocol
H3
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://sync.teads.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 11:09:43 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

pragma
no-cache
date
Thu, 16 Nov 2023 11:09:43 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://idsync.rlcdn.com/362358.gif?google_gid=CAESEJ08tgnOmRTApn5AARlw89I&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
289
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
g.pixel
aa.agkn.com/adscores/ Frame D011 		43 B
499 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aa.agkn.com/adscores/g.pixel?sid=9212301178&puid=e749febd-847a-46f3-ae87-f65a1c76e7b9_ch&_tid=e749febd-847a-46f3-ae87-f65a1c76e7b9&_t=1700132981546
Requested by
Host: sync.teads.tv
URL: https://sync.teads.tv/iframe?pid=169092&fromFormat=true&env=js-web&hb_provider=prebid&auctid=a47ef0db-25e0-4f94-81af-19922be34ec7_86b8abf0-5054-4ede-94d0-97be783571fe&viewerId=e749febd-847a-46f3-ae87-f65a1c76e7b9
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.203.198.173 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-198-173.eu-west-1.compute.amazonaws.com
Software
AAWebServer /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://sync.teads.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Nov 2023 11:09:43 GMT
server
AAWebServer
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
content-length
43
expires
0
usermatch.gif
beacon.krxd.net/ Frame D011 		0
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=teadspartner&partner_uid=e749febd-847a-46f3-ae87-f65a1c76e7b9_ch&_t=1700132981546
Requested by
Host: sync.teads.tv
URL: https://sync.teads.tv/iframe?pid=169092&fromFormat=true&env=js-web&hb_provider=prebid&auctid=a47ef0db-25e0-4f94-81af-19922be34ec7_86b8abf0-5054-4ede-94d0-97be783571fe&viewerId=e749febd-847a-46f3-ae87-f65a1c76e7b9
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.72.15.103 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-72-15-103.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://sync.teads.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-served-by
beacon-n014-dub-prod.krxd.net
date
Thu, 16 Nov 2023 11:09:43 GMT
cache-control
private, no-cache, no-store
x-request-time
D=33 t=1700132983
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
usersync
sync.springserve.com/ Frame D011
Redirect Chain
  • https://sync.teads.tv/um?fp=1&ssb_provider_id=1&uid=&vid=e749febd-847a-46f3-ae87-f65a1c76e7b9&fb=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000024%26uuid%3D%5BVID%5D&gdpr=0&_t=170013298...
  • https://sync.springserve.com/usersync?aid=1000024&uuid=e749febd-847a-46f3-ae87-f65a1c76e7b9
43 B
205 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.springserve.com/usersync?aid=1000024&uuid=e749febd-847a-46f3-ae87-f65a1c76e7b9
Requested by
Host: sync.teads.tv
URL: https://sync.teads.tv/iframe?pid=169092&fromFormat=true&env=js-web&hb_provider=prebid&auctid=a47ef0db-25e0-4f94-81af-19922be34ec7_86b8abf0-5054-4ede-94d0-97be783571fe&viewerId=e749febd-847a-46f3-ae87-f65a1c76e7b9
Protocol
H2
Server
52.31.127.110 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-31-127-110.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://sync.teads.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 16 Nov 2023 11:09:43 GMT
access-control-allow-credentials
true
server
nginx
content-length
43
access-control-allow-methods
GET, OPTIONS
content-type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 16 Nov 2023 11:09:43 GMT
server
pekko-http/1.0.0
content-type
text/html; charset=UTF-8
location
https://sync.springserve.com/usersync?aid=1000024&uuid=e749febd-847a-46f3-ae87-f65a1c76e7b9
cache-control
max-age=0, no-cache, no-store
content-length
164
expires
Thu, 16 Nov 2023 11:09:43 GMT
report
sync.teads.tv/um/ Frame D011
Redirect Chain
  • https://sync.teads.tv/um?fp=1&ssb_provider_id=3&google_nid=teadstv_ab&uid=&vid=e749febd-847a-46f3-ae87-f65a1c76e7b9&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_...
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=ZTc0OWZlYmQtODQ3YS00NmYzLWFlODctZjY1YTFjNzZlN2I5
  • https://sync.teads.tv/um/report?ssb_provider_id=3&google_nid=teadstv_ab&fp=1
23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um/report?ssb_provider_id=3&google_nid=teadstv_ab&fp=1
Requested by
Host: sync.teads.tv
URL: https://sync.teads.tv/iframe?pid=169092&fromFormat=true&env=js-web&hb_provider=prebid&auctid=a47ef0db-25e0-4f94-81af-19922be34ec7_86b8abf0-5054-4ede-94d0-97be783571fe&viewerId=e749febd-847a-46f3-ae87-f65a1c76e7b9
Protocol
H2
Server
2.16.97.41 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-16-97-41.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.0 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://sync.teads.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Thu, 16 Nov 2023 11:09:43 GMT
pragma
no-cache
date
Thu, 16 Nov 2023 11:09:43 GMT
cache-control
max-age=0, no-cache, no-store
server
pekko-http/1.0.0
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 16 Nov 2023 11:09:43 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um/report?ssb_provider_id=3&google_nid=teadstv_ab&fp=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
ap.lijit.com/ Frame 7550 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fsovrn%2F%24UID
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Date
Thu, 16 Nov 2023 11:09:42 GMT
X-Sovrn-Pod
ad_ap6ams1
4296390461623842244
csync.smilewanted.com/set_partner_userid_get/adform/ Frame 3943
Redirect Chain
  • https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fadform%2F%24UID
  • https://csync.smilewanted.com/set_partner_userid_get/adform/4296390461623842244
0
540 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/adform/4296390461623842244
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
826f4888d8140e1a-MXP
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 16 Nov 2023 11:09:43 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

content-length
0
content-type
text/plain
date
Thu, 16 Nov 2023 11:09:43 GMT
location
https://csync.smilewanted.com/set_partner_userid_get/adform/4296390461623842244
server
nginx
/
csync.smilewanted.com/set_partner_userid_get/outbrain/ Frame 6994
Redirect Chain
  • https://b1sync.zemanta.com/usersync/smilewanted?gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Foutbrain%2F__ZUID__
  • https://csync.smilewanted.com/set_partner_userid_get/outbrain/?gdpr=0
0
103 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/outbrain/?gdpr=0
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
826f4887ef620e1a-MXP
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 16 Nov 2023 11:09:43 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

Cache-Control
no-cache, no-store, must-revalidate
Content-Length
92
Content-Type
text/html; charset=utf-8
Date
Thu, 16 Nov 2023 11:09:42 GMT
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Location
https://csync.smilewanted.com/set_partner_userid_get/outbrain/?gdpr=0
Pragma
no-cache
hd2Il582vi81Knjdu8cF6ZhHuvG8HUJOPMwRGcWCirE
csync.smilewanted.com/set_partner_userid_get/rtbhouse/ Frame 7BFE
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=smilewanted
  • https://creativecdn.com/cm-notify?pi=smilewanted&tc=1
  • https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/hd2Il582vi81Knjdu8cF6ZhHuvG8HUJOPMwRGcWCirE?pi=smilewanted&tc=1
0
572 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/hd2Il582vi81Knjdu8cF6ZhHuvG8HUJOPMwRGcWCirE?pi=smilewanted&tc=1
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
826f4889284c0e1a-MXP
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 16 Nov 2023 11:09:43 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Thu, 16 Nov 2023 11:09:43 GMT Thu, 16 Nov 2023 11:09:43 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/hd2Il582vi81Knjdu8cF6ZhHuvG8HUJOPMwRGcWCirE?pi=smilewanted&tc=1
pragma
no-cache
usync.js
eus.rubiconproject.com/ Frame 7C0F 		46 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&geo=eu&co=ch
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-22-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
8d21e83361177be307d7954587f4b3cc9627ba5f7028dc4bf930d81daa356174

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&geo=eu&co=ch
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 16 Nov 2023 11:09:42 GMT
Content-Encoding
gzip
Last-Modified
Wed, 15 Nov 2023 15:20:13 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=15051
Connection
keep-alive
Content-Length
13230
Expires
Thu, 16 Nov 2023 15:20:33 GMT
usersync
rtb.gumgum.com/ Frame 7230
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=1301&gdpr=0&gdpr_consent=
  • https://rtb.gumgum.com/usersync?b=adf&i=4296390461623842244&gdpr=0&gdpr_consent=
35 B
208 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=adf&i=4296390461623842244&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.203.132.178 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-132-178.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
private, no-store, must-revalidate, max-age=0
content-length
35
content-type
image/gif;charset=UTF-8
date
Thu, 16 Nov 2023 11:09:42 GMT
expires
0
pragma
no-cache
server
nginx
timing-allow-origin
*

Redirect headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
0
date
Thu, 16 Nov 2023 11:09:42 GMT
expires
-1
location
https://rtb.gumgum.com/usersync?b=adf&i=4296390461623842244&gdpr=0&gdpr_consent=
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
pixel
cm.g.doubleclick.net/ Frame 56D2 		170 B
188 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV85ZDcyNjE1NS1kY2U0LTRkN2YtYjUwYS00OTZhNGQ4NDM4YmM=&gdpr=0&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
170
content-type
image/png
cross-origin-resource-policy
cross-origin
date
Thu, 16 Nov 2023 11:09:42 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame D3C0 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=166233
content-encoding
gzip
content-length
5622
content-type
text/html
date
Thu, 16 Nov 2023 11:09:42 GMT
expires
Sat, 18 Nov 2023 09:20:15 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
generic
match.adsrvr.org/track/cmf/ Frame 434C 		70 B
148 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

content-length
70
content-type
image/gif
date
Thu, 16 Nov 2023 11:09:42 GMT
server
Kestrel
usersync
usersync.gumgum.com/ Frame 5960
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=gumgum
  • https://usersync.gumgum.com/usersync?b=sus&i=ZVX4b8Co5uYAALLE.8MAAAAA
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=sus&i=ZVX4b8Co5uYAALLE.8MAAAAA
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Thu, 16 Nov 2023 11:09:43 GMT
Expires
0
Pragma
no-cache

Redirect headers

Cache-Control
private
Connection
keep-alive
Content-Length
0
Date
Thu, 16 Nov 2023 11:09:42 GMT
Location
https://usersync.gumgum.com/usersync?b=sus&i=ZVX4b8Co5uYAALLE.8MAAAAA
P3P
CP="See also http://www.scaleout.jp/privacy/"
Server
nginx
X-SO-Ads-Time
3
X-SO-Cluster-ID
0
X-SO-HostName
m-ad40.dc4p.scaleout.jp
X-SO-IP
178.197.248.23
X-SO-Key
ZVX4b8Co5uYAALLE.8MAAAAA
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":0,"gdpr":false,"ipv4":"178.197.248.23","key":"ZVX4b8Co5uYAALLE.8MAAAAA","privacy_sensitive":false,"uid":"ZVX4b8Co5uYAALLE.8MAAAAA","upstream_id":"m-ad40"}
X-SO-LB-Hostname
a-tgng40015.dc2p.scaleout.jp
X-SO-UID
ZVX4b8Co5uYAALLE.8MAAAAA
X-SO-Upstream-ID
m-ad40
usersync
usersync.gumgum.com/ Frame 9FCD
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1
  • https://usersync.gumgum.com/usersync?b=rth&i=hd2Il582vi81Knjdu8cF6ZhHuvG8HUJOPMwRGcWCirE&pi=gumgum&tc=1
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=rth&i=hd2Il582vi81Knjdu8cF6ZhHuvG8HUJOPMwRGcWCirE&pi=gumgum&tc=1
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Thu, 16 Nov 2023 11:09:43 GMT
Expires
0
Pragma
no-cache

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Thu, 16 Nov 2023 11:09:43 GMT Thu, 16 Nov 2023 11:09:43 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://usersync.gumgum.com/usersync?b=rth&i=hd2Il582vi81Knjdu8cF6ZhHuvG8HUJOPMwRGcWCirE&pi=gumgum&tc=1
pragma
no-cache
usync.html
eus.rubiconproject.com/ Frame 1EE6
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
  • https://eus.rubiconproject.com/usync.html?p=gumgum
281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-22-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 16 Nov 2023 11:09:42 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Thu, 16 Nov 2023 11:09:42 GMT
location
https://eus.rubiconproject.com/usync.html?p=gumgum
server
AkamaiGHost
Standard
s1.adform.net/stoat/630/s1.adform.net/load/v/0.0.235/e/.gSBgiDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/ Frame 9326 		92 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/630/s1.adform.net/load/v/0.0.235/e/.gSBgiDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.234 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
3b1eff64e77bf4378206394ce0eaa5726402de0d0711131317f8a1054f460282

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 11:09:42 GMT
content-encoding
gzip
last-modified
Thu, 12 Oct 2023 13:27:00 GMT
server
nginx
x-cache-status
STALE
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Tue, 17 Oct 2023 16:09:59 GMT
truncated
/ 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e322a310282fee935d81b3f9df332584ba783561d4247426d50f8d4adc553304

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
bridge3.605.0_en.html
imasdk.googleapis.com/js/core/ Frame BEFB 		752 KB
241 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.202 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f10.1e100.net
Software
sffe /
Resource Hash
a2eacbd0a55e794d92e79a03b68c07f613a0ab710ffaffe5f1d12d67aac843a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
116101
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
246766
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Wed, 15 Nov 2023 02:54:42 GMT
expires
Thu, 14 Nov 2024 02:54:42 GMT
last-modified
Wed, 15 Nov 2023 02:49:47 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 1CBF 		40 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
sffe /
Resource Hash
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 10:12:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3420
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13893
x-xss-protection
0
last-modified
Wed, 09 Aug 2023 15:57:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Thu, 16 Nov 2023 11:12:43 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?adtagurl=https%3A%2F%2Fpubads.g.doubleclick.net%2Fgampad%2Flive%2Fads%3Fiu%3D%2F21986089839%2C22574853003%2Fivm_video%2Fivm_bg3.co_video%26description_url%3Dhttps%253A%252F%252Fwww.bg3.co%252Fa%252Fhuang-zi-jiao-xia-biao-zao-qu-xiao-ding-dan-bei-mai-jia-yao-qiu-zhong-ding-yi-kan-jie-qian-zhang-5bei-zhen-de-you-dian-guo-huo.html%26url%3Dhttps%253A%252F%252Fwww.bg3.co%252Fa%252Fhuang-zi-jiao-xia-biao-zao-qu-xiao-ding-dan-bei-mai-jia-yao-qiu-zhong-ding-yi-kan-jie-qian-zhang-5bei-zhen-de-you-dian-guo-huo.html%26tfcd%3D0%26npa%3D0%26sz%3D1x1%257C300x250%257C320x480%257C400x300%257C480x320%257C480x360%257C600x338%257C640x480%257C720x405%26gdfp_req%3D1%26output%3Dvast%26unviewed_position_start%3D1%26env%3Dvp%26impl%3Ds%26correlator%3D17001329726555f86c5eef3&customPlayback=f&customClick=f&lid=8&sdkv=h.3.605.0&e=44772139%2C44777649%2C44781409%2C44802074%2C44802463%2C44804291%2C44806074&id=ima_html5&c=1421013251803073&domain=www.bg3.co
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Nov 2023 11:09:43 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?aid=f&aidf=f&hsc=f&lid=182&sdkv=h.3.605.0&e=44772139%2C44777649%2C44781409%2C44802074%2C44802463%2C44804291%2C44806074&id=ima_html5&c=1421013251803073&domain=www.bg3.co
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Nov 2023 11:09:43 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.google-analytics.com/g/ 		0
45 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-Z0TZ7TDHS1&gtm=45je3b81v886690812&_p=1700132969829&gcd=11l1l1l1l1&dma=0&cid=1685989450.1700132971&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1700132977&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhuang-zi-jiao-xia-biao-zao-qu-xiao-ding-dan-bei-mai-jia-yao-qiu-zhong-ding-yi-kan-jie-qian-zhang-5bei-zhen-de-you-dian-guo-huo.html&dt=%E9%BB%83%E5%AD%90%E4%BD%BC%E4%B8%8B%E6%A8%99%E9%81%AD%E5%8F%96%E6%B6%88%E8%A8%82%E5%96%AE%EF%BC%81%E8%A2%AB%E8%B3%A3%E5%AE%B6%E8%A6%81%E6%B1%82%E9%87%8D%E8%A8%82%E2%80%A6%E4%B8%80%E7%9C%8B%E5%83%B9%E9%8C%A2%E6%BC%B25%E5%80%8D%EF%BC%9A%E7%9C%9F%E7%9A%84%E6%9C%89%E9%BB%9E%E9%81%8E%E7%81%AB%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&en=link_preview&_ee=1&epn.value=1&epn.siteid=42753&ep.error_msg=no_mapping_failed&_et=8&tfd=16604
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.32.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Nov 2023 11:09:43 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
ads.servenobid.com/ Frame 6187
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=duration_media&khaos=LP139Y10-G-4X8A
  • https://ads.servenobid.com/sync?pid=323&uid=LP139Y10-G-4X8A
0
343 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=323&uid=LP139Y10-G-4X8A
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol
H2
Server
52.212.105.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-212-105-38.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 11:09:44 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ads.servenobid.com/sync?pid=323&uid=LP139Y10-G-4X8A
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
b3266a43228eaeab48f59934ee9159da
Expires
0
pixel
cm.g.doubleclick.net/ Frame EF49
Redirect Chain
  • https://sync.teads.tv/um?eid=3&fp=1&uid=&vid=e749febd-847a-46f3-ae87-f65a1c76e7b9&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D&gdpr=0&_t=1700...
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=ZTc0OWZlYmQtODQ3YS00NmYzLWFlODctZjY1YTFjNzZlN2I5
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=ZTc0OWZlYmQtODQ3YS00NmYzLWFlODctZjY1YTFjNzZlN2I5
Requested by
Host: sync.teads.tv
URL: https://sync.teads.tv/iframe?pid=169092&fromFormat=true&env=js-web&hb_provider=prebid&auctid=a47ef0db-25e0-4f94-81af-19922be34ec7_41c71f8a-9c4e-493a-8dfc-1ddc38e617eb&viewerId=e749febd-847a-46f3-ae87-f65a1c76e7b9
Protocol
H3
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://sync.teads.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Nov 2023 11:09:43 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 16 Nov 2023 11:09:43 GMT
server
pekko-http/1.0.0
content-type
text/html; charset=UTF-8
location
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=ZTc0OWZlYmQtODQ3YS00NmYzLWFlODctZjY1YTFjNzZlN2I5
cache-control
max-age=0, no-cache, no-store
content-length
189
expires
Thu, 16 Nov 2023 11:09:43 GMT
generic
match.adsrvr.org/track/cmf/ Frame EF49 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=teads&ttd_tpi=1&gdpr=0&_t=1700132982599
Requested by
Host: sync.teads.tv
URL: https://sync.teads.tv/iframe?pid=169092&fromFormat=true&env=js-web&hb_provider=prebid&auctid=a47ef0db-25e0-4f94-81af-19922be34ec7_41c71f8a-9c4e-493a-8dfc-1ddc38e617eb&viewerId=e749febd-847a-46f3-ae87-f65a1c76e7b9
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://sync.teads.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 11:09:43 GMT
server
Kestrel
content-length
70
content-type
image/gif
um
sync.teads.tv/ Frame EF49
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=79&p=145&cp=teads&cu=1&url=https%3A%2F%2Fsync.teads.tv%2Fum%3Ffp%3D1%26eid%3D80%26uid%3D%40%40CRITEO_USERID%40%40&gdpr=0&_t=1700132982599
  • https://sync.teads.tv/um?fp=1&eid=80&uid=271aa54b-560d-4d1f-a1ae-a3997c7daf96&gdpr=0
23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?fp=1&eid=80&uid=271aa54b-560d-4d1f-a1ae-a3997c7daf96&gdpr=0
Requested by
Host: sync.teads.tv
URL: https://sync.teads.tv/iframe?pid=169092&fromFormat=true&env=js-web&hb_provider=prebid&auctid=a47ef0db-25e0-4f94-81af-19922be34ec7_41c71f8a-9c4e-493a-8dfc-1ddc38e617eb&viewerId=e749febd-847a-46f3-ae87-f65a1c76e7b9
Protocol
H2
Server
2.16.97.41 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-16-97-41.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.0 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://sync.teads.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Thu, 16 Nov 2023 11:09:43 GMT
pragma
no-cache
date
Thu, 16 Nov 2023 11:09:43 GMT
cache-control
max-age=0, no-cache, no-store
server
pekko-http/1.0.0
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 16 Nov 2023 11:09:43 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://sync.teads.tv/um?fp=1&eid=80&uid=271aa54b-560d-4d1f-a1ae-a3997c7daf96&gdpr=0
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
801623
content-length
0
expires
Thu, 16 Nov 2023 00:00:00 GMT
um
sync.teads.tv/ Frame EF49
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/teads/e749febd-847a-46f3-ae87-f65a1c76e7b9?gdpr=0&_t=1700132982599
  • https://sync.teads.tv/um?eid=132&uid=y-ZfC2ErFE2oRp9TEzoNrAA6.54WD3DNRJjEs-~A
23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=132&uid=y-ZfC2ErFE2oRp9TEzoNrAA6.54WD3DNRJjEs-~A
Requested by
Host: sync.teads.tv
URL: https://sync.teads.tv/iframe?pid=169092&fromFormat=true&env=js-web&hb_provider=prebid&auctid=a47ef0db-25e0-4f94-81af-19922be34ec7_41c71f8a-9c4e-493a-8dfc-1ddc38e617eb&viewerId=e749febd-847a-46f3-ae87-f65a1c76e7b9
Protocol
H2
Server
2.16.97.41 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-16-97-41.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.0 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://sync.teads.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Thu, 16 Nov 2023 11:09:43 GMT
pragma
no-cache
date
Thu, 16 Nov 2023 11:09:43 GMT
cache-control
max-age=0, no-cache, no-store
server
pekko-http/1.0.0
content-length
23
content-type
image/gif

Redirect headers

date
Thu, 16 Nov 2023 11:09:43 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://sync.teads.tv/um?eid=132&uid=y-ZfC2ErFE2oRp9TEzoNrAA6.54WD3DNRJjEs-~A
content-length
0
usersync
sync.springserve.com/ Frame EF49
Redirect Chain
  • https://sync.teads.tv/um?fp=1&ssb_provider_id=1&uid=&vid=e749febd-847a-46f3-ae87-f65a1c76e7b9&fb=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000024%26uuid%3D%5BVID%5D&gdpr=0&_t=170013298...
  • https://sync.springserve.com/usersync?aid=1000024&uuid=e749febd-847a-46f3-ae87-f65a1c76e7b9
43 B
206 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.springserve.com/usersync?aid=1000024&uuid=e749febd-847a-46f3-ae87-f65a1c76e7b9
Requested by
Host: sync.teads.tv
URL: https://sync.teads.tv/iframe?pid=169092&fromFormat=true&env=js-web&hb_provider=prebid&auctid=a47ef0db-25e0-4f94-81af-19922be34ec7_41c71f8a-9c4e-493a-8dfc-1ddc38e617eb&viewerId=e749febd-847a-46f3-ae87-f65a1c76e7b9
Protocol
H2
Server
52.31.127.110 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-31-127-110.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://sync.teads.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 16 Nov 2023 11:09:43 GMT
access-control-allow-credentials
true
server
nginx
content-length
43
access-control-allow-methods
GET, OPTIONS
content-type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 16 Nov 2023 11:09:43 GMT
server
pekko-http/1.0.0
content-type
text/html; charset=UTF-8
location
https://sync.springserve.com/usersync?aid=1000024&uuid=e749febd-847a-46f3-ae87-f65a1c76e7b9
cache-control
max-age=0, no-cache, no-store
content-length
164
expires
Thu, 16 Nov 2023 11:09:43 GMT
report
sync.teads.tv/um/ Frame EF49
Redirect Chain
  • https://sync.teads.tv/um?fp=1&ssb_provider_id=3&google_nid=teadstv_ab&uid=&vid=e749febd-847a-46f3-ae87-f65a1c76e7b9&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_...
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=ZTc0OWZlYmQtODQ3YS00NmYzLWFlODctZjY1YTFjNzZlN2I5
  • https://sync.teads.tv/um/report?ssb_provider_id=3&google_nid=teadstv_ab&fp=1
23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um/report?ssb_provider_id=3&google_nid=teadstv_ab&fp=1
Requested by
Host: sync.teads.tv
URL: https://sync.teads.tv/iframe?pid=169092&fromFormat=true&env=js-web&hb_provider=prebid&auctid=a47ef0db-25e0-4f94-81af-19922be34ec7_41c71f8a-9c4e-493a-8dfc-1ddc38e617eb&viewerId=e749febd-847a-46f3-ae87-f65a1c76e7b9
Protocol
H2
Server
2.16.97.41 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-16-97-41.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.0 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://sync.teads.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Thu, 16 Nov 2023 11:09:44 GMT
pragma
no-cache
date
Thu, 16 Nov 2023 11:09:44 GMT
cache-control
max-age=0, no-cache, no-store
server
pekko-http/1.0.0
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 16 Nov 2023 11:09:43 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um/report?ssb_provider_id=3&google_nid=teadstv_ab&fp=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame AE17 		42 B
111 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsunt-tXrA-6SztyDYz_k6ZHArcad5MSoDYVbh75SmUlpBV9l-ag56Rb-yeuTXNAB9XP9gUpp7KiJb8Tl-au9uYeMZK1BWN7tJOcU722l1XlySQkLThty3DM86Bsl-beZ_nRPS0QHtUlLA&sig=Cg0ArKJSzESPI2buGUVGEAE&id=lidar2&mcvt=1515&p=60,236,150,964&mtos=1515,1515,1515,1515,1515&tos=1515,0,0,0,0&v=20231115&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=2102018513&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1700132977541&rpt=4213&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Nov 2023 11:09:43 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame 1EE6 		46 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-22-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
8d21e83361177be307d7954587f4b3cc9627ba5f7028dc4bf930d81daa356174

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 16 Nov 2023 11:09:43 GMT
Content-Encoding
gzip
Last-Modified
Wed, 15 Nov 2023 15:20:13 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=15050
Connection
keep-alive
Content-Length
13230
Expires
Thu, 16 Nov 2023 15:20:33 GMT
480_650.mp4
cdn.vidverto.io/secured2/c8x7ovkNzHlnQ1u2rFs72g:1700136572/1327/video/1811/ 		1 MB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.vidverto.io/secured2/c8x7ovkNzHlnQ1u2rFs72g:1700136572/1327/video/1811/480_650.mp4
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/huang-zi-jiao-xia-biao-zao-qu-xiao-ding-dan-bei-mai-jia-yao-qiu-zhong-ding-yi-kan-jie-qian-zhang-5bei-zhen-de-you-dian-guo-huo.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
175.110.113.214 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
175-110-113-214.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash

Request headers

Referer
https://www.bg3.co/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

Date
Thu, 16 Nov 2023 11:09:43 GMT
Last-Modified
Thu, 02 Sep 2021 16:34:58 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"6130fd32-101dff4"
Content-Type
video/mp4
Access-Control-Allow-Origin
*
Content-Range
bytes 0-16900083/16900084
Connection
keep-alive
Content-Length
16900084
img
sync.mathtag.com/sync/ Frame 59D8 		43 B
443 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.132.241 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MT3 1075 283b7e3 master zrh zrh-pixel-x30 config_version:"1369" /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Thu, 16 Nov 2023 11:09:43 GMT
Expires
Thu, 16 Nov 2023 11:09:42 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 1075 283b7e3 master zrh zrh-pixel-x30 config_version:"1369"
Pug
simage2.pubmatic.com/AdServer/ Frame CBAE
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=4296390461623842244
42 B
195 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=4296390461623842244
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 16 Nov 2023 11:09:43 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
0
date
Thu, 16 Nov 2023 11:09:44 GMT
expires
-1
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=4296390461623842244
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
dcm
aax-eu.amazon-adsystem.com/s/ Frame CFD1 		43 B
855 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=0C12FB58-4C26-466B-B2C8-B7995E65D171&redir=true&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.118.179 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Thu, 16 Nov 2023 11:09:43 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
GV9TVTMX956SF2F9K3TG
cs
cs-server-s2s.yellowblue.io/ Frame 1A6E
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=7fYJHb37Cxj2og8ev6ERTurwXkv28A0Qvfv7esqf
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=0C12FB58-4C26-466B-B2C8-B7995E65D171
0
321 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=0C12FB58-4C26-466B-B2C8-B7995E65D171
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
44.198.128.71 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-198-128-71.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://ads.pubmatic.com/
content-length
0
content-type
application/javascript
date
Thu, 16 Nov 2023 11:09:44 GMT
server
istio-envoy
x-envoy-upstream-service-time
0

Redirect headers

content-length
115
content-type
text/html; charset=utf-8
date
Thu, 16 Nov 2023 11:09:42 GMT
location
https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=0C12FB58-4C26-466B-B2C8-B7995E65D171
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
SPug
image4.pubmatic.com/AdServer/ Frame 3365
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=500845215933131403&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=4296390461623842244
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=0C12FB58-4C26-466B-B2C8-B7995E65D171&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-uPV3jMVE2uU5DIEWDxclBf340m5x81U-~A&gdpr=0
0
128 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-uPV3jMVE2uU5DIEWDxclBf340m5x81U-~A&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
date
Thu, 16 Nov 2023 11:09:45 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

age
0
content-length
0
date
Thu, 16 Nov 2023 11:09:44 GMT
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-uPV3jMVE2uU5DIEWDxclBf340m5x81U-~A&gdpr=0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
server
ATS/9.1.10.87
strict-transport-security
max-age=31536000
Pug
simage2.pubmatic.com/AdServer/ Frame DD4C
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7302015560856696985&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=4296390461623842244
42 B
97 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=4296390461623842244
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 16 Nov 2023 11:09:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
0
date
Thu, 16 Nov 2023 11:09:44 GMT
expires
-1
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=4296390461623842244
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
SPug
image4.pubmatic.com/AdServer/ Frame EC88
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=jQiACeXrTt5fB-PDdoV78g&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=4296390461623842244
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=0C12FB58-4C26-466B-B2C8-B7995E65D171&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-uPV3jMVE2uU5DIEWDxclBf340m5x81U-~A&gdpr=0
0
48 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-uPV3jMVE2uU5DIEWDxclBf340m5x81U-~A&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
date
Thu, 16 Nov 2023 11:09:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

age
0
content-length
0
date
Thu, 16 Nov 2023 11:09:44 GMT
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-uPV3jMVE2uU5DIEWDxclBf340m5x81U-~A&gdpr=0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
server
ATS/9.1.10.87
strict-transport-security
max-age=31536000
SPug
image4.pubmatic.com/AdServer/ Frame A655
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy=
  • https://sync.bumlam.com/?src=bsw2&bsw_ssp=pubmatic&bsw_param=9fda2ccc-c830-446d-93e5-b2b049761564&gdpr=0&gdpr_consent=
  • https://sync.bumlam.com/?src=bsw2&s_data=CAIQARj48NeqBloJCgRnZHByEgEwWg4KDGdkcHJfY29uc2VudKIBEKVunaqEcBHuu7EAJZDIJDeqAQhwdWJtYXRpY7IBJDlmZGEyY2NjLWM4MzAtNDQ2ZC05M2U1LWIyYjA0OTc2MTU2NA**
  • https://x.bidswitch.net/sync?dsp_id=476&user_id=a56e9daa-8470-11ee-bbb1-002590c82437&expires=90&ssp=pubmatic&bsw_param=9fda2ccc-c830-446d-93e5-b2b049761564
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=9fda2ccc-c830-446d-93e5-b2b049761564&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=0C12FB58-4C26-466B-B2C8-B7995E65D171&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-uPV3jMVE2uU5DIEWDxclBf340m5x81U-~A&gdpr=0
0
128 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-uPV3jMVE2uU5DIEWDxclBf340m5x81U-~A&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
date
Thu, 16 Nov 2023 11:09:43 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

age
0
content-length
0
date
Thu, 16 Nov 2023 11:09:44 GMT
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-uPV3jMVE2uU5DIEWDxclBf340m5x81U-~A&gdpr=0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
server
ATS/9.1.10.87
strict-transport-security
max-age=31536000
Pug
image2.pubmatic.com/AdServer/ Frame CA45
Redirect Chain
  • https://t.adx.opera.com/pub/sync?pubid=pub8730968190912
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPUebc8d0fe4a37436cb8740274a79f101d
42 B
296 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPUebc8d0fe4a37436cb8740274a79f101d
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 16 Nov 2023 11:09:43 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
access-control-allow-methods
POST, GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
content-length
166
content-type
text/html; charset=utf-8
date
Thu, 16 Nov 2023 11:09:43 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPUebc8d0fe4a37436cb8740274a79f101d
pragma
no-cache
server
nginx
Pug
image2.pubmatic.com/AdServer/ Frame 9081
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFIWHhFN0txX0VBQUJUdjdzZllRUQ&gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_syn...
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://rtb-csync.smartadserver.com/redir?partneruserid=AAHXxE7Kq_EAABTv7sfYQQ&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dpp%252Cpm%26bee...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=pp%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=2&userid=1022322488938986752&gdpr=0&gdpr_consent=
  • https://bh.contextweb.com/bh/rtset?ev=AAHXxE7Kq_EAABTv7sfYQQ&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D1022322488938986752%26gdpr%3D0%26gdpr_consen...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=1022322488938986752&gdpr=0&gdpr_consent=&bee_sync_partners=pm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AAHXxE7...
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAHXxE7Kq_EAABTv7sfYQQ&gdpr=0&gdpr_consent=
42 B
200 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAHXxE7Kq_EAABTv7sfYQQ&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 16 Nov 2023 11:09:43 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
0
Date
Thu, 16 Nov 2023 11:09:44 GMT
Server
gunicorn
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAHXxE7Kq_EAABTv7sfYQQ&gdpr=0&gdpr_consent=
strict-transport-security
max-age=2592000; includeSubDomains
bridge
cm.adgrx.com/ Frame 8B4E 		43 B
283 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
64.95.96.108 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
content-length
43
content-type
image/gif
date
Thu, 16 Nov 2023 11:09:44 GMT
expires
Thu, 23 Sep 2004 17:42:04 GMT
p3p
CP="NOI OTC OTP OUR NOR"
pragma
no-cache
server
Cowboy
x-realserver-nx
ams-delivery-10
b9pj45k4
sync-tm.everesttech.net/ct/upi/pid/ Frame 2F78
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_con...
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_...
85 B
236 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZVX4dwAAD9xKHgBH
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
85
content-type
image/png
date
Thu, 16 Nov 2023 11:09:44 GMT
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-fra-eddf8230105-FRA
x-timer
S1700132984.127509,VS0,VE96

Redirect headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
0
date
Thu, 16 Nov 2023 11:09:44 GMT
location
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZVX4dwAAD9xKHgBH
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-fra-eddf8230105-FRA
x-timer
S1700132984.909510,VS0,VE94
Pug
simage2.pubmatic.com/AdServer/ Frame 488D
Redirect Chain
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
0
93 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Thu, 16 Nov 2023 11:09:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
date
Thu, 16 Nov 2023 11:09:43 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
server
_
Pug
simage2.pubmatic.com/AdServer/ Frame A360
Redirect Chain
  • https://b1sync.zemanta.com/usersync/pubmatic/?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:&gdpr=0&gdpr_consent=&gdpr=0
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=4296390461623842244
42 B
97 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=4296390461623842244
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 16 Nov 2023 11:09:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
0
date
Thu, 16 Nov 2023 11:09:44 GMT
expires
-1
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=4296390461623842244
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
cs
cs-server-s2s.yellowblue.io/ Frame 200F
Redirect Chain
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5144588527489820076
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=0C12FB58-4C26-466B-B2C8-B7995E65D171
0
321 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=0C12FB58-4C26-466B-B2C8-B7995E65D171
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
44.198.128.71 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-198-128-71.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://ads.pubmatic.com/
content-length
0
content-type
application/javascript
date
Thu, 16 Nov 2023 11:09:44 GMT
server
istio-envoy
x-envoy-upstream-service-time
0

Redirect headers

content-length
115
content-type
text/html; charset=utf-8
date
Thu, 16 Nov 2023 11:09:42 GMT
location
https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=0C12FB58-4C26-466B-B2C8-B7995E65D171
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
ImgSync
image8.pubmatic.com/AdServer/ Frame A32B
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=1928991434768822063
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.18 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

date
Thu, 16 Nov 2023 11:09:42 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

cache-control
no-store, no-cache, private
date
Thu, 16 Nov 2023 11:09:44 GMT
location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
cm
ipac.ctnsnet.com/int/ Frame E2A0 		43 B
369 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.193.173 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
173.193.186.35.bc.googleusercontent.com
Software
Apache-Coyote/1.1 /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
43
content-type
image/gif
date
Thu, 16 Nov 2023 11:09:43 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
CP="NOI DSP COR NID CUR OUR NOR"
pragma
no-cache
server
Apache-Coyote/1.1
via
1.1 google
cookiesync
core.iprom.net/ Frame AF1C 		43 B
279 B 		Document
General
Check archive.org
Download Go to
Full URL
https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Connection
close
Content-Length
43
Content-Type
image/gif
Date
Thu, 16 Nov 2023 11:09:44 GMT
Vary
Accept-Encoding
X-adserver-worker
ragnarok-980488e75cc4@version_1.576
X-core-time
0ms
X-server-arch
v2
pubmatic
ad.mrtnsvr.com/sync/ Frame 8E73 		0
0
usersyncsupply
cm-supply-web.gammaplatform.com/adx/ Frame A8DA 		0
0
sync
ads.servenobid.com/ Frame 713F 		0
357 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/sync?pid=316&uid=0C12FB58-4C26-466B-B2C8-B7995E65D171
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.212.105.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-212-105-38.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
amp-access-control-allow-source-origin
*
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
content-length
0
content-type
text/html;charset=ISO-8859-1
date
Thu, 16 Nov 2023 11:09:43 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 598D
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=DBL7WEwmRmuyyLeZXmXRcQ%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 11:09:44 GMT
content-encoding
gzip
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=166231
accept-ranges
bytes
content-length
5622
expires
Sat, 18 Nov 2023 09:20:15 GMT

Redirect headers

pragma
no-cache
date
Thu, 16 Nov 2023 11:09:43 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
qmap
sync.crwdcntrl.net/ Frame 598D 		49 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=0C12FB58-4C26-466B-B2C8-B7995E65D171&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.194.65.19 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-65-19.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Nov 2023 11:09:43 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.11.24
content-length
49
expires
0
cr
cr.frontend.weborama.fr/ Frame 598D
Redirect Chain
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=441213302
0
45 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=441213302
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
34.111.129.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.129.111.34.bc.googleusercontent.com
Software
Weborama Collect Frontend /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Nov 2023 11:09:43 GMT
via
1.1 google
last-modified
Thu, 16 Nov 2023 11:09:44 GMT
server
Weborama Collect Frontend
vary
Origin
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 16 Nov 2023 11:09:43 GMT
via
1.1 google
last-modified
Thu, 16 Nov 2023 11:09:44 GMT
server
Weborama Collect Frontend
vary
Origin
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
location
https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=441213302
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Tue, 03 Jul 2001 06:00:00 GMT
p
a.audrte.com/ Frame 598D
Redirect Chain
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=0C12FB58-4C26-466B-B2C8-B7995E65D171
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=OTI3ckM3eXp5MEdRTC1XZVlPLVlnNHRZUQ==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL...
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent=
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent=
  • https://a.audrte.com/a?adform_uid=4296390461623842244&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D
  • https://a.audrte.com/p
68 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
HTTP/1.1
Server
34.246.239.231 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-246-239-231.eu-west-1.compute.amazonaws.com
Software
nginx/1.22.1 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 16 Nov 2023 11:09:44 GMT
Server
nginx/1.22.1
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Thu, 16 Nov 2023 11:09:44 GMT
Server
nginx/1.22.1
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Access-Control-Allow-Origin
*
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Pug
image2.pubmatic.com/AdServer/ Frame 598D
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEIUZ9nAZfANXXa8siAXkIWk&google_cver=1
42 B
349 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEIUZ9nAZfANXXa8siAXkIWk&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 16 Nov 2023 11:09:42 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 16 Nov 2023 11:09:43 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEIUZ9nAZfANXXa8siAXkIWk&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame 598D 		43 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.204.74.118 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
118.74.204.35.bc.googleusercontent.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 11:09:43 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Wed, 15 Nov 2023 11:09:43 GMT
SPug
image4.pubmatic.com/AdServer/ Frame 598D
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=4296390461623842244
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=4296390461623842244
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=0C12FB58-4C26-466B-B2C8-B7995E65D171&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-uPV3jMVE2uU5DIEWDxclBf340m5x81U-~A&gdpr=0
0
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-uPV3jMVE2uU5DIEWDxclBf340m5x81U-~A&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 11:09:44 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-uPV3jMVE2uU5DIEWDxclBf340m5x81U-~A&gdpr=0
date
Thu, 16 Nov 2023 11:09:44 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
generic
match.adsrvr.org/track/cmf/ Frame 598D 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 11:09:43 GMT
server
Kestrel
content-length
70
content-type
image/gif
SPug
image4.pubmatic.com/AdServer/ Frame 598D
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=0C12FB58-4C26-466B-B2C8-B7995E65D171&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-uPV3jMVE2uU5DIEWDxclBf340m5x81U-~A&gdpr=0
0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-uPV3jMVE2uU5DIEWDxclBf340m5x81U-~A&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 11:09:44 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-uPV3jMVE2uU5DIEWDxclBf340m5x81U-~A&gdpr=0
date
Thu, 16 Nov 2023 11:09:43 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
0C12FB58-4C26-466B-B2C8-B7995E65D171
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 598D 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/0C12FB58-4C26-466B-B2C8-B7995E65D171?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.17.168.131 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-17-168-131.eu-west-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 11:09:43 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
generic
match.adsrvr.org/track/cmf/ Frame 598D
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=118381f6-8542-441e-8997-93e63d54d767-6555f875-4348&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 11:09:44 GMT
server
Kestrel
content-length
70
content-type
image/gif

Redirect headers

location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
date
Thu, 16 Nov 2023 11:09:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
125
content-type
text/html; charset=utf-8
Pug
simage2.pubmatic.com/AdServer/ Frame 598D
Redirect Chain
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=0C12FB58-4C26-466B-B2C8-B7995E65D171&gdpr=0&gdpr_consent=
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=7b9a15fce07218b2&is_secure=true&networkId=17100&version=1&nuid=0C12FB58-4C26-466B-B2C8-B7995E65D171&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAHwf4wAoXdMQNqPB6nAAAAAAA&expiration=1700219384&nuid=0C12FB58-4C26-466B-B2C8-B7995E65D171&...
42 B
377 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAHwf4wAoXdMQNqPB6nAAAAAAA&expiration=1700219384&nuid=0C12FB58-4C26-466B-B2C8-B7995E65D171&is_secure=true&gdpr_consent=&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 16 Nov 2023 11:09:43 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 16 Nov 2023 11:09:44 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAHwf4wAoXdMQNqPB6nAAAAAAA&expiration=1700219384&nuid=0C12FB58-4C26-466B-B2C8-B7995E65D171&is_secure=true&gdpr_consent=&gdpr=0
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
SPug
image4.pubmatic.com/AdServer/ Frame 598D
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8640911169531480051&gdpr=0&gdpr_consent=&us_privacy=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=4296390461623842244
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=0C12FB58-4C26-466B-B2C8-B7995E65D171&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-uPV3jMVE2uU5DIEWDxclBf340m5x81U-~A&gdpr=0
0
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-uPV3jMVE2uU5DIEWDxclBf340m5x81U-~A&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 11:09:43 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-uPV3jMVE2uU5DIEWDxclBf340m5x81U-~A&gdpr=0
date
Thu, 16 Nov 2023 11:09:44 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
ImgSync
image8.pubmatic.com/AdServer/ Frame 598D
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:5a20b5b8-afad-4f61-9a02-e0ba66d3e4c2&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
0
40 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
198.47.127.18 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 11:09:43 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
date
Thu, 16 Nov 2023 11:09:44 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
pagead2.googlesyndication.com/bg/ Frame 98DA 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
sffe /
Resource Hash
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 09:57:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
4343
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15296
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 16:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 15 Nov 2024 09:57:20 GMT
track
t2.teads.tv/ Frame 3EBE 		23 B
134 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t2.teads.tv/track?action=visible-1&vid=e749febd-847a-46f3-ae87-f65a1c76e7b9&gid=1098415&studio_cid=e7ab6051-78c6-11ee-b1b1-1b6012379357&piv=100&ut=1&hb_provider=prebid&psid=415253&auctid=a47ef0db-25e0-4f94-81af-19922be34ec7_86b8abf0-5054-4ede-94d0-97be783571fe&pscid=20204&scid=7024&pfid=68&sid=174681&env=js-web&hb_ad_unit_code=ADP_42753_728X250_77a9c22f-ac02-45dd-96bc-b0896a8a7d5a&cts=1700132980045&cid=1159743&pid=169092&p=6DH7Pnz9Qb4jPRI3MkMxD1f1j9nKb94Olec80VzzemsEDcvD71lXEC3juximi_deLiahQXS83sUkD0vZ71su3bAn0seh3TPJKa6M697g42h1S6qJvCrJlrg1FVKmpGCJPCiUQhferNKdn4P1agZSYVRNhN18s8S4VWoKQcdVtYMUFCB1xqfNpq0umtp-YN_rhOqKfvoQyez37dsn34lGbvC9PFOQA5XX6jh4uBgnQVYyKeZ5XlOURZs9st8J6rTa_ZKHJCA8i4uZ2fNXJ2cLOGnH1vyJ5o-AU9I5ylBt9cmvW6STb1TsaYRb2Yt8bO9zGX0qY9K0AiQC6OzMIrpGrixyk6KZENEENwDVm99Fx8PWkA&cs=574183354730495604505&slot=native&fv=1288&ts=1700132984015&plft=flv&hb_w=728&hb_h=90&referer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhuang-zi-jiao-xia-biao-zao-qu-xiao-ding-dan-bei-mai-jia-yao-qiu-zhong-ding-yi-kan-jie-qian-zhang-5bei-zhen-de-you-dian-guo-huo.html
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/huang-zi-jiao-xia-biao-zao-qu-xiao-ding-dan-bei-mai-jia-yao-qiu-zhong-ding-yi-kan-jie-qian-zhang-5bei-zhen-de-you-dian-guo-huo.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.161.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-161-51.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Sat, 26 Jul 1997 05:00:00 GMT
date
Thu, 16 Nov 2023 11:09:44 GMT
cache-control
max-age=0, no-cache, no-store
content-length
23
content-type
image/gif
VideoBidRequestHandlerServlet
am-wf.taboola.com/ 		2 KB
797 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://am-wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1700132984020&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=4&pv=1573&pt=1637683408&tz=60&viewable=true&ddast=V8uHkCLAbkc88eGz07IxPI5549Nnp2Ri4AAABgYID-AImtPDaTazlYyxymjVu0MhnXwt3MtFatJr7JarUaLmwLIyCxlcdmci0Ha5nDtHGLVibjWribmdaq1cQ3Wa1Ww4VtYQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AaBmGg6HT7XvV73-90lPs9c4_cr_ELXw-5zS59uqdPhdwufDrfE6fC7pQ-_W_F6C58Ov1vktPvcIofdLXE53WqH0y11OtzKh9-teLre0qPf7nOLnHafW_l0ax12t9TpciueDrtbenTYfW7VxOV0S48uu1vkciv_rrfI6bC7da6_W-j624Wmt9kOAAAAAB78____QwAAAACIAAAAACABAAAAgEJAhX8LAhcAAAAAMPz___9rAHjmkPA20-Vp97ns_gAAAAAAAgAAAIAEAAL6YQmAGOO9E___________MQboM29k_P___98w6AHw4APgQQgAAMDHkC2spwusCtVZIgWwRRgBAAAAkC3GvzgySSeoWFT5___vtwJwBQAgYPFaGkw8i-6gxFsYAAAAgTEL9LD4_WaHXeN3u8z_________v5n_M_9ohHp64tIA9cORqvkFBABY8wsIAMBG3RTMvRmAE3QIWjEYrE5AzA4AAADAnf___389IOPczQwL12hhcjgHG5tvNFptRhbPxGPYmHyrzXJ7NrRYxyAB6ND7bAjL7PcdFJTT02N2GWQsl8kgPmgYlpNBMD8TthitJpPNcjhbLiaD4Wg4Gu2PAC4HaCIGy-VkspjsVqPVaDPcjWaDBRKIwQRRtGgwWY1Gk8VkuBpNVrPlYrfbIIpWrWajzWC4mk1mu91qOBguRyM0YYvRajLZLIez5WIyGI6Go9EQwZDNY9yshiO3yLWbuEWTxcSt3M0sbo1ps1iNNjaXb-Jai14f08c0841cDi8SDPDci-RpkU4UG8NwtxoMJhaTZeSbbHazkWVk2ngGC5tvNhhOJmKJ5mSRTmSXfce5mxkWrtHC5HAONjbfaLTajCyeicewMflWm-W-ZPMYN6vhyC1y7SZu0WQxcSt3M4tbY9osVqONzeWbuNai18f0Mc18I5fD39gNBovNZLkb7Bu7wWCxmSx3g32HzvBdfc5GZVkl-ei0ffNiW645DQqXweJ9qU_nYcFYkE47R6fM4XgWdUa_3-_3-_1-v9_vN2g9B7NB4Xse_sLpY3kuh7PRg9hgUMQSwUU6ETzMbofp5Zb4PBu_RSxRmi7SiV7hF7oedp9b-nRLnQ6_W_h0uCVOh98tffjditdb-HT43SKn3ecWOexuicvpVjucbqnT4VY-_G7F0_WWHv12n1vktPvcyqdb67C7pU6XW_F02N3So8Puc6smLqdbenTZ3SKXW_l3vUVOh92tc_3dQtffLjS9zRaxRHC6SCeil_F0Uf-RQ-yGc8VyN5eMhnPJZpUAAAAAAAAAACzBNNNNAAAAAJwMargZLlbrdDCT2WSwWy0XwEVQli5gEAAAAAAAgGKNPdYAD7PbYXq5JT7Pxm9lABLMecw2-4wg1mq1rAEAAAhgAwAACOCmG28CwaO4_____3EAAABk5NADAACg3weEFbBe6IErxa8gFoPdav8AVIi1Wq1uN9ZqtQIWyHIx2E3g____Pw!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=1&dtagid=3262075&dpubid=583815&abtst=adxsub-out_vA!adxsub-out_vB!tbt_player!ufm_vG&mPre=0.033&cirf=https%3A%2F%2Fwww.bg3.co&en=1&subu=3
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.5.7/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
5caee3aaa1a04aac55e465614f4329486f5f2a3626706f000b61cc434ad92838

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
text/plain

Response headers

pragma
no-cache
date
Thu, 16 Nov 2023 11:09:44 GMT
content-encoding
gzip
server
nginx
machineid
1462
vary
Accept-Encoding
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
expires
Sat, 26 Jul 1997 05:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame FFCF
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEGdCnR-BMfx5m8PtciMvEIA&google_cver=1&google_push=AXcoOmTrGzLaPxGG5RaUHRnEzwFYWAyyTjycjBynrGbLrS5NxB8Cz823ciyxmNVChzkVR4mfndDbF8F6irkAgh0EbucQaWlVBWTVEu...
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=92ECAA55306B4FD395D26EC89C178274&google_push=AXcoOmTrGzLaPxGG5RaUHRnEzwFYWAyyTjycjBynrGbLrS5NxB8Cz823ciyxmNVChzkVR4mfndDbF8F6irkAgh0...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=92ECAA55306B4FD395D26EC89C178274&google_push=AXcoOmTrGzLaPxGG5RaUHRnEzwFYWAyyTjycjBynrGbLrS5NxB8Cz823ciyxmNVChzkVR4mfndDbF8F6irkAgh0EbucQaWlVBWTVEu0ns2Wh5fNEFQqxUl6pjcCahuZqtuuvkGdRDYsXlBvIihiLGOWz2I4
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/huang-zi-jiao-xia-biao-zao-qu-xiao-ding-dan-bei-mai-jia-yao-qiu-zhong-ding-yi-kan-jie-qian-zhang-5bei-zhen-de-you-dian-guo-huo.html
Protocol
H3
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Nov 2023 11:09:44 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 16 Nov 2023 11:09:44 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=92ECAA55306B4FD395D26EC89C178274&google_push=AXcoOmTrGzLaPxGG5RaUHRnEzwFYWAyyTjycjBynrGbLrS5NxB8Cz823ciyxmNVChzkVR4mfndDbF8F6irkAgh0EbucQaWlVBWTVEu0ns2Wh5fNEFQqxUl6pjcCahuZqtuuvkGdRDYsXlBvIihiLGOWz2I4
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Wed, 15 Nov 2023 11:09:44 GMT
pixel
cm.g.doubleclick.net/ Frame FFCF
Redirect Chain
  • https://ums.acuityplatform.com/tum?umid=4&uid=CAESEEa_XsMy4T-c9xWeIQr2Tak&google_cver=1&google_push=AXcoOmQHK8hgMg-3yvYaOz17S4V-FnO7onB1QLLMT-t4GzJ3h9fEMtCseRjGf8XQ1KY5D1KUv0quyh8w45q8rYVpKS2MTX6c_...
  • https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=853050275236&us_privacy=1---
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=853050275236&us_privacy=1---
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/huang-zi-jiao-xia-biao-zao-qu-xiao-ding-dan-bei-mai-jia-yao-qiu-zhong-ding-yi-kan-jie-qian-zhang-5bei-zhen-de-you-dian-guo-huo.html
Protocol
H3
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Nov 2023 11:09:44 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

access-control-allow-origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=853050275236&us_privacy=1---
content-length
0
pixel
cm.g.doubleclick.net/ Frame FFCF
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEHI2vOALFewp05vPahu_XDA&google_cver=1&google_push=AXcoOmThk6oKG6lDMywSjBF4-EE_-u0FbSVaEeEl6PHPsMFGXp5vtoOJvY9yc2KsA_FdqjR-TUyCSmIjIyZJltqnzI6d...
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmThk6oKG6lDMywSjBF4-EE_-u0FbSVaEeEl6PHPsMFGXp5vtoOJvY9yc2KsA_FdqjR-TUyCSmIjIyZJltqnzI6diaEcnza40YQTM0IcSwUgsuwJdsWfFTFIEHtEv7K-AH...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmThk6oKG6lDMywSjBF4-EE_-u0FbSVaEeEl6PHPsMFGXp5vtoOJvY9yc2KsA_FdqjR-TUyCSmIjIyZJltqnzI6diaEcnza40YQTM0IcSwUgsuwJdsWfFTFIEHtEv7K-AHjMmMoSGrZ0n5UZAuwYEqtu&google_hm=n9oszMgwRG2T5bKwSXYVZA==
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/huang-zi-jiao-xia-biao-zao-qu-xiao-ding-dan-bei-mai-jia-yao-qiu-zhong-ding-yi-kan-jie-qian-zhang-5bei-zhen-de-you-dian-guo-huo.html
Protocol
H3
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Nov 2023 11:09:44 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
//cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmThk6oKG6lDMywSjBF4-EE_-u0FbSVaEeEl6PHPsMFGXp5vtoOJvY9yc2KsA_FdqjR-TUyCSmIjIyZJltqnzI6diaEcnza40YQTM0IcSwUgsuwJdsWfFTFIEHtEv7K-AHjMmMoSGrZ0n5UZAuwYEqtu&google_hm=n9oszMgwRG2T5bKwSXYVZA==
date
Thu, 16 Nov 2023 11:09:44 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
pixel
cm.g.doubleclick.net/ Frame FFCF
Redirect Chain
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEDmfZoBpz1KK_t9iNjGROE0&google_cver=1&google_push=AXcoOmRTzHT6O6iW-HpEil0PA-51OJKoV31aVkde0puR8-3s_FKIvDBRxm6qesUFWWRklv86ATzNKnp1CJ5LJ...
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmRTzHT6O6iW-HpEil0PA-51OJKoV31aVkde0puR8-3s_FKIvDBRxm6qesUFWWRklv86ATzNKnp1CJ5LJTDDDk7O60IA9RtUbaSPZnCo7mYkxnygctL8ZOsloT0plps...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmRTzHT6O6iW-HpEil0PA-51OJKoV31aVkde0puR8-3s_FKIvDBRxm6qesUFWWRklv86ATzNKnp1CJ5LJTDDDk7O60IA9RtUbaSPZnCo7mYkxnygctL8ZOsloT0plpsZBFw2FOmoa9r20g1V__aU6kW0&google_hm=Q3NMY3BlRlp4dWtJeWVub3h0SVk=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/huang-zi-jiao-xia-biao-zao-qu-xiao-ding-dan-bei-mai-jia-yao-qiu-zhong-ding-yi-kan-jie-qian-zhang-5bei-zhen-de-you-dian-guo-huo.html
Protocol
H3
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Nov 2023 11:09:44 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 16 Nov 2023 11:09:44 GMT
Content-Type
text/html; charset=utf-8
Location
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmRTzHT6O6iW-HpEil0PA-51OJKoV31aVkde0puR8-3s_FKIvDBRxm6qesUFWWRklv86ATzNKnp1CJ5LJTDDDk7O60IA9RtUbaSPZnCo7mYkxnygctL8ZOsloT0plpsZBFw2FOmoa9r20g1V__aU6kW0&google_hm=Q3NMY3BlRlp4dWtJeWVub3h0SVk=
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
292
Expires
Thu, 01 Dec 1994 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame FFCF
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEI9D12HpEMVfjSzppSzUcQk&google_cver=1&google_push=AXcoOmTwrhU72n2poBIx6Q7QbCg7-r7F0IDfaUN_-hs34J2K-VqajYN6msERK0avafQ8EhLZobGy1V...
  • https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AXcoOmTwrhU72n2poBIx6Q7QbCg7-r7F0IDfaUN_-hs34J2K-VqajYN6msERK0avafQ8EhLZobGy1VoarLzsoe_fTyHq8jLEiVyOefJgd70MGDuzvJgGM8u2O...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AXcoOmTwrhU72n2poBIx6Q7QbCg7-r7F0IDfaUN_-hs34J2K-VqajYN6msERK0avafQ8EhLZobGy1VoarLzsoe_fTyHq8jLEiVyOefJgd70MGDuzvJgGM8u2OQOouPdiHo3yVqdnwFylYOuLY8BwxF3ChmGE&google_hm=MTAyMjMyMjQ4ODkzODk4Njc1Mg%3D%3D
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/huang-zi-jiao-xia-biao-zao-qu-xiao-ding-dan-bei-mai-jia-yao-qiu-zhong-ding-yi-kan-jie-qian-zhang-5bei-zhen-de-you-dian-guo-huo.html
Protocol
H3
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Nov 2023 11:09:44 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AXcoOmTwrhU72n2poBIx6Q7QbCg7-r7F0IDfaUN_-hs34J2K-VqajYN6msERK0avafQ8EhLZobGy1VoarLzsoe_fTyHq8jLEiVyOefJgd70MGDuzvJgGM8u2OQOouPdiHo3yVqdnwFylYOuLY8BwxF3ChmGE&google_hm=MTAyMjMyMjQ4ODkzODk4Njc1Mg%3D%3D
date
Thu, 16 Nov 2023 11:09:43 GMT
content-length
0
attr
cm.g.doubleclick.net/pixel/ Frame FFCF 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13I6RaUT43fsJKMbg172NvL44YxPv35RHIP7hc6ywXIREm5vDgsMkbWoK4U
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301107&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1700132976&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhuang-zi-jiao-xia-biao-zao-qu-xiao-ding-dan-bei-mai-jia-yao-qiu-zhong-ding-yi-kan-jie-qian-zhang-5bei-zhen-de-you-dian-guo-huo.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700132973992&bpp=941&bdt=1668&idt=2920&shv=r20231109&mjsv=m202311090101&ptt=5&saldr=sd&cookie=ID%3Db41398bdaa9909b2%3AT%3D1700132970%3ART%3D1700132970%3AS%3DALNI_MY9TDWl_IAj-r6iD6RW7pCAt1wm8w&gpic=UID%3D00000cc9e0085334%3AT%3D1700132970%3ART%3D1700132970%3AS%3DALNI_MaGHGq4gTOIhiQ9EJVN50HJyw1Ixg&correlator=1789034463196&frm=23&ife=1&pv=2&ga_vid=1685989450.1700132971&ga_sid=1700132977&ga_hid=279756116&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1544&biw=1600&bih=1200&isw=336&ish=280&ifk=904434799&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31078301%2C44807763%2C44808148%2C44808285%2C44809055%2C31079698&oid=2&pvsid=2215057882865319&tmod=1229521688&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.139s2rqhl1tc&btvi=1&fsb=1&dtd=2965
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 11:09:44 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
sodar
pagead2.googlesyndication.com/getconfig/ Frame BA36 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231109&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
b0a81fc3c7876af5e63034ac6a72ed9a91285289306fc24bc82e434aa53cb1ed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 11:09:44 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12395
x-xss-protection
0
/
track.adform.net/csimpr/ Frame 9326 		35 B
589 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/csimpr/?bn=66923274&csi=PtSWpfyBsr5F4t89RAr5FVKv7vLLdH1parGKqewWTIkJDwKV3Zer3GBiPUZtY-tgKpvihGjAQYTRkB4oLu-B1gNtOX5gUufL_V6vjoqQRggDvP-67D9Y4w2
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.228 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 16 Nov 2023 11:09:44 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://www.bg3.co
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
khaos.json
token.rubiconproject.com/ Frame 1EE6 		7 B
765 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?khaos=LP139Y10-G-4X8A
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
28e1e7d28d06b07ec669bc9e43057b8e
Expires
0
view
securepubads.g.doubleclick.net/pcs/ Frame 9326 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssfIBZX2n-np0qW8nudLII0vHAy8MQuQpYZP_2FWrfqWM7HK1BWfz_cpRzMBbcVuap6N_Dkj1l4snr33kL2ECwougvuK8eQGA77dWj-ZSgPzedCS01u3jyNZ8NPbYTRwL59suEccm56I9Xx59JrpePGxs4EDUXK2De7W-Yd4fz4mTh7WLIYDsN0PnAh-mAJO6wv0cskx-PPpR-J8hImDLxu2s6XkHMh1Yp0diHiz0o3l7Z1PXRs0Y3kzhOz1tzJQCBf_V-IaG_gwEQ0mPCJP6T3bGgJE6ziIAehMwNIzpv36Q0uGmILSjpDTmpn7-QAjYj6sBACr-Da5krpsPMhs7Xkx7nC87HsBZU&sai=AMfl-YT83LxrnlPSeY1mnjhQmuWtAPFBoR4UlX9oh9FWRqUgLQsMBl_0CENpfasW0r-__Mw_s0sjrXDK5jBgaVStOeAbm0IYngHL0EII3qEKYxFg4AeuP00lzKsp9VlgkDw&sig=Cg0ArKJSzFx81yTD2QWFEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 11:09:44 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 16 Nov 2023 11:09:44 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame BA36 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f1.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 11:09:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 16 Nov 2023 11:09:44 GMT
13311274.js
s1.adform.net/Banners/Elements/Files/2135726/13311274/ Frame 90EE 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/Banners/Elements/Files/2135726/13311274/13311274.js?ADFassetID=13311274&bv=257
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/huang-zi-jiao-xia-biao-zao-qu-xiao-ding-dan-bei-mai-jia-yao-qiu-zhong-ding-yi-kan-jie-qian-zhang-5bei-zhen-de-you-dian-guo-huo.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.234 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
7b7767c6c728d8afb551f77b416ae0807a85211a38e207655628a8190f8c8d5e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 11:09:44 GMT
content-encoding
gzip
last-modified
Thu, 10 Aug 2023 13:34:40 GMT
server
nginx
x-amz-request-id
tx00000021b966db9f3c7f6-00653198d8-3295f883-default
etag
W/"7b9180c32c1521edec764b86564a54ed"
x-cache-status
STALE
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
usersync
usersync.gumgum.com/ Frame 1EE6
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&khaos=LP139Y10-G-4X8A
  • https://usersync.gumgum.com/usersync?b=mag&i=LP139Y10-G-4X8A
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=mag&i=LP139Y10-G-4X8A
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 16 Nov 2023 11:09:44 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://usersync.gumgum.com/usersync?b=mag&i=LP139Y10-G-4X8A
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4b510f0cc5fcbc9800016ef543086418
Expires
0
track
t2.teads.tv/ Frame AE17 		23 B
134 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t2.teads.tv/track?action=visible-1&vid=e749febd-847a-46f3-ae87-f65a1c76e7b9&gid=1076044&studio_cid=5fadf0b0-6420-11ee-b7d4-e3f027d50924&piv=100&ut=1&hb_provider=prebid&psid=415253&auctid=a47ef0db-25e0-4f94-81af-19922be34ec7_41c71f8a-9c4e-493a-8dfc-1ddc38e617eb&pscid=20204&scid=7024&pfid=68&sid=174681&env=js-web&hb_ad_unit_code=ADP_42753_728X250_77a9c22f-ac02-45dd-96bc-b0896a8a7d5a&cts=1700132980794&cid=1139714&pid=169092&p=00fV9_2JhShc0xAb7qfYI_K2oGY1qyF6stMH-5ZNyEb9oNLNwiyuQUxPMLwZ4lt47Ii_svUAyLDGBffVo0ZmfHBFCOdXt9RT7bRn7KFcVwfbbaaesJRtI31s1B2Fh5MxtYeiWacT16mERNaTVGO3vTSME_sZlOI6E8IyWlSOPMpM76Zd3y0ogWRQLP5fZ0Mqxulsj883Ld0hbdfuwWJlkJ-99cCkPB8kJ4Ty5ZKCDWSZabyE-Ox2p6kgAyx9RJ3tt99O3h4lf_gZ51GiACW0Y3HhyXJAXdG2gb6QvTOXIawTHgItq1YTsUueFZ0swghXtxUQ1iUngu8ddyjdUXjpq79U_N2u_6GbDsC2dzej40AJyA&cs=663364325678062337905&slot=native&fv=1288&ts=1700132984744&plft=flv&hb_w=728&hb_h=90&referer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhuang-zi-jiao-xia-biao-zao-qu-xiao-ding-dan-bei-mai-jia-yao-qiu-zhong-ding-yi-kan-jie-qian-zhang-5bei-zhen-de-you-dian-guo-huo.html
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/huang-zi-jiao-xia-biao-zao-qu-xiao-ding-dan-bei-mai-jia-yao-qiu-zhong-ding-yi-kan-jie-qian-zhang-5bei-zhen-de-you-dian-guo-huo.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.161.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-161-51.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Sat, 26 Jul 1997 05:00:00 GMT
date
Thu, 16 Nov 2023 11:09:44 GMT
cache-control
max-age=0, no-cache, no-store
content-length
23
content-type
image/gif
ads
pubads.g.doubleclick.net/gampad/live/ Frame BEFB 		34 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/live/ads?iu=%2F21986089839%2C22574853003%2Fivm_video%2Fivm_bg3.co_video&description_url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhuang-zi-jiao-xia-biao-zao-qu-xiao-ding-dan-bei-mai-jia-yao-qiu-zhong-ding-yi-kan-jie-qian-zhang-5bei-zhen-de-you-dian-guo-huo.html&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhuang-zi-jiao-xia-biao-zao-qu-xiao-ding-dan-bei-mai-jia-yao-qiu-zhong-ding-yi-kan-jie-qian-zhang-5bei-zhen-de-you-dian-guo-huo.html&tfcd=0&npa=0&sz=1x1%7C300x250%7C320x480%7C400x300%7C480x320%7C480x360%7C600x338%7C640x480%7C720x405&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=2350787747006708&sdkv=h.3.605.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&u_so=l&ctv=0&mpt=vidvertoplayer&mpv=1.0.0&sdki=445&ptt=20&adk=3132361577&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.605.0&media_url=https%3A%2F%2Fcdn.vidverto.io%2Fsecured2%2Fc8x7ovkNzHlnQ1u2rFs72g%3A1700136572%2F1327%2Fvideo%2F1811%2F480_650.mp4&sid=14347272-17C5-4343-A6A7-D6595BED2F20&nel=0&eid=44772139%2C44777649%2C44781409%2C44802074%2C44802463%2C44804291%2C44806074&top=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhuang-zi-jiao-xia-biao-zao-qu-xiao-ding-dan-bei-mai-jia-yao-qiu-zhong-ding-yi-kan-jie-qian-zhang-5bei-zhen-de-you-dian-guo-huo.html&loc=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhuang-zi-jiao-xia-biao-zao-qu-xiao-ding-dan-bei-mai-jia-yao-qiu-zhong-ding-yi-kan-jie-qian-zhang-5bei-zhen-de-you-dian-guo-huo.html&dt=1700132984828&cookie=ID%3Db41398bdaa9909b2%3AT%3D1700132970%3ART%3D1700132970%3AS%3DALNI_MY9TDWl_IAj-r6iD6RW7pCAt1wm8w&gpic=UID%3D00000cc9e0085334%3AT%3D1700132970%3ART%3D1700132970%3AS%3DALNI_MaGHGq4gTOIhiQ9EJVN50HJyw1Ixg&scor=2866105234527462&ged=ve4_td15_tt7_pd15_la15000_er741.400.742.800_vi0.0.1200.1600_vp100_eb24171
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
ltt /
Resource Hash
ed6170507dca7ce7eea9bf30296fd64c77618ef6e3dec59bd810437caff9362c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 11:09:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5089
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
ltt
google-creative-id
-1
x-frame-options
SAMEORIGIN
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
Adform.DHTML.js
s1.adform.net/banners/scripts/rmb/ Frame 90EE
Redirect Chain
  • https://track.adform.net/banners/scripts/rmb/Adform.DHTML.js
  • https://s1.adform.net/banners/scripts/rmb/Adform.DHTML.js
30 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/banners/scripts/rmb/Adform.DHTML.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/huang-zi-jiao-xia-biao-zao-qu-xiao-ding-dan-bei-mai-jia-yao-qiu-zhong-ding-yi-kan-jie-qian-zhang-5bei-zhen-de-you-dian-guo-huo.html
Protocol
H2
Server
37.157.6.234 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
bea63616949c80ff0dfdbb1e8547f1585882fc691483317b06441688e3e5f14a

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 11:09:45 GMT
content-encoding
gzip
last-modified
Wed, 08 Jun 2022 12:02:22 GMT
server
nginx
x-amz-request-id
tx00000954a8d644de9b13a-0063766111-32940f80-default
etag
W/"4731aef0a5114a59b4311776d270e848"
x-cache-status
HIT
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-rgw-object-type
Normal
cache-control
public, max-age=604800

Redirect headers

location
https://s1.adform.net/banners/scripts/rmb/Adform.DHTML.js
date
Thu, 16 Nov 2023 11:09:45 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
content-type
text/html
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 1BB0 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f1.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
83
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 16 Nov 2023 11:08:22 GMT
expires
Fri, 15 Nov 2024 11:08:22 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 36F2 		829 B
793 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f4.1e100.net
Software
GSE /
Resource Hash
385bfa33cb2a15bfffb758f64c71fb1d335bbbd8f2f79191b113c0a4709734d7
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-BoC_hY3QIRZdC4wMA0gWew' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-BoC_hY3QIRZdC4wMA0gWew' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 16 Nov 2023 11:09:45 GMT
expires
Thu, 16 Nov 2023 11:09:45 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
gen_204
pagead2.googlesyndication.com/pagead/ Frame 340F 		0
68 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=B3I-nbPhVZd_fEOO99u8PrKat0AUAAAAAOAHgBAI&bg=!5Oel56jNAAZxrfrxUa07ADQBe5WfOJxbZ8UfhWGbbOOKM1WugKABI8VFEpRaoBmWHociMhr8UfmXWXZlbNsgOK6EV-guAgAAF3ZSAAAAB2gBB5kDTWpBke7AkPHa-CcX-DplvPNQWpoZNjBcEblEghrJAB5wA2ZMqwsB4jEOOXBkKqRLzogT0pACR-hv1FpMNzEgu5T3UkSOGSotqnJHo8cDiQT3w49WBYB90Jf0Sd_vwyxe_s9bJoAz-mYpNEgHOTfyUZf3Gc3zYMIKAAIiyaroqaLI9CT5lv3kP4KjjSArQqbbq4ffc5urXuxqKDjalI-YpXp9xTuB-XzewZrnhUh6A9ZuXkEQxAeWX-IWlzb8KMRQk2aEG_CXuoKt7bWPnkXvlJ4Jw5WGbYNVwiRNHbh7H_SEFhhfE1W_aUB7Lw6Z9BTRsMO153Dxlj2XMujdPCPScBY76yn7UV3q5SM8E_DogljnVP9u4s03lOG2PIqU5iz_PM3cKqNCpsrkI5LlRtczrULUXiX_M5IPyif3t2ofy-JmrlLC9JyuwSEjAb3G5PavyajFgQooUryW0VF5CePiP3lk2ZfeIeGBHRikOchLsZtXYql2_pwxgQNPfg8utja6LokdxC1UjqGa9gugncxH0FKCaWEIQLY1SsNsvNPLNHtrAvH3zbtm36uLrWWzbAa1VfwGmBNgel2Mc5OV1kKYhYlcEhmN_nimsF3ZT753yN6dt_WDYw87vM7jtgueFWChhXf3B28ziYqQWdgSkpb8OxPMJFdYO7OBitpBxrd7lwg7GTnB-25VO0mzoa0K5D9Q4K7WXzsBjGXkVbFLWLIn2pMdH7I-TRmHLvZYWt4n1t_4-zDZHVxN1yd8XVT9zkoOW5QtZ9sdwUJMmPXB1UcnYnElK1BRdNpqSwcrTJqX7Y5SztCI343dB8pJ783Ja-9xKsSp10iEG8FhkH88C9_G6g7M1Rb8z-6tJI22LzL2GGnZQjmeKUf2bag6yux_ojsZoPrxcj3nEH69TOvKIObBCf9VbvfF-w8IvO5ABmgac_-iC72f97z4A4TlEQlEryzvByIt3rkauXbv61uIPK6bh1yX_ohhqMiyNnT1Q5BIiXGx1yGQtTllVLzEwkPdYOR7Pe_Ucj9bjYYZdSQWVC1B5164xCN_rS6hTlisxdqN9JHXqvthr2abdxEGH0ScAQyAeVdVh1_DX047bScrA2dINuS_oKyoyc1qb5yyVR2T
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/huang-zi-jiao-xia-biao-zao-qu-xiao-ding-dan-bei-mai-jia-yao-qiu-zhong-ding-yi-kan-jie-qian-zhang-5bei-zhen-de-you-dian-guo-huo.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Nov 2023 11:09:45 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3623 		0
68 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=7797412441361&version=m202309260101&ct=77&x=1&cor=5713786660072100000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Nov 2023 11:09:45 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 36F2 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231109&jk=2215057882865319&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/huang-zi-jiao-xia-biao-zao-qu-xiao-ding-dan-bei-mai-jia-yao-qiu-zhong-ding-yi-kan-jie-qian-zhang-5bei-zhen-de-you-dian-guo-huo.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame 3489 		0
40 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?wfhElQ
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/huang-zi-jiao-xia-biao-zao-qu-xiao-ding-dan-bei-mai-jia-yao-qiu-zhong-ding-yi-kan-jie-qian-zhang-5bei-zhen-de-you-dian-guo-huo.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f1.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 11:09:45 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
pagead2.googlesyndication.com/bg/ Frame 1BB0 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
sffe /
Resource Hash
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 09:57:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
4345
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15296
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 16:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 15 Nov 2024 09:57:20 GMT
track
t2.teads.tv/ Frame 3EBE 		23 B
134 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t2.teads.tv/track?action=visible-2&vid=e749febd-847a-46f3-ae87-f65a1c76e7b9&gid=1098415&studio_cid=e7ab6051-78c6-11ee-b1b1-1b6012379357&piv=100&ut=1&hb_provider=prebid&psid=415253&auctid=a47ef0db-25e0-4f94-81af-19922be34ec7_86b8abf0-5054-4ede-94d0-97be783571fe&pscid=20204&scid=7024&pfid=68&sid=174681&env=js-web&hb_ad_unit_code=ADP_42753_728X250_77a9c22f-ac02-45dd-96bc-b0896a8a7d5a&cts=1700132980046&cid=1159743&pid=169092&p=sUGHefbBhSx1JHh3RS_1sXo-DuSmlfI6z4LltCJbFtuF2PpooeRBYvboCamgdrp6uxE6Wxk5BQXaBb_ZpAH7V-ct-3kaP6sLf3Dm8NZp9Z37MqzD-sTer27OYkgY_xlN1cqo0s-RX2rRdzDzruh9fOdDI_qSpowBS844FTlKU5m_Y5yf8ApxjsE1e_PH45r8S7QazXVYPoQeT4OE0JZCSWOqVXOxxQ7jdyLRT94a6CGpDzT_1dbT6tVEotOEHCTowPJBCbNngK4m1NqJOwiRrrSueitsUh0YX34K8taORgedBbMp8oW9V7rfc6v0PddVqsQDLShZiin3riwcAD2mKagQkc7OftDbhYv27Jvhmeab1Q&cs=-555578259141059379005&slot=native&fv=1288&ts=1700132985259&plft=flv&hb_w=728&hb_h=90&referer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhuang-zi-jiao-xia-biao-zao-qu-xiao-ding-dan-bei-mai-jia-yao-qiu-zhong-ding-yi-kan-jie-qian-zhang-5bei-zhen-de-you-dian-guo-huo.html
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/huang-zi-jiao-xia-biao-zao-qu-xiao-ding-dan-bei-mai-jia-yao-qiu-zhong-ding-yi-kan-jie-qian-zhang-5bei-zhen-de-you-dian-guo-huo.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.161.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-161-51.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Sat, 26 Jul 1997 05:00:00 GMT
date
Thu, 16 Nov 2023 11:09:45 GMT
cache-control
max-age=0, no-cache, no-store
content-length
23
content-type
image/gif
64d4e74a0a0c263920348a03
c.bannerflow.net/a/ Frame 90EE 		73 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.bannerflow.net/a/64d4e74a0a0c263920348a03?did=5ced02fe0fd60d000186f5ac&deeplink=off&domain=https%3a%2f%2fwww.bg3.co%2f
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/huang-zi-jiao-xia-biao-zao-qu-xiao-ding-dan-bei-mai-jia-yao-qiu-zhong-ding-yi-kan-jie-qian-zhang-5bei-zhen-de-you-dian-guo-huo.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.202.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
01802f71fe0c1e7c305af2ac870ab5cafced12077f6f2b4c33cdf2eb133a26e5

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 11:09:45 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 16 Nov 2023 11:09:45 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, s-maxage=10
cf-ray
826f48991e2af18f-CDG
request-context
appId=cid-v1:1a5f66bd-0229-467a-a946-b3753e659ecb
csi
csi.gstatic.com/ Frame BEFB 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~lp13a65w&c=1789034463196&slotId=894517231598&eee=missing-element&bi=missing-id&vast_v=4.0&nlc=1&nlrh=0&nlri=0&nlrs=1&nlru=0&nlrhc=false&wta=1&lima_p_ich=0&lima_p_icu=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.26.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bom05s09-in-f3.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Nov 2023 11:09:45 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?vd=diff&oc=f&nc=f&oi=f&ni=f&custVid=464269934&lid=93&sdkv=h.3.605.0&e=44772139%2C44777649%2C44781409%2C44802074%2C44802463%2C44804291%2C44806074&id=ima_html5&c=1421013251803073&domain=www.bg3.co
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Nov 2023 11:09:45 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?adtagurl=https%3A%2F%2Fpubads.g.doubleclick.net%2Fgampad%2Flive%2Fads%3Fiu%3D%2F21986089839%2C22574853003%2Fivm_video%2Fivm_bg3.co_video%26description_url%3Dhttps%253A%252F%252Fwww.bg3.co%252Fa%252Fhuang-zi-jiao-xia-biao-zao-qu-xiao-ding-dan-bei-mai-jia-yao-qiu-zhong-ding-yi-kan-jie-qian-zhang-5bei-zhen-de-you-dian-guo-huo.html%26url%3Dhttps%253A%252F%252Fwww.bg3.co%252Fa%252Fhuang-zi-jiao-xia-biao-zao-qu-xiao-ding-dan-bei-mai-jia-yao-qiu-zhong-ding-yi-kan-jie-qian-zhang-5bei-zhen-de-you-dian-guo-huo.html%26tfcd%3D0%26npa%3D0%26sz%3D1x1%257C300x250%257C320x480%257C400x300%257C480x320%257C480x360%257C600x338%257C640x480%257C720x405%26gdfp_req%3D1%26output%3Dvast%26unviewed_position_start%3D1%26env%3Dvp%26impl%3Ds%26correlator%3D17001329726555f86c5eef3&customPlayback=f&lid=31&sdkv=h.3.605.0&e=44772139%2C44777649%2C44781409%2C44802074%2C44802463%2C44804291%2C44806074&id=ima_html5&c=1421013251803073&domain=www.bg3.co
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Nov 2023 11:09:45 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame BEFB 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~lp13a772&c=1789034463196&slotId=894517231598&ghmsh_eids=44772139%2C44777649%2C44781409%2C44802074%2C44802463%2C44804291%2C44806074
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.26.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bom05s09-in-f3.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Nov 2023 11:09:45 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
4072496958553746652
tpc.googlesyndication.com/daca_images/simgad/ Frame BEFB 		100 KB
100 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/daca_images/simgad/4072496958553746652
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f1.1e100.net
Software
sffe /
Resource Hash
35c214f925928346f704baed1b7f12e1ba193d1e614e1b9dd36f5c8c5f4ff276
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 05:19:50 GMT
x-content-type-options
nosniff
age
193795
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
101964
x-xss-protection
0
last-modified
Wed, 18 Oct 2023 17:49:27 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 13 Nov 2024 05:19:50 GMT
/
googleads.g.doubleclick.net/pagead/live/interaction/ Frame BEFB 		42 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/live/interaction/?ai=C7b-0ePhVZe-ON_aw2fcPue2jsAa49ZiddLKX5_iQEtvZHhABIIDP1Hxg9YWAgNQEoAGIoceOKcgBAuACAKgDAZgEAKoE7wNP0IuqmD4mVTSrC7oSj_Or39bPLHmg-2Uv4YvMx4_w1nAr6EIc5wQEFhVyuAXf536pyddZAAMejyPOvHEFbCrj8MeezENOV1ndVIMrX_rs0D2s16yg2Fs8rDqs1nZ0rvHhv7E9eVbWoPts1L4MZkOCXv-SVnYOSM-xXCN3Iymc_QkARIXifAqig0DF1vvw4TjhTqpRBbD6Ue_jelkCuFO1fQCzrUnI9D-G30wo0gWv3XA4CGb9V0WErzGlLaHA5p5E_AYVbo1yBLA5RazfN8FcJT-_53CciFkOeNY3Gs59AkBVbl5px74-rqH1hYV-HyGoJbGAIT63lNcYSxQUuz4bWyhW41qRYPOADAe8D65lYUnyPqigBWBDRqMIrtF9W6NyqP8gmH3mKyqVgO-qIaa47yJ7UxRYAKxzXrbY2ALxZ0NH70Fzz6EpsussFejZzLIiw0jCF9d8oDE8IqKcCcXcrDhQg_niUhhr-mhbdu-g_DmRqvd6M7PQB2NH5Uj_k1zrtbAhtGbl37gTp_LAnfiMDH0a3ZRtvmaiDhu0QgrKQ7vstjOZqYP0DSroxmBDtMQ26s2cyJ8T1zdCbnweD281y2ELnMpAGwoIphYZXRhJFkKyc0iktO-I4s4xN3aUt-47SJ6ijEG5E96aYUMo5WzABPTNkNzVBOAEAYgFga_moE2gBgKAB4jZl-4DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHAdIIFAiAYRABGB0yAooCOgKAQEi9_cE6gAoDyAsBogwYKhYKFOS0sQLutbECtbixAuS0sQLutbECqg0CQ0jiDRMI5LKK9bDIggMVdlj2CB259ghm2BMC0BUBmBYB-BYBgBcB&sigh=HneXXQ-ydl0&cmd=Ch1jYS12aWRlby1wdWItMTI5MDk5NTkwMTkwNTU4OBAAGAI&label=videoplayfailed501
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/huang-zi-jiao-xia-biao-zao-qu-xiao-ding-dan-bei-mai-jia-yao-qiu-zhong-ding-yi-kan-jie-qian-zhang-5bei-zhen-de-you-dian-guo-huo.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s46-in-f2.1e100.net
Software
ltt /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Nov 2023 11:09:45 GMT
x-content-type-options
nosniff
server
ltt
x-frame-options
SAMEORIGIN
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ 		427 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b7d818c698d26d9d34c00c94853c93b34abb2fd53e97c415fafb9e84df993f31

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		415 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9c51b3bb0c5188de2571ed94d9432b85693241de3e05e5e82247dd8a45d4d03f

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		414 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8d5d4d2769bdb28802f4309747ef6a358007eeb37daadc66a78ba0ca81cd4bce

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
gen_204
pagead2.googlesyndication.com/pagead/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?error=501&vis=1&lid=7&sdkv=h.3.605.0&e=44772139%2C44777649%2C44781409%2C44802074%2C44802463%2C44804291%2C44806074&id=ima_html5&c=1421013251803073&domain=www.bg3.co
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Nov 2023 11:09:45 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 9326 		42 B
108 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvyv3FfmbvHAJL29GiVxauXJa6ggRqySQxWngdmKrALtGOa9rtz-AgC69R6FxYKxhaCpGXP31-P4EvoV_qFx0CBypMFNDUjCxT6U76NuxGry_ltMN_MUh3lIJACvtTgS-cqAGn3s3g2Nw&sig=Cg0ArKJSzPAiJg6cZ6GYEAE&id=lidar2&mcvt=1190&p=1110,436,1204,1164&mtos=0,1190,1190,1190,1190&tos=0,1190,0,0,0&v=20231115&bin=7&avms=nio&bs=1600,1200&mc=0.96&vu=1&app=0&itpl=19&adk=3374688892&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1700132978295&rpt=6075&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Nov 2023 11:09:45 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
track
t2.teads.tv/ Frame AE17 		23 B
134 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t2.teads.tv/track?action=visible-2&vid=e749febd-847a-46f3-ae87-f65a1c76e7b9&gid=1076044&studio_cid=5fadf0b0-6420-11ee-b7d4-e3f027d50924&piv=100&ut=1&hb_provider=prebid&psid=415253&auctid=a47ef0db-25e0-4f94-81af-19922be34ec7_41c71f8a-9c4e-493a-8dfc-1ddc38e617eb&pscid=20204&scid=7024&pfid=68&sid=174681&env=js-web&hb_ad_unit_code=ADP_42753_728X250_77a9c22f-ac02-45dd-96bc-b0896a8a7d5a&cts=1700132980794&cid=1139714&pid=169092&p=BbnV-J-Re_kdv7ca_ctRmnUQ0TAD55ck1McR059ubiUw3ueAJmoQ9abI43myIhKbwPzV0I1P5UOtaPc485kKXUP29G-PUrPlA8Vifu8Me2tpGpodknjRoe0czFTyKCfbKNBwBHjMLGGktN_0BfPgUUs7GYflBZnzLsTRdg23hB9sFsVnmPf3e5TnRrIjo0bbSHupIwSrI4kszu8KltkpPGf0GoUjYKOUGTpa29aNh9FK67DiZsqY0DCMFqO9clLZmBNB0Da3PAxldr1BjSFkdyICcwbEvE-wT3Plfs9OWVA5NGtTdB5iW5Po2T2IkT2l2bDUbWbuYBMZYzTwC7XOkXY0WcwZzfMpwoFUDu0DfWenfw&cs=342820123357744802605&slot=native&fv=1288&ts=1700132985681&plft=flv&hb_w=728&hb_h=90&referer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhuang-zi-jiao-xia-biao-zao-qu-xiao-ding-dan-bei-mai-jia-yao-qiu-zhong-ding-yi-kan-jie-qian-zhang-5bei-zhen-de-you-dian-guo-huo.html
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/huang-zi-jiao-xia-biao-zao-qu-xiao-ding-dan-bei-mai-jia-yao-qiu-zhong-ding-yi-kan-jie-qian-zhang-5bei-zhen-de-you-dian-guo-huo.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.161.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-161-51.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Sat, 26 Jul 1997 05:00:00 GMT
date
Thu, 16 Nov 2023 11:09:45 GMT
cache-control
max-age=0, no-cache, no-store
content-length
23
content-type
image/gif
SPug
simage4.pubmatic.com/AdServer/ Frame 598D 		0
48 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=162412&gdpr=0&gdpr_consent=&us_privacy=1YN-
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 11:09:45 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
PugMaster
image6.pubmatic.com/AdServer/ Frame 598D 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=26209488&p=162412&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1YN-
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
c08e9772f1fc4ed539963a9d96b5aeb963486c72535257c5035646d461663a20

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Thu, 16 Nov 2023 11:09:43 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
preload.jpg
c.bannerflow.net/accounts/soft2bet/64ccfefffe324ed6db6bacf4/published/5472389/7941679/ Frame 90EE 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bannerflow.net/accounts/soft2bet/64ccfefffe324ed6db6bacf4/published/5472389/7941679/preload.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/huang-zi-jiao-xia-biao-zao-qu-xiao-ding-dan-bei-mai-jia-yao-qiu-zhong-ding-yi-kan-jie-qian-zhang-5bei-zhen-de-you-dian-guo-huo.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.202.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36610e3224302f10fd81f87ccd01b088b2e3368dff6f838763264ff80ffe9973

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 16 Nov 2023 11:09:46 GMT
cf-cache-status
HIT
content-md5
fC0R8M14LZM/v9GantsKaA==
age
262910
content-length
17042
x-ms-lease-status
unlocked
cf-bgj
h2pri
last-modified
Mon, 13 Nov 2023 10:07:48 GMT
server
cloudflare
etag
"0x8DBE430638C46A1"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
x-ms-request-id
eb0ec5fb-701e-001a-7319-16b40c000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control
public,max-age=31536000,immutable
x-ms-version
2011-08-18
accept-ranges
bytes
cf-ray
826f489a892ef18f-CDG
match
c1.adform.net/serving/cookie/ Frame 44E7 		35 B
591 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?party=14&cid=0C12FB58-4C26-466B-B2C8-B7995E65D171&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.28 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Thu, 16 Nov 2023 11:09:46 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
img
sync.mathtag.com/sync/ Frame AC8A 		43 B
443 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.132.241 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MT3 1075 283b7e3 master zrh zrh-pixel-x14 config_version:"1369" /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Thu, 16 Nov 2023 11:09:46 GMT
Expires
Thu, 16 Nov 2023 11:09:45 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 1075 283b7e3 master zrh zrh-pixel-x14 config_version:"1369"
ImgSync
image8.pubmatic.com/AdServer/ Frame F9A9
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.18 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
private,max-age=86400
date
Thu, 16 Nov 2023 11:09:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

cache-control
no-store, no-cache, private
date
Thu, 16 Nov 2023 11:09:46 GMT
location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
dcm
aax-eu.amazon-adsystem.com/s/ Frame F108 		43 B
855 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=0C12FB58-4C26-466B-B2C8-B7995E65D171&redir=true&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.118.179 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Thu, 16 Nov 2023 11:09:46 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
RTK0XE32GACM72QSS12Y
ImgSync
image8.pubmatic.com/AdServer/ Frame F73B
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=7fYJHb37Cxj2og8ev6ERTurwXkv28A0Qvfv7esqf
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.18 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
private,max-age=86400
date
Thu, 16 Nov 2023 11:09:46 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

cache-control
no-store, no-cache, private
date
Thu, 16 Nov 2023 11:09:45 GMT
location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
ImgSync
image8.pubmatic.com/AdServer/ Frame ECF0
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=500845215933131403&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.18 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
private,max-age=86400
date
Thu, 16 Nov 2023 11:09:46 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

cache-control
no-store, no-cache, private
date
Thu, 16 Nov 2023 11:09:46 GMT
location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
ImgSync
image8.pubmatic.com/AdServer/ Frame 0091
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7302015560856696985&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.18 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
private,max-age=86400
date
Thu, 16 Nov 2023 11:09:45 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

cache-control
no-store, no-cache, private
date
Thu, 16 Nov 2023 11:09:46 GMT
location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
ImgSync
image8.pubmatic.com/AdServer/ Frame 773D
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=jQiACeXrTt5fB-PDdoV78g&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.18 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
private,max-age=86400
date
Thu, 16 Nov 2023 11:09:45 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

cache-control
no-store, no-cache, private
date
Thu, 16 Nov 2023 11:09:46 GMT
location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
ImgSync
image8.pubmatic.com/AdServer/ Frame 9762
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy=
  • https://sonata-notifications.taptapnetworks.com/web/cookie/bidswitch/sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=9fda2ccc-c830-446d-93e5-b2b049761564&gdpr=0&gdpr_consent=&gdpr_pd=
  • https://x.bidswitch.net/sync?dsp_id=413&ssp=pubmatic&user_id=csonata_d337bda2-51e8-4b4e-a65f-fdf5eb876af4&bsw_param=9fda2ccc-c830-446d-93e5-b2b049761564&expires=10&gdpr=0&gdpr_consent=&gdpr_pd=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=9fda2ccc-c830-446d-93e5-b2b049761564&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.18 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
private,max-age=86400
date
Thu, 16 Nov 2023 11:09:46 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

cache-control
no-store, no-cache, private
date
Thu, 16 Nov 2023 11:09:46 GMT
location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
ImgSync
image8.pubmatic.com/AdServer/ Frame EBE0
Redirect Chain
  • https://t.adx.opera.com/pub/sync?pubid=pub8730968190912
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPUebc8d0fe4a37436cb8740274a79f101d
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.18 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
private,max-age=86400
date
Thu, 16 Nov 2023 11:09:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

cache-control
no-store, no-cache, private
date
Thu, 16 Nov 2023 11:09:45 GMT
location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
ImgSync
image8.pubmatic.com/AdServer/ Frame 8270
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAHXxE7Kq_EAABTv7sfYQQ&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.18 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
private,max-age=86400
date
Thu, 16 Nov 2023 11:09:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

cache-control
no-store, no-cache, private
date
Thu, 16 Nov 2023 11:09:45 GMT
location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
bridge
cm.adgrx.com/ Frame 15CF 		43 B
282 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
64.95.96.108 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
content-length
43
content-type
image/gif
date
Thu, 16 Nov 2023 11:09:46 GMT
expires
Thu, 23 Sep 2004 17:42:04 GMT
p3p
CP="NOI OTC OTP OUR NOR"
pragma
no-cache
server
Cowboy
x-realserver-nx
ams-delivery-10
b9pj45k4
sync-tm.everesttech.net/upi/pid/ Frame D6B3 		85 B
169 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
85
content-type
image/png
date
Thu, 16 Nov 2023 11:09:46 GMT
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-fra-eddf8230105-FRA
x-timer
S1700132986.154841,VS0,VE99
Pug
simage2.pubmatic.com/AdServer/ Frame 6B94
Redirect Chain
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
0
74 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Thu, 16 Nov 2023 11:09:45 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
date
Thu, 16 Nov 2023 11:09:46 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
server
_
ImgSync
image8.pubmatic.com/AdServer/ Frame 5A6B
Redirect Chain
  • https://b1sync.zemanta.com/usersync/pubmatic/?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:&gdpr=0&gdpr_consent=&gdpr=0
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.18 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
private,max-age=86400
date
Thu, 16 Nov 2023 11:09:46 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

cache-control
no-store, no-cache, private
date
Thu, 16 Nov 2023 11:09:46 GMT
location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
ImgSync
image8.pubmatic.com/AdServer/ Frame D84B
Redirect Chain
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5144588527489820076
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.18 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
private,max-age=86400
date
Thu, 16 Nov 2023 11:09:45 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

cache-control
no-store, no-cache, private
date
Thu, 16 Nov 2023 11:09:43 GMT
location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
ImgSync
image8.pubmatic.com/AdServer/ Frame 6030
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=1928991434768822063
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.18 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
private,max-age=86400
date
Thu, 16 Nov 2023 11:09:46 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

cache-control
no-store, no-cache, private
date
Thu, 16 Nov 2023 11:09:45 GMT
location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
cm
ipac.ctnsnet.com/int/ Frame 2D10 		43 B
301 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.193.173 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
173.193.186.35.bc.googleusercontent.com
Software
Apache-Coyote/1.1 /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
43
content-type
image/gif
date
Thu, 16 Nov 2023 11:09:45 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
CP="NOI DSP COR NID CUR OUR NOR"
pragma
no-cache
server
Apache-Coyote/1.1
via
1.1 google
cookiesync
core.iprom.net/ Frame C4C0 		43 B
277 B 		Document
General
Check archive.org
Download Go to
Full URL
https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Connection
close
Content-Length
43
Content-Type
image/gif
Date
Thu, 16 Nov 2023 11:09:46 GMT
Vary
Accept-Encoding
X-adserver-worker
avatar-8154e63fa590@version_1.576
X-core-time
0ms
X-server-arch
v2
pubmatic
ad.mrtnsvr.com/sync/ Frame 201C 		0
0
usersyncsupply
cm-supply-web.gammaplatform.com/adx/ Frame 48F5 		0
0
i.match
s.tribalfusion.com/z/ Frame 1865
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...
43 B
443 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.25.173 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
826f489ffaa1f120-CDG
content-length
43
content-type
image/gif; charset=utf-8
date
Thu, 16 Nov 2023 11:09:47 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
302

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
826f489e7883f120-CDG
content-type
text/html
date
Thu, 16 Nov 2023 11:09:46 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
206
x-reuse-index
341
Pug
image2.pubmatic.com/AdServer/ Frame 5BC0
Redirect Chain
  • https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent=
  • https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25...
  • https://sync.crwdcntrl.net/map/c=14544/tp=BIDB/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26red...
  • https://pixel-eu.onaudience.com/?partner=104&icm&cver&mapped=d99fceed2ef8ed218612ab095010e81&gdpr=0&redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQ...
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=kODCF8PzngURhjbYhQQQVbbS&gdpr=0&gdpr_consent=
42 B
202 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=kODCF8PzngURhjbYhQQQVbbS&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 16 Nov 2023 11:09:45 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=kODCF8PzngURhjbYhQQQVbbS&gdpr=0&gdpr_consent=
pub
matching.truffle.bid/sync/ Frame 693B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.55.120.196 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.196.120.55.162.clients.your-server.de
Software
nginx/1.23.3 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Connection
keep-alive
Date
Thu, 16 Nov 2023 11:09:46 GMT
Server
nginx/1.23.3
Strict-Transport-Security
max-age=15768000
ImgSync
image8.pubmatic.com/AdServer/ Frame B9D4
Redirect Chain
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:92ECAA55306B4FD395D26EC89C178274&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.18 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
private,max-age=86400
date
Thu, 16 Nov 2023 11:09:46 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

cache-control
no-store, no-cache, private
date
Thu, 16 Nov 2023 11:09:44 GMT
location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
sync
ads.servenobid.com/ Frame 8971 		0
357 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/sync?pid=316&uid=0C12FB58-4C26-466B-B2C8-B7995E65D171
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.212.105.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-212-105-38.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
amp-access-control-allow-source-origin
*
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
content-length
0
content-type
text/html;charset=ISO-8859-1
date
Thu, 16 Nov 2023 11:09:46 GMT
mw
mwzeom.zeotap.com/ Frame 598D 		95 B
439 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=0C12FB58-4C26-466B-B2C8-B7995E65D171
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.25.87 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 11:09:46 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
826f489e5ea9bac9-MXP
access-control-allow-headers
*
content-length
95
info2
uipglob.semasio.net/pubmatic/1/ Frame 598D
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=0C12FB58-4C26-466B-B2C8-B7995E65D171&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=0C12FB58-4C26-466B-B2C8-B7995E65D171&sInitiator=external&gdpr=0&gdpr_consent=
42 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=0C12FB58-4C26-466B-B2C8-B7995E65D171&sInitiator=external&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
HTTP/1.1
Server
77.243.51.121 , Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Nov 2023 11:09:50 GMT
frontend-id
1
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
content-type
image/gif
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin
*
content-length
42
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 16 Nov 2023 11:09:50 GMT
frontend-id
4
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
location
/pubmatic/1/info2?sType=sync&sExtCookieId=0C12FB58-4C26-466B-B2C8-B7995E65D171&sInitiator=external&gdpr=0&gdpr_consent=
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin
*
content-length
0
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT
mw
mwzeom.zeotap.com/ Frame 598D
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=0C12FB58-4C26-466B-B2C8-B7995E65D171&gdpr=0&gdpr_consent=
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=5892852ade643e32/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%...
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=d99fceed2ef8ed218612ab095010e81&gdpr=0
  • https://spl.zeotap.com/?zdid=1332&zcluid=ea69bc13bddd5118
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=5e635e9c-ddae-423d-4113-094b60993d05&reqId=4adea766-e889-4f69-402f-9bf774a50935&zclui...
  • https://mwzeom.zeotap.com/mw?google_gid=CAESEHYSwSwIhgJNOnT-JVcnLYo&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=5e635e9c-ddae-423d-4113-094b60993d05&reqId=4adea766-e889-4f69-402f-9bf...
95 B
177 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?google_gid=CAESEHYSwSwIhgJNOnT-JVcnLYo&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=5e635e9c-ddae-423d-4113-094b60993d05&reqId=4adea766-e889-4f69-402f-9bf774a50935&zcluid=ea69bc13bddd5118&zdid=1332
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
104.22.25.87 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 11:09:47 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
826f48a18b24bac9-MXP
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Thu, 16 Nov 2023 11:09:47 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://mwzeom.zeotap.com/mw?google_gid=CAESEHYSwSwIhgJNOnT-JVcnLYo&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=5e635e9c-ddae-423d-4113-094b60993d05&reqId=4adea766-e889-4f69-402f-9bf774a50935&zcluid=ea69bc13bddd5118&zdid=1332
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
469
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
0C12FB58-4C26-466B-B2C8-B7995E65D171
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 598D 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/0C12FB58-4C26-466B-B2C8-B7995E65D171?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.17.168.131 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-17-168-131.eu-west-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 11:09:46 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
ImgSync
image8.pubmatic.com/AdServer/ Frame 598D
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=118381f6-8542-441e-8997-93e63d54d767-6555f875-4348&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
0
151 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
198.47.127.18 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 11:09:45 GMT
cache-control
private,max-age=86400
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
date
Thu, 16 Nov 2023 11:09:45 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
ImgSync
image8.pubmatic.com/AdServer/ Frame 598D
Redirect Chain
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=0C12FB58-4C26-466B-B2C8-B7995E65D171&gdpr=0&gdpr_consent=
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=642d2224ec5716e6&is_secure=true&networkId=17100&version=1&nuid=0C12FB58-4C26-466B-B2C8-B7995E65D171&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAIxg0zRQuDdwNEMUo6AAAAAAA&expiration=1700219386&nuid=0C12FB58-4C26-466B-B2C8-B7995E65D171&...
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
0
59 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
198.47.127.18 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 11:09:45 GMT
cache-control
private,max-age=86400
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
date
Thu, 16 Nov 2023 11:09:45 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
ImgSync
image8.pubmatic.com/AdServer/ Frame 598D
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8640911169531480051&gdpr=0&gdpr_consent=&us_privacy=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
0
59 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
198.47.127.18 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 11:09:45 GMT
cache-control
private,max-age=86400
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
date
Thu, 16 Nov 2023 11:09:45 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
ImgSync
image8.pubmatic.com/AdServer/ Frame 598D
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:5a20b5b8-afad-4f61-9a02-e0ba66d3e4c2&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
0
125 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
198.47.127.18 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 11:09:45 GMT
cache-control
private,max-age=86400
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
date
Thu, 16 Nov 2023 11:09:46 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
apn
ads.playground.xyz/usersync/ Frame 598D 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.253.54 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
54.253.102.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 11:09:46 GMT
via
1.1 google
x-powered-by
Express
vary
Origin
content-type
image/gif
cache-control
no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-request-id
8d48c073-a610-497b-8513-94c7c7ceace9
/
c.bannerflow.net/tr/v2/pixel/ Frame 90EE 		0
81 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://c.bannerflow.net/tr/v2/pixel/
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/64d4e74a0a0c263920348a03?did=5ced02fe0fd60d000186f5ac&deeplink=off&domain=https%3a%2f%2fwww.bg3.co%2f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.202.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 16 Nov 2023 11:09:46 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
826f489bfafcf18f-CDG
content-length
0
request-context
appId=cid-v1:1d9bcaa3-5ddc-4e5d-973c-949d7ceab63e
track
t2.teads.tv/ Frame 3EBE 		23 B
134 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t2.teads.tv/track?action=visible-3&vid=e749febd-847a-46f3-ae87-f65a1c76e7b9&gid=1098415&studio_cid=e7ab6051-78c6-11ee-b1b1-1b6012379357&piv=100&ut=1&hb_provider=prebid&psid=415253&auctid=a47ef0db-25e0-4f94-81af-19922be34ec7_86b8abf0-5054-4ede-94d0-97be783571fe&pscid=20204&scid=7024&pfid=68&sid=174681&env=js-web&hb_ad_unit_code=ADP_42753_728X250_77a9c22f-ac02-45dd-96bc-b0896a8a7d5a&cts=1700132980046&cid=1159743&pid=169092&p=-eA0R3NsjI5sut1QWNvFhvVy9AWjeICBIiFo7WNMOWOeMcuW8lCRbyhyru3AHzAHS5f5Tu06k52zYBaAlQvexqqQun-D6tRYq7oq3QQHOEx6R2BrG3a2Q9Z2_B73o_iv4L6AUdSEGPbq-9sOvsnkzuh9kxkKZbq19HYDx6rU9eC7S-f-9FmwRhuIcFfG7OyCBczpcsd0NiYST6FdlQVQkofKzVjvehlrICzeTOgIBTpMW99ny3QnsgdeblDlpLiBEYuTjab0nCrwqSmSoPZbA-ID6ZHkUQDmurPQ-EScAn95L6N0z3tTQVCzCgNoKvnuaHJHSiMaqmCYSwTPCFUvs8dh82VmZefokx4-4tm1L0vKwA&cs=-544589761177837901105&slot=native&fv=1288&ts=1700132986352&plft=flv&hb_w=728&hb_h=90&referer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhuang-zi-jiao-xia-biao-zao-qu-xiao-ding-dan-bei-mai-jia-yao-qiu-zhong-ding-yi-kan-jie-qian-zhang-5bei-zhen-de-you-dian-guo-huo.html
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/huang-zi-jiao-xia-biao-zao-qu-xiao-ding-dan-bei-mai-jia-yao-qiu-zhong-ding-yi-kan-jie-qian-zhang-5bei-zhen-de-you-dian-guo-huo.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.161.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-161-51.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Sat, 26 Jul 1997 05:00:00 GMT
date
Thu, 16 Nov 2023 11:09:46 GMT
cache-control
max-age=0, no-cache, no-store
content-length
23
content-type
image/gif
sodar
pagead2.googlesyndication.com/pagead/ Frame AA6E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202311090101&jk=2881380289823243&bg=!d3SldDvNAAZxrfrxUa07ADQBe5WfODJlzZ1DH82lMLbWT-UTVeEX1QZdaLQGYgCL0VaNVxmOyQFH55LpHktmN7t0PVrHAgAAB8pSAAAACWgBB5kCxWv5WVHAszkfaIF3ebMwhSAo5z_1PF0iSUavWCFjg3PGthrhgFCuzi-_R3XrsB38OSsj2ezKN4M_rer6JObN1A7kUZy4Lq-2AT9ISlgAhuHb-uSZjc4VzqKmK0NiAL4XH28YjfO7VgOhbzWSDz3yV36rphJelZtozzdJCSeYr_ceLB9kLVlEf6w8qE1jmU0aOmQsONdUFuGszHd5CPHFN2zFOLBGRa-7CIklszC5BU3JZ2kh1wQxvuMYrSnfSx_RtVzSD_lCKvzm0zBfWMkry8HxnOkjsOYbtaTG3dqpxjECRCqvRhEW_FsIsGwbHwltgj2u57HAh-Y2a4gbzA3kuCt41bgQ_CX1avx28--mX5fDBdvX980m5eao6N-5UNZGEgvutEvoZx4Ha8Vhi4Ix7o65wtChH80pL92AJxUPx40odgebmFhoj9Bzl9BBfJl1zZvcNLgSydI9pgBw4c0pYXiu8R4C3xDvjZiviDLsrjOcgvcentDva9d7T7Cyy_YvWa2BR24bxcA3CtHRa_eOIGEudcJMqUr0O1xu0koRw0F9GVIR8lfKhdHwUaU_63BWoy3x9_Fik-notOViuI4MmEJVjIpTiPTyQgTyDTKPM5TiZVQmkcUbZugMweD2czo_4kr4AMcJOTCzd2ts_1zkG2matUbdh4EIMK-ibp7uZ3l93SMG6V6_CGhvc2k5wEn9zPl6FSZfNfJ_TLJDLwGn8VWZN5O6EvE738mPsliZBaNfqxq1Fur0nGyPciwuI3zfhpukm6WrcYP1dpTrUxL5Ee22AG9oPNTlDgrkDK1250acb4JfdZ8pt8HwqnvkLRAipNSXULCn4lBXB951cqP9s57Ls4SCxhyXE-9jpLtgqACq3s956O4yz5h6j0Ymhge4FfO4D1RjnifJd6jkb6VpQl0Ce2BxK5RYE3CAUAUQ88-lNNGtw1A
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/huang-zi-jiao-xia-biao-zao-qu-xiao-ding-dan-bei-mai-jia-yao-qiu-zhong-ding-yi-kan-jie-qian-zhang-5bei-zhen-de-you-dian-guo-huo.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
gen_204
pagead2.googlesyndication.com/pagead/ Frame 98DA 		0
68 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=B1F0jc_hVZdXFCIeq3wPjzoK4CQAAAAA4AeAEAg&bg=!6Oul66TNAAZxrfrxUa07ADQBe5WfOK_sNseJ9nAgY60qHGY1ziqljqjoLj51AG4lj9_VmWrFeAqBI6xCO6Hx14_pPhUWAgAABjBSAAAAfmgBB5kDAkOYjzA582vqTk-6_oZm9Tljv-YKa6ZSWwBGwaYnaOuQymOGG9DGFegihJKCIqxuSmjao2TsCCgQUbNJwRWfgHgKecpRxDFybxuWk5DDG0wLusEAtQbiVYd1aNT2KBAh-OeCeOl0hc5BkeyCwcQndcQEpJTGW5Mi8QLKG4MLAffBaC6RB7M32KS2Bt5_Nk-FFwwoSBox_FH2QmHf-HUwdLLNOM2ew6Xk0Z6iteMnt2x8zW9XDSDv_6C-mVFCCbC9ZUIL_IzRuARjYYPBPCtSmj2LmKU18TQ5dYljqVbWZLhJ3rxE_5-DmfZyJ5NLigLx8kfv0jTUZiQhWAzWuxjRkoKrXM9IQNIvH8ADq3J-cNZ5OJlXPG8a-tsqbytH5uEwiRQk847k_ZSEF2ltEggfXJjT6hRAfR2GzgTvmiUbYFkWXzHiE4gRJSy2Y8Jz1xmsZYnTEVHc8-MWuR0GtT7nqRoF7CynaIK_I2WQww3EtnmQjC8BPV-FUvWZBJNmyilQQIBNlhRt0ajh-PShNQFI-5GXO3VXdgQ5vKtUMOdfV-jTrdborlM4jGgY3sGrFTifu5_zalm0QjHpIskc7V8RwgfLq-SfOrSJQg9FKO3nUj2kVy5RD8kXpKusuJqdJAzF9UbapHzU3xVBS_DUNjUnS-qmmfjuyNP2D02KDlkCgTnCxic-5d9yqeLC4dsKiT0XYlPCgez4i1I51kIE0vdr8LbjaitrkOmrvuL5HVlrml8U-4tpSjv3PFdR-AfxYH_M6D4EydBZj_5eztvqr_8nt9Ah4yPywGwG15UQrK-Hm8Wx_nWelFWrPWe6wLreE36p8b8y3W4YUNkKf7Leq7176fEERhdZB8lpO50SQZVvKPbwaL9t_BcjXqQJi8Snf3tyL8ysrD94sEn2dP1AUdeZA3nbFgtYbvM5pbRTxMdyzH-GSgygwEoFLY7_4Bd_Vm4SnPS7Lub51vc6tKZ58tkXVJ6zFWB1mKA42NHsibg3Srlwi4744RweMRVd4dF0uhWMFQEB
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/huang-zi-jiao-xia-biao-zao-qu-xiao-ding-dan-bei-mai-jia-yao-qiu-zhong-ding-yi-kan-jie-qian-zhang-5bei-zhen-de-you-dian-guo-huo.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Nov 2023 11:09:46 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 0173 		139 B
532 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=9121482&p=158810&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
7e1ae5367ac5f55e7abb5a8d84d12605c22f5312223ed690f151c5277ae2e507

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Thu, 16 Nov 2023 11:09:45 GMT
content-length
139
content-type
text/html; charset=UTF-8
track
t2.teads.tv/ Frame AE17 		23 B
134 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t2.teads.tv/track?action=visible-3&vid=e749febd-847a-46f3-ae87-f65a1c76e7b9&gid=1076044&studio_cid=5fadf0b0-6420-11ee-b7d4-e3f027d50924&piv=100&ut=1&hb_provider=prebid&psid=415253&auctid=a47ef0db-25e0-4f94-81af-19922be34ec7_41c71f8a-9c4e-493a-8dfc-1ddc38e617eb&pscid=20204&scid=7024&pfid=68&sid=174681&env=js-web&hb_ad_unit_code=ADP_42753_728X250_77a9c22f-ac02-45dd-96bc-b0896a8a7d5a&cts=1700132980794&cid=1139714&pid=169092&p=2rxx8s9HZ0893-hkR5IqE6lPQJHElRrrRH7RveJUeuZPdnSSGsSHbxH7nukE_IH8Dmle0fVQfn6uMXeNasvH7gA_m5r-P9o1Nqic3QoGWszHtOZD1pOCv3kHrWXZBE6SwBJRCbwoVaCyrsbSSwuij23XnuisdmEXJYV9HuzJlySS_p4cY9osgHOdy1BQurFhsHCNwUazVEtuLV9-tW-W-7ZJJrY6eTgAkujXPKMFLhYpkT2Vc7mPi4bJe31x0rdANZYs17cijTDC4SH8k36tmA9abB8I0Z2XSdBvR6d-qCNt9BKeLsTpxay91jZqsd-9oewb0sImSBzH9d7M-gyaSz7HUp-wMIjwnUenLllcMWlyRw&cs=823861610776871018705&slot=native&fv=1288&ts=1700132986677&plft=flv&hb_w=728&hb_h=90&referer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhuang-zi-jiao-xia-biao-zao-qu-xiao-ding-dan-bei-mai-jia-yao-qiu-zhong-ding-yi-kan-jie-qian-zhang-5bei-zhen-de-you-dian-guo-huo.html
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/huang-zi-jiao-xia-biao-zao-qu-xiao-ding-dan-bei-mai-jia-yao-qiu-zhong-ding-yi-kan-jie-qian-zhang-5bei-zhen-de-you-dian-guo-huo.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.161.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-161-51.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Sat, 26 Jul 1997 05:00:00 GMT
date
Thu, 16 Nov 2023 11:09:46 GMT
cache-control
max-age=0, no-cache, no-store
content-length
23
content-type
image/gif
generic
match.adsrvr.org/track/cmf/ Frame BE02
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=452515956
70 B
148 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=452515956
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

content-length
70
content-type
image/gif
date
Thu, 16 Nov 2023 11:09:46 GMT
server
Kestrel

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-type
text/html
date
Thu, 16 Nov 2023 11:09:46 GMT
etag
RX1e642822578c4c319f7ec461572976c2003
expires
0
location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=452515956
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
pragma
no-cache
0C12FB58-4C26-466B-B2C8-B7995E65D171
csync.smilewanted.com/set_partner_userid_get/pubmatic/ Frame 19D2 		0
638 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/pubmatic/0C12FB58-4C26-466B-B2C8-B7995E65D171
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
826f489f8b220e1a-MXP
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 16 Nov 2023 11:09:46 GMT
server
cloudflare
vary
Accept-Encoding
PugMaster
image6.pubmatic.com/AdServer/ Frame D3C0 		47 B
222 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=76323496&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
09343d3b3473e1c994b2d603c99feb8a0f63fbd3ff20be7432ff18b973dbe651

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Thu, 16 Nov 2023 11:09:46 GMT
content-length
47
content-type
text/html; charset=UTF-8
generate_204
tpc.googlesyndication.com/ Frame 1BB0 		0
38 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?KtNS9g
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/huang-zi-jiao-xia-biao-zao-qu-xiao-ding-dan-bei-mai-jia-yao-qiu-zhong-ding-yi-kan-jie-qian-zhang-5bei-zhen-de-you-dian-guo-huo.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f1.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 11:09:47 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
usersync
usersync.gumgum.com/ Frame F47D 		35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=pbm&i=0C12FB58-4C26-466B-B2C8-B7995E65D171
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Thu, 16 Nov 2023 11:09:47 GMT
Expires
0
Pragma
no-cache
0C12FB58-4C26-466B-B2C8-B7995E65D171
csync.smilewanted.com/set_partner_userid_get/pubmatic/ Frame 673A 		0
858 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/pubmatic/0C12FB58-4C26-466B-B2C8-B7995E65D171
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
826f48a1dcf10e1a-MXP
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 16 Nov 2023 11:09:47 GMT
server
cloudflare
vary
Accept-Encoding
VideoBidRequestHandlerServlet
am-wf.taboola.com/ 		2 KB
797 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://am-wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1700132987209&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=5&pv=1573&pt=1637683408&tz=60&viewable=true&ddast=V8uHkCLAbkc88eGz07IxPI5549Nnp2Ri4AAABgYID-AImtPDaTazlYyxymjVu0MhnXwt3MtFatJr7JarUaLmwLIyCxlcdmci0Ha5nDtHGLVibjWribmdaq1cQ3Wa1Ww4VtYQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AaBmGg6HT7XvV73-90lPs9c4_cr_ELXw-5zS59uqdPhdwufDrfE6fC7pQ-_W_F6C58Ov1vktPvcIofdLXE53WqH0y11OtzKh9-teLre0qPf7nOLnHafW_l0ax12t9TpciueDrtbenTYfW7VxOV0S48uu1vkciv_rrfI6bC7da6_W-j624Wmt9kOAAAAAB78____QwAAAACIAAAAACABAAAAgEJAhX8LAhcAAAAAMPz___9rAHjmkPA20-Vp97ns_gAAAAAAAgAAAIAEAAL6YQmAGOO9E___________MQboM29k_P___98w6AHw4APgQQgAAMDHkC2spwusCtVZIgWwRRgBAAAAkC3GvzgySSeoWFT5___vtwJwBQAgYPFaGkw8i-6gxFsYAAAAgTEL9LD4_WaHXeN3u8z_________v5n_M_9ohHp64tIA9cORqvkFBABY8wsIAMBG3RTMvRmAE3QIWjEYrE5AzA4AAADAnf___389IOPczQwL12hhcjgHG5tvNFptRhbPxGPYmHyrzXJ7NrRYxyAB6ND7bAjL7PcdFJTT02N2GWQsl8kgPmgYlpNBMD8TthitJpPNcjhbLiaD4Wg4Gu2PAC4HaCIGy-VkspjsVqPVaDPcjWaDBRKIwQRRtGgwWY1Gk8VkuBpNVrPlYrfbIIpWrWajzWC4mk1mu91qOBguRyM0YYvRajLZLIez5WIyGI6Go9EQwZDNY9yshiO3yLWbuEWTxcSt3M0sbo1ps1iNNjaXb-Jai14f08c0841cDi8SDPDci-RpkU4UG8NwtxoMJhaTZeSbbHazkWVk2ngGC5tvNhhOJmKJ5mSRTmSXfce5mxkWrtHC5HAONjbfaLTajCyeicewMflWm-W-ZPMYN6vhyC1y7SZu0WQxcSt3M4tbY9osVqONzeWbuNai18f0Mc18I5fD39gNBovNZLkb7Bu7wWCxmSx3g32HzvBdfc5GZVkl-ei0ffNiW645DQqXweJ9qU_nYcFYkE47R6fM4XgWdUa_3-_3-_1-v9_vN2g9B7NB4Xse_sLpY3kuh7PRg9hgUMQSwUU6ETzMbofp5Zb4PBu_RSxRmi7SiV7hF7oedp9b-nRLnQ6_W_h0uCVOh98tffjditdb-HT43SKn3ecWOexuicvpVjucbqnT4VY-_G7F0_WWHv12n1vktPvcyqdb67C7pU6XW_F02N3So8Puc6smLqdbenTZ3SKXW_l3vUVOh92tc_3dQtffLjS9zRaxRHC6SCeil_F0Uf-RQ-yGc8VyN5eMhnPJZpUAAAAAAAAAACzBNNNNAAAAAJwMargZLlbrdDCT2WSwWy0XwEVQli5gEAAAAAAAgGKNPdYAD7PbYXq5JT7Pxm9lABLMecw2-4wg1mq1rAEAAAhgAwAACOCmG28CwaO4_____3EAAABk5NADAACg3weEFbBe6IErxa8gFoPdav8AVIi1Wq1uN9ZqtQIWyHIx2E3g____Pw!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=1&dtagid=3262075&dpubid=583815&abtst=adxsub-out_vA!adxsub-out_vB!tbt_player!ufm_vG&mPre=0.033&cirf=https%3A%2F%2Fwww.bg3.co&en=1&subu=3
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.5.7/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
5caee3aaa1a04aac55e465614f4329486f5f2a3626706f000b61cc434ad92838

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
text/plain

Response headers

pragma
no-cache
date
Thu, 16 Nov 2023 11:09:47 GMT
content-encoding
gzip
server
nginx
machineid
1476
vary
Accept-Encoding
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
expires
Sat, 26 Jul 1997 05:00:00 GMT
track
t2.teads.tv/ Frame 3EBE 		23 B
134 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t2.teads.tv/track?action=visible-4&vid=e749febd-847a-46f3-ae87-f65a1c76e7b9&gid=1098415&studio_cid=e7ab6051-78c6-11ee-b1b1-1b6012379357&piv=100&ut=1&hb_provider=prebid&psid=415253&auctid=a47ef0db-25e0-4f94-81af-19922be34ec7_86b8abf0-5054-4ede-94d0-97be783571fe&pscid=20204&scid=7024&pfid=68&sid=174681&env=js-web&hb_ad_unit_code=ADP_42753_728X250_77a9c22f-ac02-45dd-96bc-b0896a8a7d5a&cts=1700132980046&cid=1159743&pid=169092&p=Mhvjx2lWoOg_EyIK1dSqbbSbLOi-2tVOjG8tQTuUdCsf2KHooOAs9A4oKV-hdCdYLzWc2S_p14iEnLlMuATv3M7Tj_LPMUNtoV932v6my4aCw4Xj9lR2xkitADfGSeQijzW6aOAazyCXUEbxdESq-9jA2r_PW1OTJwRSOL2mlebpc5LxQNZGaapS-X3iut4zOvA5sDg9haipEbyO8AymXgBwbsHkwz9iHKBP5U-vqUpa56y3o-J2HFCflwBlBCs3wyoW7yIIIgwzV1SZ4m-HAKU7--HlF22HXZfHzsJlWeABLwQouMZKrPTIk_Yxu7e3pi6Y-HPMFYe4XDQSXbaARSz-ZhvndqOqLo7JRenclkZ3mA&cs=374593180329108726705&slot=native&fv=1288&ts=1700132987224&plft=flv&hb_w=728&hb_h=90&referer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhuang-zi-jiao-xia-biao-zao-qu-xiao-ding-dan-bei-mai-jia-yao-qiu-zhong-ding-yi-kan-jie-qian-zhang-5bei-zhen-de-you-dian-guo-huo.html
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/huang-zi-jiao-xia-biao-zao-qu-xiao-ding-dan-bei-mai-jia-yao-qiu-zhong-ding-yi-kan-jie-qian-zhang-5bei-zhen-de-you-dian-guo-huo.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.161.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-161-51.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Sat, 26 Jul 1997 05:00:00 GMT
date
Thu, 16 Nov 2023 11:09:47 GMT
cache-control
max-age=0, no-cache, no-store
content-length
23
content-type
image/gif
usersync
usersync.gumgum.com/ Frame 8177 		35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=pbm&i=0C12FB58-4C26-466B-B2C8-B7995E65D171
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Thu, 16 Nov 2023 11:09:47 GMT
Expires
0
Pragma
no-cache
/
track.adform.net/Serving/Event/ Frame 9326 		35 B
580 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/Serving/Event/?bn=66923274&event=178&time=7&baid=60079248&name=Viewable%20impressions&imprid=2425902807998492092&icid=4296390461623842244&eData=PtSWpfyBsr6L9LFvixRg5qlE__Wz8u8NYaJU2uM20NmQapCGXDHEoxe6xy4wJmlgoEeXARPWXTrR_EOTYwamxz_9AhD27WD50&rtbdata=hAxtzyjYKd_C6hKhR1NLv-E0nr5e6MRHl6NisnqPJ5KebmIOlerPH7ZHmuUYXv7bf-pnVStFmnN0Zxk_viZ5aLOPs15HlbU0fir2436mV1bPZuuJDArjiM9NmQqbe6gZyqLfjJG1F8LbhvCEIMVFhZlkfych4hZI9VbzYw3tmzrSyapRn6d62CK-FrR29mhIoxzemDu0Q3fJ4n9O5t0IdCl9OhsYcUR17FO1hAlZdsvA41ylanR56WScaBh6rtCDv5FTk8G4x54sbOKfgecpXeEYjG_N21jOnGUIBPPUN2mPOFniYvy3OroeDehiJxP16R7UzS-NJGniH-f8xpRkzahY_zJp1rn7GO2DzdV9Q5NU-rh9SZR-zGjaWJPaE6InEiIfYSqsStTAvO8molaN6d96MaC3lux9nkibjpk2krfkhszg31y2U9XGBrJrSoRDf5Q_yH46D8DXVeRygR7ZPeyk21BazGM4iqYzEXZ90qPDeIjrSAcYFw2&rtbwp=BCEE3F9130A56961&rnd=870922282
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.228 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 16 Nov 2023 11:09:47 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://www.bg3.co
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
/
track.adform.net/serving/unload/ Frame 9326 		35 B
589 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/serving/unload/?version=15&unload=4296390461623842244@@66923274,2425902807998492092,100|1172|0|0|0|0|0|0|0||40|0|||||1|0|0|qKduyqMZGUuoMC9hkrxj6aaLNvSzLFnlhc2nhcWdQ38GT19UVHnkt34JXhaiWJrn1XZ6WpKHsl5o4kOyoBiwbg2|||11|0|0|0|
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.228 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 16 Nov 2023 11:09:47 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://www.bg3.co
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
track
t2.teads.tv/ Frame AE17 		23 B
134 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t2.teads.tv/track?action=visible-4&vid=e749febd-847a-46f3-ae87-f65a1c76e7b9&gid=1076044&studio_cid=5fadf0b0-6420-11ee-b7d4-e3f027d50924&piv=100&ut=1&hb_provider=prebid&psid=415253&auctid=a47ef0db-25e0-4f94-81af-19922be34ec7_41c71f8a-9c4e-493a-8dfc-1ddc38e617eb&pscid=20204&scid=7024&pfid=68&sid=174681&env=js-web&hb_ad_unit_code=ADP_42753_728X250_77a9c22f-ac02-45dd-96bc-b0896a8a7d5a&cts=1700132980795&cid=1139714&pid=169092&p=Qk0w45DfUWoqktHr79i5XzZUvdt-LQuoaPz4TxeAmm9BvWky8K44EiIV0cX0EgOqXukqhffpK2Odrqhi2VUkI2_QiNKGlgOZDEPelUxbMPWb1tI9TDvT6JiV-PR_I0pi2ogMWXDpk8ulbQNnvfomgLo3H2yNmNpNM1aJJH09J5rwPyOTYG8ycvZC8t0CL7WDFXb2ZEnAKzWJL29QY4oGEtbQNSruUQhqgO0tjmVKUSQQxplkbloySfL1xPUOZvJ8rk2f4tjFMw887cLczu-wTLXj0PcNZirkcH-eaQqhjYXPQJLhNmFYRjlsdu-pL-h3K3e9XLC2fN7wwt_C2DF-Fb1xR0Zzvy5-Iko9PC-XbsxumA&cs=-557774954862224455505&slot=native&fv=1288&ts=1700132987569&plft=flv&hb_w=728&hb_h=90&referer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhuang-zi-jiao-xia-biao-zao-qu-xiao-ding-dan-bei-mai-jia-yao-qiu-zhong-ding-yi-kan-jie-qian-zhang-5bei-zhen-de-you-dian-guo-huo.html
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/huang-zi-jiao-xia-biao-zao-qu-xiao-ding-dan-bei-mai-jia-yao-qiu-zhong-ding-yi-kan-jie-qian-zhang-5bei-zhen-de-you-dian-guo-huo.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.161.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-161-51.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Sat, 26 Jul 1997 05:00:00 GMT
date
Thu, 16 Nov 2023 11:09:47 GMT
cache-control
max-age=0, no-cache, no-store
content-length
23
content-type
image/gif
sodar
pagead2.googlesyndication.com/pagead/ Frame BA36 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231109&jk=2215057882865319&bg=!HB-lH1DNAAZxrfrxUa07ADQBe5WfOJzLYHa-fVZqB0AfooIQPym4KE_Tzie28FJw_l1jeioHNSoBuA3GwLPdhJQCDUm7AgAABhBSAAAABmgBB5kC14heGH7qANL7cIznyGgfRroxnUxgwhpKk5UhduONmwqVTLcAkQv0Dg2j5Er-a2fRWIlP2Ls3TnWnMxRt2NZaTFgOHjNHblmPYtd4QdA4ruSVURzllHf3aAwuO7FNyDmg8d_lmJ9ywAxWUL5jvKpJ_DUmYI7G_Yefrot8zMZeKulkuNREZIfiXEYwt-5tb8BP1XTkd3khvy_ILtGk4ViEXJVI5BNx_-god-GAANaudwav6Wu70ZASbMPrcBAsb8xKaokAK5oCVevpk6X26c65xH0kFP_S74INdy3UmKnQarW-E3VUIjdu0CFaFSpUaKT7B63FzxENnTsv_uDW52JmSXW2VHzA-YSH8A7TLW3zImHCWsg8bHwWdyNgt8jC09lUVHW3O7JTh92aHME-2JyOlw9SzoWnr9JthtYOd3ZkikJKCpvWxDI-I8IZ0s44XUxpyBQoe5YDhBHF77mno0V0VLmsAVFjTowfyaPUxuZ0-8nekTP0MPVSVbFFe8gcHqIn2J2Tf8BhDioWlQDzCtJUYwpF--l4CgWD7axBeLCpdFcZNBCLd7u6cT1soFofoIin4GF0e5iFNH1DbrR4xpIEw-eTiMd4qSkrx41IznQoaglgF0WE4iIWNNlDXsusld_oLXBFtJTydaQtjc4D5iXUuvzQ3QjawGXIy9vbSyLMVCkvrRB-AKorSR-srLrmc_wBMwZuK_nbxgGJmglUgIoQDby6duWSOhMn7_f5JIWWcBm8_zEZVKo8O0yLmitPXY0q5HhuhBxQWAkisC5brdJuVNYiWxAYZOmrgwBHt8lbNzegSWYysGzYkDjO-vkY6pde-IGdRsLcrerBKsuH4bMY1G2loZuJvPNk406VuEsAuyTwTGqX7BioNPOtZlsc-lPe6GZPtWMPwhmHcyWZHXzF36-G5zxJqZJ-stLj4Illfp6Y9mQtdvEoV_fj3qiG1Q5SoOnTS6NADJM
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/huang-zi-jiao-xia-biao-zao-qu-xiao-ding-dan-bei-mai-jia-yao-qiu-zhong-ding-yi-kan-jie-qian-zhang-5bei-zhen-de-you-dian-guo-huo.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
SPug
simage4.pubmatic.com/AdServer/ Frame 598D 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=162412&gdpr=0&gdpr_consent=&us_privacy=1YN-
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 11:09:48 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
track
t2.teads.tv/ Frame 3EBE 		23 B
134 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t2.teads.tv/track?action=visible-5&vid=e749febd-847a-46f3-ae87-f65a1c76e7b9&gid=1098415&studio_cid=e7ab6051-78c6-11ee-b1b1-1b6012379357&piv=100&ut=1&hb_provider=prebid&psid=415253&auctid=a47ef0db-25e0-4f94-81af-19922be34ec7_86b8abf0-5054-4ede-94d0-97be783571fe&pscid=20204&scid=7024&pfid=68&sid=174681&env=js-web&hb_ad_unit_code=ADP_42753_728X250_77a9c22f-ac02-45dd-96bc-b0896a8a7d5a&cts=1700132980046&cid=1159743&pid=169092&p=7Ul1IjLaqazSxGsyFK8gfMIqfbDOgAfJoUjaipuPbUKA1PG44C7by_of2NWJgjKEaKhb6B_W-6MgTsOEKj2jW7ldRXMxPRuAEDud9Br4RfwhVgsH70OL1slkBDG1iPg5hEaIVycpQ7J5KpyLi8f1XepaFcYR0S0GQpFS_LqghmDZFH_7jnj0qMlJIptms36L0eexjEhPjhdoSTXaGZLTFH7rDSsaVN9-1dwGJedKToHyS60K0JZU0nMh4crW7EqNN6T_9mKZi73xZ3o75gKmKWepGuyQA7ETJ7dJN7CWkh6ssO_xroOtriOzz8LH3HEkL8zxletxnk8vTGyxuqWTOk3DY1rXoLqofannjAWDuN_LwA&cs=326843024886980725005&slot=native&fv=1288&ts=1700132988226&plft=flv&hb_w=728&hb_h=90&referer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhuang-zi-jiao-xia-biao-zao-qu-xiao-ding-dan-bei-mai-jia-yao-qiu-zhong-ding-yi-kan-jie-qian-zhang-5bei-zhen-de-you-dian-guo-huo.html
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/huang-zi-jiao-xia-biao-zao-qu-xiao-ding-dan-bei-mai-jia-yao-qiu-zhong-ding-yi-kan-jie-qian-zhang-5bei-zhen-de-you-dian-guo-huo.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.161.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-161-51.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Sat, 26 Jul 1997 05:00:00 GMT
date
Thu, 16 Nov 2023 11:09:48 GMT
cache-control
max-age=0, no-cache, no-store
content-length
23
content-type
image/gif
track
t2.teads.tv/ Frame AE17 		23 B
134 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t2.teads.tv/track?action=visible-5&vid=e749febd-847a-46f3-ae87-f65a1c76e7b9&gid=1076044&studio_cid=5fadf0b0-6420-11ee-b7d4-e3f027d50924&piv=100&ut=1&hb_provider=prebid&psid=415253&auctid=a47ef0db-25e0-4f94-81af-19922be34ec7_41c71f8a-9c4e-493a-8dfc-1ddc38e617eb&pscid=20204&scid=7024&pfid=68&sid=174681&env=js-web&hb_ad_unit_code=ADP_42753_728X250_77a9c22f-ac02-45dd-96bc-b0896a8a7d5a&cts=1700132980795&cid=1139714&pid=169092&p=c_LFSQfRtwg5Zm0GyVk4uJ950v7H151ZsPZRmz2rvoK1jhwoZ7O4-SxYceFDV4SBGGARx7bOCGhJ7kgskbHiUN6TfJekAw-i8-MlNc6ABVJ6TGEzbSaAsJOg4U8hneRRyAuNCOAY8AsYS7rbxnhD8bvPGLA1Y4iiT-uCXxiEP-dumpmj2bXqv4VRq23UnLN9-uO_yGflH4x2aD7N58i-zYfHl2rreE2jUGRX_iJFvL4lzZ3yA8UDGBQ3FqOxoc7Yl61atpi4lYDQudDjTOdfb0cOeAWNnYNfIYVIWxvqhQYxKw0olVvp0AC2f4ogjeW74hZCEGNLim9vCiJDWFKVyY6NO3yJ_FirCxFUhj5J6Dwpjg&cs=-269691341927540881605&slot=native&fv=1288&ts=1700132988570&plft=flv&hb_w=728&hb_h=90&referer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhuang-zi-jiao-xia-biao-zao-qu-xiao-ding-dan-bei-mai-jia-yao-qiu-zhong-ding-yi-kan-jie-qian-zhang-5bei-zhen-de-you-dian-guo-huo.html
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/huang-zi-jiao-xia-biao-zao-qu-xiao-ding-dan-bei-mai-jia-yao-qiu-zhong-ding-yi-kan-jie-qian-zhang-5bei-zhen-de-you-dian-guo-huo.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.161.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-161-51.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Sat, 26 Jul 1997 05:00:00 GMT
date
Thu, 16 Nov 2023 11:09:48 GMT
cache-control
max-age=0, no-cache, no-store
content-length
23
content-type
image/gif
SPug
simage4.pubmatic.com/AdServer/ Frame 0173 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=158810&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 11:09:47 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
ZDAePuOzEkANTPWogdGiUEESigxrbAXJogg7cBmGXDuL%2FLSlyaWPl5GRySmFsszA91%2BwRFVrLKGLMbAqv4pFJMVG92%2FQixaHwSGDLy0Dp9TDWwC3b96ca4HNL9OO9dl1ZxTDWZiebaZ5PFNiQIphAOLbWjcCzKFalgH%2FGCK7q1iRIYF6679Ay7LK085HP...
ad.vidverto.io/delivery/v2/content/tracking/progress/1811/ 		50 B
50 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.vidverto.io/delivery/v2/content/tracking/progress/1811/ZDAePuOzEkANTPWogdGiUEESigxrbAXJogg7cBmGXDuL%2FLSlyaWPl5GRySmFsszA91%2BwRFVrLKGLMbAqv4pFJMVG92%2FQixaHwSGDLy0Dp9TDWwC3b96ca4HNL9OO9dl1ZxTDWZiebaZ5PFNiQIphAOLbWjcCzKFalgH%2FGCK7q1iRIYF6679Ay7LK085HPmeWxN6goFc3GP15eSE7wzqlUA%3D%3D
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/huang-zi-jiao-xia-biao-zao-qu-xiao-ding-dan-bei-mai-jia-yao-qiu-zhong-ding-yi-kan-jie-qian-zhang-5bei-zhen-de-you-dian-guo-huo.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.132.133.134 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-132-133-134.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 11:09:48 GMT
content-encoding
gzip
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/plain; charset=utf-8
/
track.adform.net/serving/unload/ Frame 9326 		35 B
589 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/serving/unload/?version=15&unload=4296390461623842244@@66923274,2425902807998492092,100|2769|0|0|0|0|0|0|0||94|0|||||1|0|0|qKduyqMZGUuoMC9hkrxj6aaLNvSzLFnlhc2nhcWdQ38GT19UVHnkt34JXhaiWJrn1XZ6WpKHsl5o4kOyoBiwbg2|||01|0|0|0|
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.228 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 16 Nov 2023 11:09:49 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://www.bg3.co
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
480_650.mp4
cdn.vidverto.io/secured2/c8x7ovkNzHlnQ1u2rFs72g:1700136572/1327/video/1811/ 		360 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.vidverto.io/secured2/c8x7ovkNzHlnQ1u2rFs72g:1700136572/1327/video/1811/480_650.mp4
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/huang-zi-jiao-xia-biao-zao-qu-xiao-ding-dan-bei-mai-jia-yao-qiu-zhong-ding-yi-kan-jie-qian-zhang-5bei-zhen-de-you-dian-guo-huo.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
175.110.113.214 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
175-110-113-214.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash

Request headers

Referer
https://www.bg3.co/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=950272-

Response headers

Date
Thu, 16 Nov 2023 11:09:53 GMT
Last-Modified
Thu, 02 Sep 2021 16:34:58 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"6130fd32-101dff4"
Content-Type
video/mp4
Access-Control-Allow-Origin
*
Content-Range
bytes 950272-16900083/16900084
Connection
keep-alive
Content-Length
15949812

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202309/7dac779a72d52754de2ceaf13886cd5c.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202309/e2c42b0dd9ecca15b12e7114b50a193f.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202111/9ef59ff42edee3c93a3bc5c7611bbdfc.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202012/31e22c7f8a38776fa9669c5894341ae2.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202309/c27c99e29db03ae00991044c59702901.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202106/c88e5669501730c3a9632cbaa24321c2.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202309/45f721fd326e21dd1011476d4d985a77.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/a7792d04144cf935b1101f732f47192c.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202108/2943441f9b9b1aad7662508621f04918.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202109/a56eb05d6e7d08f2c4ae6e6b9b08b136.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/dd00dc76f6c9dc3380ef262495d00bd2.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/f829dd9d407af708f6e1310d1adcc7ea.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202204/03084efdaee0d5edeb3788cbb20b571b.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202309/3e5e70f86ad159db4807c6eafa088348.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202106/1c85b04da5e7ad99b6129c44ffc41137.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202107/c3f1723ad73cffb0bb2b3a8a5cf963af.jpg?w=150&h=100&q=100
Domain
prebid.a-mo.net
URL
https://prebid.a-mo.net/a/c
Domain
prebid.a-mo.net
URL
https://prebid.a-mo.net/a/c
Domain
sync.adkernel.com
URL
https://sync.adkernel.com/user-sync?zone=181225&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D152%26uid%3D%7BUID%7D&gdpr=0&gdpr_consent=&us_privacy=1YN-&
Domain
hal9000.redintelligence.net
URL
https://hal9000.redintelligence.net/zone/8w7qrx09r0fs?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC67uqcfhVZfaOBuCttOUPvPaPwAqRwdCbafvwg5LcD_AuEAEg0syBGmD1hYCA1ATIAQmpAjOWNy3ILrI-qAMByAObBKoElQJP0P42TsEvjVpg43TxDZM3BpIUuAn0n7fUvL2WppaePVZyVUUQIEbCqwDqnzqXBGK6UGNaUcrI3xYCAVlo5PWk-JdYVpGrPFsxAVVhQsTqbmALnJp-wA5-ZUIOPKq0hpjpydNUC2efxSxJzKXfrFs_Ju5InJm6ipwgKeijO5lYy71HpBsbV4X37QFZ6pO8rVPEdHnzvqutufKj0DkZsdPqnjtFZGyOQbqMM2V3GMst1RlVwRNHc89tE35RRdmyf2Kw971WrsSzo7WUQbbxOmzA14W7axjRwYMbn5t7qCCOvpcvxMbhIUvTD9UmXakwC_IzrqU-INDhcXr6Pd8vdmHbnVpMnuL8nMpU_InrsI48rFpAZ3xAwAT6xouO_APgBAOIBcHeovg9kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgGEQARhdMgKKAjoCgEBIvf3BOoAKA5gLAcgLAYAMAaIMECoOCgzktLEC7rWxArW4sQKqDQJDSLATlbXRDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSPADICaaNen2ulRd4LXLlSvD7FssKAhQxgICobLolEYhcW4D1lkvUNkW2E-sN0xkhdWexZ3rqieBpiUX17hgB%26sig%3DAOD64_2PJsbxvqeOoDJgjpzJC-t_HnspWQ%26client%3Dca-pub-4485239425924787%26dbm_c%3DAKAmf-BBx-8IjscnRv_kav1hdMsG5cX1IunA4av9n57ufz9Q-bnxOC2WxqxVgDlaiXIddoBu6dQ3P_pDO3Epg8x7XCv0iOdAJkDXuJV4KzasvICrCXfXfoiAfcIYOCEr3E--W9DHb9njbtbfEMzVN0dfygK9qgS_-X0uC4TCbrqC7SKAIQoouHE%26cry%3D1%26dbm_d%3DAKAmf-CkR6emN87NXGodO3Xkre9ZxB83T0KNyMrJp1ReTdBIx7EsGgTNrRgqRmXhGfkpM0H-4Dw5hrcWOohHbmOd7GxPDVm3FMpVW4yvZ8tmawYnVi8OGmEmqlbfQXWzaB-4jLE8RpQTsN48qS-qkACvUeUIrb6MaM8rd1MtF3zVpeBSJOk1GjRt6uiPs8TjjWRqvJTdx8EHiPreYeKQ1gXUv17ZofXHdCc--9mVsHmtuI8QxvJ9aceqPSD2J-T3rFAdUC7XtAhgKToz2crlhw30IsA20XbfOfw2zJaxdOlT9SSkPE21SxZ8eW3b2NnJw-XTqHio7-Aod2UYv33toq7HvrSPwCh4j5ZkL2H6SPy98q85A1sg-s6aE36s1gJ9kHlbdt0EGd6s0qcEzMPGdeV3u20NQrym-0OjVKfaeKcOpzuvk1h3h5FpM1pdRFIvAY_lCTPLxVM2OgpH2s4OfrHVHhb-rVpXIXArWo6Ef16dkuByhCIPb27A6tXIgHMddgcFiuuBsvcd1SdZpr1mY4pO9Gi0of3X5dKashniLHVIZ3NBXSFv-_Mi3BQZ6hNIqJG-eTK046OfxcvkLt5QFNlE2ZwriSDMItcY8ojPO8ynNj_LRLDf9BaOex7B53_5SKCAv0VFKd0ntG1aGdoAVevWNuX6G1uDTNqyxt3VrQfLhRwLphRz5HUNxmdOIaNVMhP3J8ufMJONYkOWalW1LMU4M5849O_O3w%26adurl%3D
Domain
ad.mrtnsvr.com
URL
https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent=
Domain
cm-supply-web.gammaplatform.com
URL
https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel
Domain
ad.mrtnsvr.com
URL
https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent=
Domain
cm-supply-web.gammaplatform.com
URL
https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel

Verdicts & Comments Add Verdict or Comment

185 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| 25 object| 26 object| 27 object| 28 object| 29 object| 30 object| 31 object| 32 object| 33 object| documentPictureInPicture function| gtag object| dataLayer object| _taboola number| sc_project number| sc_invisible string| sc_security object| adpushup object| ucfad_async object| googletag object| TRC function| _typeof object| _tblConsole undefined| msg function| _statcounter function| setImmediate function| clearImmediate function| __trcCopyProps function| __trcFromError function| __trcClientTimestamp function| __trcLog function| __trcError function| __trcDebug function| __trcInfo function| __trcWarn function| __trcWarnUsingBeacon function| __trcDOMWalker function| __trcJSONify function| __trcUnJSONify function| __trcTrim function| __trcGetElementsByClass function| __trcToArray function| __trcObjectCreate function| PageManager function| addHashParam number| trc_debug_level string| trc_article_id object| TRCImpl number| taboola_view_id object| AMP_CONFIG object| AMP_EXP object| AMP object| __AMP_LOG function| HTMLElementOrig object| __AMP_ERRORS object| __AMP_MODE function| __AMP_REPORT_ERROR object| __AMP_TOP object| __AMP_SERVICES object| __AMP__EXPERIMENT_TOGGLES object| __AMP_URL_CACHE boolean| __AMP_TAG object| __AMP_EXTENDED_ELEMENTS function| __AMP_BASE_CE_CLASS object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal object| ggeac object| google_js_reporting_queue object| adRecover undefined| google_measure_js_timing number| google_unique_id function| $ undefined| jQuery function| jqAlias object| aries string| currentState object| adpGlobals object| _apPbJs object| hbAnalytics object| adpTags string| nam object| placementData object| google_reactive_ads_global_state number| vidverto object| regeneratorRuntime object| aries_registry object| ucf object| request object| _apPbJsChunk object| mnet string| nobidVersion object| nobid string| paramsString object| Criteo object| _qevents object| ap_link_preview_states object| apLinkPreviewUtils object| apEuCountries object| cmTag object| _cm_wfCounters string| lastWfUrl function| inView function| VASTClient function| IMA function| VidvertoPlayer object| vpbjsChunk object| vpbjs object| _aries function| quantserve function| __qc object| ezt object| _qoptions boolean| noPreviewPage object| _google_rum_ns_ object| google_persistent_state_async number| google_global_correlator function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList number| google_srt object| google object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$companion_ad_selection_settings object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ads_rendering_settings object| ima object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error_event object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_event object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ads_manager_loaded_event object| goog object| inViewWindow function| Zepto object| Backbone function| startCMTagMain function| _createForOfIteratorHelper function| _unsupportedIterableToArray function| _arrayLikeToArray string| category object| google_ad_modifications object| google_prev_clients object| vidvertoPromiseCache object| closure_lm_371308 function| OvaMediaPlayer object| criteo_syncframe_state object| criteo_pubtag object| criteo_pubtag_prebid_135 object| Criteo_prebid_135 function| shuffle object| entertainment object| arrToUse object| playlist object| closure_lm_778567 function| VidvertoPlayerVideoPlaylistUI object| closure_lm_839548 object| Adform boolean| __adform_onload function| ADFReload function| ADFCall function| ADFcall

207 Cookies

Domain/Path Name / Value
i.liadm.com/s Name: _li_ss
Value: CgASDw13YacHEggKBgjGARDBFg
.bg3.co/ Name: sc_is_visitor_unique
Value: rx12918656.1700132970.818BA6A827164F56B6AB7E584B8ABE9D.1.1.1.1.1.1.1.1.1
.statcounter.com/ Name: is_unique
Value: sc12918656.1700132970.0
.statcounter.com/ Name: is_visitor_unique
Value: 1700132970250646902
.bg3.co/ Name: _ga_JLX4K2W8JS
Value: GS1.1.1700132970.1.0.1700132970.0.0.0
.bg3.co/ Name: _ga
Value: GA1.1.1685989450.1700132971
.bg3.co/ Name: __gads
Value: ID=b41398bdaa9909b2:T=1700132970:RT=1700132970:S=ALNI_MY9TDWl_IAj-r6iD6RW7pCAt1wm8w
.bg3.co/ Name: __gpi
Value: UID=00000cc9e0085334:T=1700132970:RT=1700132970:S=ALNI_MaGHGq4gTOIhiQ9EJVN50HJyw1Ixg
www.bg3.co/ Name: __AP_SESSION__
Value: de0a6628-9afc-4ed1-b7d4-ff254e143276
.doubleclick.net/ Name: IDE
Value: AHWqTUmYxJk5j09MexcUE3zWXKnxtRY_yt80b8WWhIGMPI4DYjE7BCagBMQaYKcA_Bk
www.bg3.co/ Name: trc_cookie_storage
Value: taboola%2520global%253Auser-id%3Ddfc8358d-d57b-421b-97fb-c43154cfe7b5-tuctc4f7dea
ad.vidverto.io/ Name: moxuuid
Value: 4c4b5e78-4b85-4319-9c94-885ef85562d3
ad.vidverto.io/ Name: _mwayss_zone_imp[9799][count]
Value: 0
ad.vidverto.io/ Name: _mwayss_zone_imp[9799][frequencyPeriodEnd]
Value: 1700219372
ad.vidverto.io/ Name: _mwayss_imp[23133][count]
Value: 0
ad.vidverto.io/ Name: _mwayss_imp[23133][frequencyPeriodEnd]
Value: 1700219372
ad.vidverto.io/ Name: _mwayss_camp_imp[10351][count]
Value: 0
ad.vidverto.io/ Name: _mwayss_camp_imp[10351][frequencyPeriodEnd]
Value: 1700219372
ad.vidverto.io/ Name: _mwayss_imp[23239][count]
Value: 0
ad.vidverto.io/ Name: _mwayss_imp[23239][frequencyPeriodEnd]
Value: 1700219372
ad.vidverto.io/ Name: _mwayss_camp_imp[10384][count]
Value: 0
ad.vidverto.io/ Name: _mwayss_camp_imp[10384][frequencyPeriodEnd]
Value: 1700219372
www.bg3.co/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.bg3.co/ Name: _pubcid
Value: 2c4219bf-0a64-43c4-813b-e4dc5de0ea0c
.openx.net/ Name: receive-cookie-deprecation
Value: 1
.aralego.com/ Name: sspid
Value: 1d06a2b9-53cd-36ea-bdcb-8612e5fa2cc3
.omnitagjs.com/ Name: ayl_visitor
Value: b8a1d49d298f6c37e0b62b5d2edb130f
.bidswitch.net/ Name: tuuid
Value: 9fda2ccc-c830-446d-93e5-b2b049761564
.bidswitch.net/ Name: c
Value: 1700132972
a4p.adpartner.pro/ Name: apuid
Value: eb848c1b-cdc1-48fb-b186-57ac9bcafe30
.bidswitch.net/ Name: tuuid_lu
Value: 1700132973
.teads.tv/ Name: tt_viewer
Value: e749febd-847a-46f3-ae87-f65a1c76e7b9
.teads.tv/ Name: receive-cookie-deprecation
Value: 1
ad.vidverto.io/ Name: adpartner
Value: eb848c1b-cdc1-48fb-b186-57ac9bcafe30
.adnxs.com/ Name: uuid2
Value: 500845215933131403
ad.vidver.to/ Name: bidswitch_com
Value: 9fda2ccc-c830-446d-93e5-b2b049761564
.aralego.com/ Name: euconsent-v2
Value:
.rubiconproject.com/ Name: khaos
Value: LP139Y10-G-4X8A
.smartadserver.com/ Name: pid
Value: 1022322488938986752
.360yield.com/ Name: tuuid
Value: 79fa1d23-cc90-49bd-ad79-8a4547142217
.360yield.com/ Name: tuuid_lu
Value: 1700132973
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 0C12FB58-4C26-466B-B2C8-B7995E65D171
.ads.stickyadstv.com/ Name: UID
Value: b66f21b54857ce7ad1d8d01265367bc
ad.mox.tv/ Name: onetag
Value: gqezkTm2WS7UVcC0tghobplhIKzpWvhADTUhlDNXlsc
.yahoo.com/ Name: A3
Value: d=AQABBG74VWUCEJ_2Gi3lWbpT8Oul2NTOBZ4FEgEBAQFJV2VfZQAAAAAA_eMAAA&S=AQAAAk3k4t6nE_ZJzK7DoT9NCcI
.casalemedia.com/ Name: CMID
Value: ZVX4btzE3ScfCHXUwhjfswAA
.casalemedia.com/ Name: CMPS
Value: 5237
.casalemedia.com/ Name: CMPRO
Value: 5237
.lijit.com/ Name: ljt_reader
Value: Hql9uGZH1CvkZeCYQnORcCxJ
.yieldmo.com/ Name: yieldmo_id
Value: 3FypDMM665MWjbBWWAJ7%7C1700092800000%7C0
.smaato.net/ Name: SCM
Value: 572eec4f08
.smaato.net/ Name: SCMu
Value: 572eec4f08
.yandex.ru/ Name: yuidss
Value: 5462780751700132975
.yandex.ru/ Name: yandexuid
Value: 5462780751700132975
.admixer.net/ Name: am-uid
Value: 0e672bcae2dd40cdbd8a92adb0f8d329
.socdm.com/ Name: SOC
Value: ZVX4b8Co5uYAALLE.8MAAAAA
.quantserve.com/ Name: mc
Value: 6555f870-a36db-f13bc-318f8
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-1e642822-578c-4c31-9f7e-c461572976c2-003%22%7D
.bg3.co/ Name: __qca
Value: P0-1577893644-1700132974069
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.bidr.io/ Name: bito
Value: AAHXxE7Kq_EAABTv7sfYQQ
.bidr.io/ Name: bitoIsSecure
Value: ok
.ipredictive.com/ Name: cu
Value: 443381ad-be1b-4ff1-8521-3fb3045f3de8|1700132977196
.amazon-adsystem.com/ Name: ad-id
Value: A6XmzZlwIEERueZFvuSTzBo
.bg3.co/ Name: _ga_Z0TZ7TDHS1
Value: GS1.1.1700132977.1.0.1700132977.0.0.0
.adnxs.com/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJydWJpY29uIjp7InVpZCI6IkxQMTM5WTEwLUctNFg4QSIsImV4cGlyZXMiOiIyMDI0LTAyLTE0VDExOjA5OjM3WiJ9fSwiYmlydGhkYXkiOiIyMDIzLTExLTE2VDExOjA5OjM3WiJ9
.linkedin.com/ Name: bcookie
Value: "v=2&facf46d9-480d-48be-8229-5eb35927d52b"
.linkedin.com/ Name: li_gc
Value: MTswOzE3MDAxMzI5Nzc7MjswMjEchzIY1m1w0yTkikne4O7BAzS4sl1BZ6UvZFhGXurgYQ==
.linkedin.com/ Name: lidc
Value: "b=OGST06:s=O:r=O:a=O:p=O:g=2789:u=1:x=1:i=1700132977:t=1700219377:v=2:sig=AQGzINlfkLhawHrBVESwL3DF8lQsf_3g"
.primis.tech/ Name: csuuid
Value: 6555f871b420d
.adform.net/ Name: C
Value: 1
www.bg3.co/ Name: pbjs-unifiedid
Value: %7B%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222023-11-16T11%3A09%3A38%22%7D
.adnxs.com/ Name: anj
Value: dTM7k!M40]Erk#WF']wIg2In9nZOX?!]tck8i_iqf!oN/@E'zz<*Z0QHuT]f8Fm@+</u8%O6`KMu]HjGcM[v'.3QjZTD._*Pl[h>oaUgZoTtsC3Nu7x4h6V'k2<HmI#w)U?/^B2d$SN:Q)$Jq
.openx.net/ Name: pd
Value: v2|1700132979|gen0vNvQiygu
.openx.net/ Name: i
Value: ab13e1f0-4ea5-4ef8-aefa-09a53d2a6470|1700132979
.lijit.com/ Name: _ljtrtb_273657
Value: 273657
.onetag-sys.com/ Name: OTP
Value: P7izp4317_tKBUmF2jkjgDBVxc2fEsy87MZ5HnKEOdA
.servenobid.com/ Name: pid_312
Value: 500845215933131403
.servenobid.com/ Name: pid_337
Value: y-cgQFRH5E2uFD5FZ1OqfDLRF14AGHdV6woLNDAHA-~A
.servenobid.com/ Name: pid_339
Value: y-cgQFRH5E2uFD5FZ1OqfDLRF14AGHdV6woLNDAHA-~A
.servenobid.com/ Name: pid_310
Value: Hql9uGZH1CvkZeCYQnORcCxJ
.servenobid.com/ Name: pid_317
Value: 1022322488938986752
.adform.net/ Name: TPC
Value: 1700132981048
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNjU0MTG1sDA1MjexsLQwMjAwNxPiM9TNL6h01vXw9ElJyggFAKMZn3AlAAAA
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNjU0MTG1sDA1MjexsLQwMjAwNxPiM9TNL6h01vXw9ElJyggFAKMZn3AlAAAA
.gumgum.com/ Name: vst
Value: e_9d726155-dce4-4d7f-b50a-496a4d8438bc
.doubleclick.net/ Name: ar_debug
Value: 1
.go.sonobi.com/ Name: __uis
Value: 6d7abaa9-6b75-434e-8d6f-8026df56dbea
.go.sonobi.com/ Name: HAPLB8G
Value: s8618|ZVX4d
.servenobid.com/ Name: pid_353
Value: 0000EEA
.servenobid.com/ Name: pid_324
Value: 5144588527489820076
.disqus.com/ Name: zeta-ssp-user-id
Value: ua-abc49f6c-1781-3cb5-a1e1-ec6e77536f31
.adform.net/ Name: uid
Value: 4296390461623842244
.servenobid.com/ Name: pid_318
Value: AMav111NabHvOyK5A3wtEK7Azazdyj1DoLAFcN-6NC8
.yellowblue.io/ Name: wrvUserID
Value: 83PWX3--Cp_s
.servenobid.com/ Name: pid_333
Value: ZVX4btzE3ScfCHXUwhjfswAAFHUAAAAB
.servenobid.com/ Name: pid_332
Value: 6d7abaa9-6b75-434e-8d6f-8026df56dbea
.minutemedia-prebid.com/ Name: wrvUserID
Value: TKPWX3--Cj_mm
.adotmob.com/ Name: uid
Value: 09ce2204003b608ae0fe3816
.adotmob.com/ Name: uuid
Value: 09ce2204003b608ae0fe3816
.adotmob.com/ Name: partners
Value: IX%3A1700132981518
.sitescout.com/ Name: ssi
Value: 118381f6-8542-441e-8997-93e63d54d767#1700132981540
.simpli.fi/ Name: suid
Value: 92ECAA55306B4FD395D26EC89C178274
.csync.loopme.me/ Name: viewer_token
Value: f194886c-a459-4bca-b87e-fa585f8f6de2
.contextweb.com/ Name: V
Value: LT3Ny37GwtSv
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: bc681a6d214e5874
.adentifi.com/ Name: adtheorent[cuid]
Value: cuid_a3fd63c1-8470-11ee-9978-12a7adfcdbeb
.teads.tv/ Name: tt_exelate
Value:
.teads.tv/ Name: tt_bluekai
Value:
.teads.tv/ Name: tt_liveramp
Value:
.teads.tv/ Name: tt_neustar
Value:
.teads.tv/ Name: tt_salesforce
Value:
.3lift.com/ Name: tluid
Value: 4067064112270208969257
.turn.com/ Name: uid
Value: 8640911169531480051
.liadm.com/ Name: lidid
Value: 61f9850b-a703-4904-a6a7-9668bd7d6ffa
.servenobid.com/ Name: pid_309
Value: e_9d726155-dce4-4d7f-b50a-496a4d8438bc
.metadsp.co.uk/ Name: ruuid
Value: dc3c1384-0302-4d38-99dd-0a9e2e8a8312
.metadsp.co.uk/ Name: c
Value: 1700132982
.metadsp.co.uk/ Name: ruuid_lu
Value: 1700132982
.crwdcntrl.net/ Name: _cc_dc
Value: 1
.crwdcntrl.net/ Name: _cc_id
Value: d99fceed2ef8ed218612ab095010e81
.crwdcntrl.net/ Name: _cc_cc
Value: "ACZ4XmOQT7G0TEtOTU0xSk2zAJKGFmaGRolJBpamBoYGqRaGDECQGvqjDERDAQBhGAsH"
.crwdcntrl.net/ Name: _cc_aud
Value: "ABR4XmNgYGBIDf1RBqSgAAAamwIp"
.smartadserver.com/ Name: TestIfCookieP
Value: ok
.smartadserver.com/ Name: pbw
Value: %24b%3d16890%3b%24o%3d11100
.zemanta.com/ Name: zuid
Value: CsLcpeFZxukIyenoxtIY
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESEIUZ9nAZfANXXa8siAXkIWk&KRTB&23025-CAESEIUZ9nAZfANXXa8siAXkIWk&KRTB&23386-CAESEIUZ9nAZfANXXa8siAXkIWk
.us.ck-ie.com/ Name: CID
Value: 60f3c36deb0472d90c50e9ec405e518e8cb28d97
.tapad.com/ Name: TapAd_TS
Value: 1700132982461
.tapad.com/ Name: TapAd_DID
Value: 450365dc-bec0-42ef-9a37-56852b2e2a46
.servenobid.com/ Name: pid_352
Value: 83PWX3--Cp_s
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value:
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-8d088009-e5eb-4ede-5f07-e3c376857bf2.5ffLQzaxCElohWI3XpaFYmD%2FMDiV5ESv8cH%2Bqxyh2o0
.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-8d088009-e5eb-4ede-5f07-e3c376857bf2.5ffLQzaxCElohWI3XpaFYmD%2FMDiV5ESv8cH%2Bqxyh2o0
sync.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AjQiACeXrTt5fB-PDdoV78g.PBR3S%2Fmd4MIpvUCQSEFOuw5TyhStL6T2hz51HKyQzaA
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AjQiACeXrTt5fB-PDdoV78g.PBR3S%2Fmd4MIpvUCQSEFOuw5TyhStL6T2hz51HKyQzaA
sync.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIMIOCOWjkkDx_XOFk2R4mXkACTS4HiPx-bfTPSHL0tjxEHwYAiD28NeqBjoE8Iu9MEIEcQ46Xw.8OElJ7hf30cHDpD%2BPjOWHq%2BI5mMqrrzk0FTwFfEjppU
.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIMIOCOWjkkDx_XOFk2R4mXkACTS4HiPx-bfTPSHL0tjxEHwYAiD28NeqBjoE8Iu9MEIEcQ46Xw.8OElJ7hf30cHDpD%2BPjOWHq%2BI5mMqrrzk0FTwFfEjppU
.servenobid.com/ Name: pid_346
Value: ua-abc49f6c-1781-3cb5-a1e1-ec6e77536f31
.servenobid.com/ Name: pid_348
Value: TKPWX3--Cj_mm
.criteo.com/ Name: uid
Value: 271aa54b-560d-4d1f-a1ae-a3997c7daf96
.creativecdn.com/ Name: ts
Value: 1700132983
.creativecdn.com/ Name: u
Value: XwIHGQ9ClVG9PWnhEgAs
.rlcdn.com/ Name: rlas3
Value: J7k9dvwleluHXblzZuD+w2JPeDhp+8kjtSV3q7xjZMY=
.rlcdn.com/ Name: pxrc
Value: CPfw16oGEgUI6AcQABIGCLrqARAA
.quantserve.com/ Name: d
Value: EMsBEQG4KvijCJiTAA
.bluekai.com/ Name: bku
Value: m3X99c4TPVDppZDz
.bluekai.com/ Name: bkpa
Value: KJy9DQY+d02pSUHknpx6meDTwtkAwVDlBekZjVJAnEQ6BtW+BejZ10NCjEQlnVRtBVWhRpztjE5imP2k5P2MSYjLSVNo5e6hJk26wEWl1e9h1p/8meWNBeRe9Blta6A=
.agkn.com/ Name: ab
Value: 0001%3AfHahT2GVYJrbqEpWDEI7HrvmKRdujuMT
.krxd.net/ Name: _kuid_
Value: P609x2sU
.analytics.yahoo.com/ Name: IDSYNC
Value: "194o~2f2z:18vk~2f2z:19e0~2f2z:196n~2f2z:18z8~2f2z"
.servenobid.com/ Name: pid_316
Value: 0C12FB58-4C26-466B-B2C8-B7995E65D171
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-7fYJHb37Cxj2og8ev6ERTurwXkv28A0Qvfv7esqf&KRTB&19420-7fYJHb37Cxj2og8ev6ERTurwXkv28A0Qvfv7esqf&KRTB&22979-7fYJHb37Cxj2og8ev6ERTurwXkv28A0Qvfv7esqf&KRTB&23462-7fYJHb37Cxj2og8ev6ERTurwXkv28A0Qvfv7esqf
.pubmatic.com/ Name: KRTBCOOKIE_18
Value: 22947-5144588527489820076
.pubmatic.com/ Name: KRTBCOOKIE_188
Value: 3189-118381f6-8542-441e-8997-93e63d54d767-6555f875-4348&KRTB&23418-118381f6-8542-441e-8997-93e63d54d767-6555f875-4348
.adfarm1.adition.com/ Name: UserID1
Value: 7302015560856696985
.adx.opera.com/ Name: UID
Value: OPUebc8d0fe4a37436cb8740274a79f101d
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZVX4dwAAD9xKHgBH
.de17a.com/ Name: guid
Value: 1.1928991434768822063
.weborama.fr/ Name: AFFICHE_W
Value: D6g6JRGLORIP71
.pubmatic.com/ Name: KRTBCOOKIE_1323
Value: 23480-OPUebc8d0fe4a37436cb8740274a79f101d&KRTB&23485-OPUebc8d0fe4a37436cb8740274a79f101d&KRTB&23524-OPUebc8d0fe4a37436cb8740274a79f101d
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-500845215933131403&KRTB&23339-500845215933131403
.pubmatic.com/ Name: KRTBCOOKIE_860
Value: 16335-jQiACeXrTt5fB-PDdoV78g&KRTB&23334-jQiACeXrTt5fB-PDdoV78g&KRTB&23417-jQiACeXrTt5fB-PDdoV78g&KRTB&23426-jQiACeXrTt5fB-PDdoV78g
.pubmatic.com/ Name: KRTBCOOKIE_945
Value: 19558-uid:&KRTB&23513-uid:&KRTB&23537-uid:
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-8640911169531480051&KRTB&23150-8640911169531480051&KRTB&23527-8640911169531480051
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-4296390461623842244&KRTB&23263-4296390461623842244&KRTB&23481-4296390461623842244
.pubmatic.com/ Name: KRTBCOOKIE_1101
Value: 23040-7302015560856696985&KRTB&23369-7302015560856696985
.bidswitch.net/ Name: google_push
Value: AXcoOmThk6oKG6lDMywSjBF4-EE_-u0FbSVaEeEl6PHPsMFGXp5vtoOJvY9yc2KsA_FdqjR-TUyCSmIjIyZJltqnzI6diaEcnza40YQTM0IcSwUgsuwJdsWfFTFIEHtEv7K-AHjMmMoSGrZ0n5UZAuwYEqtu
.servenobid.com/ Name: pid_323
Value: LP139Y10-G-4X8A
.smartadserver.com/ Name: csync
Value: 22:4296390461623842244|76:CAESEFtILp1V2GFKdwBJi0JP504|113:RX-1e642822-578c-4c31-9f7e-c461572976c2-003|127:AAHXxE7Kq_EAABTv7sfYQQ
.audrte.com/ Name: arcki2
Value: 927rC7yzy0GQL-WeYO-Yg4tYQ!20220908!1700132984166!ip#178.197.248.23
.audrte.com/ Name: arcki2_pubmatic
Value: 0C12FB58-4C26-466B-B2C8-B7995E65D171!20220908!1700132984166
.bumlam.com/ Name: suuid3
Value: IiRhNTZlOWRhYS04NDcwLTExZWUtYmJiMS0wMDI1OTBjODI0Mzc*
.pubmatic.com/ Name: KRTBCOOKIE_336
Value: 5844-1928991434768822063
.acuityplatform.com/ Name: auid
Value: 853050275236
.acuityplatform.com/ Name: aum
Value: "OikKAfqbdXNlck1hdGNoQnlVc2VyTWF0Y2hpbmdJZE1hcPqANPqNdXNlck1hdGNoaW5nSWTIkWxhc3REcm9wVGltZU1pbGxpcyUBRXV6KTK2mGxhc3RTdWNjZXNzZnVsTWF0Y2hNaWxsaXMlAUV1eikyto90aGlyZFBhcnR5VXNlcklkWkNBRVNFRWFfWHNNeTRULWM5eFdlSVFyMlRha/v7hnZlcnNpb27C+w=="
.contextweb.com/ Name: pb_rtb_ev
Value: 3-1o0u|7dN.0.AAHXxE7Kq_EAABTv7sfYQQ|7bq.0.1
.audrte.com/ Name: arcki2_ddp2
Value: 927rC7yzy0GQL-WeYO-Yg4tYQ!20220908!1700132984488
.pubmatic.com/ Name: KRTBCOOKIE_466
Value: 16530-9fda2ccc-c830-446d-93e5-b2b049761564
.pubmatic.com/ Name: KRTBCOOKIE_699
Value: 22727-AAHXxE7Kq_EAABTv7sfYQQ
.audrte.com/ Name: arcki2_adform
Value: 4296390461623842244!20220908!1700132984693
.rubiconproject.com/ Name: audit
Value: 1|naVuGyos1qpkI4llQXJoguHceFC4WArzC+Uv07FAmXWLtf1GXAu8nytzQEqEF9Fp0EDmZOSFlB1gEJ9oO5p1Ek7+8UWvn5lu
.pubmatic.com/ Name: DPSync3
Value: 1701302400%3A197_201_245_241_235_227_226_219
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_9vEyGtobmBgaGxkaWFmaGZ6ShzBNzQwMQEA0M2otyAAAAA
.dotomi.com/ Name: DotomiTest
Value: 642d2224ec5716e6
.sitescout.com/ Name: _ssuma
Value: eyI0NSI6MTcwMDEzMjk4NjE3NCwiMjQiOjE3MDAxMzI5ODE3NDQsIjM5IjoxNzAwMTMyOTgxNzQ0LCI3IjoxNzAwMTMyOTgxNzQ0fQ
.ctnsnet.com/ Name: cid
Value: e7eb00a092e946f1829dab10d42f3887
.pubmatic.com/ Name: KRTBCOOKIE_32
Value: 11175-AAAIxg0zRQuDdwNEMUo6AAAAAAA&KRTB&22713-AAAIxg0zRQuDdwNEMUo6AAAAAAA&KRTB&22715-AAAIxg0zRQuDdwNEMUo6AAAAAAA&KRTB&23519-AAAIxg0zRQuDdwNEMUo6AAAAAAA
.adsby.bidtheatre.com/ Name: __kuid
Value: 5a20b5b8-afad-4f61-9a02-e0ba66d3e4c2.469346986
.taptapnetworks.com/ Name: SONATA_ID
Value: csonata_d337bda2-51e8-4b4e-a65f-fdf5eb876af4
.semasio.net/ Name: SEUNCY
Value: 133AB01DBFAA3FB3
.onaudience.com/ Name: done_redirects104
Value: 1
.pubmatic.com/ Name: SyncRTB3
Value: 1701388800%3A35%7C1700697600%3A2_15_223%7C1700956800%3A63%7C1701302400%3A81_254_13_234_21_233_22_54_99_264_249_8_238_165_220_176_196_214_3_88_204_251_7_55_161_243_56_46_71_166%7C1705276800%3A69%7C1702684800%3A203
.zeotap.com/ Name: zc
Value: 5e635e9c-ddae-423d-4113-094b60993d05
.onaudience.com/ Name: cookie
Value: ea69bc13bddd5118
.onaudience.com/ Name: done_redirects200
Value: 1
.onaudience.com/ Name: done_redirects219
Value: 1
.smilewanted.com/ Name: sw_user_params_infos
Value: ZH7G6dXWEs8nrzfh8HLo4elqAKFR6%2FPbGgq2%2F8dmRmeyhJIA7UJej2LJes8656Rtx5ZiZP2NCCELnBoDtGTRahgva4aSMltDVd2No5X95vvOMioqVzziKE80JNzGv7xLbSDKo0KcNlC62%2FC9W%2FCSBudfc31QTzofg3cbnm5NwGEJJaF95rGi4NEKf%2FKggWVSD8djpzGS88g6NqdCJwpG%2F2DMgsNVOcYdPfSSfHV0yg3n1%2FP6nDQ3Na6aNQFys6zOYqvUiQnb0PcmjzIzZUCQuaxNfNo2rOZKbg5tKkmTaSnuxfrwZb429zSsfOUZ9QnUXGSOQPgz8waRyGN2WFNDkvxGI4H8KQDxpr8LNVA5ezoZ3vZFccS%2BGHpbA8du6eA1OLY41mGxbpYF085ixFrfYf5Hw0Utk%2FXv72S10b4la6JjWeG%2BU4G3J7X3mS3v05lZK7ztptle3lA6g3%2FY%2BWyfVlg4BKimwC5VRuzcpjvEIHo0MUareVY1KqIdi6Hn1QX0
.pubmatic.com/ Name: KRTBCOOKIE_409
Value: 22966-kODCF8PzngURhjbYhQQQVbbS
.pubmatic.com/ Name: PugT
Value: 1700132985
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-1e642822-578c-4c31-9f7e-c461572976c2-003%22%2C%22nxtrdr%22%3Afalse%2C%22zdxidn%22%3A%221508%22%7D
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 14
.pubmatic.com/ Name: pi
Value: 0:4
.zeotap.com/ Name: zsc
Value: %9F%FFv%CD7%C9Q%EEg%AF%9A%93%A3z%BA%FD%C3%DA%F3Q%16%86%21%9C%86m%F0l%3BE%AAL%9A%18%02%24G%C5-%5E%9D%BEHe%91%CAz%06z%B3D%3B%87%B7%7C6%27%9A%F2E%17%BC.%B8%1DF%96%8A~R%24%07%AB%8E%E16%B3%8C%D2c%93%13%AC
.ads.pubmatic.com/ Name: pubsyncexp
Value: 1700154587049
.tribalfusion.com/ Name: ANON_ID
Value: awntuJyOZbSFoJTyBr0uRxi9al361UuUBQotoXUQZcrWqsj4WDEd5Gn45ROg6GcB5nAZcCj7NiMT4SdK7hHh3fVl9Fg
.pubmatic.com/ Name: SPugT
Value: 1700132987

28 Console Messages

Source Level URL
Text
network error URL: https://static.bg3.co/imgs/202106/c88e5669501730c3a9632cbaa24321c2.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202309/e2c42b0dd9ecca15b12e7114b50a193f.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202111/9ef59ff42edee3c93a3bc5c7611bbdfc.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202309/7dac779a72d52754de2ceaf13886cd5c.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202309/c27c99e29db03ae00991044c59702901.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202012/31e22c7f8a38776fa9669c5894341ae2.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202309/45f721fd326e21dd1011476d4d985a77.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202108/2943441f9b9b1aad7662508621f04918.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/a7792d04144cf935b1101f732f47192c.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202204/03084efdaee0d5edeb3788cbb20b571b.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/dd00dc76f6c9dc3380ef262495d00bd2.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/f829dd9d407af708f6e1310d1adcc7ea.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202109/a56eb05d6e7d08f2c4ae6e6b9b08b136.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202309/3e5e70f86ad159db4807c6eafa088348.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202107/c3f1723ad73cffb0bb2b3a8a5cf963af.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202106/1c85b04da5e7ad99b6129c44ffc41137.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://id.rlcdn.com/711916.gif?ct=4&cv=
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://cdn.adpushup.com/42753/L2EvaHVhbmctemktamlhby14aWEtYmlhby16YW8tcXUteGlhby1kaW5nLWRhbi1iZWktbWFpLWppYS15YW8tcWl1LXpob25nLWRpbmcteWkta2FuLWppZS1xaWFuLXpoYW5nLTViZWktemhlbi1kZS15b3UtZGlhbi1ndW8taHVvLmh0bWw=.json
Message:
Failed to load resource: the server responded with a status of 404 ()
security warning URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 500)
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
network error URL: https://id.rlcdn.com/711916.gif?ct=4&cv=
Message:
Failed to load resource: the server responded with a status of 400 ()
security warning URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 500)
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
other warning URL: https://a.teads.tv/media/flavors/native.js
Message:
Origin trial controlled feature not enabled: 'attribution-reporting'.
network error URL: https://id.rlcdn.com/711916.gif?ct=4&cv=
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://id.rlcdn.com/711916.gif?ct=4&cv=
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://hal9000.redintelligence.net/zone/8w7qrx09r0fs?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC67uqcfhVZfaOBuCttOUPvPaPwAqRwdCbafvwg5LcD_AuEAEg0syBGmD1hYCA1ATIAQmpAjOWNy3ILrI-qAMByAObBKoElQJP0P42TsEvjVpg43TxDZM3BpIUuAn0n7fUvL2WppaePVZyVUUQIEbCqwDqnzqXBGK6UGNaUcrI3xYCAVlo5PWk-JdYVpGrPFsxAVVhQsTqbmALnJp-wA5-ZUIOPKq0hpjpydNUC2efxSxJzKXfrFs_Ju5InJm6ipwgKeijO5lYy71HpBsbV4X37QFZ6pO8rVPEdHnzvqutufKj0DkZsdPqnjtFZGyOQbqMM2V3GMst1RlVwRNHc89tE35RRdmyf2Kw971WrsSzo7WUQbbxOmzA14W7axjRwYMbn5t7qCCOvpcvxMbhIUvTD9UmXakwC_IzrqU-INDhcXr6Pd8vdmHbnVpMnuL8nMpU_InrsI48rFpAZ3xAwAT6xouO_APgBAOIBcHeovg9kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgGEQARhdMgKKAjoCgEBIvf3BOoAKA5gLAcgLAYAMAaIMECoOCgzktLEC7rWxArW4sQKqDQJDSLATlbXRDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSPADICaaNen2ulRd4LXLlSvD7FssKAhQxgICobLolEYhcW4D1lkvUNkW2E-sN0xkhdWexZ3rqieBpiUX17hgB%26sig%3DAOD64_2PJsbxvqeOoDJgjpzJC-t_HnspWQ%26client%3Dca-pub-4485239425924787%26dbm_c%3DAKAmf-BBx-8IjscnRv_kav1hdMsG5cX1IunA4av9n57ufz9Q-bnxOC2WxqxVgDlaiXIddoBu6dQ3P_pDO3Epg8x7XCv0iOdAJkDXuJV4KzasvICrCXfXfoiAfcIYOCEr3E--W9DHb9njbtbfEMzVN0dfygK9qgS_-X0uC4TCbrqC7SKAIQoouHE%26cry%3D1%26dbm_d%3DAKAmf-CkR6emN87NXGodO3Xkre9ZxB83T0KNyMrJp1ReTdBIx7EsGgTNrRgqRmXhGfkpM0H-4Dw5hrcWOohHbmOd7GxPDVm3FMpVW4yvZ8tmawYnVi8OGmEmqlbfQXWzaB-4jLE8RpQTsN48qS-qkACvUeUIrb6MaM8rd1MtF3zVpeBSJOk1GjRt6uiPs8TjjWRqvJTdx8EHiPreYeKQ1gXUv17ZofXHdCc--9mVsHmtuI8QxvJ9aceqPSD2J-T3rFAdUC7XtAhgKToz2crlhw30IsA20XbfOfw2zJaxdOlT9SSkPE21SxZ8eW3b2NnJw-XTqHio7-Aod2UYv33toq7HvrSPwCh4j5ZkL2H6SPy98q85A1sg-s6aE36s1gJ9kHlbdt0EGd6s0qcEzMPGdeV3u20NQrym-0OjVKfaeKcOpzuvk1h3h5FpM1pdRFIvAY_lCTPLxVM2OgpH2s4OfrHVHhb-rVpXIXArWo6Ef16dkuByhCIPb27A6tXIgHMddgcFiuuBsvcd1SdZpr1mY4pO9Gi0of3X5dKashniLHVIZ3NBXSFv-_Mi3BQZ6hNIqJG-eTK046OfxcvkLt5QFNlE2ZwriSDMItcY8ojPO8ynNj_LRLDf9BaOex7B53_5SKCAv0VFKd0ntG1aGdoAVevWNuX6G1uDTNqyxt3VrQfLhRwLphRz5HUNxmdOIaNVMhP3J8ufMJONYkOWalW1LMU4M5849O_O3w%26adurl%3D
Message:
Failed to load resource: net::ERR_EMPTY_RESPONSE
network error URL: https://pippio.com/api/sync?pid=710914&_=2&it=4&it=4&it=4&iv=cd8996eced116af71651e4eedd6865840605caf0e6b0219d0a43ded30f06bb93
Message:
Failed to load resource: the server responded with a status of 451 ()
network error URL: https://pippio.com/api/sync?pid=710914&_=2&it=4&it=4&it=4&iv=cd8996eced116af71651e4eedd6865840605caf0e6b0219d0a43ded30f06bb93
Message:
Failed to load resource: the server responded with a status of 451 ()
security warning URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 500)
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1x1.a-mo.net
a.audrte.com
a.teads.tv
a.tribalfusion.com
a4p.adpartner.pro
aa.agkn.com
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad.360yield.com
ad.doubleclick.net
ad.mox.tv
ad.mrtnsvr.com
ad.turn.com
ad.vidver.to
ad.vidverto.io
adpushup-d.openx.net
ads.aralego.com
ads.playground.xyz
ads.pubmatic.com
ads.servenobid.com
ads.stickyadstv.com
ads.yieldmo.com
adx3.adform.net
am-match.taboola.com
am-vid-events.taboola.com
am-wf.taboola.com
an.yandex.ru
ap.lijit.com
b1sync.zemanta.com
b6b8a151ac2a3038939ef9cb3e6a97ce.safeframe.googlesyndication.com
beacon-ams3.rubiconproject.com
beacon.krxd.net
bh.contextweb.com
bidder.criteo.com
c.bannerflow.net
c.statcounter.com
c1.adform.net
cdn.adpushup.com
cdn.ampproject.org
cdn.aralego.net
cdn.indexww.com
cdn.jsdelivr.net
cdn.taboola.com
cdn.vidverto.io
cds.taboola.com
ce.lijit.com
cm-supply-web.gammaplatform.com
cm.adform.net
cm.adgrx.com
cm.g.doubleclick.net
cms.quantserve.com
code.jquery.com
contextual.media.net
core.iprom.net
cr.frontend.weborama.fr
creativecdn.com
cs-rtb.minutemedia-prebid.com
cs-server-s2s.yellowblue.io
cs.yellowblue.io
csi.gstatic.com
csync.loopme.me
csync.smilewanted.com
d5p.de17a.com
delivery.adrecover.com
dis.criteo.com
dmp.adform.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
e3.adpushup.com
e8dcf410f0bc838e0d9790e74ac3cf4b.safeframe.googlesyndication.com
eb2.3lift.com
eu-u.openx.net
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
g2.gumgum.com
googleads.g.doubleclick.net
green.erne.co
grid.bidswitch.net
gum.criteo.com
hal9000.redintelligence.net
hb-api.omnitagjs.com
hb.yahoo.net
hbx.media.net
htlb.casalemedia.com
http-intake.logs.datadoghq.com
i.liadm.com
ib.adnxs.com
ice.360yield.com
id.rlcdn.com
idsync.rlcdn.com
il-trc-events.taboola.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
image8.pubmatic.com
images.taboola.com
imasdk.googleapis.com
imprammp.taboola.com
inv-nets.admixer.net
ipac.ctnsnet.com
js-sec.indexww.com
live.primis.tech
loadm.exelator.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
match.sharethrough.com
matching.truffle.bid
mwzeom.zeotap.com
onetag-sys.com
p.rfihub.com
pagead2.googlesyndication.com
pippio.com
pips.taboola.com
pixel-eu.onaudience.com
pixel-eu.rubiconproject.com
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pixel.onaudience.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.tapad.com
pr-bh.ybp.yahoo.com
prebid-server.rubiconproject.com
prebid.a-mo.net
prebid.media.net
prebid.smilewanted.com
pubads.g.doubleclick.net
public.servenobid.com
pubmatic-match.dotomi.com
px.ads.linkedin.com
r.casalemedia.com
region1.google-analytics.com
rtb-csync.smartadserver.com
rtb.adentifi.com
rtb.gumgum.com
rtb.openx.net
rules.quantcount.com
s.ad.smaato.net
s.amazon-adsystem.com
s.tribalfusion.com
s0.2mdn.net
s1.adform.net
s8t.teads.tv
sdk.streamrail.com
secure-assets.rubiconproject.com
secure.adnxs.com
secure.quantserve.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
sonata-notifications.taptapnetworks.com
spl.zeotap.com
ssbsync-global.smartadserver.com
ssbsync.smartadserver.com
ssp.disqus.com
ssum-sec.casalemedia.com
static.bg3.co
static.criteo.net
static.smilewanted.com
sync-tm.everesttech.net
sync.1rx.io
sync.adkernel.com
sync.adotmob.com
sync.aralego.com
sync.bumlam.com
sync.crwdcntrl.net
sync.go.sonobi.com
sync.ipredictive.com
sync.mathtag.com
sync.smartadserver.com
sync.springserve.com
sync.srv.stackadapt.com
sync.taboola.com
sync.targeting.unrulymedia.com
sync.teads.tv
t.adx.opera.com
t.teads.tv
t2.teads.tv
tags.bluekai.com
tg.socdm.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
track.adform.net
trc-events.taboola.com
trc.taboola.com
u.ipw.metadsp.co.uk
u.openx.net
uipglob.semasio.net
um.simpli.fi
ums.acuityplatform.com
ups.analytics.yahoo.com
us-u.openx.net
us.ck-ie.com
usersync.gumgum.com
vidstat.taboola.com
vidstatb.taboola.com
visitor.omnitagjs.com
wf.taboola.com
www.bg3.co
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.statcounter.com
x.bidswitch.net
ad.mrtnsvr.com
cm-supply-web.gammaplatform.com
hal9000.redintelligence.net
prebid.a-mo.net
static.bg3.co
sync.adkernel.com
103.231.174.251
104.16.88.20
104.17.202.110
104.18.25.173
104.20.219.77
104.22.25.87
104.22.68.131
107.178.254.65
13.107.42.14
13.248.245.213
13.32.27.65
13.32.27.7
13.32.99.20
141.226.224.32
141.226.228.48
141.94.170.77
141.94.240.143
142.250.181.227
142.250.184.193
142.250.185.132
142.250.185.166
142.250.185.194
142.250.185.202
142.250.185.225
142.250.186.104
142.250.186.162
142.250.186.97
147.75.84.158
15.235.15.221
151.101.1.108
151.101.129.44
151.101.193.44
151.101.2.137
151.101.66.49
152.199.21.70
154.54.250.150
154.59.122.79
162.210.196.208
162.55.120.196
167.235.184.171
169.197.150.8
172.217.18.2
172.217.18.6
172.217.23.106
172.217.26.227
172.64.149.180
172.64.151.101
172.67.71.254
175.110.113.214
178.250.1.11
178.250.1.3
178.250.1.8
178.250.1.9
18.185.207.108
18.197.219.206
18.202.39.242
18.203.132.178
18.203.198.173
18.245.60.57
18.66.112.58
18.66.97.31
184.30.20.22
184.30.21.51
184.30.22.30
185.106.33.48
185.132.133.134
185.180.223.221
185.184.8.90
185.29.132.241
185.64.190.81
185.64.191.210
185.84.60.20
185.86.139.93
185.89.211.12
188.166.17.21
192.96.203.13
193.0.160.130
195.5.165.20
198.47.127.18
198.47.127.19
198.47.127.205
2.16.97.41
2.18.160.23
2.18.161.51
208.93.169.131
209.54.182.161
211.120.53.206
213.155.156.181
213.19.162.37
213.19.162.51
216.239.32.36
216.52.2.30
216.52.2.39
216.58.212.130
23.35.236.201
23.48.23.44
23.56.202.187
23.97.225.52
3.127.123.183
3.214.253.15
3.216.57.210
3.233.156.160
3.65.51.143
3.75.62.37
31.172.81.159
34.102.253.54
34.111.113.62
34.111.129.221
34.120.63.153
34.246.239.231
34.247.233.198
34.252.177.198
34.98.64.218
35.186.193.173
35.204.74.118
35.210.239.72
35.214.186.3
35.227.252.103
35.244.159.8
35.244.174.68
35.71.131.137
37.157.2.228
37.157.2.229
37.157.4.28
37.157.6.234
44.198.128.71
45.137.176.88
46.228.164.11
46.228.174.117
50.31.142.95
51.38.120.206
51.83.220.94
52.17.168.131
52.19.228.53
52.212.105.38
52.28.38.5
52.31.127.110
52.6.176.132
52.73.179.168
52.95.118.179
54.165.29.149
54.171.40.33
54.194.65.19
54.229.235.73
54.72.15.103
54.78.254.47
54.87.176.184
64.158.223.137
64.95.96.108
69.166.1.35
69.173.144.137
69.173.144.138
69.173.144.139
69.173.144.165
69.192.160.219
77.243.51.121
8.2.110.114
8.43.72.97
82.145.213.8
85.114.159.118
87.250.250.90
91.228.74.244
98.98.134.243
01802f71fe0c1e7c305af2ac870ab5cafced12077f6f2b4c33cdf2eb133a26e5
0407dafc112212a135d1aa4dd9b40ba0208c6bb6b1959f5535af093254189d66
0414d0221112224b4c926de91a6e316f9d9aba685aa8b05fd0654848d8fcdf55
046c7a4ef42da70b08467c2d37701973f500b8a7e97732be65b3b6e27ddc82d5
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
070860f42ab61a7571754d4ce072a13fb2250e2e731da83e729529c88481628a
072cf9c4e19bc722c3c45a42bbf606c47dca29a7b00c3e4f7f18b6e69ffb6c3e
07bbebd59e313af27f217a7b805716c87cf554d6efca2bab2af7723d21809c88
07c83c2db3ceab4994ee03ebf7ef5b7650f486d4a1cafe06f7da291aad4fe799
09343d3b3473e1c994b2d603c99feb8a0f63fbd3ff20be7432ff18b973dbe651
0ad1b7c562fef991ebd6d45c32d120ab2799c448db22d95b15528a35af9ff69f
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c3996bd8ed0671b55614c005c16d872f3e18abfeb6a7df5c4054c0bc1f7014d
0c4175a1c0a4f94d269222c6a1fcbc076014834b21113fd5d1e14dbca3c0f550
0f2aac94d011ec45570ef1245e5fc8df73ebd09b1c6859c5a8393df5336e01b2
11c76e582218e442391f05ce7c78c80755be2100325ddb1dec2dc05ac06880b2
12af7975664854ca36da674714083fa05297940fce71e42dabf688e2eb19a0f1
12b5eaccd8a9d81a6a12512566d2b72aa7c100b4a261a08ee6aae4679a9e36b4
144576d3f889133adc55e4730a2f0528206d62e7a5e9c17f4ae564886ce9cd38
178016cb77a837b388ae8023f396047c8105054f9bde9462731318b47a5392d6
17d13b26cae2b73a148a8de81b6222b248beb5c183618c4a323aed8f128d3f07
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
189abb7ba495caf93baceba77b945913ed763e67902af69f79381afdaba5c7cd
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
18fd75b6197f86735ed124de5e1ef3a064ffbb52700b9ed4b7e1f5dbfa79e321
1a1d718d37cfe41f443875b0e534554d59fc224d8ea838cfbfcb5d9d426a2a59
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced
1c20d54555b098aef8269b6fa89b316fa731aac67e6926c1203c27edf8cf9dbd
1ca3a96a6cd254e9abe986a1eeafd65644b11b0de41b80f10bc9c46e321ef249
1cda9e4909bacdb4c016d9687cede6656613b0afe807e9c404fad0c1ea419d2a
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4
20160b923de864cdf44fa26bfd6281a9e0aba7eb800fac86804d9a41a93c2394
20678c305b50c0988193d64cb34f41e2dcb6f2fa48353106436ea301e07ce70a
21faa9449ef1623392c20a946bd97779c2dc14b2cb986e2ed4a75be5f6ceadc1
22d9dc8a34bcbffe719050b949b9872f9af036a9bbfd3ca2e99165d604acaf24
243f903a4419497e746b70ab4c95b562e36c02e273048abb00965524b4a65a6b
25b1b4e9934aa4cb8e8bdf5fd7911f6ec67acde6b6b39f1561aec2244f7826af
26914004d3a8d5ddde2202b642d7936eb61c9f195b5cd3c87e44ef8ad4d57c16
27d6ba134553745312d716620773c823abd0334a4d9f162d2cd24417d175e5b9
286551a894e8d9f3b27fb3c86d432b0ad3d33695b0056b2300457d13f9ebde76
28ff285bbb2eab4fafcb904dea173b2a35808136651c92613326c072da49169c
297b2161f034edd0ac70974992f76110aef25e9dd1350e1afcf5449735b061d9
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2adee87fcb8a2f7509abdc4b195a1c0b73d8967ed7b507a05337f6badb5133d6
2afb3cf38deea01d461f29b961c8aab0da4f121a84a9c843f49dc7cced99b6a5
2c2f6f9490d297b317a366603ad1b268ae13555606f18dafc68c2569d91e1d04
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2ebcdc45625d8bd6eb8cea62780c1128df28c86ef0e10a6369ec23c97d61d92c
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
30551997de2481542a5b34e1a2c911d560820b78be586a71066ff2749aec54bd
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
32ab0a5c85cabdb695704b5128a8fb7c9a8dfa3242cc36ceda6bb0650a45b35f
35463ce93e7c820faa404db98d939ff640ae78ca0e29be043861853c9e07c586
35c214f925928346f704baed1b7f12e1ba193d1e614e1b9dd36f5c8c5f4ff276
36610e3224302f10fd81f87ccd01b088b2e3368dff6f838763264ff80ffe9973
37517e5f3dc66819f61f5a7bb8ace1921282415f10551d2defa5c3eb0985b570
385bfa33cb2a15bfffb758f64c71fb1d335bbbd8f2f79191b113c0a4709734d7
38d48fc88946e259a899d9e4308175a7421de908e1a17800de365f3ef83fa4bf
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
3974624ff80521dbd81d3ed32f8ec10c7baef11c272f46626a6284538e90e44b
398de2685f4d09e875b1de6d1778799533939abb8addedd5a4a378ee028dca6c
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618
39cd2d94116bd462c6fc4bbae33b9f5a084523d19e03d79231a7af0421c274ec
3b1eff64e77bf4378206394ce0eaa5726402de0d0711131317f8a1054f460282
3b35fdd96e2f5653cd23a72bb5f0de5f3c9e5ad5dc6770259c27c902ec6de2a1
3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658
3c779dc3b98ab34f2dfde9caa9b2ddd17ba1a1c5b9c9d28d677965b9a54a2362
3c8c09124801a8a9cb028d5da8386bf00f1f6daaedea22716beec6db58e62a43
3d2d5c462862cb6c0eddc68d2e5907800e6ad736a603fe91ac55f6593892fd17
3d3251d937d209def48e958bfeec683ca39dc0f15eb22f99bc3e7035995cd552
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3e4a1da0bd53c2d9cd2079dc0f47c9b591591a83d10e8cf5d5fe24c9c6cd95dd
3e75db1bd89b64a9d895f582c4371a3d45f7b322e94e989885c713eaf62e9ff5
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fbbb39f2306e785c1345acd03e022f07da5db2758c7600b67e7c6795262c4bd
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
4071cc9edb33dac75c471b3635d7e4660041b2534fd61b23177c77e2274a3e9c
426a6e209c2f680b4e2d5a54381eb2148143ef6fa5d161c309975e1870969e9c
42fe10d8382d3fb7f84308b95ae83c5959838f0aeff2cb1733bab9d394c5a2d7
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44603e9bad4a7793dae8bb50619434b2dd6871174632f8486291230e2c3bcba5
456bc95a3265f859c7d2857f46596c29a18cb6c592c73734f1cc673bb45123a8
466801a1c350bd880dcd6606402a714b174dd2e577ee4062542be4cb882cd9e0
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
47b193b0d3ac7fcb7bf22555b602c310145a0f6c1fd9acae397c121b22203f19
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4a99098366c1444ebbebb98877a97632f7fc529bb3869dcc6825bf07fd76cd0a
4ab7918478793ceb022d3f5449e401b44b78d87bc4429058ebb8b64163640da2
4b11a3cb86b8e90ee13ac577dbb1a2398373c7d7777a18066cf50b991ecae129
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d7ee587b1b2fb177db15824d9de078179371e1068c7d71a7c3941dab2806eba
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4eefdd923f73deeaec9e4ecb4cc3fae74379145f0fd3f5892165326bce8ed0ea
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
4f8b3eb92715fed34676ceecb8604536538241f7b633e7d00034e7c9dde9c8c6
4fc3fbab3a7b40af82b17037da21244ae739ecd4ec8649297117c90f912cedb0
518395e451c4563dcd1fb1b4504d05f84a007361cd66119b74e44102f97b9dc5
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55b198b5ed1bd02e77f84c6971a69d5c2160c0c32fd770ce33405e194750f5fd
55e660b30aad3334068c80b8905331158b276816c5e996461cc862343733e09a
577bbeb02edadd6a6119ee367adac8fd8b43b40a3763939f1d01e3cb9dd9a9a8
5caee3aaa1a04aac55e465614f4329486f5f2a3626706f000b61cc434ad92838
5f20338b9aab2f5f33562eb3b0b23d999896ce426cacd2231b4123510571df4e
5f3bb7d2144b8517557196ef7763e8dc3e394f490a2ef176932ed7411d8e8fb5
60f74110267d386c033ca330fc5bbd7d2472c972b63b33fa8000e87c8f815de6
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016
62b67fe02b0cba2ac38d051cf168d3a25bf2d3765e5fb7d2fa792c9b74c3a5ee
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
6356de0eb2efef06a8338e5779a7d4e0f35fb127823cf356c6e3d5495d96b230
63f830b2a5a39216e6e907ba7974b352d6b40a65368a5748fbaef20b0607e555
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
66776998b10e583a72f8fd29391a50e2c80eb3bc9a65b0dafe97e576d7d88507
69f29a3e2fa1f86f96fb1270fde16b4596ad4cfde81be067e46ef777bec1ae84
6a04994b6b871bef6278fe594026f7f5b75baadedff3526b6d00240486d991a2
6a127535540d42eae82ee476f77f64e3cf99980bb3f9bc18c296cc8593734556
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b278e48df6b2e2f917803f532a9257fbb46bf576a8dfc07f1f8eb94468b54e8
6c0fb5e316629a9a2a31e0fb9003d57a5f743c0894e029ba3a6e92a3f1179da8
6d83b77c3d8c5c0ccc7078540a1fb0bd9fa43eeb82b89f83264d469aa100c088
6f22e70f0121384d134fffed21418a6b55115ccfaa3bccf556187e3a8568248c
70d5fbcd70005c02611c87715a5dddb1bdd69f8b89d817b2562b8dce42386877
70d904c770393729e15856ee04c32e100fe50982a4de36d540a7fd7096afe6f9
70faa8a3106b32300aeade7a3f39e87e92b777b0bc31fa7c8514c730b2edfc26
73f430d20ee21e59fe0849395c4a36691c5cf737b5926f49af1c26b75d2f0103
7454471a762e5b490179ed541bb8e7158c6369661251e54203c2220fedad8af5
746589ecfb4406519933a6aea5f1149224afcba81e3c3ef0541e7ad6c8111b7e
7599f08b4af8d99f71adc6d59584ad14c0ecedec984ca2307710e0b6110efe13
77daa4388c965a3e23b5a6c800727d8025ab108f89cf5679e79136986d5b4561
786c7be1974ccce2bd33de1579abfd3bf4343ea99da16780ffa18c27b4cb6ee2
79e5889c36479f99096a96a61cbfa92fc35ecf12d233635e0224b2c415859de1
7ac3517a3dc7faa2258f56236360201bb0f23aa702ff53300bcb4efc8e4407af
7b7767c6c728d8afb551f77b416ae0807a85211a38e207655628a8190f8c8d5e
7c2817288f01a2a5b60287ffd311855262da7663f5e579a8cc2b108db189c089
7e1ae5367ac5f55e7abb5a8d84d12605c22f5312223ed690f151c5277ae2e507
7eddc7e40f583d7244a3f2235d6be162336c446b943ebcf7a4f4a0d02fa18030
7f568d8264dadea5781e90e648a3b0ee036c0bd1c6f810fd109883b7984c9577
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
834547203256db310a21bd6c541e05b13c741da4f7aec1c65e6d9d43f5eefef6
83ecdfb76c38605f0e3538a0a9de0f1e57a457a2dfebe0654ee2f9b13c49a2ec
86ee0e760c043b495df32283b44ba844e416df4ac5189fe6a0d801c781e35125
876c7037c10e286c95b389b4359e891e2f03d997ae1601fc7f78420e6e29987e
87d8ca2fb4873aab80c639cc801e6482a11c9259dfa81609ba8f0d6a7774f63b
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8a170f5913eecb1afeda4cccca5d5b9589c8f068a04ae2c517b602e1484982b4
8a7f4d0dace49ce143b43f43372cf0b58d479e4393523bb91ceaae407142e4cf
8b38a35e782e5a5b7e8551d198d849ce7998585901c25ee90802ffb3e7e9dbf4
8b3bd6344a360847d4c1cd39e1d760861422fd06f852fe063abd34fa74fce99e
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
8cd81723c91999c9c329827a042e8a4f4060c0698696be432d02bc9c3a59ec9a
8cfe14e7074a46d8408f88dc93aab82bdb40b40a9409d81a72041d4c3529012c
8d21e83361177be307d7954587f4b3cc9627ba5f7028dc4bf930d81daa356174
8d26e201c5bf921cce628506e3d6b7d9645e6001d7b94d169d468249a43421f5
8d5d4d2769bdb28802f4309747ef6a358007eeb37daadc66a78ba0ca81cd4bce
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652
8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a
908a935e15d34ec51aa5d98fb7c9f11b814fac80cc7e1bc32aed903df3754558
915e540ec4846f32a7e0ded607aecbe88840842f30933a946260d0fdcd72c782
9284d948e86d2e99f31483b5f4b3a4c3e65e0a6fbca9a8d2db8c6095f82ac3f5
92fbdc7996a6d9d64e1b84878ae3f5aa22fd38de3614c6d9c42f3a7047b464cf
94606ddffa35b68c215a48d35c6f855ad235934983d77062c6d2cdfc0592df12
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
99304fe839d400cf61e4d9ebfa9c1af0bbcf225a45d48ee4c0fd62e9442d6230
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a864fae4acda991c0772fc5bc87bcf10f61bd3903a45283ea0a51287b5813fd
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b6a7ca7428363767b92f9cf0ebc6dc31c5228022e2d2cb5016c0d9493021d1c
9c27626364eeaffb44ad2decb980dace7bedb3c8ea1575f81927fc9409cb5b49
9c51b3bb0c5188de2571ed94d9432b85693241de3e05e5e82247dd8a45d4d03f
9e42b4f70aaa7375901f0808578bc14ce10189be7383d4cbb6ba3bd5e92d5e2e
9f28e5725ed7895acff5737741fb4a98501f6189a5ee2adf4cb6cb0e555fb5f8
a09b079f1734cc7dd62f8d037c600dffb6ee43176186d8a1480d2ea0c65d0f33
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a11c9ad208f3730d8e94ac082c08e4741650425e7273f450c45055f84a39e12b
a18ffbf77cf4d3bc8539b189e1aea2530e9a698a37b4de6089e6d6224c2ca830
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e
a2b996fdc66d9abf1696965fbb8afdcb5b7b9aea5219da13e11d11512f3a101c
a2eacbd0a55e794d92e79a03b68c07f613a0ab710ffaffe5f1d12d67aac843a1
a44f5d561cd3e602e092304c1356809a206492fa189be1c11d923e8e768b06b5
a4892c9c2afde9a0b57ecab9049dd4c625fc9bb7051941dd222eb8ba97b09b3f
a61d8ed19b5bba32c11ba948036fe83489cc0a85662a9031e9db1707518ccd61
a639d642577d83b578d46429d9d66c0b6d4d577ed25b75a2fd8699af9d0ca67b
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
a77c26c4f8ea30390eca297f72d5fbd7853e3b2464c7a5fc8d461af330bd15ae
a79afc8be38c66a19e0dcfce66ec28d53571f8aec65320785f790910cd068141
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
aec10ac8a752c26226659e6945ce83abf31ab91b223f7ae82d813bac6820c559
af7dad7da0187a329e1a4f0e68c6262ffbec1f3269121adc006ec3205fbefa4c
b04dfae5d49297b8b6a514bd8bf1c7bea7ebe622232401a5abed5a92809a2b66
b0a81fc3c7876af5e63034ac6a72ed9a91285289306fc24bc82e434aa53cb1ed
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1b0a19f09c2c743c8eeb54a2d035612247696c5252a09204dec84b6f2535861
b2d20ef01157e938babf09976dc9371124204b5e7ffa9d9d9898cd99cdca0c5a
b671e2140966063715d21667867d60de45adc723cd1b31e0d2f7466105a90247
b7d818c698d26d9d34c00c94853c93b34abb2fd53e97c415fafb9e84df993f31
b87f3aad27cbbca4f420872f410bde6254aa7235d6db390730f1d9f46511dd97
bab745658ba458848b2d2df5e0557b98b70867124fd5a059fd25f9801e01a87c
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bc1af57161c4472d8685665535dd20c2bf6456bd17264e782582da673abd666e
bce4b47b8fc12de49fac0a00e9039e38aa568aba0ee9154b93d20465f0289cfa
bea63616949c80ff0dfdbb1e8547f1585882fc691483317b06441688e3e5f14a
bfcff0afb703192ec86eb0a3f6f7dd786381997a5af6a9731dd97df6137dcd79
c08e9772f1fc4ed539963a9d96b5aeb963486c72535257c5035646d461663a20
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
ca9570223f515e4fe0512cf1a9114c204b8d555cc17704d1c6b5b22fb59dd102
cad345c15d9e6ff758b91b4fb6ac61e2f7f5cd80462219dc77ed5df51a742f88
ccd7b25b5061d883c7bf728947fb876d6225f3d8cd4b23dd7a0fb575b6f08b3f
cecd140859fded0e3056368fb89485ec9b8a63ea24c6a8dfb3d18f6a5f407772
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d037de0cc751ff094727a51e633c4b6be6021fa02ff4cf48d677158cbfcb05db
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d23d438ca954c26fbff379654b9f2c749f03f970d70fd7f57d3b5a825a68d8ec
d33dd352a622c15dc19cb9ba8202dccdeaaa64859acdb38eafb01eca72fac0c0
d3460d76a3013a4bb9c689877b41f3eadbf5e780ed9230fb8f8bbd16fcc59842
d52df9fabaed1fef20e9bcacbdafdaa0d0f6d07ef28c580fe47c0f14a0053ad3
d86e2b7519aa62cce700c8766e13cef1088fe8a4159abcb83cadee86699e94b3
db4ea43b983441b1815a54eb8600018aeba63f1fbd579ed6aa5745c0069eeb9d
db60bd4316f03fa5ff95c6b9ac540005378b4b4909770de9deb5052a677fa201
dcd7def1ceb013e45752ad9ccda3ef2e8dd5d41351d61a5d262fb431b9d9a677
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dd50ba290f74d344ad0d04ade63c55b02360bf4db99c0a2749f34deb0c8dcec9
dea5d8ba9e54379b26e109f61ceba20a0781d4f80eed75fce6ad0993d4784195
df0ee37b33dc0fd12e59141d6dfe26084afa9f17cc505cfea3c95bf7adec7959
df544db2e8b010512a5ec168d3a9b91355c7197d04a1b29325510e29405e6e0f
dfa729d82a3effadab1000181cb99108f232721e3b0af74cfae4c12704b35a32
dfb08c1bf8540e8c6421be9f272690207e8e2642d8e1e3ff9a6e47b09cbecbda
e0d64417e99288a467e80a25705af879a88834f01e98bd76406d18a135177158
e13459782d7fc46c73821602bedc17cc2b3a2dc5ec07e91e30ed715193698a94
e18ced8c602ad6449e62c9022238946d78d0c8a351190504d119ad353e997d1b
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
e322a310282fee935d81b3f9df332584ba783561d4247426d50f8d4adc553304
e329117bbdc12ee0649ed6654138a9ba8e600eaddf9138752631a50d236d135a
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e52ad60cf8269c44381d5e0833e69b9b8f3b9f9346b7066b1dc5a52b390feedc
e70cf57c3f90fb7881336a15e6e24bbb547cc47f0c249c3490c563238c786cbd
e806ca5d062ac425b2f5459eb2ae5f00d48bacfb1ba73cd7e1e1d5d686eb807e
e95e83b5511380e64e27dc441f07683384d215e8b071ce5060e40749cf2d958a
eb2697b60c526a1d4980e0874700e7c2b4f43bb9292770f71bb4bb972506e415
eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
eb7942f135ce5b7b6bcb9becd335aac30ed761972e48d73197a287ae13b7565b
ed6170507dca7ce7eea9bf30296fd64c77618ef6e3dec59bd810437caff9362c
edc30a0e05622f71d52d07a0b7b5e94e654ee06854f893be1954336730eb0db6
ee10001dcbae3bc77f254477f183d1c582e1e4b4bb4ba669f1fe329d86a329d2
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef6ca8dad8a63869fec190ce7949b92b367981f281677daf118b588e2313fb93
f058ecc947d0bc01e2855afaff0be17a2e30ae1e067ad3a5389b986a62225e26
f173ffc3d40264f06e43fcda7beece82038701518b76317b5a3e94ccb6f1a19d
f1dac38e5b87f11a63623e57b99f09fde3d7c082a374c5f7a3cf92d9ec84e029
f26606d504135cdfe78224755a10d0e4e5420014779e717d035b50341e66f76d
f2b466fb065859af543e504c1a550f98be2dbb8d2226f4edb2a7ee54428d1523
f3207a651a4545228753e075c04a7de1c31465486fcbefece815b3bb4a07b217
f3260225ba132e9bf8956514e81f6136265ee05250271a027bb2029cbbf4651d
f3a5c0220cd47633052fafc7165b728d2fa3c0afcb4e6c093f60d430a6a9d5cd
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
f68b49b743e29d28f46d9321318cd1fbdc017ddd6a4bdcdac1730ffc20b9f60e
f753787fb0442f9c45d641ee39306397a412a16447961a4137918b85e264d112
f94611f7a8ded4e97166e42539e2559b0ed5b4454f6dc1a0f0ef29410e54c20c
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921
fc80c9d5645e0ef906b6779f9e06c45ede4091c727006669e0cd888eb69410c3
fce0729cefb1d3a0113502c42e8bf3625974f73a3fb61912a668f99fa4f1fbeb
fda31a020b1b8b9eecf3c4bd443210fe5da946d9137d03e242f176ec3da21a30
fe2d5eca696d0eee3aba2ff6a6c41931a3825cac085ed49385ba22d06ed52b2b
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
ff65d80be1d7ee6ad9620de618dc1bd3962d81fa505806c02038dd6acc3641b8
ff70c81520c4bd3cd8abbf416b2443c06c45034d6145bde572c58b5fb334a919
fffa14e9a3c576087a9202af54e8f11669f29c37617df0c6f728ca24d95f60bc