urlscan.io logo urlscan.io
SecurityTrails logo

www.bg3.co Open in urlscan Pro
103.231.174.251  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.bg3.co/a/gan-da-jue-zhan-2-0ban-ben-xian-feng-ce-shi-zheng-shi-kai-qi.html
Submission: On November 17 via manual from US — Scanned from CH
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 128 IPs in 17 countries across 120 domains to perform 626 HTTP transactions. The main IP is 103.231.174.251, located in New York, United States and belongs to XLC-AS-AP XLC GLOBAL, HK. The main domain is www.bg3.co.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G4 on May 22nd 2023. Valid for: a year.
This is the only time www.bg3.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 103.231.174.251 9744 (XLC-AS-AP...)
4 2a00:1450:400... 15169 (GOOGLE)
13 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 104.20.219.77 13335 (CLOUDFLAR...)
9 152.199.21.70 15133 (EDGECAST)
40 151.101.129.44 54113 (FASTLY)
1 2 192.96.203.13 30633 (LEASEWEB-...)
3 2606:4700:20:... 13335 (CLOUDFLAR...)
3 2001:4860:480... 15169 (GOOGLE)
2 2a04:4e42:600... 54113 (FASTLY)
4 2a00:1450:400... 15169 (GOOGLE)
1 6 2a02:2638:3::c 44788 (ASN-CRITE...)
23 185.180.223.221 49981 (WORLDSTREAM)
5 2a00:1450:400... 15169 (GOOGLE)
1 3 162.210.196.208 30633 (LEASEWEB-...)
16 185.106.33.48 200478 (TABOOLA-AS)
7 51.89.9.252 16276 (OVH)
5 2a00:1450:400... 15169 (GOOGLE)
1 1 54.38.197.123 16276 (OVH)
6 7 18.185.187.133 16509 (AMAZON-02)
1 2 188.42.34.64 7979 (SERVERS-COM)
2 2600:1f18:24e... 14618 (AMAZON-AES)
8 23.97.225.52 8075 (MICROSOFT...)
45 2a00:1450:400... 15169 (GOOGLE)
3 3 23.56.202.187 16625 (AKAMAI-AS)
8 184.30.22.30 16625 (AKAMAI-AS)
2 2a00:1450:400... 15169 (GOOGLE)
3 5 2620:116:800d... 16509 (AMAZON-02)
1 167.235.184.171 24940 (HETZNER-AS)
1 185.86.139.95 201081 (SMARTADSE...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a02:2638:3::7 44788 (ASN-CRITE...)
4 22 104.18.36.155 13335 (CLOUDFLAR...)
2 69.173.144.137 26667 (RUBICONPR...)
2 2602:803:c003... 26667 (RUBICONPR...)
9 15 185.89.210.82 29990 (ASN-APPNEX)
2 5 145.40.97.67 54825 (PACKET)
2 52.59.116.26 16509 (AMAZON-02)
2 3.121.101.248 16509 (AMAZON-02)
15 104.22.68.131 13335 (CLOUDFLAR...)
2 95.101.149.35 16625 (AKAMAI-AS)
4 35.186.253.211 15169 (GOOGLE)
1 3 52.19.228.53 16509 (AMAZON-02)
18 52.31.140.196 16509 (AMAZON-02)
2 34.120.63.153 396982 (GOOGLE-CL...)
25 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:223... 16509 (AMAZON-02)
12 2a00:1450:400... 15169 (GOOGLE)
6 9 69.173.144.165 26667 (RUBICONPR...)
1 222.230.178.132 2519 (VECTANT A...)
4 2a00:1450:400... 15169 (GOOGLE)
4 175.110.113.214 49981 (WORLDSTREAM)
6 141.226.228.48 200478 (TABOOLA-AS)
14 52.223.40.198 16509 (AMAZON-02)
3 7 2a05:d018:d29... 16509 (AMAZON-02)
11 14 69.173.144.139 26667 (RUBICONPR...)
2 2a00:1450:400... 15169 (GOOGLE)
5 7 3.75.62.37 16509 (AMAZON-02)
1 2620:1ec:21::14 8068 (MICROSOFT...)
2 6 52.46.143.56 16509 (AMAZON-02)
14 43 216.58.206.34 15169 (GOOGLE)
2 5 52.95.126.160 16509 (AMAZON-02)
7 7 52.18.217.211 16509 (AMAZON-02)
1 2 104.18.41.104 13335 (CLOUDFLAR...)
1 2600:9000:225... 16509 (AMAZON-02)
3 52.59.59.191 16509 (AMAZON-02)
1 2 34.111.113.62 396982 (GOOGLE-CL...)
1 2.21.20.146 20940 (AKAMAI-ASN1)
6 2a00:1450:400... 15169 (GOOGLE)
9 2800:3f0:4001... 15169 (GOOGLE)
1 185.84.60.23 198622 (ADFORM)
10 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 142.250.185.198 15169 (GOOGLE)
1 133.186.12.11 10010 (TOKAI TOK...)
2 2a02:26f0:480... 20940 (AKAMAI-ASN1)
1 94.130.102.164 24940 (HETZNER-AS)
6 11 35.244.159.8 15169 (GOOGLE)
4 4 3.69.152.80 16509 (AMAZON-02)
5 6 35.204.74.118 396982 (GOOGLE-CL...)
3 3 154.59.122.79 174 (COGENT-174)
10 12 37.157.5.132 198622 (ADFORM)
8 8 50.31.142.191 23352 (SERVERCEN...)
11 17 185.86.139.94 201081 (SMARTADSE...)
1 5 138.201.84.244 24940 (HETZNER-AS)
1 2600:1901:0:e... 15169 (GOOGLE)
2 172.217.18.2 15169 (GOOGLE)
1 145.239.2.103 16276 (OVH)
2 2a02:2638:3::3 44788 (ASN-CRITE...)
10 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
7 7 46.228.174.117 56396 (AMOBEE)
2 2 2001:678:cb4:... 56396 (AMOBEE)
2 2 85.114.159.93 24961 (MYLOC-AS ...)
1 141.95.33.120 16276 (OVH)
1 2a00:1450:400... 15169 (GOOGLE)
1 108.156.39.59 16509 (AMAZON-02)
1 184.30.20.22 16625 (AKAMAI-AS)
2 104.18.38.76 13335 (CLOUDFLAR...)
2 3 76.223.111.18 16509 (AMAZON-02)
1 151.101.129.108 54113 (FASTLY)
1 54.74.229.145 16509 (AMAZON-02)
4 2.19.244.232 16625 (AKAMAI-AS)
6 2600:9000:244... 16509 (AMAZON-02)
1 77.245.57.72 36057 (WEBAIR-IN...)
13 3.221.116.77 14618 (AMAZON-AES)
2 2 216.52.2.91 30282 (AS-INAPCD...)
3 216.52.2.48 30282 (AS-INAPCD...)
2 2 193.0.160.131 54312 (ROCKETFUEL)
1 1 69.166.1.66 27630 (AS-XFERNET)
1 1 23.212.88.20 16625 (AKAMAI-AS)
6 6 54.81.236.103 14618 (AMAZON-AES)
3 3 178.250.1.9 44788 (ASN-CRITE...)
2 2600:1f18:ed:... 14618 (AMAZON-AES)
2 2 35.214.230.141 15169 (GOOGLE)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 141.95.32.69 16276 (OVH)
6 8 34.246.239.231 16509 (AMAZON-02)
4 4 185.184.8.90 204995 (RTB-HOUSE...)
4 4 2a02:fa8:8806... 41041 (VCLK-EU-SE)
1 1 34.96.71.22 396982 (GOOGLE-CL...)
4 185.64.190.78 62713 (AS-PUBMATIC)
14 34.247.233.198 16509 (AMAZON-02)
1 1 51.255.68.171 16276 (OVH)
2 2 54.165.115.205 14618 (AMAZON-AES)
1 1 54.146.239.191 14618 (AMAZON-AES)
1 169.197.150.7 398989 (DEEPINTENT)
2 2 208.93.169.131 46244 (WEBMD-IDC...)
1 54.76.65.157 16509 (AMAZON-02)
1 1 124.146.153.162 2514 (INFOSPHER...)
1 1 8.43.72.98 26667 (RUBICONPR...)
15 23 198.47.127.18 3257 (GTT-BACKB...)
2 34.102.253.54 396982 (GOOGLE-CL...)
2 2 3.251.41.54 16509 (AMAZON-02)
1 1 2607:ae80:192... 26558 (FREEWHEEL)
1 52.210.50.120 16509 (AMAZON-02)
1 185.29.134.248 30419 (MEDIAMATH...)
12 13 198.47.127.205 3257 (GTT-BACKB...)
8 10 185.64.191.210 62713 (AS-PUBMATIC)
2 2 35.158.43.241 16509 (AMAZON-02)
1 1 82.145.213.8 39832 (NO-OPERA)
1 2 151.101.66.49 54113 (FASTLY)
1 72.251.245.179 32475 (SINGLEHOP...)
1 35.186.193.173 15169 (GOOGLE)
2 2 213.155.156.181 1299 (TWELVE99 ...)
1 195.5.165.20 44968 (IPROM-AS)
4 5 52.215.24.0 16509 (AMAZON-02)
1 2 34.111.129.221 396982 (GOOGLE-CL...)
4 198.47.127.20 3257 (GTT-BACKB...)
2 2 98.98.134.243 21859 (ZEN-ECN)
1 1 188.166.17.21 14061 (DIGITALOC...)
1 1 37.157.5.133 198622 (ADFORM)
2 4 2606:4700::68... 13335 (CLOUDFLAR...)
2 2 141.95.171.141 16276 (OVH)
4 4 141.94.171.216 16276 (OVH)
2 162.55.120.196 24940 (HETZNER-AS)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
2 4 77.243.51.121 42697 (NETIC-AS)
4 4 141.94.171.212 16276 (OVH)
1 2.23.197.190 16625 (AKAMAI-AS)
626 128
1    103.231.174.251 (New York, United States)

ASN9744 (XLC-AS-AP XLC GLOBAL, HK)
www.bg3.co
4    2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
13    2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
2    2a00:1450:4001:80e::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    104.20.219.77 (None, )

ASN13335 (CLOUDFLARENET, US)
www.statcounter.com
c.statcounter.com
9    152.199.21.70 (United States)

ASN15133 (EDGECAST, US)
delivery.adrecover.com
cdn.adpushup.com
40    151.101.129.44 (United States)

ASN54113 (FASTLY, US)
cdn.taboola.com
trc.taboola.com
15.taboola.com
images.taboola.com
vidstat.taboola.com
imprammp.taboola.com
wf.taboola.com
vidstatb.taboola.com
2    192.96.203.13 (Manassas, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
ads.aralego.com
3    2606:4700:20::681a:467 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.aralego.net
3    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
2    2a04:4e42:600::649 (United States)

ASN54113 (FASTLY, US)
code.jquery.com
4    2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
e69be1acc319b7940667230e1b27285a.safeframe.googlesyndication.com
f28f00025ef74e8a36f5965b6cd3361f.safeframe.googlesyndication.com
6    2a02:2638:3::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
mug.criteo.com
23    185.180.223.221 (Naaldwijk, Netherlands)

ASN49981 (WORLDSTREAM, NL)
PTR: 185-180-223-221.hosted-by-worldstream.net
ad.vidverto.io
5    2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
3    162.210.196.208 (Lanham, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
sync.aralego.com
16    185.106.33.48 (Israel)

ASN200478 (TABOOLA-AS, IL)
il-trc-events.taboola.com
7    51.89.9.252 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip252.ip-51-89-9.eu
onetag-sys.com
5    2a00:1450:4001:801::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
1    54.38.197.123 (France)

ASN16276 (OVH, FR)
PTR: app-ngx-pl-01.adpartner.pro
a4p.adpartner.pro
7    18.185.187.133 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-185-187-133.eu-central-1.compute.amazonaws.com
x.bidswitch.net
2    188.42.34.64 (Luxembourg)

ASN7979 (SERVERS-COM, US)
ads.betweendigital.com
2    2600:1f18:24e6:b901:c5b4:8cba:7a26:df2a (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
http-intake.logs.datadoghq.com
8    23.97.225.52 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
e3.adpushup.com
45    2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
3    23.56.202.187 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-56-202-187.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
8    184.30.22.30 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-22-30.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
2    2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
5    2620:116:800d:21:7eb1:3826:be7e:d981 (United States)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
pixel.quantserve.com
cms.quantserve.com
1    167.235.184.171 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.171.184.235.167.clients.your-server.de
inv-nets.admixer.net
1    185.86.139.95 (France)

ASN201081 (SMARTADSERVER, FR)
prg.smartadserver.com
1    2606:4700::6810:5614 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
2    2a02:2638:3::7 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
bidder.criteo.com
22    104.18.36.155 (None, )

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
dsum-sec.casalemedia.com
ssum-sec.casalemedia.com
dsum.casalemedia.com
2    69.173.144.137 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
prebid-server.rubiconproject.com
2    2602:803:c003:200::45 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
15    185.89.210.82 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com
secure.adnxs.com
5    145.40.97.67 (Amsterdam, Netherlands)

ASN54825 (PACKET, US)
prebid.a-mo.net
2    52.59.116.26 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-59-116-26.eu-central-1.compute.amazonaws.com
tlx.3lift.com
2    3.121.101.248 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-121-101-248.eu-central-1.compute.amazonaws.com
grid.bidswitch.net
15    104.22.68.131 (None, )

ASN13335 (CLOUDFLARENET, US)
prebid.smilewanted.com
csync.smilewanted.com
static.smilewanted.com
2    95.101.149.35 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-149-35.deploy.static.akamaitechnologies.com
a.teads.tv
4    35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com
rtb.openx.net
3    52.19.228.53 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-19-228-53.eu-west-1.compute.amazonaws.com
hb-api.omnitagjs.com
visitor.omnitagjs.com
18    52.31.140.196 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-31-140-196.eu-west-1.compute.amazonaws.com
ads.servenobid.com
2    34.120.63.153 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 153.63.120.34.bc.googleusercontent.com
prebid.media.net
25    2a00:1450:4001:800::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2600:9000:223c:9200:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
12    2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
9    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
1    222.230.178.132 (Tokyo, Japan)

ASN2519 (VECTANT ARTERIA Networks Corporation, JP)
js.genieessp.com
4    2a00:1450:4001:831::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
4    175.110.113.214 (Naaldwijk, Netherlands)

ASN49981 (WORLDSTREAM, NL)
PTR: 175-110-113-214.hosted-by-worldstream.net
cdn.vidverto.io
6    141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)
am-match.taboola.com
am-vid-events.taboola.com
sync.taboola.com
am-wf.taboola.com
14    52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
7    2a05:d018:d29:3605:4684:36f0:2036:f07d (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
14    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
2    2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
7    3.75.62.37 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-75-62-37.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
1    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
6    52.46.143.56 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
43    216.58.206.34 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr35s10-in-f2.1e100.net
cm.g.doubleclick.net
5    52.95.126.160 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
7    52.18.217.211 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-18-217-211.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
2    104.18.41.104 (None, )

ASN13335 (CLOUDFLARENET, US)
capi.connatix.com
1    2600:9000:2251:9a00:1a:5235:f980:93a1 (United States)

ASN16509 (AMAZON-02, US)
live.primis.tech
3    52.59.59.191 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-59-59-191.eu-central-1.compute.amazonaws.com
match.sharethrough.com
2    34.111.113.62 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com
pixel.tapad.com
1    2.21.20.146 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-21-20-146.deploy.static.akamaitechnologies.com
hb.yahoo.net
6    2a00:1450:4001:812::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
9    2800:3f0:4001:82a::2003 (São Paulo, Brazil)

ASN15169 (GOOGLE, US)
csi.gstatic.com
1    185.84.60.23 (Denmark)

ASN198622 (ADFORM, DK)
adx3.adform.net
10    2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pubads.g.doubleclick.net
1    2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    142.250.185.198 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f6.1e100.net
ad.doubleclick.net
1    133.186.12.11 (Yokohama, Japan)

ASN10010 (TOKAI TOKAI Communications Corporation, JP)
PTR: p011.net133186012.broadline.ne.jp
ialaddin.genieesspv.jp
2    2a02:26f0:480:25::1726:6212 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
dmp.im-apps.net
1    94.130.102.164 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.164.102.130.94.clients.your-server.de
hal9000.redintelligence.net
11    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
us-u.openx.net
adpushup-d.openx.net
eu-u.openx.net
u.openx.net
4    3.69.152.80 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-69-152-80.eu-central-1.compute.amazonaws.com
pm.w55c.net
6    35.204.74.118 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 118.74.204.35.bc.googleusercontent.com
um.simpli.fi
3    154.59.122.79 (Schiphol, Netherlands)

ASN174 (COGENT-174, US)
ums.acuityplatform.com
12    37.157.5.132 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
dmp.adform.net
8    50.31.142.191 (Hickory Hills, United States)

ASN23352 (SERVERCENTRAL, US)
PTR: chi.outbrain.com
b1sync.zemanta.com
17    185.86.139.94 (France)

ASN201081 (SMARTADSERVER, FR)
ssbsync.smartadserver.com
rtb-csync.smartadserver.com
sync.smartadserver.com
5    138.201.84.244 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.244.84.201.138.clients.your-server.de
hal900026.redintelligence.net
1    2600:1901:0:e207:: (Kansas City, United States)

ASN15169 (GOOGLE, US)
audiencedata.im-apps.net
2    172.217.18.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra02s19-in-f2.1e100.net
googleads4.g.doubleclick.net
1    145.239.2.103 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns3082036.ip-145-239-2.eu
cdn.contentspread.net
2    2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
10    2606:4700::6811:c96e (United States)

ASN13335 (CLOUDFLARENET, US)
c.bannerflow.net
1    2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
yt3.ggpht.com
1    2a00:1450:400a::9 (Zurich, Switzerland)

ASN15169 (GOOGLE, US)
rr4---sn-1gi7znek.googlevideo.com
1    2606:4700::6810:507e (United States)

ASN13335 (CLOUDFLARENET, US)
shared.bannerflow.com
7    46.228.174.117 (United Kingdom)

ASN56396 (AMOBEE, GB)
sync.1rx.io
sync.targeting.unrulymedia.com
2    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
2    85.114.159.93 (Loerrach, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
1    141.95.33.120 (Germany)

ASN16276 (OVH, FR)
PTR: ns3203256.ip-141-95-33.eu
id5-sync.com
1    2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
1    108.156.39.59 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-156-39-59.lhr50.r.cloudfront.net
public.servenobid.com
1    184.30.20.22 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-20-22.deploy.static.akamaitechnologies.com
contextual.media.net
2    104.18.38.76 (None, )

ASN13335 (CLOUDFLARENET, US)
js-sec.indexww.com
cdn.indexww.com
3    76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
1    151.101.129.108 (United States)

ASN54113 (FASTLY, US)
acdn.adnxs.com
1    54.74.229.145 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-74-229-145.eu-west-1.compute.amazonaws.com
g2.gumgum.com
4    2.19.244.232 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-244-232.deploy.static.akamaitechnologies.com
ads.pubmatic.com
6    2600:9000:2449:ba00:1f:4c18:bd40:93a1 (United States)

ASN16509 (AMAZON-02, US)
cs-rtb.minutemedia-prebid.com
1    77.245.57.72 (United States)

ASN36057 (WEBAIR-INTERNET-MTL, US)
sync.adkernel.com
13    3.221.116.77 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-221-116-77.compute-1.amazonaws.com
cs-server-s2s.yellowblue.io
2    216.52.2.91 (United States)

ASN30282 (AS-INAPCDN-OCY, US)
ce.lijit.com
3    216.52.2.48 (United States)

ASN30282 (AS-INAPCDN-OCY, US)
ap.lijit.com
2    193.0.160.131 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
1    69.166.1.66 (United States)

ASN27630 (AS-XFERNET, US)
sync.go.sonobi.com
1    23.212.88.20 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-212-88-20.deploy.static.akamaitechnologies.com
hbx.media.net
6    54.81.236.103 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-81-236-103.compute-1.amazonaws.com
i.liadm.com
3    178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
2    2600:1f18:ed:550e:3d2:ba14:2ca3:82d8 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
i6.liadm.com
2    35.214.230.141 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 141.230.214.35.bc.googleusercontent.com
csync.loopme.me
1    2606:4700:20::ac43:4a81 (United States)

ASN13335 (CLOUDFLARENET, US)
ad4m.at
1    141.95.32.69 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: haproxy-eu-004.roqad.pl
wt.rqtrk.eu
8    34.246.239.231 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-246-239-231.eu-west-1.compute.amazonaws.com
a.audrte.com
4    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
creativecdn.com
4    2a02:fa8:8806:13::1400 (Singapore)

ASN41041 (VCLK-EU-SE, US)
casale-match.dotomi.com
pubmatic-match.dotomi.com
1    34.96.71.22 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.71.96.34.bc.googleusercontent.com
s.company-target.com
4    185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
14    34.247.233.198 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
usersync.gumgum.com
1    51.255.68.171 (France)

ASN16276 (OVH, FR)
PTR: ns3028611.ip-51-255-68.eu
dsp.nrich.ai
2    54.165.115.205 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-165-115-205.compute-1.amazonaws.com
sync.srv.stackadapt.com
1    54.146.239.191 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-146-239-191.compute-1.amazonaws.com
sync.ipredictive.com
1    169.197.150.7 (United States)

ASN398989 (DEEPINTENT, US)
PTR: g.deepintent.com
match.deepintent.com
2    208.93.169.131 (United States)

ASN46244 (WEBMD-IDC1-AS, US)
bh.contextweb.com
1    54.76.65.157 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-65-157.eu-west-1.compute.amazonaws.com
rtb.gumgum.com
1    124.146.153.162 (Japan)

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)
tg.socdm.com
1    8.43.72.98 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel-us-east.rubiconproject.com
23    198.47.127.18 (United States)

ASN3257 (GTT-BACKBONE GTT, US)
image8.pubmatic.com
2    34.102.253.54 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 54.253.102.34.bc.googleusercontent.com
ads.playground.xyz
2    3.251.41.54 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-251-41-54.eu-west-1.compute.amazonaws.com
ice.360yield.com
1    2607:ae80:192:1::172 (United States)

ASN26558 (FREEWHEEL, US)
ads.stickyadstv.com
1    52.210.50.120 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-50-120.eu-west-1.compute.amazonaws.com
cs.yellowblue.io
1    185.29.134.248 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
13    198.47.127.205 (United States)

ASN3257 (GTT-BACKBONE GTT, US)
simage2.pubmatic.com
10    185.64.191.210 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
2    35.158.43.241 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-158-43-241.eu-central-1.compute.amazonaws.com
a.sportradarserving.com
1    82.145.213.8 (Norway)

ASN39832 (NO-OPERA, NO)
PTR: n-sysadmin-jumpbox-03.feednews.opera.technology
t.adx.opera.com
2    151.101.66.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    72.251.245.179 (Amsterdam, Netherlands)

ASN32475 (SINGLEHOP-LLC, US)
cm.adgrx.com
1    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
ipac.ctnsnet.com
2    213.155.156.181 (Sweden)

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
d5p.de17a.com
1    195.5.165.20 (Slovenia)

ASN44968 (IPROM-AS, SI)
core.iprom.net
5    52.215.24.0 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-215-24-0.eu-west-1.compute.amazonaws.com
sync.crwdcntrl.net
2    34.111.129.221 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 221.129.111.34.bc.googleusercontent.com
cr.frontend.weborama.fr
4    198.47.127.20 (United States)

ASN3257 (GTT-BACKBONE GTT, US)
image4.pubmatic.com
simage4.pubmatic.com
2    98.98.134.243 (United States)

ASN21859 (ZEN-ECN, US)
pixel-sync.sitescout.com
1    188.166.17.21 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
match.adsby.bidtheatre.com
1    37.157.5.133 (Denmark)

ASN198622 (ADFORM, DK)
cm.adform.net
4    2606:4700::6812:19ad (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
2    141.95.171.141 (Paris, France)

ASN16276 (OVH, FR)
PTR: bixel-7.cloudy.ovh
green.erne.co
4    141.94.171.216 (France)

ASN16276 (OVH, FR)
PTR: pikafka-eu-10.cloudy.ovh
pixel-eu.onaudience.com
2    162.55.120.196 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.196.120.55.162.clients.your-server.de
matching.truffle.bid
2    2606:4700:10::ac43:db6 (United States)

ASN13335 (CLOUDFLARENET, US)
mwzeom.zeotap.com
4    77.243.51.121 (Denmark)

ASN42697 (NETIC-AS, DK)
uipglob.semasio.net
4    141.94.171.212 (France)

ASN16276 (OVH, FR)
PTR: pikafka-eu-4.cloudy.ovh
pixel.onaudience.com
1    2.23.197.190 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-23-197-190.deploy.static.akamaitechnologies.com
stags.bluekai.com
Apex Domain
Subdomains		 Transfer
81 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196
googleads.g.doubleclick.net — Cisco Umbrella Rank: 33
cm.g.doubleclick.net — Cisco Umbrella Rank: 245
pubads.g.doubleclick.net — Cisco Umbrella Rank: 401
ad.doubleclick.net — Cisco Umbrella Rank: 154
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 439
522 KB
74 googlesyndication.com
e69be1acc319b7940667230e1b27285a.safeframe.googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 97
tpc.googlesyndication.com — Cisco Umbrella Rank: 149
f28f00025ef74e8a36f5965b6cd3361f.safeframe.googlesyndication.com
681 KB
62 taboola.com
cdn.taboola.com — Cisco Umbrella Rank: 1136
trc.taboola.com — Cisco Umbrella Rank: 705
15.taboola.com — Cisco Umbrella Rank: 6402
il-trc-events.taboola.com — Cisco Umbrella Rank: 20251
images.taboola.com — Cisco Umbrella Rank: 1923
vidstat.taboola.com — Cisco Umbrella Rank: 3029
imprammp.taboola.com — Cisco Umbrella Rank: 15442
am-match.taboola.com — Cisco Umbrella Rank: 15833
wf.taboola.com — Cisco Umbrella Rank: 3148
am-vid-events.taboola.com — Cisco Umbrella Rank: 15082
vidstatb.taboola.com — Cisco Umbrella Rank: 5039
sync.taboola.com — Cisco Umbrella Rank: 1322
am-wf.taboola.com — Cisco Umbrella Rank: 17326
960 KB
58 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 534
image6.pubmatic.com — Cisco Umbrella Rank: 823
image8.pubmatic.com — Cisco Umbrella Rank: 662
simage2.pubmatic.com — Cisco Umbrella Rank: 843
image2.pubmatic.com — Cisco Umbrella Rank: 924
image4.pubmatic.com — Cisco Umbrella Rank: 1184
simage4.pubmatic.com — Cisco Umbrella Rank: 1289
55 KB
39 rubiconproject.com
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 969
eus.rubiconproject.com — Cisco Umbrella Rank: 602
prebid-server.rubiconproject.com — Cisco Umbrella Rank: 776
fastlane.rubiconproject.com — Cisco Umbrella Rank: 513
token.rubiconproject.com — Cisco Umbrella Rank: 458
pixel.rubiconproject.com — Cisco Umbrella Rank: 376
pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 1156
74 KB
27 vidverto.io
ad.vidverto.io — Cisco Umbrella Rank: 30159
cdn.vidverto.io — Cisco Umbrella Rank: 40183
512 KB
22 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 511
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 625
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 486
dsum.casalemedia.com — Cisco Umbrella Rank: 1396
15 KB
19 servenobid.com
ads.servenobid.com — Cisco Umbrella Rank: 2437
public.servenobid.com — Cisco Umbrella Rank: 5174
11 KB
18 smartadserver.com
prg.smartadserver.com — Cisco Umbrella Rank: 1611
ssbsync.smartadserver.com — Cisco Umbrella Rank: 774
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 733
sync.smartadserver.com — Cisco Umbrella Rank: 1330
8 KB
16 gumgum.com
g2.gumgum.com — Cisco Umbrella Rank: 1591
usersync.gumgum.com — Cisco Umbrella Rank: 2098
rtb.gumgum.com — Cisco Umbrella Rank: 1589
5 KB
16 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 246
secure.adnxs.com — Cisco Umbrella Rank: 495
acdn.adnxs.com — Cisco Umbrella Rank: 609
28 KB
15 openx.net
rtb.openx.net — Cisco Umbrella Rank: 695
us-u.openx.net — Cisco Umbrella Rank: 522
adpushup-d.openx.net — Cisco Umbrella Rank: 26550
eu-u.openx.net — Cisco Umbrella Rank: 2753
u.openx.net — Cisco Umbrella Rank: 659
3 KB
15 smilewanted.com
prebid.smilewanted.com — Cisco Umbrella Rank: 5524
csync.smilewanted.com — Cisco Umbrella Rank: 2822
static.smilewanted.com — Cisco Umbrella Rank: 9244
19 KB
15 adpushup.com
cdn.adpushup.com — Cisco Umbrella Rank: 16569
e3.adpushup.com — Cisco Umbrella Rank: 19508
506 KB
14 yellowblue.io
cs-server-s2s.yellowblue.io — Cisco Umbrella Rank: 2460
cs.yellowblue.io — Cisco Umbrella Rank: 1590
5 KB
14 adform.net
adx3.adform.net — Cisco Umbrella Rank: 59130
c1.adform.net — Cisco Umbrella Rank: 599
dmp.adform.net — Cisco Umbrella Rank: 3509
cm.adform.net — Cisco Umbrella Rank: 1267
9 KB
14 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 492
ups.analytics.yahoo.com — Cisco Umbrella Rank: 327
6 KB
14 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 353
2 KB
12 gstatic.com
fonts.gstatic.com
csi.gstatic.com
www.gstatic.com
54 KB
11 amazon-adsystem.com
s.amazon-adsystem.com — Cisco Umbrella Rank: 310
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 890
8 KB
11 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 454
bidder.criteo.com — Cisco Umbrella Rank: 757
mug.criteo.com — Cisco Umbrella Rank: 2926
dis.criteo.com — Cisco Umbrella Rank: 597
9 KB
10 bannerflow.net
c.bannerflow.net — Cisco Umbrella Rank: 8923
128 KB
9 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 351
grid.bidswitch.net — Cisco Umbrella Rank: 1165
3 KB
8 onaudience.com
pixel-eu.onaudience.com — Cisco Umbrella Rank: 19303
pixel.onaudience.com — Cisco Umbrella Rank: 3239
4 KB
8 audrte.com
a.audrte.com — Cisco Umbrella Rank: 2810
5 KB
8 liadm.com
i.liadm.com — Cisco Umbrella Rank: 539
i6.liadm.com — Cisco Umbrella Rank: 2731
5 KB
8 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 580
4 KB
7 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 573
4 KB
7 googleapis.com
imasdk.googleapis.com — Cisco Umbrella Rank: 447
fonts.googleapis.com — Cisco Umbrella Rank: 31
852 KB
7 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 746
5 KB
6 minutemedia-prebid.com
cs-rtb.minutemedia-prebid.com — Cisco Umbrella Rank: 5267
4 KB
6 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 567
3 KB
6 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 795
3 KB
6 redintelligence.net
hal9000.redintelligence.net — Cisco Umbrella Rank: 38186
hal900026.redintelligence.net — Cisco Umbrella Rank: 209913
10 KB
6 google.com
www.google.com — Cisco Umbrella Rank: 2
2 KB
5 crwdcntrl.net
sync.crwdcntrl.net — Cisco Umbrella Rank: 865
2 KB
5 lijit.com
ce.lijit.com — Cisco Umbrella Rank: 882
ap.lijit.com — Cisco Umbrella Rank: 683
2 KB
5 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 572
eb2.3lift.com — Cisco Umbrella Rank: 417
2 KB
5 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 751
588 B
5 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 1245
pixel.quantserve.com — Cisco Umbrella Rank: 964
cms.quantserve.com — Cisco Umbrella Rank: 764
11 KB
5 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 212
319 KB
5 aralego.com
ads.aralego.com — Cisco Umbrella Rank: 30610
sync.aralego.com — Cisco Umbrella Rank: 3112
2 KB
4 semasio.net
uipglob.semasio.net — Cisco Umbrella Rank: 1222
2 KB
4 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 860
s.tribalfusion.com — Cisco Umbrella Rank: 2311
2 KB
4 dotomi.com
casale-match.dotomi.com — Cisco Umbrella Rank: 3027
pubmatic-match.dotomi.com — Cisco Umbrella Rank: 3483
1 KB
4 creativecdn.com
creativecdn.com — Cisco Umbrella Rank: 592
2 KB
4 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 912
4 KB
4 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 300
69 KB
4 media.net
prebid.media.net — Cisco Umbrella Rank: 1335
contextual.media.net — Cisco Umbrella Rank: 691
hbx.media.net — Cisco Umbrella Rank: 1337
12 KB
4 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 406
89 KB
3 acuityplatform.com
ums.acuityplatform.com — Cisco Umbrella Rank: 1309
2 KB
3 im-apps.net
dmp.im-apps.net — Cisco Umbrella Rank: 26793
audiencedata.im-apps.net — Cisco Umbrella Rank: 30155
3 KB
3 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 559
103 B
3 omnitagjs.com
hb-api.omnitagjs.com — Cisco Umbrella Rank: 3481
visitor.omnitagjs.com — Cisco Umbrella Rank: 799
1 KB
3 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2462
322 B
3 aralego.net
cdn.aralego.net — Cisco Umbrella Rank: 15951
41 KB
2 zeotap.com
mwzeom.zeotap.com — Cisco Umbrella Rank: 3222
671 B
2 truffle.bid
matching.truffle.bid — Cisco Umbrella Rank: 6588
2 erne.co
green.erne.co — Cisco Umbrella Rank: 31191
824 B
2 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 726
938 B
2 weborama.fr
cr.frontend.weborama.fr — Cisco Umbrella Rank: 24983
497 B
2 de17a.com
d5p.de17a.com — Cisco Umbrella Rank: 4905
562 B
2 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 709
772 B
2 sportradarserving.com
a.sportradarserving.com — Cisco Umbrella Rank: 2529
1 KB
2 360yield.com
ice.360yield.com — Cisco Umbrella Rank: 2116
668 B
2 playground.xyz
ads.playground.xyz — Cisco Umbrella Rank: 4089
375 B
2 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 547
2 KB
2 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 689
3 KB
2 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 940
508 B
2 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 868
2 KB
2 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 674
cdn.indexww.com — Cisco Umbrella Rank: 1531
2 KB
2 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1533
1011 B
2 turn.com
ad.turn.com — Cisco Umbrella Rank: 851
952 B
2 criteo.net
static.criteo.net — Cisco Umbrella Rank: 668
60 KB
2 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 487
1 KB
2 connatix.com
capi.connatix.com — Cisco Umbrella Rank: 1113
522 B
2 teads.tv
a.teads.tv — Cisco Umbrella Rank: 1462
1 KB
2 datadoghq.com
http-intake.logs.datadoghq.com — Cisco Umbrella Rank: 8487
505 B
2 betweendigital.com
ads.betweendigital.com — Cisco Umbrella Rank: 1638
1 KB
2 jquery.com
code.jquery.com — Cisco Umbrella Rank: 762
60 KB
2 adrecover.com
delivery.adrecover.com — Cisco Umbrella Rank: 27295
12 KB
2 statcounter.com
www.statcounter.com — Cisco Umbrella Rank: 15116
c.statcounter.com — Cisco Umbrella Rank: 9937
15 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 35
180 KB
1 bluekai.com
stags.bluekai.com — Cisco Umbrella Rank: 921
218 B
1 bidtheatre.com
match.adsby.bidtheatre.com — Cisco Umbrella Rank: 2242
555 B
1 iprom.net
core.iprom.net — Cisco Umbrella Rank: 6074
276 B
1 ctnsnet.com
ipac.ctnsnet.com — Cisco Umbrella Rank: 5723
360 B
1 adgrx.com
cm.adgrx.com — Cisco Umbrella Rank: 1392
283 B
1 opera.com
t.adx.opera.com — Cisco Umbrella Rank: 1397
552 B
1 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 1372
443 B
1 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 566
512 B
1 socdm.com
tg.socdm.com — Cisco Umbrella Rank: 1208
832 B
1 deepintent.com
match.deepintent.com — Cisco Umbrella Rank: 1055
44 B
1 ipredictive.com
sync.ipredictive.com — Cisco Umbrella Rank: 909
465 B
1 nrich.ai
dsp.nrich.ai — Cisco Umbrella Rank: 3111
582 B
1 company-target.com
s.company-target.com — Cisco Umbrella Rank: 1489
424 B
1 rqtrk.eu
wt.rqtrk.eu — Cisco Umbrella Rank: 1674
350 B
1 ad4m.at
ad4m.at — Cisco Umbrella Rank: 12394
1 sonobi.com
sync.go.sonobi.com — Cisco Umbrella Rank: 931
625 B
1 adkernel.com
sync.adkernel.com — Cisco Umbrella Rank: 1545
160 B
1 youtube.com
www.youtube.com — Cisco Umbrella Rank: 68
1 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 440
921 B
1 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1268
492 B
1 bannerflow.com
shared.bannerflow.com — Cisco Umbrella Rank: 481089
63 KB
1 googlevideo.com
rr4---sn-1gi7znek.googlevideo.com — Cisco Umbrella Rank: 246743
1 ggpht.com
yt3.ggpht.com — Cisco Umbrella Rank: 219
2 KB
1 contentspread.net
cdn.contentspread.net — Cisco Umbrella Rank: 88526
12 KB
1 genieesspv.jp
ialaddin.genieesspv.jp — Cisco Umbrella Rank: 40856
643 B
1 yahoo.net
hb.yahoo.net — Cisco Umbrella Rank: 938
315 B
1 primis.tech
live.primis.tech — Cisco Umbrella Rank: 1458
525 B
1 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 377
645 B
1 genieessp.com
js.genieessp.com — Cisco Umbrella Rank: 42330
4 KB
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 1212
643 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 335
2 KB
1 admixer.net
inv-nets.admixer.net — Cisco Umbrella Rank: 2430
262 B
1 adpartner.pro
a4p.adpartner.pro — Cisco Umbrella Rank: 10367
259 B
1 bg3.co
www.bg3.co
static.bg3.co Failed
18 KB
0 gammaplatform.com Failed
cm-supply-web.gammaplatform.com Failed
0 mrtnsvr.com Failed
ad.mrtnsvr.com Failed
0 shb-sync.com Failed
us.shb-sync.com Failed
626 120
Domain Requested by
45 pagead2.googlesyndication.com ads.aralego.com
pagead2.googlesyndication.com
imasdk.googleapis.com
securepubads.g.doubleclick.net
e69be1acc319b7940667230e1b27285a.safeframe.googlesyndication.com
www.bg3.co
googleads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
43 cm.g.doubleclick.net 14 redirects www.bg3.co
googleads.g.doubleclick.net
e69be1acc319b7940667230e1b27285a.safeframe.googlesyndication.com
adpushup-d.openx.net
g2.gumgum.com
25 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
e69be1acc319b7940667230e1b27285a.safeframe.googlesyndication.com
googleads.g.doubleclick.net
www.bg3.co
pagead2.googlesyndication.com
imasdk.googleapis.com
23 image8.pubmatic.com 15 redirects ads.pubmatic.com
23 ad.vidverto.io www.bg3.co
ad.vidverto.io
imasdk.googleapis.com
18 ads.servenobid.com cdn.adpushup.com
public.servenobid.com
ssbsync.smartadserver.com
ssum-sec.casalemedia.com
g2.gumgum.com
cs-rtb.minutemedia-prebid.com
cs-server-s2s.yellowblue.io
ads.pubmatic.com
16 il-trc-events.taboola.com www.bg3.co
14 usersync.gumgum.com g2.gumgum.com
ads.pubmatic.com
14 pixel.rubiconproject.com 11 redirects www.bg3.co
14 match.adsrvr.org imprammp.taboola.com
www.bg3.co
am-match.taboola.com
cdn.adpushup.com
adpushup-d.openx.net
public.servenobid.com
ssum-sec.casalemedia.com
g2.gumgum.com
ads.pubmatic.com
14 images.taboola.com www.bg3.co
13 simage2.pubmatic.com 12 redirects ads.pubmatic.com
13 cs-server-s2s.yellowblue.io public.servenobid.com
ads.pubmatic.com
13 cdn.taboola.com www.bg3.co
cdn.taboola.com
13 securepubads.g.doubleclick.net www.bg3.co
securepubads.g.doubleclick.net
www.googletagservices.com
cdn.aralego.net
imasdk.googleapis.com
12 csync.smilewanted.com cdn.adpushup.com
csync.smilewanted.com
ads.pubmatic.com
12 dsum-sec.casalemedia.com 3 redirects googleads.g.doubleclick.net
ssum-sec.casalemedia.com
12 googleads.g.doubleclick.net pagead2.googlesyndication.com
e69be1acc319b7940667230e1b27285a.safeframe.googlesyndication.com
www.bg3.co
11 ib.adnxs.com 5 redirects cdn.adpushup.com
www.bg3.co
googleads.g.doubleclick.net
acdn.adnxs.com
10 image2.pubmatic.com 8 redirects ads.pubmatic.com
10 rtb-csync.smartadserver.com 5 redirects ssbsync.smartadserver.com
10 c.bannerflow.net s0.2mdn.net
c.bannerflow.net
10 c1.adform.net 8 redirects ads.pubmatic.com
10 pubads.g.doubleclick.net imasdk.googleapis.com
www.bg3.co
9 csi.gstatic.com imasdk.googleapis.com
9 token.rubiconproject.com 6 redirects eus.rubiconproject.com
8 a.audrte.com 6 redirects ssbsync.smartadserver.com
ads.pubmatic.com
8 b1sync.zemanta.com 8 redirects
8 eus.rubiconproject.com ads.aralego.com
eus.rubiconproject.com
cdn.adpushup.com
public.servenobid.com
g2.gumgum.com
8 e3.adpushup.com www.bg3.co
7 us-u.openx.net 4 redirects googleads.g.doubleclick.net
adpushup-d.openx.net
7 match.prod.bidr.io 7 redirects
7 ups.analytics.yahoo.com 5 redirects am-match.taboola.com
7 pr-bh.ybp.yahoo.com 3 redirects imprammp.taboola.com
am-match.taboola.com
ssum-sec.casalemedia.com
ads.pubmatic.com
7 x.bidswitch.net 6 redirects imprammp.taboola.com
7 onetag-sys.com ad.vidverto.io
cdn.adpushup.com
public.servenobid.com
7 cdn.adpushup.com www.bg3.co
cdn.adpushup.com
6 i.liadm.com 6 redirects
6 cs-rtb.minutemedia-prebid.com public.servenobid.com
cs-rtb.minutemedia-prebid.com
6 sync.1rx.io 6 redirects
6 ssbsync.smartadserver.com 5 redirects public.servenobid.com
6 um.simpli.fi 5 redirects ads.pubmatic.com
6 www.google.com tpc.googlesyndication.com
e69be1acc319b7940667230e1b27285a.safeframe.googlesyndication.com
googleads.g.doubleclick.net
6 s.amazon-adsystem.com 2 redirects www.bg3.co
ssum-sec.casalemedia.com
5 sync.crwdcntrl.net 4 redirects ads.pubmatic.com
5 hal900026.redintelligence.net 1 redirects e69be1acc319b7940667230e1b27285a.safeframe.googlesyndication.com
hal900026.redintelligence.net
5 aax-eu.amazon-adsystem.com 2 redirects www.bg3.co
adpushup-d.openx.net
ads.pubmatic.com
5 prebid.a-mo.net 2 redirects cdn.adpushup.com
5 htlb.casalemedia.com cdn.adpushup.com
5 vidstat.taboola.com cdn.taboola.com
vidstat.taboola.com
5 imasdk.googleapis.com ad.vidverto.io
imasdk.googleapis.com
www.bg3.co
5 www.googletagservices.com securepubads.g.doubleclick.net
www.bg3.co
e69be1acc319b7940667230e1b27285a.safeframe.googlesyndication.com
googleads.g.doubleclick.net
5 gum.criteo.com 1 redirects cdn.taboola.com
static.criteo.net
cdn.adpushup.com
4 pixel.onaudience.com 4 redirects
4 uipglob.semasio.net 2 redirects public.servenobid.com
4 pixel-eu.onaudience.com 4 redirects
4 image6.pubmatic.com ads.pubmatic.com
4 creativecdn.com 4 redirects
4 ads.pubmatic.com public.servenobid.com
g2.gumgum.com
csync.smilewanted.com
ads.pubmatic.com
4 ssum-sec.casalemedia.com 1 redirects js-sec.indexww.com
public.servenobid.com
ssum-sec.casalemedia.com
4 secure.adnxs.com 4 redirects
4 pm.w55c.net 4 redirects
4 cdn.vidverto.io www.bg3.co
4 s0.2mdn.net imasdk.googleapis.com
www.bg3.co
e69be1acc319b7940667230e1b27285a.safeframe.googlesyndication.com
s0.2mdn.net
4 rtb.openx.net cdn.adpushup.com
4 cdn.ampproject.org www.bg3.co
cdn.ampproject.org
3 simage4.pubmatic.com ads.pubmatic.com
3 dis.criteo.com 3 redirects
3 ap.lijit.com public.servenobid.com
cs-rtb.minutemedia-prebid.com
csync.smilewanted.com
3 cms.quantserve.com 3 redirects
3 eb2.3lift.com 2 redirects cdn.adpushup.com
3 ums.acuityplatform.com 3 redirects
3 match.sharethrough.com www.bg3.co
public.servenobid.com
cs-server-s2s.yellowblue.io
3 secure-assets.rubiconproject.com 3 redirects
3 sync.aralego.com 1 redirects ads.aralego.com
www.bg3.co
3 trc.taboola.com cdn.taboola.com
3 e69be1acc319b7940667230e1b27285a.safeframe.googlesyndication.com securepubads.g.doubleclick.net
3 region1.google-analytics.com www.googletagmanager.com
3 cdn.aralego.net www.bg3.co
ads.aralego.com
2 mwzeom.zeotap.com public.servenobid.com
ads.pubmatic.com
2 matching.truffle.bid ads.pubmatic.com
2 green.erne.co 2 redirects
2 s.tribalfusion.com ads.pubmatic.com
2 a.tribalfusion.com 2 redirects
2 am-wf.taboola.com vidstat.taboola.com
2 pubmatic-match.dotomi.com 2 redirects
2 pixel-sync.sitescout.com 2 redirects
2 cr.frontend.weborama.fr 1 redirects ads.pubmatic.com
2 d5p.de17a.com 2 redirects
2 sync-tm.everesttech.net 1 redirects ads.pubmatic.com
2 a.sportradarserving.com 2 redirects
2 ice.360yield.com 2 redirects
2 u.openx.net 2 redirects
2 ads.playground.xyz cs-rtb.minutemedia-prebid.com
cs-server-s2s.yellowblue.io
2 bh.contextweb.com 2 redirects
2 sync.srv.stackadapt.com 2 redirects
2 casale-match.dotomi.com 2 redirects
2 dmp.adform.net 2 redirects
2 csync.loopme.me 2 redirects
2 i6.liadm.com ssum-sec.casalemedia.com
2 p.rfihub.com 2 redirects
2 ce.lijit.com 2 redirects
2 dsp.adfarm1.adition.com 2 redirects
2 ad.turn.com 2 redirects
2 static.criteo.net cdn.adpushup.com
static.criteo.net
2 googleads4.g.doubleclick.net www.bg3.co
2 dmp.im-apps.net js.genieessp.com
dmp.im-apps.net
2 pixel.tapad.com 1 redirects www.bg3.co
2 capi.connatix.com 1 redirects www.bg3.co
2 fonts.gstatic.com ad.vidverto.io
2 wf.taboola.com vidstat.taboola.com
2 am-match.taboola.com vidstat.taboola.com
2 prebid.media.net cdn.adpushup.com
2 hb-api.omnitagjs.com cdn.adpushup.com
2 a.teads.tv cdn.adpushup.com
2 prebid.smilewanted.com cdn.adpushup.com
2 grid.bidswitch.net cdn.adpushup.com
2 tlx.3lift.com cdn.adpushup.com
2 fastlane.rubiconproject.com cdn.adpushup.com
2 prebid-server.rubiconproject.com cdn.adpushup.com
2 bidder.criteo.com cdn.adpushup.com
2 fonts.googleapis.com cdn.taboola.com
securepubads.g.doubleclick.net
2 http-intake.logs.datadoghq.com cdn.adpushup.com
2 ads.betweendigital.com 1 redirects www.bg3.co
2 code.jquery.com delivery.adrecover.com
cdn.adpushup.com
2 ads.aralego.com 1 redirects ads.aralego.com
2 delivery.adrecover.com www.bg3.co
2 www.googletagmanager.com www.bg3.co
www.googletagmanager.com
1 stags.bluekai.com public.servenobid.com
1 cm.adform.net 1 redirects
1 match.adsby.bidtheatre.com 1 redirects
1 image4.pubmatic.com ads.pubmatic.com
1 core.iprom.net ads.pubmatic.com
1 ipac.ctnsnet.com ads.pubmatic.com
1 cm.adgrx.com ads.pubmatic.com
1 t.adx.opera.com 1 redirects
1 sync.mathtag.com ads.pubmatic.com
1 cs.yellowblue.io cs-server-s2s.yellowblue.io
1 ads.stickyadstv.com 1 redirects
1 visitor.omnitagjs.com 1 redirects
1 pixel-us-east.rubiconproject.com 1 redirects
1 tg.socdm.com 1 redirects
1 rtb.gumgum.com g2.gumgum.com
1 match.deepintent.com g2.gumgum.com
1 sync.ipredictive.com 1 redirects
1 dsp.nrich.ai 1 redirects
1 sync.smartadserver.com 1 redirects
1 s.company-target.com 1 redirects
1 dsum.casalemedia.com ssum-sec.casalemedia.com
1 wt.rqtrk.eu ssbsync.smartadserver.com
1 cdn.indexww.com ssum-sec.casalemedia.com
1 ad4m.at ssum-sec.casalemedia.com
1 hbx.media.net 1 redirects
1 sync.go.sonobi.com 1 redirects
1 sync.adkernel.com public.servenobid.com
1 g2.gumgum.com public.servenobid.com
1 static.smilewanted.com csync.smilewanted.com
1 eu-u.openx.net adpushup-d.openx.net
1 acdn.adnxs.com cdn.adpushup.com
1 js-sec.indexww.com cdn.adpushup.com
1 contextual.media.net cdn.adpushup.com
1 adpushup-d.openx.net cdn.adpushup.com
1 public.servenobid.com cdn.adpushup.com
1 www.youtube.com
1 id5-sync.com
1 sync.targeting.unrulymedia.com 1 redirects
1 shared.bannerflow.com c.bannerflow.net
1 mug.criteo.com
1 rr4---sn-1gi7znek.googlevideo.com
1 yt3.ggpht.com www.bg3.co
1 cdn.contentspread.net hal900026.redintelligence.net
1 audiencedata.im-apps.net dmp.im-apps.net
1 hal9000.redintelligence.net e69be1acc319b7940667230e1b27285a.safeframe.googlesyndication.com
1 ialaddin.genieesspv.jp www.bg3.co
1 ad.doubleclick.net e69be1acc319b7940667230e1b27285a.safeframe.googlesyndication.com
1 www.gstatic.com googleads.g.doubleclick.net
1 adx3.adform.net imasdk.googleapis.com
1 sync.taboola.com am-match.taboola.com
1 vidstatb.taboola.com www.bg3.co
1 am-vid-events.taboola.com www.bg3.co
1 hb.yahoo.net www.bg3.co
1 live.primis.tech www.bg3.co
1 px.ads.linkedin.com www.bg3.co
1 pixel.quantserve.com www.bg3.co
1 imprammp.taboola.com vidstat.taboola.com
1 f28f00025ef74e8a36f5965b6cd3361f.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 js.genieessp.com www.bg3.co
1 rules.quantcount.com secure.quantserve.com
1 cdn.jsdelivr.net cdn.adpushup.com
1 prg.smartadserver.com ad.vidverto.io
1 inv-nets.admixer.net ad.vidverto.io
1 secure.quantserve.com cdn.adpushup.com
1 a4p.adpartner.pro 1 redirects
1 15.taboola.com cdn.taboola.com
1 c.statcounter.com www.statcounter.com
1 www.statcounter.com www.bg3.co
1 www.bg3.co
0 cm-supply-web.gammaplatform.com Failed ads.pubmatic.com
0 ad.mrtnsvr.com Failed ads.pubmatic.com
0 us.shb-sync.com Failed public.servenobid.com
0 static.bg3.co Failed www.bg3.co
626 201
Subject Issuer Validity Valid
*.bg3.co
AlphaSSL CA - SHA256 - G4		 2023-05-22 -
2024-06-22		 a year crt.sh
misc-sni.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
statcounter.com
Sectigo RSA Domain Validation Secure Server CA		 2022-11-24 -
2023-12-24		 a year crt.sh
*.adpushup.com
GeoTrust TLS RSA CA G1		 2023-08-11 -
2024-07-12		 a year crt.sh
*.taboola.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-23 -
2024-11-22		 a year crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2023-07-11 -
2024-07-14		 a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-26 -
2023-12-23		 3 months crt.sh
ad.vidverto.io
R3		 2023-09-24 -
2023-12-23		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-04-18 -
2024-04-17		 a year crt.sh
*.aralego.com
Sectigo RSA Domain Validation Secure Server CA		 2023-11-09 -
2024-12-09		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-28 -
2024-01-28		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.logs.datadoghq.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-03-22 -
2024-03-22		 a year crt.sh
*.rubiconproject.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-03-07 -
2024-04-03		 a year crt.sh
quantserve.com
R3		 2023-10-28 -
2024-01-26		 3 months crt.sh
*.admixer.net
Sectigo ECC Domain Validation Secure Server CA		 2022-11-21 -
2023-12-22		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-21 -
2024-01-23		 a year crt.sh
casalemedia.com
Cloudflare Inc ECC CA-3		 2023-05-21 -
2024-05-20		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
*.a-mo.net
R3		 2023-11-07 -
2024-02-05		 3 months crt.sh
*.3lift.com
Amazon RSA 2048 M02		 2023-04-13 -
2024-05-11		 a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2023-03-23 -
2024-03-23		 a year crt.sh
teads.tv
R3		 2023-11-03 -
2024-02-01		 3 months crt.sh
*.openx.net
RapidSSL TLS RSA CA G1		 2023-08-18 -
2024-08-18		 a year crt.sh
omnitagjs.com
Sectigo RSA Domain Validation Secure Server CA		 2023-06-23 -
2024-07-22		 a year crt.sh
ads.servenobid.com
Amazon RSA 2048 M01		 2023-04-29 -
2024-05-27		 a year crt.sh
prebid.media.net
GTS CA 1D4		 2023-10-28 -
2024-01-26		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.genieessp.com
Sectigo RSA Domain Validation Secure Server CA		 2022-11-08 -
2023-11-26		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
cdn.vidverto.io
R3		 2023-09-23 -
2023-12-22		 3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-08-29 -
2024-02-21		 6 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-08-03 -
2024-01-24		 6 months crt.sh
www.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.adform.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-05-25 -
2024-06-18		 a year crt.sh
*.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.genieesspv.jp
GeoTrust TLS RSA CA G1		 2023-03-31 -
2024-04-30		 a year crt.sh
*.im-apps.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-04-13 -
2024-04-13		 a year crt.sh
redintelligence.net
R3		 2023-10-10 -
2024-01-08		 3 months crt.sh
audiencedata.im-apps.net
GTS CA 1D4		 2023-10-05 -
2024-01-03		 3 months crt.sh
contentspread.net
R3		 2023-10-23 -
2024-01-21		 3 months crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-09 -
2024-01-06		 3 months crt.sh
*.googleusercontent.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.c.docs.google.com
GTS CA 1C3		 2023-10-10 -
2023-12-19		 2 months crt.sh
*.id5-sync.com
R3		 2023-11-01 -
2024-01-30		 3 months crt.sh
*.servenobid.com
Amazon RSA 2048 M02		 2023-02-21 -
2024-02-05		 a year crt.sh
*.media.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-10 -
2024-02-18		 a year crt.sh
indexww.com
Cloudflare Inc ECC CA-3		 2023-09-05 -
2024-09-03		 a year crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1		 2023-03-27 -
2024-04-26		 a year crt.sh
aax-eu.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-06-21 -
2024-03-02		 8 months crt.sh
ie-ad-exch-prd-one-eks.prd.eks.ie.adexchange.gumgum.com
Amazon RSA 2048 M01		 2023-07-17 -
2024-08-14		 a year crt.sh
*.pubmatic.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-25 -
2024-01-24		 a year crt.sh
*.minutemedia-prebid.com
Amazon RSA 2048 M01		 2023-05-01 -
2024-05-29		 a year crt.sh
*.adkernel.com
AlphaSSL CA - SHA256 - G4		 2023-01-03 -
2024-02-04		 a year crt.sh
*.yellowblue.io
Amazon ECDSA 256 M02		 2023-04-18 -
2024-05-16		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2023-05-06 -
2024-05-04		 a year crt.sh
*.sharethrough.com
Amazon RSA 2048 M01		 2023-06-14 -
2024-07-12		 a year crt.sh
s.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-03 -
2024-02-19		 a year crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2022-11-30 -
2024-01-01		 a year crt.sh
*.ad-server.k8s.ie.ggops.com
Amazon RSA 2048 M02		 2023-02-08 -
2024-02-15		 a year crt.sh
*.mathtag.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-03-30 -
2024-04-29		 a year crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-08-11 -
2024-09-11		 a year crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA		 2023-03-03 -
2024-03-31		 a year crt.sh
*.ctnsnet.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-13 -
2024-11-10		 a year crt.sh
*.iprom.net
R3		 2023-11-13 -
2024-02-11		 3 months crt.sh
*.simpli.fi
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-11-07 -
2024-12-07		 a year crt.sh
track.adform.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-06 -
2024-09-19		 a year crt.sh
truffle.bid
R3		 2023-10-24 -
2024-01-22		 3 months crt.sh

This page contains 122 frames:

Primary Page: https://www.bg3.co/a/gan-da-jue-zhan-2-0ban-ben-xian-feng-ce-shi-zheng-shi-kai-qi.html
Frame ID: 6BB95A34C208820D8B61CD9E3921820A
Requests: 224 HTTP requests in this frame

Frame: https://e69be1acc319b7940667230e1b27285a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: F328C732E868F6A8E16DCD76E27515A6
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv3ExopvPPN_w_xXUJr2kygurqYRMoHwAckG-cCofpf6_Ou58fw0gt-hUz6G1aOUPDRgVTvfMAPWZOZkcdsIkN4sXmTb9cCJhlW24ytNKX6RkwZLON2S_rj-YtSlBZx9deb85pNyvbDvqqNJzrqWvaZ6ytSU1Cl20iN-Ikbg7CZV2yKRL0RWhRYwMMzA--UAaacc3N22WCqB4ctBoPlbxttJRKjolttr-RX2nRJJI1pCQkYs4wEPPaqAPdBBqQMKCnaDUBZE_hTumYuY4asFE9nsmV38EMCA_U0xyfbU0UaNJNUqIXy2qGFeEIvsswihIHwAg&sai=AMfl-YQPucUYPyCUmCJ-Bk1NicScccx7fBNfoyJtnjuNosKzyrX18JfKcTsUoGpby9JdN5_UNTJrZ3RW2Ao5XAqBfuSwH1tt_qre11rwN9gT44xLN1rW5e8d2YDpj8yexorzB9C40MRQlBuguLI2kihHDco&sig=Cg0ArKJSzIwgN0F0O1koEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 510094F1C0EA6108BB438570340EF7A0
Requests: 4 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=
Frame ID: 53C754258599BC1259AFE874A2C02267
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: AC3D29045A262A76A69D9A19E653FA12
Requests: 6 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Frame ID: D9DB9FE9F59A354822BDF79F999B45F9
Requests: 7 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=adiiix
Frame ID: B622A9A2EFD58F2C6E8C2B0746A20C35
Requests: 20 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Frame ID: A6E816AF5847AA4D0EE736B9E402CE7D
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/zrt_lookup_fy2021.html
Frame ID: DC1848AA0DC3A4BE4B35A7C17CC7A2E1
Requests: 1 HTTP requests in this frame

Frame: https://js.genieessp.com/t/550/967/a1550967.js
Frame ID: EC899C1730293B4DBCD8E796CBDADD2F
Requests: 6 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Frame ID: 2344DC6C5BEB33220CC6760367D94E2B
Requests: 22 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 80226F5EC31B34E80ABCA5B7F9F1F340
Requests: 1 HTTP requests in this frame

Frame: https://f28f00025ef74e8a36f5965b6cd3361f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 9B3958187A6A3065F3EC646C15349BCB
Requests: 1 HTTP requests in this frame

Frame: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66622845&crid=6926735&dast=V8vJwCLAbUW0BpuoeoshOot4DSdA9RZS8AAABgYID-AEnObL6RYWNxi3YL31q0mM3WwplnspaZJiPPaLAbLWabISDBlW1hMbmGa5VptVmLBpvBWjlYWNyqjc23nM0cw9lgMwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZWaDodPte9Xvf73SU-z1zj9yv8OofdLXK4pa6XW3p02N2StWDisLslLrtb-HTY3TKX3efWuNyao9MtPbrsPrfm6HRrHU634mkXmt5mOwAAAAB4AJAW-wjhBxAAIAIAAACABAAAAAAKARX-LQhcAAAAAMAAsHC7qgHgmUMDOwxil8fosrxMp5c_AAA8FIAAABDAIAGAgH5YAiDGeO8EAAAAAAAAAACL_____xgD-JV9MggG1mt6ADz4AHggUiBahBEAAACAYee0wSOTdIKKRRUAAIJ0KwBXAAACFr87R07CAAAACIxZoIfF7zc77Bq_22UAAAAAAAAAAMz8n_lHI5TjSpEGaLzwQ80vIADAml9AAAA26gYA4I0AnKBD0IrBYHUCYnYAAAAA7vz____rAbGVbeYabUa-1Wi3m61cE49j5bHZVpPVaDkaOSfbg18qIW6DoS7cZ0NYZr_voKCcnh6zyyBjuUwG8UHDsJwMgvmZsMVoNZlslsPZcjEZDEfD0Wh_BHA5QBMxWC4nk8VktxqtRpvhbjQbLJBADCaIokWDyWo0miwmw9VospotF7vdBlG0ajUbbQbD1Wwy2-1Ww8FwORqhCVuMVpPJZjmcLReTwXA0HI2GCKZmM9dsNdqsZb7RZi2a2WxriXEyWissvt1iuXC5LMvhWvT6mD6uxW7jnGyRYADXXgQX6UTwMLsdppdb4vNs_BaxRHOySCeyy762ss1co83ItxrtdrOVa-JxrDw222qyGi1HI-dk35rNXLPVaLOW-UabtWhms60lxslorbD4dovlwuWyLIdr0etj-rgWu41zsm_sBoPJbDNbDveN3WAwmW1my-G-Q2f4rj5no7Ksknx8foc5aD7XnAaFy2DxvtSn87BgLKjPnqPTpp1eCzqj3-_3-_1-v9_v9xu0noPZoPA9D3_h9LE8l8PZ6EFsMChiieB0kU5EL-PpIpZInhbpRDRcWBaL0cI5WdicC9tmORzNRg6PyeYaDQeblWsilihNF-lEr_DrHHa3yOGWul5u6dFhd0vWgonD7pa47G7h02F3y1x2n1vjcmuOTrf06LL73Jqj0611ON2Kp11oepst6j96iOVqLhnM5orBaq7YLFYJAAAAAAAAAMASTDPdBAAAAMDJoIab4WK1XAAXQVm6gE0AAAAAAACKNfZYAzzMbofp5Zb4PBu_lQFIMOcx28wzglir1bIGAAAggA0AACCAm268CViJ5OwDwnrgQqkXfuRXEJvlZLN_ACrEWq2WzxdrtVoC_____wE!&cmcv=&pix=undefined&cb=1700263700390&uv=3358&tms=1700263700390&abt=adxsub-out_vA!adxsub-out_vB!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=9ff7d0cb-47a7-4166-8f32-f42d34074163&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Frame ID: 8A3BBE419122EEB392C343068C3A8095
Requests: 4 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V8vJwCLAbUW0BpuoeoshOot4DSdA9RZS8AAABgYID-AEnObL6RYWNxi3YL31q0mM3WwplnspaZJiPPaLAbLWabISDBlW1hMbmGa5VptVmLBpvBWjlYWNyqjc23nM0cw9lgMwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZWaDodPte9Xvf73SU-z1zj9yv8OofdLXK4pa6XW3p02N2StWDisLslLrtb-HTY3TKX3efWuNyao9MtPbrsPrfm6HRrHU634mkXmt5mOwAAAAB4AJAW-wjhBxAAIAIAAACABAAAAAAKARX-LQhcAAAAAMAAsHC7qgHgmUMDOwxil8fosrxMp5c_AAA8FIAAABDAIAGAgH5YAiDGeO8EAAAAAAAAAACL_____xgD-JV9MggG1mt6ADz4AHggUiBahBEAAACAYee0wSOTdIKKRRUAAIJ0KwBXAAACFr87R07CAAAACIxZoIfF7zc77Bq_22UAAAAAAAAAAMz8n_lHI5TjSpEGaLzwQ80vIADAml9AAAA26gYA4I0AnKBD0IrBYHUCYnYAAAAA7vz____rAbGVbeYabUa-1Wi3m61cE49j5bHZVpPVaDkaOSfbg18qIW6DoS7cZ0NYZr_voKCcnh6zyyBjuUwG8UHDsJwMgvmZsMVoNZlslsPZcjEZDEfD0Wh_BHA5QBMxWC4nk8VktxqtRpvhbjQbLJBADCaIokWDyWo0miwmw9VospotF7vdBlG0ajUbbQbD1Wwy2-1Ww8FwORqhCVuMVpPJZjmcLReTwXA0HI2GCKZmM9dsNdqsZb7RZi2a2WxriXEyWissvt1iuXC5LMvhWvT6mD6uxW7jnGyRYADXXgQX6UTwMLsdppdb4vNs_BaxRHOySCeyy762ss1co83ItxrtdrOVa-JxrDw222qyGi1HI-dk35rNXLPVaLOW-UabtWhms60lxslorbD4dovlwuWyLIdr0etj-rgWu41zsm_sBoPJbDNbDveN3WAwmW1my-G-Q2f4rj5no7Ksknx8foc5aD7XnAaFy2DxvtSn87BgLKjPnqPTpp1eCzqj3-_3-_1-v9_v9xu0noPZoPA9D3_h9LE8l8PZ6EFsMChiieB0kU5EL-PpIpZInhbpRDRcWBaL0cI5WdicC9tmORzNRg6PyeYaDQeblWsilihNF-lEr_DrHHa3yOGWul5u6dFhd0vWgonD7pa47G7h02F3y1x2n1vjcmuOTrf06LL73Jqj0611ON2Kp11oepst6j96iOVqLhnM5orBaq7YLFYJAAAAAAAAAMASTDPdBAAAAMDJoIab4WK1XAAXQVm6gE0AAAAAAACKNfZYAzzMbofp5Zb4PBu_lQFIMOcx28wzglir1bIGAAAggA0AACCAm268CViJ5OwDwnrgQqkXfuRXEJvlZLN_ACrEWq2WzxdrtVoC_____wE!&excid=22&docw=0&cijs=1&nlb=true
Frame ID: DC04AF410945ADFC59C90C30D1EBF1B6
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301107&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1700263700&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fgan-da-jue-zhan-2-0ban-ben-xian-feng-ce-shi-zheng-shi-kai-qi.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700263699852&bpp=373&bdt=957&idt=674&shv=r20231109&mjsv=m202311150101&ptt=5&saldr=sd&cookie=ID%3D67ba635910e4b7f5%3AT%3D1700263698%3ART%3D1700263698%3AS%3DALNI_MYfdLeeGEUs_u4xhLyM1aaGhlYZ8A&gpic=UID%3D00000ccb78c79d18%3AT%3D1700263698%3ART%3D1700263698%3AS%3DALNI_Ma9K7e3u3n3MVNni0SLNgfeVAFKew&correlator=4811963659438&frm=23&ife=1&pv=2&ga_vid=1983550272.1700263699&ga_sid=1700263701&ga_hid=1445068936&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=4601&biw=1600&bih=1200&isw=336&ish=280&ifk=4111683719&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44809315%2C31078297%2C31079757%2C44807764%2C44808148%2C44808284%2C44809055%2C31079654&oid=2&pvsid=223067076498789&tmod=1819883492&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.d74at48l467t&btvi=1&fsb=1&dtd=866
Frame ID: 73A5A8E9718932F1DFE3F2E0A034EF13
Requests: 10 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Frame ID: 1CB9A827A2811CD243CAB0C93128BF0B
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: A926D5010B70A11397842DA35B71B263
Requests: 1 HTTP requests in this frame

Frame: https://e69be1acc319b7940667230e1b27285a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: AA7E16A2FE3AD405946B25C4E104CBE1
Requests: 18 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: EAF4AAE9B9C815228CF722B75D518D5E
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: DE9EF36A7EA1365948180BF4BB05E301
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxiXyYjGATAB&v=APEucNWV0Pbo_K31BUCPtOM26L15-sMCBxS8hnhhmWhST8-cvnb0VKSJDiUtdxJniY9rq1ragpkXd0UI11aqq6XnFMn_kfdNSA
Frame ID: 491E2844A83569CFEFEE78F2B0D70D40
Requests: 4 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V8vJwCLAbUW0BpuoeoshOot4DSdA9RZS8AAABgYID-AEnObL6RYWNxi3YL31q0mM3WwplnspaZJiPPaLAbLWabISDBlW1hMbmGa5VptVmLBpvBWjlYWNyqjc23nM0cw9lgMwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZWaDodPte9Xvf73SU-z1zj9yv8OofdLXK4pa6XW3p02N2StWDisLslLrtb-HTY3TKX3efWuNyao9MtPbrsPrfm6HRrHU634mkXmt5mOwAAAAB4AJAW-wjhBxAAIAIAAACABAAAAAAKARX-LQhcAAAAAMAAsHC7qgHgmUMDOwxil8fosrxMp5c_AAA8FIAAABDAIAGAgH5YAiDGeO8EAAAAAAAAAACL_____xgD-JV9MggG1mt6ADz4AHggUiBahBEAAACAYee0wSOTdIKKRRUAAIJ0KwBXAAACFr87R07CAAAACIxZoIfF7zc77Bq_22UAAAAAAAAAAMz8n_lHI5TjSpEGaLzwQ80vIADAml9AAAA26gYA4I0AnKBD0IrBYHUCYnYAAAAA7vz____rAbGVbeYabUa-1Wi3m61cE49j5bHZVpPVaDkaOSfbg18qIW6DoS7cZ0NYZr_voKCcnh6zyyBjuUwG8UHDsJwMgvmZsMVoNZlslsPZcjEZDEfD0Wh_BHA5QBMxWC4nk8VktxqtRpvhbjQbLJBADCaIokWDyWo0miwmw9VospotF7vdBlG0ajUbbQbD1Wwy2-1Ww8FwORqhCVuMVpPJZjmcLReTwXA0HI2GCKZmM9dsNdqsZb7RZi2a2WxriXEyWissvt1iuXC5LMvhWvT6mD6uxW7jnGyRYADXXgQX6UTwMLsdppdb4vNs_BaxRHOySCeyy762ss1co83ItxrtdrOVa-JxrDw222qyGi1HI-dk35rNXLPVaLOW-UabtWhms60lxslorbD4dovlwuWyLIdr0etj-rgWu41zsm_sBoPJbDNbDveN3WAwmW1my-G-Q2f4rj5no7Ksknx8foc5aD7XnAaFy2DxvtSn87BgLKjPnqPTpp1eCzqj3-_3-_1-v9_v9xu0noPZoPA9D3_h9LE8l8PZ6EFsMChiieB0kU5EL-PpIpZInhbpRDRcWBaL0cI5WdicC9tmORzNRg6PyeYaDQeblWsilihNF-lEr_DrHHa3yOGWul5u6dFhd0vWgonD7pa47G7h02F3y1x2n1vjcmuOTrf06LL73Jqj0611ON2Kp11oepst6j96iOVqLhnM5orBaq7YLFYJAAAAAAAAAMASTDPdBAAAAMDJoIab4WK1XAAXQVm6gE0AAAAAAACKNfZYAzzMbofp5Zb4PBu_lQFIMOcx28wzglir1bIGAAAggA0AACCAm268CViJ5OwDwnrgQqkXfuRXEJvlZLN_ACrEWq2WzxdrtVoC_____wE!&excid=22&docw=0&cijs=1&nlb=true
Frame ID: 45DC90E96F9B14E7997B724E9B002CA8
Requests: 4 HTTP requests in this frame

Frame: https://e69be1acc319b7940667230e1b27285a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: F8BC1E6938F48899A408BAD1CB891620
Requests: 21 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CICSjpAFEL_Xk7MFGJm3nv0BMAE&v=APEucNV76Er58snaS69f70Y5LC7kDRq2f7nNo5GsQVoXErHcct0TBveTDv05G4igKBNvTsYA6XTrRSm-6OtrGzyxJQ_vCM5O-A
Frame ID: EA13057691A25E5105069A1A9AF7E96B
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 0F4CF13AACE73452958F3D0C0D4EAEBA
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 986B1DB9E8084E5575F3F7C5053F898F
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Yf5BzeG23wDzTlqXlXQekm6IYbjoDTlv95nUi6zaUwA.js
Frame ID: 327364868E0CCF53B779C230C1CF4AA8
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: C28312806AC76EF0C69C14B8A83767E2
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 77E21D87ACDC81F9782130E11E33A3CB
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 571CE7A9B3FE15A9678328283CD1BE51
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 472EFB184B26F756694E3D33BDB9A889
Requests: 2 HTTP requests in this frame

Frame: https://hal900026.redintelligence.net/request_content.php?s=21765500001811404438446012512026&a=aa555b58
Frame ID: EA4924F0ED355795C49786BD1873ED2F
Requests: 5 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Frame ID: A47931DEA9C3E3DC9E93C418F74455FE
Requests: 17 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 5615771636367DF05CEAD7D1B2219E89
Requests: 1 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/2424957407877660672/CH-DE_interest_rate-1-DECH-728x90-638330445206768758-a8731108-9fa3-40c3-89dc-1ceef44a5f3f.html?ev=01_250
Frame ID: 9206D6B64B7F397227241688CBBCE108
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 327D10244FA5D171D73D356BC14FF5B3
Requests: 8 HTTP requests in this frame

Frame: blob://https://s0.2mdn.net/e5653024-f932-472b-b3cf-cde8bf356bca
Frame ID: 982FFA393F7FB1D288626C5D3A754F0D
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.bg3.co
Frame ID: 3E687B65DB7B96DED2C9A2137D9AB25E
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 0111537E85726E12EE8EDD0E6CAE915E
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: BB88A03EF3AA1B93FF408F652236774E
Requests: 2 HTTP requests in this frame

Frame: https://c.bannerflow.net/accounts/saxo-bank/5a0d3b1088665f7354f5da6c/images/9385cbed-00ad-4793-94f1-014c2e89e9b8.svg
Frame ID: B3740A1E0254300F061E5DE14195A90B
Requests: 4 HTTP requests in this frame

Frame: https://shared.bannerflow.com/libs/lottie/lottie.min.js
Frame ID: 3BAD78A412FB56243C3D64471B984066
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1700263700273
Frame ID: 6814716C0EBF2FCDA23286574E17BB7C
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1700263700202
Frame ID: 60F0E3E57D29CD44EC976790AF5EC8AA
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 2A6E66A51DE800A2D900A94E7CE2AE20
Requests: 2 HTTP requests in this frame

Frame: https://prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=&gpp=&gpp_sid=
Frame ID: 6A0E2641E1A0F14C900C6EE365835F62
Requests: 1 HTTP requests in this frame

Frame: https://public.servenobid.com/sync.html
Frame ID: 6C7B8A8F23829A647456BAFEBFEF1CB4
Requests: 13 HTTP requests in this frame

Frame: https://csync.smilewanted.com/
Frame ID: EE8556134435EEB2B46E1B9B6131DB5D
Requests: 2 HTTP requests in this frame

Frame: https://adpushup-d.openx.net/w/1.0/pd
Frame ID: 4BD5F581071F2ED329134FE10DD8A41A
Requests: 7 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C2045%2C3012%2C2043%2C2040%2C244%2C2039%2C3007%2C246%2C4%2C203%2C446%2C9%2C2055%2C2099%2C173%2C294%2C251%2C175%2C450%2C132%2C374%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C459%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C461%2C222%2C345%2C468%2C10000%2C80%2C108%2C229%2C307%2C508&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Frame ID: 37365551B2D882786424A75981BA9A1A
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: ABEF7C513CA7AD15814476F8945292A3
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: 96AF7F82C8B3A4AFD74C4BF65297EFE6
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 25ACE4C5C73E0C8478B7A8AB44CA7344
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/hhrtBw21.html
Frame ID: F952A847AA79ABED0B25E17AFC37E82B
Requests: 3 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: ED0366EF5FBF9A7F6E4CD447A1E7EE45
Requests: 10 HTTP requests in this frame

Frame: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Frame ID: 7EDC6C1BBF1A9F3C114E3D1528C1FF01
Requests: 12 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Frame ID: FF7D1C29C4459D93228B560F21E5BE51
Requests: 1 HTTP requests in this frame

Frame: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Frame ID: 7DA86FEA3A3E05D213C605882DA514E2
Requests: 6 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Frame ID: C6EC6E7B91B6286ED7D709A43807F7B6
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Frame ID: 9BDD42FEC23AE9981FB173AFAE674E64
Requests: 4 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Frame ID: 980415FB2977469A0D580763582B805C
Requests: 23 HTTP requests in this frame

Frame: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Frame ID: 5B8C42E1FB758D9F6D55E0BBA6BFD6C1
Requests: 9 HTTP requests in this frame

Frame: https://sync.adkernel.com/user-sync?zone=181225&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D152%26uid%3D%7BUID%7D&gdpr=0&gdpr_consent=&us_privacy=1YN-&
Frame ID: C0D37020B0717598BD23080E1AFA4A8A
Requests: 1 HTTP requests in this frame

Frame: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Frame ID: 484AF4B778B68BE665C35F0AC978F5E2
Requests: 5 HTTP requests in this frame

Frame: https://csync.smilewanted.com/drop_cookie_sw.php
Frame ID: C18AA4C64DA95A37B0BB8F096B041C6F
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/smart/1663336969069035544
Frame ID: E49B2488BC13D7CC2E2EA592286519B8
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/appnexus/2555110911558640958
Frame ID: 07ED6E8289B5835C73FFF4782620C784
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/rubicon/LP393VEY-13-34K2?gdpr=0
Frame ID: 5B1E66BC4E4E17B0F6D920862C2EEDB7
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=adf&i=278540316111714368&gdpr=0&gdpr_consent=
Frame ID: 0E7CAED6BBACD7D541F595E1219AAA7F
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV85OTkzYzdlMy00MjAzLTRiN2UtOTZhMy1iMGFmNTI3NzMzNjg=&gdpr=0&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Frame ID: DB677A35762704CE796CB5BAC5D897DF
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Frame ID: 05FBC94938915ABE4F51A55EE4C29D5A
Requests: 6 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
Frame ID: 879729FC4168322FF30DA518C868C065
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=sus&i=ZVf3GMCo8YMAANWxhqEAAAAA
Frame ID: 44245724B043FF189ADB4CBF52507B96
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=rth&i=NsMRezb_IAl1QO1xqjwZKBnkDFpY9ciBvWAHMUJgAcE&pi=gumgum
Frame ID: F6196B2552034F77F954D7B008EB5D87
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: 7CD316DD613219A42F74363F6A088839
Requests: 4 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Frame ID: BC5491C011A46C37546ADD95C7D9A674
Requests: 2 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/improve/6c6cefa7-471d-4687-925e-86eeb9775ac0&partner_id=1010
Frame ID: 5BA756E16D694BEDD15C252D6B72C3CB
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/openx/2679f436-0506-4200-a5ae-c9366bf1b1bb
Frame ID: 8B4D93B14C6D6E3577EB8CF5770406CC
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fsovrn%2F%24UID
Frame ID: A27C2C0DF055D70892D90B798D426100
Requests: 1 HTTP requests in this frame

Frame: https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D
Frame ID: 352159EC4695937D5501C6B15FD9888F
Requests: 1 HTTP requests in this frame

Frame: https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=2BA9B6BA-0B56-417F-8D7A-FE7045BC1D99
Frame ID: 336FE36B5FBAD9A99D1A8ACE32DA9D5A
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=2BA9B6BA-0B56-417F-8D7A-FE7045BC1D99&redir=true&gdpr=0&gdpr_consent=
Frame ID: 2554B5583F741A0CCE231C12BEDA6550
Requests: 1 HTTP requests in this frame

Frame: https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=2BA9B6BA-0B56-417F-8D7A-FE7045BC1D99
Frame ID: 10F0B4EAA31BBABF692AA2A6085DA32A
Requests: 1 HTTP requests in this frame

Frame: https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=2BA9B6BA-0B56-417F-8D7A-FE7045BC1D99
Frame ID: 55B2428637F48DFC5ED9CD19F43BA3CA
Requests: 1 HTTP requests in this frame

Frame: https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=2BA9B6BA-0B56-417F-8D7A-FE7045BC1D99
Frame ID: 34E22BB594CCC73819890614C0D7EB7A
Requests: 1 HTTP requests in this frame

Frame: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Frame ID: 43AACA39FFD962466AFE1996ED7B96D0
Requests: 1 HTTP requests in this frame

Frame: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Frame ID: 3B47A4A6CC65BABD02EEC71E6465DD0C
Requests: 1 HTTP requests in this frame

Frame: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Frame ID: C3C9EC3213C5595CDD674A9C79D4EE1C
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU5c5f19e9c1f04c399048777a127ea838
Frame ID: 95FD7697F62F5C7359028A8BDE34C560
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Frame ID: 38E67579428EDB04779615B7A9DFE4FE
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZVf3GAAAbXMyrQBU
Frame ID: 0D9BB1B065B76A16D0B1732C8404EC53
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: 546EA71151258EB9D79005985B989086
Requests: 1 HTTP requests in this frame

Frame: https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=2BA9B6BA-0B56-417F-8D7A-FE7045BC1D99
Frame ID: 5F68D63B3F6B49DC864F17DCB1588EA4
Requests: 1 HTTP requests in this frame

Frame: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Frame ID: A5D95FC6181B40F15AF9F8EDA824B2B5
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=4180569872145925036
Frame ID: B5F193EC4E62C9280F4A1F25DDAD1BFE
Requests: 1 HTTP requests in this frame

Frame: https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=2BA9B6BA-0B56-417F-8D7A-FE7045BC1D99
Frame ID: AE607048E51100745FA9ABA6C66824BD
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Frame ID: 1301E97652B47C1B262DC417F191EC8B
Requests: 1 HTTP requests in this frame

Frame: https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent=
Frame ID: A9C08A35B999EDD6877FE11BB17B87B5
Requests: 1 HTTP requests in this frame

Frame: https://ads.servenobid.com/sync?pid=316&uid=2BA9B6BA-0B56-417F-8D7A-FE7045BC1D99
Frame ID: 7717BD282138E883EBD8729CBEB9ACF8
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/adform/278540316111714368
Frame ID: CD173759817BE050FFA4C0751F5EBB6E
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/outbrain/?gdpr=0
Frame ID: 8619A64A8AA5B03BF356BCA9703ACFE1
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/NsMRezb_IAl1QO1xqjwZKBnkDFpY9ciBvWAHMUJgAcE?pi=smilewanted
Frame ID: 21F84A9C695EE643916961DC4AB3AEA8
Requests: 1 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=2BA9B6BA-0B56-417F-8D7A-FE7045BC1D99&gdpr=0&gdpr_consent=
Frame ID: E2DA0620ED573FFFD351F413CA8D616A
Requests: 1 HTTP requests in this frame

Frame: https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel
Frame ID: 4251FA50C1A923D9DB0521FF2AADF7B7
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: EE7699093C10CFFD7881C9140D2EF241
Requests: 1 HTTP requests in this frame

Frame: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Frame ID: 2448E94DB53BF891EBF16263CB8FFE6E
Requests: 1 HTTP requests in this frame

Frame: https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Frame ID: C0E5BA2AAD59367F9CAE92BEB923B949
Requests: 1 HTTP requests in this frame

Frame: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Frame ID: 34226F30AB2529F6A01E8E78671C8FE7
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=7307421453
Frame ID: 079EB7E5B024B1AADDBD6EDA2FBE7451
Requests: 1 HTTP requests in this frame

Frame: https://ads.servenobid.com/sync?pid=316&uid=2BA9B6BA-0B56-417F-8D7A-FE7045BC1D99
Frame ID: F5FE09D765F451D561F70C20FA0F9A92
Requests: 1 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=2BA9B6BA-0B56-417F-8D7A-FE7045BC1D99&gdpr=0&gdpr_consent=
Frame ID: 691E6705994E52D5ECB8CE3042679868
Requests: 1 HTTP requests in this frame

Frame: https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel
Frame ID: 5B498DD871EE3F8174BEA9E46111F5A8
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 4652069C706E2B468C93F20C30DD20FB
Requests: 1 HTTP requests in this frame

Frame: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Frame ID: 4B3F892637764E2E1A632B681EB77162
Requests: 1 HTTP requests in this frame

Frame: https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Frame ID: 3CF3086480446CDF4402B664C358A4B1
Requests: 1 HTTP requests in this frame

Frame: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Frame ID: 438519A8ADF9120F106BC72208A06335
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=3840952888
Frame ID: CB277C9FC10BF705792BC1479D16AF21
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=pbm&i=2BA9B6BA-0B56-417F-8D7A-FE7045BC1D99
Frame ID: D85DBA5F8D6A4DA55AA7A19770BB5E5D
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/pubmatic/2BA9B6BA-0B56-417F-8D7A-FE7045BC1D99
Frame ID: 7D97EE4EB745C6A56BE626BAF26DBE10
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=pbm&i=2BA9B6BA-0B56-417F-8D7A-FE7045BC1D99
Frame ID: 9409EF7FB97FC8E65BCBA90D2646944A
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/pubmatic/2BA9B6BA-0B56-417F-8D7A-FE7045BC1D99
Frame ID: 7FDE6D78905340DF8F80D6FE58C0A9F3
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

《敢達決戰》2.0版本先鋒測試正式開啓 - 天天要聞

Detected technologies

Overall confidence: 100%
Detected patterns
  • <[^>]+\sdata-v(?:ue)?-
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/pagead/show_ads\.js
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • lightbox(?:-plus-jquery)?.{0,32}\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • /prebid\.js
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • statcounter\.com/counter/counter
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

626
Requests

76 %
HTTPS

28 %
IPv6

120
Domains

201
Subdomains

128
IPs

17
Countries

5430 kB
Transfer

22980 kB
Size

204
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 8
  • https://ads.aralego.com/sdk HTTP 301
  • https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Request Chain 89
  • https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fad.vidverto.io%2Fdelivery%2Fv2%2Fsync%3Fuserid%3D%7Buser_id%7D%26p_id%3D23 HTTP 302
  • https://ad.vidverto.io/delivery/v2/sync?userid=8409e5b5-cc54-4059-b7b1-b1c4a5d37885&p_id=23
Request Chain 90
  • https://x.bidswitch.net/sync?ssp=prodoohmox&user_id=3e6dc184-c3ac-42f1-802e-bca5e8773876&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=prodoohmox&user_id=3e6dc184-c3ac-42f1-802e-bca5e8773876&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43092&gdpr=0&consent=&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dprodoohmox%26expires%3D30%26user_group%3D%24%7BUSER_GROUP%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43092&gdpr=0&consent=&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dprodoohmox%26expires%3D30%26user_group%3D%24%7BUSER_GROUP%7D%26gdpr%3D0%26gdpr_consent%3D&crf=1&rts=3921345365013208513
Request Chain 112
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adiiix HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=adiiix
Request Chain 207
  • https://pixel.rubiconproject.com/exchange/sync.php?p=adiiix&khaos=LP393VEY-13-34K2 HTTP 302
  • https://sync.aralego.com/idsync?ucf_nid=dsp-34BA74DB2DB8A36B0867EE4A76799A2&ucf_user_id=LP393VEY-13-34K2 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
Request Chain 225
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LP393VEY-13-34K2
Request Chain 227
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=x8nzNW1qQ0OQLAR35Vsl-g&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=x8nzNW1qQ0OQLAR35Vsl-g
Request Chain 228
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEA7N95yhSwVqFyy8Gb_uY9w&google_cver=1
Request Chain 229
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=Bd2vmEiIRPGYqHkZbtQLEg&rk=usync-other HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=Bd2vmEiIRPGYqHkZbtQLEg
Request Chain 230
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/DGKxtr0nr4ZePCDQ3U826sn5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-QaYJ4zNE2oJEpJGNxamR.Rozl4KW60r5_UNliw--~A
Request Chain 231
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OTZmN2U0MTM3MjI0YjJlMzBlY2YzMjA2MTdjYTM3YzQ4MzM5ODBjYQ
Request Chain 232
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TFAzOTNWRVktMTMtMzRLMg== HTTP 302
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEIgwm2P1dze4FsPDnYMWknY&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFAzOTNWRVktMTMtMzRLMg==&google_push=
Request Chain 233
  • https://pixel.rubiconproject.com/exchange/sync.php?p=a9us HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=LP393VEY-13-34K2&ex=d-rubiconproject.com&status=ok
Request Chain 234
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp HTTP 303
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&_bee_ppp=1 HTTP 303
  • https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AADJOU7Kr-4AABUq5wrxPg&expires=30
Request Chain 235
  • https://pixel.rubiconproject.com/exchange/sync.php?p=19564 HTTP 302
  • https://capi.connatix.com/us/pixel?puid=LP393VEY-13-34K2&pId=11&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://capi.connatix.com/us/pixel?puid=LP393VEY-13-34K2&pId=11&gdpr=&gdpr_consent=&us_privacy=&final=true
Request Chain 236
  • https://pixel.rubiconproject.com/exchange/sync.php?p=primis HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LP393VEY-13-34K2
Request Chain 237
  • https://pixel.rubiconproject.com/exchange/sync.php?p=18694 HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LP393VEY-13-34K2
Request Chain 238
  • https://token.rubiconproject.com/token?pid=37556&a=1 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LP393VEY-13-34K2 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3355&partner_device_id=LP393VEY-13-34K2
Request Chain 239
  • https://token.rubiconproject.com/token?pid=26594 HTTP 302
  • https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LP393VEY-13-34K2&redir=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=58160&ovsid=LP393VEY-13-34K2&redir=true HTTP 302
  • https://hb.yahoo.net/cksync?cs=63&axid_e=eS1iWi5JNTRCRTJ1SHhqNzNUMVV5cldFMUE4ZmJVYjJIQ35B&ovsid=LP393VEY-13-34K2&dpid=58160
Request Chain 240
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-apn HTTP 302
  • https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LP393VEY-13-34K2
Request Chain 262
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB9bpfmFYqDWv5O2nIpE6Js&google_cver=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB9bpfmFYqDWv5O2nIpE6Js&google_cver=1&C=1
Request Chain 263
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZVf3FXv2.3cGhZO-l-xfEwAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB9bpfmFYqDWv5O2nIpE6Js&google_cver=1&google_hm=2
Request Chain 268
  • https://pr-bh.ybp.yahoo.com/sync/taboola/56f56543-f743-4ff6-b824-ab7719aee298-tuctc517c92?gdpr=1&us_privacy=1--- HTTP 302
  • https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-7Q2VkYhE2oQwr3B1njXypJJ7oRABNgB66XRn9g--~A
Request Chain 306
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEJcWd79BewZmjR1xvJaVtDM&google_cver=1 HTTP 307
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEJcWd79BewZmjR1xvJaVtDM%26google_cver%3D1
Request Chain 307
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTAxMTQyNDIzNTY4NjAxNjA4MQ%3D%3D
Request Chain 308
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEPbO6BoYRSY-2skzJzKDhAs&google_cver=1 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESEPbO6BoYRSY-2skzJzKDhAs&google_cver=1
Request Chain 309
  • https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
  • https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YWY1Y2U1NmEtZmMxNC0yMjNhLWY2M2ItNTQ2M2RmYWZkN2E5
Request Chain 315
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEHenlYn4jYXHtikWzTxgS40&google_cver=1&google_push=AXcoOmRuOpgtp1k9C0CCSV4ZZj-LnMi_l25P-f7dpRU7CEmjJdDemfWY9wbwUnbCIh_F_B9Mfkr2-ZHLRZ33-ZqsMj8T3c-rbw8bJwak132BhhGFPxPLncauAfpfNDkpyFw_77j9Y4vD-eV0p-sve_rInB0a HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEHenlYn4jYXHtikWzTxgS40&google_cver=1&google_push=AXcoOmRuOpgtp1k9C0CCSV4ZZj-LnMi_l25P-f7dpRU7CEmjJdDemfWY9wbwUnbCIh_F_B9Mfkr2-ZHLRZ33-ZqsMj8T3c-rbw8bJwak132BhhGFPxPLncauAfpfNDkpyFw_77j9Y4vD-eV0p-sve_rInB0a HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=UDRQNWU2SVoxUjQ4ZzU1&google_gid=CAESEHenlYn4jYXHtikWzTxgS40&google_cver=1&google_push=AXcoOmRuOpgtp1k9C0CCSV4ZZj-LnMi_l25P-f7dpRU7CEmjJdDemfWY9wbwUnbCIh_F_B9Mfkr2-ZHLRZ33-ZqsMj8T3c-rbw8bJwak132BhhGFPxPLncauAfpfNDkpyFw_77j9Y4vD-eV0p-sve_rInB0a
Request Chain 316
  • https://um.simpli.fi/gp_match?google_gid=CAESEGnHlKRRpC7LShq6n2wU4gI&google_cver=1&google_push=AXcoOmQjOZvTbo2MMbp8aJtorMQa6XXjd4uQCmeibqWRUJIOvST71Iku139klXT8NwaaiOWmtaCM_D04n-7N9I_fYOmwBGiWVWWLoI2L1tbfIAkR2UeL1I6hOhcLynuNlYPj6xTnxup185bXpmS762fpmZQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=8137914E08E64EA796299417CD1DED1B&google_push=AXcoOmQjOZvTbo2MMbp8aJtorMQa6XXjd4uQCmeibqWRUJIOvST71Iku139klXT8NwaaiOWmtaCM_D04n-7N9I_fYOmwBGiWVWWLoI2L1tbfIAkR2UeL1I6hOhcLynuNlYPj6xTnxup185bXpmS762fpmZQ
Request Chain 317
  • https://ums.acuityplatform.com/tum?umid=4&uid=CAESEJt4QpbQi1cou9jyE_L_KxM&google_cver=1&google_push=AXcoOmRvPc3YHImgBOrhEgF-CDYP1ZSuDjDf_ZTKIItqrrRIGBTRqa7iskDmvsFG0FbcwmalOoRcdxL51GsqeaEwint7h7vUPPIxclovesmaH9USBrecW9vZkp1how8PA8OcmIK1XG6CybFpCREDOqYQ7vs HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=853567152842&us_privacy=1---
Request Chain 318
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEJy3a7e3CyWb-R4wpB5JP64&google_cver=1&google_push=AXcoOmTA2St3ipZP2u4KKbW3FueUGIlTpYr8ja4JguhszbsqdKBC-7xc5zVvqvEMQ9mgW3r6x5K7v0U8ACpZXQOaU160_g6TnJseCgMB6X5rpI8bnpFZ7I0QHTr3IoESLZUQ96GSGOaRreQzhz5pVJDm8A5m HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEJy3a7e3CyWb-R4wpB5JP64&google_cver=1&google_push=AXcoOmTA2St3ipZP2u4KKbW3FueUGIlTpYr8ja4JguhszbsqdKBC-7xc5zVvqvEMQ9mgW3r6x5K7v0U8ACpZXQOaU160_g6TnJseCgMB6X5rpI8bnpFZ7I0QHTr3IoESLZUQ96GSGOaRreQzhz5pVJDm8A5m HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Mjc4NTQwMzE2MTExNzE0MzY4&google_push=AXcoOmTA2St3ipZP2u4KKbW3FueUGIlTpYr8ja4JguhszbsqdKBC-7xc5zVvqvEMQ9mgW3r6x5K7v0U8ACpZXQOaU160_g6TnJseCgMB6X5rpI8bnpFZ7I0QHTr3IoESLZUQ96GSGOaRreQzhz5pVJDm8A5m
Request Chain 319
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEDdKdWUhedOaMRn-oXZmGQc&google_cver=1&google_push=AXcoOmRt9mSDMi1SBmGgpxCN0grX4cc_V51S0MQBxIGwQ0a3la2HpKWbSzWMuVTsBoD-aLcLG2W8360c57Tp7wOYXacj70USKg9aYfBlv2BU98s4LyRQ8pKqckxIjsM1jVbgKv0tVYKQkwhN3E2aPwnOLL3v HTTP 302
  • https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEDdKdWUhedOaMRn-oXZmGQc&google_push=AXcoOmRt9mSDMi1SBmGgpxCN0grX4cc_V51S0MQBxIGwQ0a3la2HpKWbSzWMuVTsBoD-aLcLG2W8360c57Tp7wOYXacj70USKg9aYfBlv2BU98s4LyRQ8pKqckxIjsM1jVbgKv0tVYKQkwhN3E2aPwnOLL3v&s=2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmRt9mSDMi1SBmGgpxCN0grX4cc_V51S0MQBxIGwQ0a3la2HpKWbSzWMuVTsBoD-aLcLG2W8360c57Tp7wOYXacj70USKg9aYfBlv2BU98s4LyRQ8pKqckxIjsM1jVbgKv0tVYKQkwhN3E2aPwnOLL3v&google_hm=WWxFWUlhZ3RBNEVzN2tScC14QjI=
Request Chain 320
  • https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEM740JeQKVDqmg2I1AmrMy0&google_cver=1&google_push=AXcoOmQnlirDdu2IBYuy7FF_CAal8oEhcLfXMcekUutNnD4r2pJftoTkBH5bTyWd0abC0kweD72gLiQiO7vcZJy8W81Gq7j99w4GRn7LXvOhyERHcmsTWysAJw7utd96nAs4FOrDc9fhOkzReGoRCOtWy10T HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AXcoOmQnlirDdu2IBYuy7FF_CAal8oEhcLfXMcekUutNnD4r2pJftoTkBH5bTyWd0abC0kweD72gLiQiO7vcZJy8W81Gq7j99w4GRn7LXvOhyERHcmsTWysAJw7utd96nAs4FOrDc9fhOkzReGoRCOtWy10T&google_hm=MTY2MzMzNjk2OTA2OTAzNTU0NA%3D%3D
Request Chain 324
  • https://hal900026.redintelligence.net/request.php?zone=so0m3m0ljrhx&nw=20&renderingType=javascript&namespace=84a024f24a&subid=&uid=c7a972e3b0e02511&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x75&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC6pZEFPdXZa_XIsqwjuwPh4KTwAuRwdCbadvvg5LcD_AuEAEguoTAM2D1lc6B4ATIAQmpAgB3GZzURLI-qAMByAObBKoElQJP0MuAmbni0qRdAl2GQ15mfJqI8jBT1EXLmBaN8QGTUSyxI2DIL1LWDQlRV3ErfFUQN2xZhcZcYjfHpd02WbYpYVcgxVa_h3w9SzfyL5M-jaer2oq7oE4trf7asYFUPk2cylZiVItmQl-50fmEMzQCfc_KeY6ZkT0MYqDWMVjGDLnhUTl_UskokwgmgjiVCGJiya8Y7YsC7x_tznb6L_IMT7liQArEj7nLjzgQAodvL-ez8eSZ6BOubOUQryLo4rG2VX5RxTxrCxgoYilh5v9iF5TfVwPvQ8HJADU9BGw2hW3HmjOxpzL-yoqZHv3xYcMeQ2i2fjdoUdGMsigM7326qt8ogxzdcIgMoah1TwNF_nBjkP_2wAT6xouO_APgBAOIBcHeovg9kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgGEQARgdMgKKAjoCgEBIvf3BOvIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MIAKA5gLAcgLAYAMAaIMECoOCgzktLEC7rWxArW4sQKqDQJDSOINEwjSmpXvl8yCAxVKmIMHHQfBBLiwE5W10Q7QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSOwDICaaNonCv42U-V00sIxS6ShBUvzNkB12a227OL6ZaMDUVKNa-ovkijV3RNzk-BLoQTtbI6QvbZ5_UGAE%26sig%3DAOD64_3xDkeHHdnKrkP34zL7BjtLu2G2pw%26client%3Dca-pub-8933329999391104%26dbm_c%3DAKAmf-CdRn7msXOEYnftea3QbCUVnoG3r-rQc2EDLIbEfzrNWh9FW93SCO7y_M-9TZQoXl6kiyPsHiHLGx_0wTXvLuNxNmZV3ckUXPRwffhLq49Qw9sRXxzSgu1t_WbKYlENTu5AlpldCPsZf--1L7-7XHqj3E_DtXCB_i03u_8EIYlvip9f7gI%26cry%3D1%26dbm_d%3DAKAmf-B8_CuodcRBauxTE69TYKyNvCJmF4Eq6_zinXqVVdmO9XEpu2KCO9bgga3KZmrhlNus8j0iwaOy88htQ6F1H0ERMIbaW46ZqaCn61mI6SmDiTFCiYfiwA9Sls60SL-MTAsDtw4CP9ymZbhcKNakahRHgr8a9E0wgzby-qS5fif0lyHWBS61bWogaN6XXCKm3tz2HHSulzU1Ltcxzb3NJyDfI-nByTKDBBCgkxklffCK1TiSg2zoSeaKmcQL9LzCK2ck5lz8wZJXwXpqunIN8CYWCK_w8cBuJsKt4MpYYQE44VEsG6NN6xuX2nghb3WV1UfUcEJZLaE7AUE35o06PvT7PZl_PfRgVQrqqAcsDtdjvNDdNT3r-Kw4BkERKzatsVuLN83hdOmTp6KeIRRVoiTo3rYg2PTxZjCeJVpWwmF42oH0grM32tvnuTSxeaJTcxsvz4XKPnusBocjPDd9Pq5ZqXtVoCmVegdflj4nhoRPSbRYZrZMqfX59OfejAEVW-5Wcir3LoWHsK8SqlZOEPrTq0dyhhiUTkKCMUSv200XjH5KV9PJ9qYQlgdo9X3emWShRzuBjnQ5Zo8pRFy64nCbLs9mL0ZYMOcrowfvFRCfKr1ckfbytQxiMQpdKfOJWBHa_rdB%26adurl%3D&documentReferer=https%3A%2F%2Fwww.bg3.co%2F&ancestorOrigins=https%3A%2F%2Fwww.bg3.co&random=7219934115838&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
  • https://hal900026.redintelligence.net/request.php?zone=so0m3m0ljrhx&nw=20&renderingType=javascript&namespace=84a024f24a&subid=&uid=c7a972e3b0e02511&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x75&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC6pZEFPdXZa_XIsqwjuwPh4KTwAuRwdCbadvvg5LcD_AuEAEguoTAM2D1lc6B4ATIAQmpAgB3GZzURLI-qAMByAObBKoElQJP0MuAmbni0qRdAl2GQ15mfJqI8jBT1EXLmBaN8QGTUSyxI2DIL1LWDQlRV3ErfFUQN2xZhcZcYjfHpd02WbYpYVcgxVa_h3w9SzfyL5M-jaer2oq7oE4trf7asYFUPk2cylZiVItmQl-50fmEMzQCfc_KeY6ZkT0MYqDWMVjGDLnhUTl_UskokwgmgjiVCGJiya8Y7YsC7x_tznb6L_IMT7liQArEj7nLjzgQAodvL-ez8eSZ6BOubOUQryLo4rG2VX5RxTxrCxgoYilh5v9iF5TfVwPvQ8HJADU9BGw2hW3HmjOxpzL-yoqZHv3xYcMeQ2i2fjdoUdGMsigM7326qt8ogxzdcIgMoah1TwNF_nBjkP_2wAT6xouO_APgBAOIBcHeovg9kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgGEQARgdMgKKAjoCgEBIvf3BOvIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MIAKA5gLAcgLAYAMAaIMECoOCgzktLEC7rWxArW4sQKqDQJDSOINEwjSmpXvl8yCAxVKmIMHHQfBBLiwE5W10Q7QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSOwDICaaNonCv42U-V00sIxS6ShBUvzNkB12a227OL6ZaMDUVKNa-ovkijV3RNzk-BLoQTtbI6QvbZ5_UGAE%26sig%3DAOD64_3xDkeHHdnKrkP34zL7BjtLu2G2pw%26client%3Dca-pub-8933329999391104%26dbm_c%3DAKAmf-CdRn7msXOEYnftea3QbCUVnoG3r-rQc2EDLIbEfzrNWh9FW93SCO7y_M-9TZQoXl6kiyPsHiHLGx_0wTXvLuNxNmZV3ckUXPRwffhLq49Qw9sRXxzSgu1t_WbKYlENTu5AlpldCPsZf--1L7-7XHqj3E_DtXCB_i03u_8EIYlvip9f7gI%26cry%3D1%26dbm_d%3DAKAmf-B8_CuodcRBauxTE69TYKyNvCJmF4Eq6_zinXqVVdmO9XEpu2KCO9bgga3KZmrhlNus8j0iwaOy88htQ6F1H0ERMIbaW46ZqaCn61mI6SmDiTFCiYfiwA9Sls60SL-MTAsDtw4CP9ymZbhcKNakahRHgr8a9E0wgzby-qS5fif0lyHWBS61bWogaN6XXCKm3tz2HHSulzU1Ltcxzb3NJyDfI-nByTKDBBCgkxklffCK1TiSg2zoSeaKmcQL9LzCK2ck5lz8wZJXwXpqunIN8CYWCK_w8cBuJsKt4MpYYQE44VEsG6NN6xuX2nghb3WV1UfUcEJZLaE7AUE35o06PvT7PZl_PfRgVQrqqAcsDtdjvNDdNT3r-Kw4BkERKzatsVuLN83hdOmTp6KeIRRVoiTo3rYg2PTxZjCeJVpWwmF42oH0grM32tvnuTSxeaJTcxsvz4XKPnusBocjPDd9Pq5ZqXtVoCmVegdflj4nhoRPSbRYZrZMqfX59OfejAEVW-5Wcir3LoWHsK8SqlZOEPrTq0dyhhiUTkKCMUSv200XjH5KV9PJ9qYQlgdo9X3emWShRzuBjnQ5Zo8pRFy64nCbLs9mL0ZYMOcrowfvFRCfKr1ckfbytQxiMQpdKfOJWBHa_rdB%26adurl%3D&documentReferer=https%3A%2F%2Fwww.bg3.co%2F&ancestorOrigins=https%3A%2F%2Fwww.bg3.co&random=7219934115838&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Request Chain 345
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEHenlYn4jYXHtikWzTxgS40&google_cver=1&google_push=AXcoOmSEOtXvvpVbhCanyBeQy9Lp2o5vpXFAd7-fiGFu7QsLoBSl2vKJxJNabUsoQKHuSaEzZrisHJyInjfSb8eajDmMfXXjpd72 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=UDRQNWU2SVoxUjQ4ZzU1&google_gid=CAESEHenlYn4jYXHtikWzTxgS40&google_cver=1&google_push=AXcoOmSEOtXvvpVbhCanyBeQy9Lp2o5vpXFAd7-fiGFu7QsLoBSl2vKJxJNabUsoQKHuSaEzZrisHJyInjfSb8eajDmMfXXjpd72
Request Chain 346
  • https://um.simpli.fi/gp_match?google_gid=CAESEGnHlKRRpC7LShq6n2wU4gI&google_cver=1&google_push=AXcoOmRvgH-CuJudmG-LOH2MK1atp20lAYVhKoWYblNAgc4rRtMS9EtCXZ25oDm-Ni7OHt5xgGkjm1z5OjgvI_1XMiyzJfinQ4c HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=8137914E08E64EA796299417CD1DED1B&google_push=AXcoOmRvgH-CuJudmG-LOH2MK1atp20lAYVhKoWYblNAgc4rRtMS9EtCXZ25oDm-Ni7OHt5xgGkjm1z5OjgvI_1XMiyzJfinQ4c
Request Chain 347
  • https://ums.acuityplatform.com/tum?umid=4&uid=CAESEJt4QpbQi1cou9jyE_L_KxM&google_cver=1&google_push=AXcoOmSEbnUwqIg4xH5FN7f6kxEo-Td-VLDaksf0etMsG-JC9eLnpv29rkGSZmjugy0Fi2OHO9grTtZSxKIxYALwIRxAFIMscOpH HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=853567152842&us_privacy=1---
Request Chain 348
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEJy3a7e3CyWb-R4wpB5JP64&google_cver=1&google_push=AXcoOmTKI_-4fPY9iruroLWzNG2F7GsZMjP9OWiZ-W_0eumOQCelmRemwp2fHl8_7CtSXJKzlQUk2cE6LbcZxiCwy8xthDYbgA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Mjc4NTQwMzE2MTExNzE0MzY4&google_push=AXcoOmTKI_-4fPY9iruroLWzNG2F7GsZMjP9OWiZ-W_0eumOQCelmRemwp2fHl8_7CtSXJKzlQUk2cE6LbcZxiCwy8xthDYbgA
Request Chain 349
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEDdKdWUhedOaMRn-oXZmGQc&google_cver=1&google_push=AXcoOmT2eckvmMRlWl2CfTCizcrbZeJnnAVGrvq-UXK9xXfvWkCO03QLTX5t80R7Imr7Mvyyg_M8hsaREhA66k-l6GTLh2BlCTta HTTP 302
  • https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEDdKdWUhedOaMRn-oXZmGQc&google_push=AXcoOmT2eckvmMRlWl2CfTCizcrbZeJnnAVGrvq-UXK9xXfvWkCO03QLTX5t80R7Imr7Mvyyg_M8hsaREhA66k-l6GTLh2BlCTta&s=2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmT2eckvmMRlWl2CfTCizcrbZeJnnAVGrvq-UXK9xXfvWkCO03QLTX5t80R7Imr7Mvyyg_M8hsaREhA66k-l6GTLh2BlCTta&google_hm=cGZ0ZHdjOVplbW1VNkl6ZndSZHY=
Request Chain 350
  • https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEM740JeQKVDqmg2I1AmrMy0&google_cver=1&google_push=AXcoOmSb4EhF1PM2GpQIHjdTsiuKFAgk4R3UOIm4a48DIAbwrowzgtq_EvAbt8A-YvjISTj-QrF2swuDhpo81POsmjGLDXeOdwxY HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AXcoOmSb4EhF1PM2GpQIHjdTsiuKFAgk4R3UOIm4a48DIAbwrowzgtq_EvAbt8A-YvjISTj-QrF2swuDhpo81POsmjGLDXeOdwxY&google_hm=MTY2MzMzNjk2OTA2OTAzNTU0NA%3D%3D
Request Chain 374
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEHenlYn4jYXHtikWzTxgS40&google_cver=1&google_push=AXcoOmTZLGJKi7YaQdXRx1saejLSkEchDcx24altKqH7NUb-nxLYla8iZIomrrGA790b4KjnZYHlYzusT__z6PSi4dqPHO8EbnU HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=UDRQNWU2SVoxUjQ4ZzU1&google_gid=CAESEHenlYn4jYXHtikWzTxgS40&google_cver=1&google_push=AXcoOmTZLGJKi7YaQdXRx1saejLSkEchDcx24altKqH7NUb-nxLYla8iZIomrrGA790b4KjnZYHlYzusT__z6PSi4dqPHO8EbnU
Request Chain 375
  • https://um.simpli.fi/gp_match?google_gid=CAESEGnHlKRRpC7LShq6n2wU4gI&google_cver=1&google_push=AXcoOmTTYsgse7HKi1TY30RSNU-wR3ewiXx-bliNDrPHsT-tuy59hgv5qQxVRxyRO1TbR_c2s2wFotJJ53llmxEXYX1sred9YRQo HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=8137914E08E64EA796299417CD1DED1B&google_push=AXcoOmTTYsgse7HKi1TY30RSNU-wR3ewiXx-bliNDrPHsT-tuy59hgv5qQxVRxyRO1TbR_c2s2wFotJJ53llmxEXYX1sred9YRQo
Request Chain 376
  • https://ums.acuityplatform.com/tum?umid=4&uid=CAESEJt4QpbQi1cou9jyE_L_KxM&google_cver=1&google_push=AXcoOmQUqynapSwQAPiZLvIb2uWRktfd8PDagW1koxRwDvVMyfdJGmHe-udyczjK9D5jY_zEXCiWVoLm5rMzASvfGfSUGzjQrW-n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=853567152842&us_privacy=1---
Request Chain 377
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEJy3a7e3CyWb-R4wpB5JP64&google_cver=1&google_push=AXcoOmQp5uDZC5UE1lpik9Z5YnoXRB3kDHkouZKq6r3EHuVaflCF6L5jE02ZVZu5IQKWpXxDzgpRnRJBLL6Y8TCvAFkw4Opn9dFl HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Mjc4NTQwMzE2MTExNzE0MzY4&google_push=AXcoOmQp5uDZC5UE1lpik9Z5YnoXRB3kDHkouZKq6r3EHuVaflCF6L5jE02ZVZu5IQKWpXxDzgpRnRJBLL6Y8TCvAFkw4Opn9dFl
Request Chain 378
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEDdKdWUhedOaMRn-oXZmGQc&google_cver=1&google_push=AXcoOmR-cnpRw9YxZPgyRg5DUM7AiNBi0MzhG1qSI4BrkmMolKTKfdIPnBHEi2EXMdggwguGZL5VkkV5UsTcZhATcCjwqGMASu7C HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmR-cnpRw9YxZPgyRg5DUM7AiNBi0MzhG1qSI4BrkmMolKTKfdIPnBHEi2EXMdggwguGZL5VkkV5UsTcZhATcCjwqGMASu7C&google_hm=WWxFWUlhZ3RBNEVzN2tScC14QjI=
Request Chain 379
  • https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEM740JeQKVDqmg2I1AmrMy0&google_cver=1&google_push=AXcoOmR_m1nKnSSVsHpmjAnIr7scx309UYToj2VCfAvuhhVkN2X3MwiY8r-MPQBb1eb8_6C1lvDx978ri4LHmVzi5aybuh8giAEr HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AXcoOmR_m1nKnSSVsHpmjAnIr7scx309UYToj2VCfAvuhhVkN2X3MwiY8r-MPQBb1eb8_6C1lvDx978ri4LHmVzi5aybuh8giAEr&google_hm=MTY2MzMzNjk2OTA2OTAzNTU0NA%3D%3D
Request Chain 408
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=bg3.co&sn=ChromeSyncframe&so=0&topUrl=www.bg3.co&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=7Pyi2Xw3WkJ5ME9HUDBvYllHRk55RFpQU1dMVmRlVWdiUkp1d3FGQVVlcllJRHRTUTZYdVZGSkFQY0sxZzZwZWM3WXRoV2w3RmVxVEk3VmIzSlZrWVhJYmNwRWhTVlhTL2dua204OHQ5RVBncVlXemRzUUlVeHVEQW9HbnNxMFRqNWwvZmtYUjZ2VVhsMmJ6cFFjQ2kvbWNSM3o5d1dZL0FBT1FLbUpUMWxVaVV0QTZDRzZSeThCMDJNU3kxR3c5bTlGZ2VmRzJjZ1ptOXRPRFlxaFFsK2c2WGlZTUNGWFIxekpOYlR4RjFvanRnQ3EyRkZRYk0vUnJGRGFFaGYyTXJCZm9KcS9MT1VaNXBURjRFdFJmcUZwckpnZz09fA&cppv=2
Request Chain 422
  • https://sync.1rx.io/usersync2/smartadserver?gdpr=0&gdpr_consent= HTTP 302
  • https://sync.1rx.io/usersync2/smartadserver?zcc=1&cb=1700263703447 HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=1611320593 HTTP 302
  • https://sync.1rx.io/usersync/turn/2929884510537599797?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-606259ae-6f51-4f37-813b-009fea21eac2-003?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fpartnerid%3D113%26partneruserid%3DRX-606259ae-6f51-4f37-813b-009fea21eac2-003 HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=113&partneruserid=RX-606259ae-6f51-4f37-813b-009fea21eac2-003
Request Chain 423
  • https://dsp.adfarm1.adition.com/cookie/?ssp=5&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=49&partneruserid=7302576998970161295&gdpr=0&gdpr_consent=
Request Chain 424
  • https://secure.adnxs.com/getuid?https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D86%26partneruserid%3D$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=86&partneruserid=2555110911558640958&gdpr=0&gdpr_consent=
Request Chain 426
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=134&partneruserid=OB_OK&redirurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsmart_adserver_eb%26google_hm%3DSMART_USER_ID_B64&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_hm=MTY2MzMzNjk2OTA2OTAzNTU0NA==&gdpr=0&gdpr_consent=
Request Chain 455
  • https://cms.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=zHJuE5xwahDXJT4QwyF2E890PR3Xc2sRnibiPvlA
Request Chain 456
  • https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=278540316111714368
Request Chain 460
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEPbO6BoYRSY-2skzJzKDhAs&google_cver=1
Request Chain 472
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Request Chain 477
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID HTTP 302
  • https://ads.servenobid.com/sync?pid=312&uid=2555110911558640958
Request Chain 478
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D HTTP 302
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1 HTTP 302
  • https://ads.servenobid.com/sync?pid=310&uid=HrIApRZHJOrA5u9dQAW1vBrf
Request Chain 480
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8549681619
Request Chain 481
  • https://p.rfihub.com/cm?pub=44007&in=1 HTTP 302
  • https://ads.servenobid.com/sync?pid=324&uid=5133329528853638736
Request Chain 482
  • https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D332%26uid%3D HTTP 302
  • https://ads.servenobid.com/sync?pid=332&uid=09d493bf-dc1b-4b5f-b2d6-7b1a767cd2fa
Request Chain 483
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D HTTP 302
  • https://ads.servenobid.com/sync?pid=327&uid=&us_privacy=1YN-&gdpr=0
Request Chain 484
  • https://ups.analytics.yahoo.com/ups/58559/occ HTTP 302
  • https://ads.servenobid.com/sync?pid=337&uid=y-ZrLaNLlE2uEGpRTh6iAXn9ettaBtDZFFqljuYF0-~A
Request Chain 485
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID HTTP 302
  • https://prebid.a-mo.net/cchain/0?gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D6%26r%3DCid1YS0xZGNjMDk4YS1jYjFhLTMyMTctOTAyYi1jZDVlYmIyNTY3MDYQ____________ASpTaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzQ2JnVpZD11YS0xZGNjMDk4YS1jYjFhLTMyMTctOTAyYi1jZDVlYmIyNTY3MDYyAgYfOAE=%26buyeruid%3D HTTP 302
  • https://ssp.disqus.com/match?bidder=6&r=Cid1YS0xZGNjMDk4YS1jYjFhLTMyMTctOTAyYi1jZDVlYmIyNTY3MDYQ____________ASpTaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzQ2JnVpZD11YS0xZGNjMDk4YS1jYjFhLTMyMTctOTAyYi1jZDVlYmIyNTY3MDYyAgYfOAE=&buyeruid= HTTP 302
  • https://us.shb-sync.com/409e9d20-7266-4e54-9c40-4c5c2374fcfe.gif?puid=ua-1dcc098a-cb1a-3217-902b-cd5ebb256706&redir=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D31%26buyeruid%3D%5BUID%5D%26r%3DCid1YS0xZGNjMDk4YS1jYjFhLTMyMTctOTAyYi1jZDVlYmIyNTY3MDYQ____________ASpTaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzQ2JnVpZD11YS0xZGNjMDk4YS1jYjFhLTMyMTctOTAyYi1jZDVlYmIyNTY3MDYyAgYfOAI=%26gdpr%3D%26gdpr_consent%3D&gdpr=&gdpr_consent=
Request Chain 486
  • https://ups.analytics.yahoo.com/ups/58632/occ HTTP 302
  • https://ads.servenobid.com/sync?pid=339&uid=y-ZrLaNLlE2uEGpRTh6iAXn9ettaBtDZFFqljuYF0-~A
Request Chain 488
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D353%26uid%3D%3Cvsid%3E HTTP 302
  • https://ads.servenobid.com/sync?pid=353&uid=0000EEA
Request Chain 491
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZVf3FXv2-3cGhZO_l_xfEwAADMwAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEBz-QmTDOCwCY0F4_zI8xmo&google_cver=1
Request Chain 492
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZVf3FXv2.3cGhZO-l-xfEwAA%263276&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid= HTTP 303
  • https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZVf3FXv2.3cGhZO-l-xfEwAA%263276&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=7ff4a4fdb7b04edb950805117b2b743d HTTP 303
  • https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@ HTTP 302
  • https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-4SjFZfBbwE49FD2FAlq5YYUuk3wDeSRJjaEAXA HTTP 303
  • https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-4SjFZfBbwE49FD2FAlq5YYUuk3wDeSRJjaEAXA
Request Chain 493
  • https://ssbsync.smartadserver.com/api/sync?callerId=82&gdpr=$%7bGDPR%7d&gdpr_consent=$%7bGDPR_CONSENT%7d HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=1663336969069035544&gdpr=0&gdpr_consent=
Request Chain 494
  • https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=V5BRCgeSVQlMxwEJWMNJClSWAgRMkVQIBcSpBEbf
Request Chain 495
  • https://csync.loopme.me/?pubid=11466&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid= HTTP 307
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=6d467b04-b55a-46f5-96ca-b771ab0d01ab&gpp_sid=null&gpp=null&us_privacy=null&gdpr_consent=null&gdpr=null
Request Chain 499
  • https://c1.adform.net/serving/cookie/match?party=10&sspurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D22%26partneruserid%3DYOUR_USER_ID&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=22&partneruserid=278540316111714368&gdpr=0&gdpr_consent=
Request Chain 500
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=150&partneruserid=0&redirurl=https%3A%2F%2Fwt.rqtrk.eu%3Fpid%3D58a76248-f101-4e52-b8f7-c4de9362ea12%26src%3Dwww%26type%3D100%26sid%3D0%26uid%3DSMART_USER_ID%26gdpr_pd%3D0&gdpr=0&gdpr_consent= HTTP 302
  • https://wt.rqtrk.eu/?pid=58a76248-f101-4e52-b8f7-c4de9362ea12&src=www&type=100&sid=0&uid=1663336969069035544&gdpr_pd=0&gdpr=0&gdpr_consent=
Request Chain 501
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=76&partneruserid=GOOGLE_HOSTED_SI&redirurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsmartrtb_dbm%26google_cm%26google_sc%26google_hm%3DSMART_USER_ID_B64&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smartrtb_dbm&google_cm&google_sc&google_hm=MTY2MzMzNjk2OTA2OTAzNTU0NA==&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEGn5MHN08UdJwGoMHGMDihE&gdpr=0&gdpr_consent=&google_cver=1
Request Chain 502
  • https://a.audrte.com/get?p=M501991648&r=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D141%26partneruserid%3D$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=bDM4MU9neU9vdlRROXl5MzhwaVgtT0JTQQ==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9ydGItY3N5bmMuc21hcnRhZHNlcnZlci5jb20vcmVkaXIvP2lzc2lcdTAwM2QxXHUwMDI2cGFydG5lcmlkXHUwMDNkMTQxXHUwMDI2cGFydG5lcnVzZXJpZFx1MDAzZGwzODFPZ3lPb3ZUUTl5eTM4cGlYLU9CU0EiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn0seyJuYW1lIjoic21hcnQifV19%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9ydGItY3N5bmMuc21hcnRhZHNlcnZlci5jb20vcmVkaXIvP2lzc2lcdTAwM2QxXHUwMDI2cGFydG5lcmlkXHUwMDNkMTQxXHUwMDI2cGFydG5lcnVzZXJpZFx1MDAzZGwzODFPZ3lPb3ZUUTl5eTM4cGlYLU9CU0EiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn0seyJuYW1lIjoic21hcnQifV19&gdpr=0&gdpr_consent= HTTP 302
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9ydGItY3N5bmMuc21hcnRhZHNlcnZlci5jb20vcmVkaXIvP2lzc2lcdTAwM2QxXHUwMDI2cGFydG5lcmlkXHUwMDNkMTQxXHUwMDI2cGFydG5lcnVzZXJpZFx1MDAzZGwzODFPZ3lPb3ZUUTl5eTM4cGlYLU9CU0EiLCJkIjpbeyJuYW1lIjoic21hcnQifV19&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/a?adform_uid=278540316111714368&r=eyJ1IjoiaHR0cHM6Ly9ydGItY3N5bmMuc21hcnRhZHNlcnZlci5jb20vcmVkaXIvP2lzc2lcdTAwM2QxXHUwMDI2cGFydG5lcmlkXHUwMDNkMTQxXHUwMDI2cGFydG5lcnVzZXJpZFx1MDAzZGwzODFPZ3lPb3ZUUTl5eTM4cGlYLU9CU0EiLCJkIjpbeyJuYW1lIjoic21hcnQifV19 HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=141&partneruserid=l381OgyOovTQ9yy38piX-OBSA&gdpr=0&gdpr_consent=&redirurl=https%3A%2F%2Fa.audrte.com%2Fmatch%3Fuid%3DSMART_USER_ID%26p%3DM501991648%26r%3Dhttps%253A%252F%252Fa.audrte.com%252Fp%253F HTTP 302
  • https://a.audrte.com/match?uid=1663336969069035544&p=M501991648&r=https%3A%2F%2Fa.audrte.com%2Fp%3F&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/p
Request Chain 503
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZVf3FXv2.3cGhZO-l-xfEwAA%263276&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid= HTTP 303
  • https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZVf3FXv2.3cGhZO-l-xfEwAA%263276&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=db469af76509401aa31d23df13b30040 HTTP 303
  • https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@ HTTP 302
  • https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-4SjFZfBbwE49FD2FAlq5YYUuk3wDeSRJjaEAXA HTTP 303
  • https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-4SjFZfBbwE49FD2FAlq5YYUuk3wDeSRJjaEAXA
Request Chain 504
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=2555110911558640958
Request Chain 506
  • https://match.prod.bidr.io/cookie-sync/ie HTTP 303
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AADJOU7Kr-4AABUq5wrxPg&expiration=1701473303
Request Chain 508
  • https://creativecdn.com/cm-notify?pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZVf3FXv2.3cGhZO-l-xfEwAA%263276 HTTP 302
  • https://creativecdn.com/cm-notify?pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZVf3FXv2.3cGhZO-l-xfEwAA%263276&tc=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=133&external_user_id=NsMRezb_IAl1QO1xqjwZKBnkDFpY9ciBvWAHMUJgAcE&pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZVf3FXv2.3cGhZO-l-xfEwAA%263276&tc=1
Request Chain 509
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1 HTTP 302
  • https://casale-match.dotomi.com/match/bounce/current?DotomiTest=1849801caeaf1601&is_secure=true&networkId=19998&version=1 HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAAI8nXiysNkDAMSKZPiAAAAAAA&expiration=1700350104&is_secure=true
Request Chain 510
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1715988503&external_user_id=80205082-33a9-499d-9ef8-0cdb4853a0b9
Request Chain 513
  • https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid] HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/smart/1663336969069035544
Request Chain 515
  • https://secure.adnxs.com/getuid?https://csync.smilewanted.com/set_partner_userid_get/appnexus/$UID HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/appnexus/2555110911558640958
Request Chain 517
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID HTTP 302
  • https://usersync.gumgum.com/usersync?b=apn&i=2555110911558640958
Request Chain 518
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_9993c7e3-4203-4b7e-96a3-b0af52773368&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://dsp.nrich.ai/bidswitch/sync?bidswitch_ssp_id=gumgum2&bsw_custom_parameter=32b3944a-ca0f-4e78-b1df-783499744432&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=1--- HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=283&user_id=180ee2e2-52f1-4e64-ba7a-077a439fceed&expires=1&user_group=2&ssp=gumgum2&bsw_param=32b3944a-ca0f-4e78-b1df-783499744432&gdpr=0&gdpr_consent=&gdpr_pd= HTTP 302
  • https://usersync.gumgum.com/usersync?b=bsw&i=32b3944a-ca0f-4e78-b1df-783499744432&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 519
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=opx&i=740e92d0-1d76-44c8-84a0-1e37dd1d188f
Request Chain 520
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sta&i=0-d52e9d16-d4d2-5779-4656-76ce448f9be7$ip$195.206.105.131
Request Chain 521
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=oth&i=y-LLXAjiFE2pfSrvLtphSFqL.fsSnWdgbjAIqd~A
Request Chain 522
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=vnt&i=520b46d2-95a0-492a-b34a-5b2340d16ae6
Request Chain 524
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_9993c7e3-4203-4b7e-96a3-b0af52773368&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__ HTTP 302
  • https://usersync.gumgum.com/usersync?b=zem&i=pftdwc9ZemmU6IzfwRdv&gdpr=0&us_privacy=1---
Request Chain 525
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
  • https://usersync.gumgum.com/usersync?b=pln&i=mbziMJI6UouZ&ev=1&pid=558355
Request Chain 526
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sad&i=1663336969069035544
Request Chain 528
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-smilewanted&gdpr=0&gdpr_consent= HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/rubicon/LP393VEY-13-34K2?gdpr=0
Request Chain 530
  • https://c1.adform.net/serving/cookie/match?party=1301&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/usersync?b=adf&i=278540316111714368&gdpr=0&gdpr_consent=
Request Chain 535
  • https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
  • https://usersync.gumgum.com/usersync?b=sus&i=ZVf3GMCo8YMAANWxhqEAAAAA
Request Chain 536
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://usersync.gumgum.com/usersync?b=rth&i=NsMRezb_IAl1QO1xqjwZKBnkDFpY9ciBvWAHMUJgAcE&pi=gumgum
Request Chain 537
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=gumgum
Request Chain 539
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=duration_media&khaos=LP393VEY-13-34K2 HTTP 302
  • https://ads.servenobid.com/sync?pid=323&uid=LP393VEY-13-34K2
Request Chain 540
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&ismms2s=1&p=161683&pu=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21482%26id%3D%23PMUID HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&ismms2s=1&p=161683&pu=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21482%26id%3D%23PMUID&rdf=1 HTTP 302
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
Request Chain 541
  • https://eb2.3lift.com/getuid?cmp_cs=&gdpr=0&ismms2s=1&redir=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21480%26id%3D%24UID HTTP 302
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21480%26id%3D%24UID HTTP 302
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21480&id=3909430889404006262820
Request Chain 542
  • https://visitor.omnitagjs.com/visitor/bsync?gdpr=0&gdpr_consent=&ismms2s=1&name=MinuteMedia&uid=a1aca1d7a7acd80e26595e82223f1e6f&url=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21502%26id%3D%5BBUYER_ID%5D HTTP 307
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21502&id=d4b8c92f0e499d543086eb32635e6a2a
Request Chain 544
  • https://prebid.a-mo.net/cchain/0?cb=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21492%26uid%3D&gdpr=0&gdpr_consent=&ismms2s=1 HTTP 302
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21492&uid=&gdpr=0
Request Chain 545
  • https://u.openx.net/w/1.0/cm?gdpr=0&gdpr_consent=&id=29975467-6f1b-4e06-b545-920b22ea49b2&ismms2s=1&r=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21477%26id%3D HTTP 302
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21477&id=1a6ad4a4-4af1-43ca-9b43-172d554e932c
Request Chain 546
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21476%26id%3D&ismms2s=1&s=196326 HTTP 302
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21476&id=ZVf3FXv2.3cGhZO-l-xfEwAA%263276
Request Chain 549
  • https://ice.360yield.com/server_match?r=https://csync.smilewanted.com/set_partner_userid_get/improve/{PUB_USER_ID}&partner_id=1010 HTTP 302
  • https://ice.360yield.com/ul_cb/server_match?r=https://csync.smilewanted.com/set_partner_userid_get/improve/%7BPUB_USER_ID%7D&partner_id=1010 HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/improve/6c6cefa7-471d-4687-925e-86eeb9775ac0&partner_id=1010
Request Chain 551
  • https://u.openx.net/w/1.0/cm?id=158474f5-20ec-4fcc-8ba8-4c101c556b25&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fopenx%2F HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/openx/2679f436-0506-4200-a5ae-c9366bf1b1bb
Request Chain 555
  • https://ads.stickyadstv.com/user-matching?id=3663&gdpr=0&gdpr_consent= HTTP 302
  • https://cs.yellowblue.io/cs?aid=11601&id=1d1dd33f8844fbe76c1295526242d9&gdpr_consent=&gdpr=0
Request Chain 556
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160295&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11576%26id%3D%23PMUID HTTP 302
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
Request Chain 559
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=2BA9B6BA-0B56-417F-8D7A-FE7045BC1D99
Request Chain 561
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=sbDS0uGy1tGq54LRvuPK0rK2gdyqsdfQ4-RP1JaP HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=2BA9B6BA-0B56-417F-8D7A-FE7045BC1D99
Request Chain 562
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2555110911558640958&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=2BA9B6BA-0B56-417F-8D7A-FE7045BC1D99
Request Chain 563
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7302576998970161295&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=2BA9B6BA-0B56-417F-8D7A-FE7045BC1D99
Request Chain 564
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=1S6dFtTSV3lGVnbORI-b58POaYM&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Request Chain 565
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic HTTP 302
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=cf43bc52-dcf0-4efe-82a4-8f5ea5795863&ssp=pubmatic HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=32b3944a-ca0f-4e78-b1df-783499744432&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Request Chain 566
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent= HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFESk9VN0tyLTRBQUJVcTV3cnhQZw&gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partneruserid=AADJOU7Kr-4AABUq5wrxPg&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dpp%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2%26userid%3DSMART_USER_ID&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=pp%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=2&userid=1663336969069035544&gdpr=0&gdpr_consent= HTTP 303
  • https://bh.contextweb.com/bh/rtset?ev=AADJOU7Kr-4AABUq5wrxPg&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D1663336969069035544%26gdpr%3D0%26gdpr_consent%3D%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=1663336969069035544&gdpr=0&gdpr_consent=&bee_sync_partners=pm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AADJOU7Kr-4AABUq5wrxPg&pid=558502&do=add&gdpr=0 HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AADJOU7Kr-4AABUq5wrxPg&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Request Chain 567
  • https://t.adx.opera.com/pub/sync?pubid=pub8730968190912 HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU5c5f19e9c1f04c399048777a127ea838
Request Chain 568
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token} HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Request Chain 569
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZVf3GAAAbXMyrQBU
Request Chain 571
  • https://b1sync.zemanta.com/usersync/pubmatic/?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:&gdpr=0&gdpr_consent=&gdpr=0 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=2BA9B6BA-0B56-417F-8D7A-FE7045BC1D99
Request Chain 573
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=4180569872145925036
Request Chain 574
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5133329528853638736 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=2BA9B6BA-0B56-417F-8D7A-FE7045BC1D99
Request Chain 578
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=K6m2ugtWQX-Nev5wRbwdmQ%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 579
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=2BA9B6BA-0B56-417F-8D7A-FE7045BC1D99&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=2BA9B6BA-0B56-417F-8D7A-FE7045BC1D99&gdpr=0&gdpr_consent=&ct=y
Request Chain 580
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent= HTTP 307
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=374908773
Request Chain 581
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=2BA9B6BA-0B56-417F-8D7A-FE7045BC1D99 HTTP 302
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/a?adform_uid=278540316111714368&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D HTTP 302
  • https://a.audrte.com/p
Request Chain 582
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MkJBOUI2QkEtMEI1Ni00MTdGLThEN0EtRkU3MDQ1QkMxRDk5&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=2BA9B6BA-0B56-417F-8D7A-FE7045BC1D99
Request Chain 583
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEJ3DhzoPqLzMm-1bvI5zdtc&google_cver=1 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=2BA9B6BA-0B56-417F-8D7A-FE7045BC1D99
Request Chain 585
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=278540316111714368 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=2BA9B6BA-0B56-417F-8D7A-FE7045BC1D99
Request Chain 587
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=2BA9B6BA-0B56-417F-8D7A-FE7045BC1D99&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-20RtAmVE2uXiUuaxlKIO9vKad4aURXs-~A&gdpr=0
Request Chain 589
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=4e4df382-450d-4665-bb20-69a5144f6041-6557f718-4348&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Request Chain 590
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=2BA9B6BA-0B56-417F-8D7A-FE7045BC1D99&gdpr=0&gdpr_consent= HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=3ff94fd1cb4b192f&is_secure=true&networkId=17100&version=1&nuid=2BA9B6BA-0B56-417F-8D7A-FE7045BC1D99&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAIEe3SDt8pmwN5mCDEAAAAAAA&expiration=1700350104&nuid=2BA9B6BA-0B56-417F-8D7A-FE7045BC1D99&is_secure=true&gdpr_consent=&gdpr=0 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=2BA9B6BA-0B56-417F-8D7A-FE7045BC1D99
Request Chain 591
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2929884510537599797&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=2BA9B6BA-0B56-417F-8D7A-FE7045BC1D99
Request Chain 592
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:c9bda919-a080-4efb-b4db-b3c9a9196e15&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=2BA9B6BA-0B56-417F-8D7A-FE7045BC1D99
Request Chain 594
  • https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fadform%2F%24UID HTTP 303
  • https://csync.smilewanted.com/set_partner_userid_get/adform/278540316111714368
Request Chain 595
  • https://b1sync.zemanta.com/usersync/smilewanted?gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Foutbrain%2F__ZUID__ HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/outbrain/?gdpr=0
Request Chain 596
  • https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&khaos=LP393VEY-13-34K2 HTTP 302
  • https://usersync.gumgum.com/usersync?b=mag&i=LP393VEY-13-34K2
Request Chain 597
  • https://creativecdn.com/cm-notify?pi=smilewanted HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/NsMRezb_IAl1QO1xqjwZKBnkDFpY9ciBvWAHMUJgAcE?pi=smilewanted
Request Chain 607
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Request Chain 608
  • https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent= HTTP 302
  • https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25_rid%26gdpr%3D0%26gdpr_consent%3D%25_gdpr_consent HTTP 302
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=12651161410d7ddf/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253DNOvcHvPGbXUVbbUbWbaQTQQM%2526gdpr%253D0%2526gdpr_consent%253D HTTP 302
  • https://pixel-eu.onaudience.com/?partner=104&icm&cver&mapped=312159bcbe2c79d262bab24aefc73d7e&gdpr=0&redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3DNOvcHvPGbXUVbbUbWbaQTQQM%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=NOvcHvPGbXUVbbUbWbaQTQQM&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Request Chain 610
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:8137914E08E64EA796299417CD1DED1B&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Request Chain 611
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=7307421453
Request Chain 614
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=2BA9B6BA-0B56-417F-8D7A-FE7045BC1D99&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=2BA9B6BA-0B56-417F-8D7A-FE7045BC1D99&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 615
  • https://pixel.onaudience.com/?partner=214&mapped=2BA9B6BA-0B56-417F-8D7A-FE7045BC1D99&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
Request Chain 618
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=2BA9B6BA-0B56-417F-8D7A-FE7045BC1D99&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=2BA9B6BA-0B56-417F-8D7A-FE7045BC1D99&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 619
  • https://pixel.onaudience.com/?partner=214&mapped=2BA9B6BA-0B56-417F-8D7A-FE7045BC1D99&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=9dcb3bec47f4b368/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D HTTP 302
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=312159bcbe2c79d262bab24aefc73d7e&gdpr=0 HTTP 302
  • https://pixel.onaudience.com/?partner=282&icm&cver&gdpr=0&smartmap=1&redirect=stags.bluekai.com%2Fsite%2F52799%3Fid%3D%25m HTTP 302
  • https://stags.bluekai.com/site/52799?id=fae89c839ea76a6b
Request Chain 622
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Request Chain 623
  • https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent= HTTP 302
  • https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25_rid%26gdpr%3D0%26gdpr_consent%3D%25_gdpr_consent HTTP 302
  • https://sync.crwdcntrl.net/map/c=14544/tp=BIDB/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253Dtk2EoAPtRQjhYhnjWTMWhYUS%2526gdpr%253D0%2526gdpr_consent%253D HTTP 302
  • https://pixel-eu.onaudience.com/?partner=104&icm&cver&mapped=312159bcbe2c79d262bab24aefc73d7e&gdpr=0&redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3Dtk2EoAPtRQjhYhnjWTMWhYUS%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=tk2EoAPtRQjhYhnjWTMWhYUS&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Request Chain 625
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:8137914E08E64EA796299417CD1DED1B&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Request Chain 626
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=3840952888

626 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request gan-da-jue-zhan-2-0ban-ben-xian-feng-ce-shi-zheng-shi-kai-qi.html
www.bg3.co/a/ 		61 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.bg3.co/a/gan-da-jue-zhan-2-0ban-ben-xian-feng-ce-shi-zheng-shi-kai-qi.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.231.174.251 New York, United States, ASN9744 (XLC-AS-AP XLC GLOBAL, HK),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
a4d1ad5d1f7380bc07011ef78876519ca67b45de3d2495f2e7188a475d38fb2d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
max-age=60
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Fri, 17 Nov 2023 23:28:17 GMT
etag
"f4d1-Bz6WuFFa03ra5JKuXuF1vnJ4fqM"
expires
Fri, 17 Nov 2023 23:29:17 GMT
server
nginx/1.18.0 (Ubuntu)
vary
Accept-Encoding
v0.js
cdn.ampproject.org/ 		278 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/gan-da-jue-zhan-2-0ban-ben-xian-feng-ce-shi-zheng-shi-kai-qi.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
908a935e15d34ec51aa5d98fb7c9f11b814fac80cc7e1bc32aed903df3754558
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Fri, 17 Nov 2023 23:28:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
73200
x-xss-protection
0
server
sffe
etag
"b209cac081bc437c"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3000, stale-while-revalidate=1206600
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 17 Nov 2023 23:28:18 GMT
amp-sidebar-0.1.js
cdn.ampproject.org/v0/ 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-sidebar-0.1.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/gan-da-jue-zhan-2-0ban-ben-xian-feng-ce-shi-zheng-shi-kai-qi.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d7ee587b1b2fb177db15824d9de078179371e1068c7d71a7c3941dab2806eba
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Fri, 17 Nov 2023 23:28:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9651
x-xss-protection
0
server
sffe
etag
"e5d8e2e1a4e85f74"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 17 Nov 2023 23:28:18 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		101 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/gan-da-jue-zhan-2-0ban-ben-xian-feng-ce-shi-zheng-shi-kai-qi.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
76cfefaf3bf8a56c4681cd2a71288510956d2c0f4d59b7651d48bc6539af6582
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 23:28:18 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31447
x-xss-protection
0
server
cafe
etag
869 / 19678 / m202311090101 / config-hash: 16204867678510254442
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 17 Nov 2023 23:28:18 GMT
js
www.googletagmanager.com/gtag/ 		268 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-JLX4K2W8JS
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/gan-da-jue-zhan-2-0ban-ben-xian-feng-ce-shi-zheng-shi-kai-qi.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
4c6692d01d88f7c0690d2eb50f44f20dc74deca9c693cbd4545191281c5740b6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 23:28:18 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
91430
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 17 Nov 2023 23:28:18 GMT
counter.js
www.statcounter.com/counter/ 		40 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.statcounter.com/counter/counter.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/gan-da-jue-zhan-2-0ban-ben-xian-feng-ce-shi-zheng-shi-kai-qi.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.219.77 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9b6a7ca7428363767b92f9cf0ebc6dc31c5228022e2d2cb5016c0d9493021d1c

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 23:28:18 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 17 Nov 2023 12:16:54 GMT
server
cloudflare
age
30932
etag
W/"655759b6-a1eb"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
cf-ray
827bbfd22ace9293-FRA
expires
Sat, 18 Nov 2023 02:52:45 GMT
adRecover.js
delivery.adrecover.com/43519/ 		41 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://delivery.adrecover.com/43519/adRecover.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/gan-da-jue-zhan-2-0ban-ben-xian-feng-ce-shi-zheng-shi-kai-qi.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/48D0) /
Resource Hash
ffe8a12a76c3f3e490a9140c77642f82cf94d181a29a86371a964d8facf78507

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-client-geo
CH
date
Fri, 17 Nov 2023 23:28:18 GMT
content-encoding
br
age
54040
x-cache
HIT
x-client-device
desktop
content-length
11366
x-ap-device
DESKTOP
last-modified
Fri, 17 Nov 2023 07:59:26 GMT
server
ECAcc (ama/48D0)
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
x-ap-geo
CH
accept-ranges
bytes
expires
Sat, 18 Nov 2023 00:28:18 GMT
adpushup.js
cdn.adpushup.com/42753/ 		758 KB
156 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/42753/adpushup.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/gan-da-jue-zhan-2-0ban-ben-xian-feng-ce-shi-zheng-shi-kai-qi.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
71f4499efa56831796e734d4e39cbc3943f9cc94d43498ae41b4cf7a85c15583

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Sat, 18 Nov 2023 00:28:18 GMT
date
Fri, 17 Nov 2023 23:27:16 GMT
content-encoding
br
x-ap-device
DESKTOP
last-modified
Fri, 17 Nov 2023 20:11:20 GMT
server
nginx/1.18.0
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
x-ap-geo
CH
x-client-device
desktop
x-client-geo
CH
loader.js
cdn.taboola.com/libtrc/palmate-bg3co/ 		683 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/gan-da-jue-zhan-2-0ban-ben-xian-feng-ce-shi-zheng-shi-kai-qi.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f32ec7a452af020a426f77bb326ece4e42276a194b650aedd1287ee054fda884

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
KUWczeTzdo6sr4mnjSRd0RN7yEgLl3Bu
content-encoding
gzip
via
1.1 varnish
date
Fri, 17 Nov 2023 23:28:18 GMT
x-amz-request-id
MPTBNY5GA2PYKST9
age
0
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
FAILED
content-length
56768
x-amz-id-2
jDBsByr7SaNi7bRhBg1B+HP7AN2+huwBzKnJtZlr5aPX2PzINgH19CcAXkFI1BCy9zCmA6bxf3I=
x-served-by
cache-fra-eddf8230122-FRA
last-modified
Thu, 16 Nov 2023 11:45:45 GMT
server
AmazonS3
x-timer
S1700263698.256219,VS0,VE103
etag
"9723a2eed02dc84d9d9896aba7dd77f7"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
64
access-control-allow-origin
*
cache-control
private,max-age=14401
accept-ranges
bytes
x-cache-hits
1
sdk
cdn.aralego.net/ucfad/sdk/us-east/
Redirect Chain
  • https://ads.aralego.com/sdk
  • https://cdn.aralego.net/ucfad/sdk/us-east/sdk
39 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/gan-da-jue-zhan-2-0ban-ben-xian-feng-ce-shi-zheng-shi-kai-qi.html
Protocol
H2
Server
2606:4700:20::681a:467 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb7942f135ce5b7b6bcb9becd335aac30ed761972e48d73197a287ae13b7565b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 23:28:18 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
7407
alt-svc
h3=":443"; ma=86400
content-length
40188
last-modified
Mon, 28 Aug 2023 06:02:11 GMT
server
cloudflare
etag
"64ec3863-9cfc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0Rlnp3m%2BCV7NknyAw8UmCVmG4BkzKVFYDY2M01621iKlCwxbEIwMl9wOKuNu%2BbNXhswZIJpx9eFlTox4%2Fct2t5%2F2E4l2AV6glhRMdM15dFkQwcXFAoJ6yCMMF36D327Cf7a%2BKCSB70YIaxKUmw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
max-age=14400
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
827bbfd5b9869bc4-FRA

Redirect headers

Location
https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Connection
close
Content-length
0
t.php
c.statcounter.com/ 		192 B
566 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.statcounter.com/t.php?sc_project=12918656&u1=2482108486E24F3DFEB922664C45DF59&java=1&security=dd738f34&sc_snum=1&sess=de22c1&p=0&rcat=d&rdom=d&rdomg=new&bb=1&jg=new&rr=1.1.1.1.1.1.1.1.1&resolution=1600&h=1200&camefrom=&u=https%3A//www.bg3.co/a/gan-da-jue-zhan-2-0ban-ben-xian-feng-ce-shi-zheng-shi-kai-qi.html&t=%E3%80%8A%E6%95%A2%E9%81%94%E6%B1%BA%E6%88%B0%E3%80%8B2.0%E7%89%88%E6%9C%AC%E5%85%88%E9%8B%92%E6%B8%AC%E8%A9%A6%E6%AD%A3%E5%BC%8F%E9%96%8B%E5%95%93%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&invisible=1&sc_rum_e_s=1600&sc_rum_e_e=1607&sc_rum_f_s=0&sc_rum_f_e=1596&get_config=true
Requested by
Host: www.statcounter.com
URL: https://www.statcounter.com/counter/counter.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.219.77 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb2697b60c526a1d4980e0874700e7c2b4f43bb9292770f71bb4bb972506e415

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 23:28:18 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
content-type
application/json
access-control-allow-origin
https://www.bg3.co
p3p
policyref="http://www.statcounter.com/w3c/p3p.xml", CP="ADMa OUR COM NAV NID DSP NOI COR"
access-control-allow-credentials
true
cf-ray
827bbfd28af29293-FRA
expires
Mon, 26 Jul 1997 05:00:00 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/ 		429 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b04dfae5d49297b8b6a514bd8bf1c7bea7ebe622232401a5abed5a92809a2b66
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 17:09:33 GMT
content-encoding
br
x-content-type-options
nosniff
age
22725
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
137535
x-xss-protection
0
server
cafe
etag
18342593356503948095
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Sat, 16 Nov 2024 17:09:33 GMT
48c0807d9a2e6bef716655ccace4d7eb.jpg
static.bg3.co/imgs/202107/ 		0
0
16bba131d6e149e27697afb2d421b4dc.jpg
static.bg3.co/imgs/202105/ 		0
0
e0895f7cdaa1a66e40fd964869890c9d.jpg
static.bg3.co/imgs/202105/ 		0
0
fd22dbe7c94fc7e1c2d06a15ef4d2072.jpg
static.bg3.co/imgs/202105/ 		0
0
ba69c029a6049e821a45da5e8aee1274.jpg
static.bg3.co/imgs/202105/ 		0
0
d0e89ce3120427c749974a15bbe8deca.jpg
static.bg3.co/imgs/202106/ 		0
0
c719679c3270cad9f27bc5a5e729ca28.jpg
static.bg3.co/imgs/202105/ 		0
0
3d71ad34ba56dfd6127c32d1e71c51bf.jpg
static.bg3.co/imgs/202010/ 		0
0
74c977c2f3de92985dec876b8398ca81.jpg
static.bg3.co/imgs/202010/ 		0
0
c13ad7e7af494ab6c7e1bc5d3e412ea0.jpg
static.bg3.co/imgs/202011/ 		0
0
04bd565cee9337d9c1d8c24f8fe1ee08.jpg
static.bg3.co/imgs/202107/ 		0
0
58304054c4a68c51f4e77cf1379af18a.jpg
static.bg3.co/imgs/202107/ 		0
0
12983d323b5fdfee60dc54bf292bf00a.jpg
static.bg3.co/imgs/202106/ 		0
0
d7ac9772fb683093975f986a6c80eb69.jpg
static.bg3.co/imgs/202105/ 		0
0
8f0b39b49857a64a25a86eeec97cbd90.jpg
static.bg3.co/imgs/202110/ 		0
0
ba19093f6b9cb2df1acd994d7848294a.jpg
static.bg3.co/imgs/202107/ 		0
0
039e313ead082743e918ac3b4f632158.jpg
static.bg3.co/imgs/202106/ 		0
0
713f2629c280e8f3218e262daf8f006e.jpg
static.bg3.co/imgs/202105/ 		0
0
2d4cb66182285ee99885dffade890deb.jpg
static.bg3.co/imgs/202105/ 		0
0
54366f32bf3073534ad0992501c6934d.jpg
static.bg3.co/imgs/202107/ 		0
0
a4e8b02f879e3ab653f7c04b2925c661.jpg
static.bg3.co/imgs/202105/ 		0
0
2ca597252fe04185cbfc71f7c9ed0e49.jpg
static.bg3.co/imgs/202107/ 		0
0
327d96457ddbcc3cd92f314514f7b658.jpg
static.bg3.co/imgs/202107/ 		0
0
ad3a03ec27396fe5e8da35faffd4020b.jpg
static.bg3.co/imgs/202106/ 		0
0
ea0cb1da103638eb9640da79b81bd0f5.jpg
static.bg3.co/imgs/202107/ 		0
0
c9123cdb9f8a818bb34490dc415536e8.jpg
static.bg3.co/imgs/202107/ 		0
0
9e76db7a3f418121d8300d55c7e94356.jpg
static.bg3.co/imgs/202105/ 		0
0
9f07ebc1381536e6833290e0b43de2b5.jpg
static.bg3.co/imgs/202107/ 		0
0
752caee10314d093df6d6fb8d14816b4.jpg
static.bg3.co/imgs/202107/ 		0
0
5a5b759da5b3c06744405a920d82672a.jpg
static.bg3.co/imgs/202105/ 		0
0
amp-auto-lightbox-0.1.js
cdn.ampproject.org/rtv/012310301456000/v0/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310301456000/v0/amp-auto-lightbox-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
22d9dc8a34bcbffe719050b949b9872f9af036a9bbfd3ca2e99165d604acaf24
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 17 Nov 2023 19:10:15 GMT
age
15483
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2975
x-xss-protection
0
server
sffe
etag
"ebb1be4e47c7faed"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 16 Nov 2024 19:10:15 GMT
amp-loader-0.1.js
cdn.ampproject.org/rtv/012310301456000/v0/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310301456000/v0/amp-loader-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ff65d80be1d7ee6ad9620de618dc1bd3962d81fa505806c02038dd6acc3641b8
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 14 Nov 2023 15:59:38 GMT
age
286120
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3938
x-xss-protection
0
server
sffe
etag
"3c281510b2fc8bce"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 13 Nov 2024 15:59:38 GMT
collect
region1.google-analytics.com/g/ 		0
251 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-JLX4K2W8JS&gtm=45je3b81v9102959953&_p=1700263698186&gcd=11l1l1l1l1&dma=0&cid=1983550272.1700263699&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1700263698&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fgan-da-jue-zhan-2-0ban-ben-xian-feng-ce-shi-zheng-shi-kai-qi.html&dt=%E3%80%8A%E6%95%A2%E9%81%94%E6%B1%BA%E6%88%B0%E3%80%8B2.0%E7%89%88%E6%9C%AC%E5%85%88%E9%8B%92%E6%B8%AC%E8%A9%A6%E6%AD%A3%E5%BC%8F%E9%96%8B%E5%95%93%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1891
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JLX4K2W8JS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 23:28:18 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
jquery-2.2.2.min.js
code.jquery.com/ 		84 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-2.2.2.min.js
Requested by
Host: delivery.adrecover.com
URL: https://delivery.adrecover.com/43519/adRecover.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
dfa729d82a3effadab1000181cb99108f232721e3b0af74cfae4c12704b35a32

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 23:28:18 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
5461494
x-cache
HIT, HIT
content-length
29880
x-served-by
cache-lga21979-LGA, cache-fra-eddf8230122-FRA
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
x-timer
S1700263699.699507,VS0,VE0
etag
W/"28feccc0-14e98"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=604800
accept-ranges
bytes
x-cache-hits
44, 6521
impl.20231116-8-RELEASE.js
cdn.taboola.com/libtrc/ 		819 KB
170 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/impl.20231116-8-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
b64321fd8b690c2b58b4a8f3959e97720b3db0350445ec3947e2e8cc3409107c

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
_kI5ttVDhCqEeGHhZcRo5bvH1ylz9ugV
content-encoding
br
via
1.1 varnish
date
Fri, 17 Nov 2023 23:28:18 GMT
x-amz-request-id
A4WQ87EW6P1CDRYV
age
17037
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
173608
x-amz-id-2
b+CdsIZv1r5Q2qaDphv/ckfhQKUm6xZ/v3NOQon8CzGWzzfkDOt1pGzRyVW0ke94GK6yEk5dRiI=
x-served-by
cache-fra-eddf8230122-FRA
last-modified
Thu, 16 Nov 2023 10:43:36 GMT
server
AmazonS3-br
x-timer
S1700263699.652181,VS0,VE0
etag
"1197218d03012ab8adb967e77a22c1b6"
vary
Accept-Encoding
content-type
application/javascript
abp
79
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
147
ads
securepubads.g.doubleclick.net/gampad/ 		29 KB
13 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2268578495133496&correlator=3968313936012617&eid=31079527&output=ldjh&gdfp_req=1&vrg=202311090101&ptt=17&impl=fif&iu_parts=22574853003%2CADU-BG3-VIDEO&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&sfv=1-0-40&sc=1&cookie_enabled=1&arp=1&abxe=1&dt=1700263698709&lmt=1700263698&adxs=220&adys=454&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fgan-da-jue-zhan-2-0ban-ben-xian-feng-ce-shi-zheng-shi-kai-qi.html&vis=1&psz=760x225&msz=760x0&fws=4&ohw=1600&ga_vid=1983550272.1700263699&ga_sid=1700263699&ga_hid=290412771&ga_fc=true&dlt=1700263697876&idt=795&adks=2226185566&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d94be7553ec43b2e10d2d684eb05da294e6380446d96b165caa62f22ae85feb8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 23:28:18 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12855
x-xss-protection
0
google-lineitem-id
6344488284
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138440076868
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
e69be1acc319b7940667230e1b27285a.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame F328 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://e69be1acc319b7940667230e1b27285a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 17 Nov 2023 23:28:18 GMT
expires
Sat, 16 Nov 2024 23:28:18 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
block.jpg
delivery.adrecover.com/ 		631 B
772 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://delivery.adrecover.com/block.jpg?ts=1700263698778
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/gan-da-jue-zhan-2-0ban-ben-xian-feng-ce-shi-zheng-shi-kai-qi.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/48F4) /
Resource Hash
9284d948e86d2e99f31483b5f4b3a4c3e65e0a6fbca9a8d2db8c6095f82ac3f5

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Sat, 16 Nov 2024 23:28:18 GMT
date
Fri, 17 Nov 2023 23:28:18 GMT
last-modified
Wed, 23 Jun 2021 06:37:54 GMT
server
ECAcc (ama/48F4)
age
7993374
etag
"60d2d6c2-277"
x-cache
HIT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-client-device
desktop
content-length
631
x-client-geo
CH
sync
gum.criteo.com/ 		46 B
288 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231116-8-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 23:28:18 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
235032
expires
60
json
trc.taboola.com/palmate-bg3co/trc/3/ 		39 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/palmate-bg3co/trc/3/json?tim=00%3A28%3A18.801&lti=deflated&data=%7B%22id%22%3A505%2C%22ii%22%3A%22%2Fa%2Fgan-da-jue-zhan-2-0ban-ben-xian-feng-ce-shi-zheng-shi-kai-qi.html%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1700135136150%2C%22vi%22%3A1700263698799%2C%22cv%22%3A%2220231116-8-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2Fgan-da-jue-zhan-2-0ban-ben-xian-feng-ce-shi-zheng-shi-kai-qi.html%22%2C%22bv%22%3A%220%22%2C%22wc%22%3Atrue%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bu%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2Fgan-da-jue-zhan-2-0ban-ben-xian-feng-ce-shi-zheng-shi-kai-qi.html%22%2C%22vpi%22%3A%22%2Fa%2Fgan-da-jue-zhan-2-0ban-ben-xian-feng-ce-shi-zheng-shi-kai-qi.html%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A4982%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A6%2C%22uim%22%3A%22alternating-thumbnails-a%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Article%20Feed%22%2C%22orig_uip%22%3A%22Below%20Article%20Feed%22%2C%22cd%22%3A4862.15625%2C%22mw%22%3A760%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Fa%2Fgan-da-jue-zhan-2-0ban-ben-xian-feng-ce-shi-zheng-shi-kai-qi.html%2CBelow%20Article%20Feed%3Dalternating-thumbnails-a%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231116-8-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
087efe0b23d24ac5d92661cc04a7915a6fcc1b0c5fe6b8eab3ce4c8811eb8673

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
247
date
Fri, 17 Nov 2023 23:28:19 GMT
content-encoding
gzip
via
1.1 varnish
cpu
0.35041666666666665
x-fastly-to-nlb-rtt
68845
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-fra-eddf8230122-FRA
x-log-content-encoding
gzip
server
nginx
x-timer
S1700263699.839009,VS0,VE247
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
https://www.bg3.co
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
view
securepubads.g.doubleclick.net/pcs/ Frame 5100 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv3ExopvPPN_w_xXUJr2kygurqYRMoHwAckG-cCofpf6_Ou58fw0gt-hUz6G1aOUPDRgVTvfMAPWZOZkcdsIkN4sXmTb9cCJhlW24ytNKX6RkwZLON2S_rj-YtSlBZx9deb85pNyvbDvqqNJzrqWvaZ6ytSU1Cl20iN-Ikbg7CZV2yKRL0RWhRYwMMzA--UAaacc3N22WCqB4ctBoPlbxttJRKjolttr-RX2nRJJI1pCQkYs4wEPPaqAPdBBqQMKCnaDUBZE_hTumYuY4asFE9nsmV38EMCA_U0xyfbU0UaNJNUqIXy2qGFeEIvsswihIHwAg&sai=AMfl-YQPucUYPyCUmCJ-Bk1NicScccx7fBNfoyJtnjuNosKzyrX18JfKcTsUoGpby9JdN5_UNTJrZ3RW2Ao5XAqBfuSwH1tt_qre11rwN9gT44xLN1rW5e8d2YDpj8yexorzB9C40MRQlBuguLI2kihHDco&sig=Cg0ArKJSzIwgN0F0O1koEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/gan-da-jue-zhan-2-0ban-ben-xian-feng-ce-shi-zheng-shi-kai-qi.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 23:28:18 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 17 Nov 2023 23:28:18 GMT
invocation.js
ad.vidverto.io/vidverto/js/aries/v1/ 		26 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/gan-da-jue-zhan-2-0ban-ben-xian-feng-ce-shi-zheng-shi-kai-qi.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.180.223.221 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-180-223-221.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
786c7be1974ccce2bd33de1579abfd3bf4343ea99da16780ffa18c27b4cb6ee2

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 23:28:18 GMT
content-encoding
gzip
last-modified
Thu, 16 Nov 2023 09:10:40 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"6555dc90-66a0"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600, public, max-age=3600
expires
Sat, 18 Nov 2023 00:28:18 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 5100 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 23:28:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65070
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1700193896630564"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 17 Nov 2023 23:28:18 GMT
ucfad-formats.css
cdn.aralego.net/css/dev/ 		975 B
633 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:467 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 23:28:18 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
8778
cf-polished
origSize=1191
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 16 Mar 2018 07:19:46 GMT
server
cloudflare
etag
W/"5aab7012-4a7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sWeW2wlmG5K8aLtAzaQGoNbIVolSY7UI1BTQzc6HxysoEC%2FhL%2BAzJWPuRyiOaQMvu%2BaKEbhksYg1cGPzaKQqZR2C7Cvve42GoSPIsWuxkXTJbNMqdG7XdaJRO%2FWGS%2BQ66vGtTUfPivif%2BFi6BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
access-control-allow-credentials
true
cf-ray
827bbfd629e39bc4-FRA
idRequest
sync.aralego.com/ 		46 B
488 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.210.196.208 Lanham, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
59c50c6bd34efe268453012b423d2f60933b261de950c7d0f26b79aff34a9b7d

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 23:28:19 GMT
vary
Accept-Encoding
access-control-allow-methods
GET,POST,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.bg3.co
access-control-allow-credentials
true
connection
close
content-length
46
ad_request
ads.aralego.com/ 		564 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=0&bl=en-US&je=1&dnt=0&host=www.bg3.co&u=https%3A%2F%2Fwww.bg3.co%2Fa%2Fgan-da-jue-zhan-2-0ban-ben-xian-feng-ce-shi-zheng-shi-kai-qi.html&adid=ad-34BA6B783D78883D133AD3AD3D6293B9&w=&h=280&ver=UCX_WEB-20200113&pos=1&seq=0&cb=0.11266129021715598&gdpr=%24%7BGDPR%7D&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&format=300%2C250%3B336%2C280%3B&lang=en-US%2Cen&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&uaMobile=%3F0
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.96.203.13 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
7eddc7e40f583d7244a3f2235d6be162336c446b943ebcf7a4f4a0d02fa18030

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 17 Nov 2023 23:28:19 GMT
X-Width
336
X-Height
280
X-AdStyle
banner
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://www.bg3.co
Access-Control-Expose-Headers
X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
Vary
Accept-Encoding
Access-Control-Allow-Credentials
true
X-AdSource
PSA
X-Adtype
html
Connection
close
Content-Length
564
jquery-3.6.0.min.js
code.jquery.com/ 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.6.0.min.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 23:28:19 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
5025599
x-cache
HIT, HIT
content-length
30875
x-served-by
cache-lga21931-LGA, cache-fra-eddf8230122-FRA
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
x-timer
S1700263699.043344,VS0,VE0
etag
W/"28feccc0-15d9d"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=604800
accept-ranges
bytes
x-cache-hits
11, 338803
HC_Q0g=.json
cdn.adpushup.com/fpe/42753/HCPB/ 		79 KB
80 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/fpe/42753/HCPB/HC_Q0g=.json
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
a2d12284979ed13a61550fbdceee3bed74af2a2b3ce6059faa1b702dfb6b0e48

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Sat, 18 Nov 2023 00:28:19 GMT
date
Fri, 17 Nov 2023 23:27:17 GMT
last-modified
Fri, 17 Nov 2023 19:49:29 GMT
server
nginx/1.18.0
etag
"6557c3c9-13dbb"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
x-client-device
desktop
content-length
81339
x-client-geo
CH
dim_Q0g=.json
cdn.adpushup.com/fpe/42753/HCBM/ 		122 KB
122 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/fpe/42753/HCBM/dim_Q0g=.json
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
8bd4066e5a49c9fcd9b7c4d2f3be76ea64196b64a0a9ff3edbeb7c62036bee1b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Sat, 18 Nov 2023 00:28:19 GMT
date
Fri, 17 Nov 2023 23:27:17 GMT
last-modified
Thu, 16 Nov 2023 20:11:31 GMT
server
nginx/1.18.0
etag
"65567773-1e7f2"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
x-client-device
desktop
content-length
124914
x-client-geo
CH
truncated
/ Frame 5100 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1a57984144989a153f4f287a4caaec489f70f161868601030f778e41aae3eb48

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 5100 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss5GjLikjkk_nlwL_nPSVGhut3UkpGAo3eJbEVEzDbr4J0oKiu_Sx8K85TByOOECZWkelKI6ByKfK2KV2PorDNHiriHYOSD9bjWSMRKwMBVJiv6XY-Mn-uSkyWHUZw7wCpSahUkH3xGL17n-hUXub72tsWcaoKPkvqG-kmCbvmzXCaL6fwrMkTtThzh4rh1E1RMONizN49Pt3tPHfXpHd7qFrrvn-t6_Tmq7TjjocBJfJCDdq3u-zX0cCO37mIociYh7BvB3DNFSzQSGKthp_w37mEtPw2TaAh5Q7e5xoQ3a2V36mt2yQ_9_Fa1OBeU1sTgDe15&sai=AMfl-YRIfoJxJqFXZ-R4-JDral2xAk-GzWo94PkZDM030zFrrvNluv-AeP1WC_DROP6ieJ_BC_RSwA3BdOirGZKFF26_Gw2nj7QrjPwg-cdO-9Rgi1AxvblbxNgg_JkkmCL2btQ4opJnk0JYlOziBMEsnsA&sig=Cg0ArKJSzBmwv8NjkcZCEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 23:28:19 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 17 Nov 2023 23:28:19 GMT
impress
ad.vidverto.io/delivery/ 		58 KB
21 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/delivery/impress?ctype=div&width=720&height=405&tld=www.bg3.co&pzoneid=9799&in_iframe=&position=atf&screen_width=1600&screen_height=1200&top_domain=www.bg3.co&top_url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fgan-da-jue-zhan-2-0ban-ben-xian-feng-ce-shi-zheng-shi-kai-qi.html&domain=www.bg3.co&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fgan-da-jue-zhan-2-0ban-ben-xian-feng-ce-shi-zheng-shi-kai-qi.html&referrer=&async=1&uid=6232450484&gdpr=0&gdpr_consent=
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.180.223.221 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-180-223-221.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
2a2ad9848dd90e24e3950119d31bb21f64c28e926ad1a3f06a9b4c0033ae5868

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://www.bg3.co
date
Fri, 17 Nov 2023 23:28:19 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
application/json; charset=utf-8
floating-unit.20231116-8-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/floating-unit.20231116-8-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
993a112fed28aebb10e2297da40f97e06e693040bebdfd6afcd6077e83b558c9

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
mH3pVv6.G9B8LLY8QAMbOC68v4qmDL3z
content-encoding
gzip
via
1.1 varnish
date
Fri, 17 Nov 2023 23:28:19 GMT
x-amz-request-id
2VMRAJFT0Y59JV3V
age
132219
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
2493
x-amz-id-2
vNlV63rqzwTiF+lBrAlnK/6B7EjDOysYS1aRFKsMvIg+sOOXuxXR5oxNgvpWly2voj9HZg0z2L4=
x-served-by
cache-fra-eddf8230122-FRA
last-modified
Thu, 16 Nov 2023 10:43:54 GMT
server
AmazonS3
x-timer
S1700263699.190106,VS0,VE0
etag
"2305f087a0c9d2ee2d24d0285d8191d4"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
81
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
27730
taboola-vignette-new-scanning.20231116-8-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		27 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/taboola-vignette-new-scanning.20231116-8-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b98e49c162c8631d0e2798d2664e4d82671939ee4f231e644af185f5770195c9

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
7eu5PykIh9mAQTEh.T8f_OeLmprFn.mz
content-encoding
gzip
via
1.1 varnish
date
Fri, 17 Nov 2023 23:28:19 GMT
x-amz-request-id
EJXPR2WNAP3EDCEE
age
132219
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
8019
x-amz-id-2
QjmNf+laK3sKK42LVoZNdduSyTNtuKD5byiZVcXO2yLIRXLMUphb1fWoQ8+3+LXJJpUJ3u5oR6s=
x-served-by
cache-fra-eddf8230122-FRA
last-modified
Thu, 16 Nov 2023 10:43:34 GMT
server
AmazonS3
x-timer
S1700263699.192611,VS0,VE0
etag
"2b51cbae4d4dc51af812ae527452faa2"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
52
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
18006
distance-from-article.20231116-8-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/distance-from-article.20231116-8-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7af59f6e1af5ff207fdf5079363a3660bf9139eb4c70e6e7cf7d8f4a2b2c9481

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
U1od7zFn.E3CrGutJ0uTEJm7AoMMR7dZ
content-encoding
gzip
via
1.1 varnish
date
Fri, 17 Nov 2023 23:28:19 GMT
x-amz-request-id
VP999GEYJQ5B4Q8T
age
132228
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1132
x-amz-id-2
kkcKxkP9u6srwuD4dcqFnC7hJ9Nmd8m2F5MK9Trdh+xleWDxP9TgHpBYRgV67ZyLdcHVzrn8ldI=
x-served-by
cache-fra-eddf8230122-FRA
last-modified
Thu, 16 Nov 2023 10:44:04 GMT
server
AmazonS3
x-timer
S1700263699.210868,VS0,VE0
etag
"efa6760390ae7acf98dc5d392f96a63a"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
89
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
329365
article-detection.20231116-8-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/article-detection.20231116-8-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0eb9653dcf9e6f0a00d34e3edaa6613bd6dca5c74b05cd5670af3d963a97e528

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
w.KPU407iD4toCcejeuMXCyx6pJjTU8_
content-encoding
gzip
via
1.1 varnish
date
Fri, 17 Nov 2023 23:28:19 GMT
x-amz-request-id
VP94CWGPNFZGQ044
age
132228
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1291
x-amz-id-2
1f7+qgh0oD0deRNEWAQOwJ/tV2TZcgAqGdhBk71smCbsQQb6qVeHfG6YFrF0rq3S+VpjSFo7Mkk=
x-served-by
cache-fra-eddf8230122-FRA
last-modified
Thu, 16 Nov 2023 10:44:12 GMT
server
AmazonS3
x-timer
S1700263699.211017,VS0,VE0
etag
"e8a34824a44d39e9d49b93d0c2e34a81"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
86
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
329280
tb
15.taboola.com/ 		29 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://15.taboola.com/tb?oid=15&pubnm=palmate-bg3co&unitType=244&tbloc=&pageType=text&pstn=Below%20Article%20Feed&uuip=Feed%20-%20Below%20Article%20Feed&cisrf=&cirf=https%3A%2F%2Fwww.bg3.co%2Fa%2Fgan-da-jue-zhan-2-0ban-ben-xian-feng-ce-shi-zheng-shi-kai-qi.html&encoded=1&uid=56f56543-f743-4ff6-b824-ab7719aee298-tuctc517c92&variant=-100|1&callback=TRC.videoTagCallbacks.videoCallback1&cb=1700263699204&tagid=&cntry=CH&platform=1&sesid=6e6f543d754776e5bc1ecf6525494d92&itemid=/a/gan-da-jue-zhan-2-0ban-ben-xian-feng-ce-shi-zheng-shi-kai-qi.html&viewid=1700263698799&geolat=&geoing=&deviceifa=&appid=&sd=v2_6e6f543d754776e5bc1ecf6525494d92_56f56543-f743-4ff6-b824-ab7719aee298-tuctc517c92_1700263698_1700263698_CNawjgYQ2YJdGO_C9Py9MSABKAEwKziy0A1AzYgQSMvt5ANQ____________AVgAYABosa_ptcr9986tAXAA&ri=48a2114a92af9a639846dacdf54803e5&appname=&cdb=&gdprApplies=true&rid=&sii=&oee=true&tpubid=1524057&uis=2&fagg=1&ccpaDns=false&ccpaPrivacy=1---&region=VD&hasGDPRConsent=true&tcfVersion=&cmpStatus=&tnetid=1231993&prcnt=&layer=&normp=1&gvv=13923
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231116-8-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
6a8c9354bab03004b14c0629297e73f37a62307dc8bcfb3be3219a6b6d468196

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

expires
Sat, 26 Jul 1997 05:00:00 GMT
date
Fri, 17 Nov 2023 23:28:19 GMT
content-encoding
gzip
via
1.1 varnish
machineid
1442
x-cache
MISS
xvid-debug
mrmr - :
x-served-by
cache-fra-eddf8230122-FRA
pragma
no-cache
server
nginx
x-timer
S1700263699.234461,VS0,VE20
vary
Accept-Encoding
content-type
text/html;charset=ISO-8859-1
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
accept-ranges
bytes
link
<https://am-wf.taboola.com>; rel=preconnect
x-cache-hits
0
feed-card-placeholder.20231116-8-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		5 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/feed-card-placeholder.20231116-8-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4d6ba5913127b81a76b25ab72bd7352876690efb0e42d1825f7618b5cbd52f85

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
dWmQPNr6R4sqfxHfo.2ROmBoVj1CnrRT
content-encoding
gzip
via
1.1 varnish
date
Fri, 17 Nov 2023 23:28:19 GMT
x-amz-request-id
VP991A64XRDF8VCG
age
132228
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1261
x-amz-id-2
blADgZNPKkvoyN9h0GPzyim30JZKb5zyew3KzAChjTLzqvSZ51gtMsMGEG5VQKbea85YE/D+5Xg=
x-served-by
cache-fra-eddf8230122-FRA
last-modified
Thu, 16 Nov 2023 10:43:59 GMT
server
AmazonS3
x-timer
S1700263699.218247,VS0,VE0
etag
"a106089876c08b590425b51ba81277ff"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
14
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
289100
userx.20231116-8-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/userx.20231116-8-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b47c015ef4aa39c3a3bd1c0e61b78a362027892650a3d892cfa9ae812fe40dce

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
X6PWjf0XKt3BYd3PuYnS8efzykFumCfC
content-encoding
gzip
via
1.1 varnish
date
Fri, 17 Nov 2023 23:28:19 GMT
x-amz-request-id
JGHFB6S89TPEBSCM
age
132236
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
5397
x-amz-id-2
L3NLiJgRyDGSMnHoreIqnBGJzixq5/OeGaTb2dtt/CRpYrWWjG/akEbehbMT4pajlQmRU/9+kAo=
x-served-by
cache-fra-eddf8230122-FRA
last-modified
Thu, 16 Nov 2023 10:43:31 GMT
server
AmazonS3
x-timer
S1700263699.224401,VS0,VE0
etag
"5ea2b7f5f7ca4d76996fc670b2ebc373"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
60
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
76416
explore-more.20231116-8-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		26 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/explore-more.20231116-8-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3df19cbda74c943d3de0afd5990621355a70da8a743580d10be83fbe71dd500d

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
IbO7Zx6pA8T1_CyNANAESeFyxJwLLZ4H
content-encoding
gzip
via
1.1 varnish
date
Fri, 17 Nov 2023 23:28:19 GMT
x-amz-request-id
VP98C3P8S7AKSX2Z
age
132228
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
7706
x-amz-id-2
HS51hDAvmeGcCnxqshz6qh6W4x1J/AX9BJeOD0MWDB/pSJ5+R5/j0FO6lTQYTZdKHVNRzr4Y140=
x-served-by
cache-fra-eddf8230122-FRA
last-modified
Thu, 16 Nov 2023 10:44:01 GMT
server
AmazonS3
x-timer
S1700263699.237574,VS0,VE0
etag
"d7169d870c1ac2f73408c07cf1b991fc"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
39
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
139401
supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&tvi2=13726&tvi48=-48&tvi50=13923&lti=deflated&ri=1e53d6dd37a5d18f02aa4e4a5351210d&sd=v2_6e6f543d754776e5bc1ecf6525494d92_56f56543-f743-4ff6-b824-ab7719aee298-tuctc517c92_1700263698_1700263698_CNawjgYQ2YJdGO_C9Py9MSABKAEwKziy0A1AzYgQSMvt5ANQ____________AVgAYABosa_ptcr9986tAXAA&ui=56f56543-f743-4ff6-b824-ab7719aee298-tuctc517c92&pi=/a/gan-da-jue-zhan-2-0ban-ben-xian-feng-ce-shi-zheng-shi-kai-qi.html&wi=8948403851919908545&pt=text&vi=1700263698799&d=%7B%22event_type%22%3A%22next_up%22%2C%22event_state%22%3A%22RENDERED%22%2C%22event_value%22%3Anull%2C%22event_msg%22%3Anull%7D&tim=00%3A28%3A19.180&id=7089&llvl=2&cv=20231116-8-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/gan-da-jue-zhan-2-0ban-ben-xian-feng-ce-shi-zheng-shi-kai-qi.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Fri, 17 Nov 2023 23:28:19 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&tvi2=13726&tvi48=-48&tvi50=13923&lti=deflated&ri=1e53d6dd37a5d18f02aa4e4a5351210d&sd=v2_6e6f543d754776e5bc1ecf6525494d92_56f56543-f743-4ff6-b824-ab7719aee298-tuctc517c92_1700263698_1700263698_CNawjgYQ2YJdGO_C9Py9MSABKAEwKziy0A1AzYgQSMvt5ANQ____________AVgAYABosa_ptcr9986tAXAA&ui=56f56543-f743-4ff6-b824-ab7719aee298-tuctc517c92&pi=/a/gan-da-jue-zhan-2-0ban-ben-xian-feng-ce-shi-zheng-shi-kai-qi.html&wi=8948403851919908545&pt=text&vi=1700263698799&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22taboola-vignette-before-load%22%2C%22eventTime%22%3A1700263699183%7D&tim=00%3A28%3A19.183&id=3679&llvl=2&cv=20231116-8-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/gan-da-jue-zhan-2-0ban-ben-xian-feng-ce-shi-zheng-shi-kai-qi.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Fri, 17 Nov 2023 23:28:19 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&tvi2=13726&tvi48=-48&tvi50=13923&lti=deflated&ri=1e53d6dd37a5d18f02aa4e4a5351210d&sd=v2_6e6f543d754776e5bc1ecf6525494d92_56f56543-f743-4ff6-b824-ab7719aee298-tuctc517c92_1700263698_1700263698_CNawjgYQ2YJdGO_C9Py9MSABKAEwKziy0A1AzYgQSMvt5ANQ____________AVgAYABosa_ptcr9986tAXAA&ui=56f56543-f743-4ff6-b824-ab7719aee298-tuctc517c92&pi=/a/gan-da-jue-zhan-2-0ban-ben-xian-feng-ce-shi-zheng-shi-kai-qi.html&wi=8948403851919908545&pt=text&vi=1700263698799&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22block_clicks_init%22%2C%22type%22%3A%22block-clicks-manager%22%2C%22eventTime%22%3A1700263699195%7D&tim=00%3A28%3A19.195&id=8852&llvl=2&cv=20231116-8-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/gan-da-jue-zhan-2-0ban-ben-xian-feng-ce-shi-zheng-shi-kai-qi.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Fri, 17 Nov 2023 23:28:19 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&tvi2=13726&tvi48=-48&tvi50=13923&lti=deflated&ri=1e53d6dd37a5d18f02aa4e4a5351210d&sd=v2_6e6f543d754776e5bc1ecf6525494d92_56f56543-f743-4ff6-b824-ab7719aee298-tuctc517c92_1700263698_1700263698_CNawjgYQ2YJdGO_C9Py9MSABKAEwKziy0A1AzYgQSMvt5ANQ____________AVgAYABosa_ptcr9986tAXAA&ui=56f56543-f743-4ff6-b824-ab7719aee298-tuctc517c92&pi=/a/gan-da-jue-zhan-2-0ban-ben-xian-feng-ce-shi-zheng-shi-kai-qi.html&wi=8948403851919908545&pt=text&vi=1700263698799&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22ADOPTED%22%2C%22event_value%22%3A%22%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=00%3A28%3A19.228&id=9508&llvl=2&cv=20231116-8-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/gan-da-jue-zhan-2-0ban-ben-xian-feng-ce-shi-zheng-shi-kai-qi.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Fri, 17 Nov 2023 23:28:19 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=00%3A28%3A19.233&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-rec-reel-01-x-delta&llvl=2&id=9686&cv=20231116-8-RELEASE&lt=deflated&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/gan-da-jue-zhan-2-0ban-ben-xian-feng-ce-shi-zheng-shi-kai-qi.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 23:28:19 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
72420
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
90 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=00%3A28%3A19.235&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-01-x-delta&llvl=2&id=2115&cv=20231116-8-RELEASE&lt=deflated&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/gan-da-jue-zhan-2-0ban-ben-xian-feng-ce-shi-zheng-shi-kai-qi.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 23:28:19 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
72420
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=00%3A28%3A19.241&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-01-b-em-delta&llvl=2&id=9236&cv=20231116-8-RELEASE&lt=deflated&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/gan-da-jue-zhan-2-0ban-ben-xian-feng-ce-shi-zheng-shi-kai-qi.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 23:28:19 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
72420
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=00%3A28%3A19.245&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-y-em-delta&llvl=2&id=7855&cv=20231116-8-RELEASE&lt=deflated&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/gan-da-jue-zhan-2-0ban-ben-xian-feng-ce-shi-zheng-shi-kai-qi.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 23:28:19 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
72420
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=00%3A28%3A19.254&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-y-em-delta&llvl=2&id=9122&cv=20231116-8-RELEASE&lt=deflated&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/gan-da-jue-zhan-2-0ban-ben-xian-feng-ce-shi-zheng-shi-kai-qi.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 23:28:19 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
72390
f89e1763-220d-4e09-ba69-9e040548fb7a.svg
cdn.taboola.com/static/f8/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/static/f8/f89e1763-220d-4e09-ba69-9e040548fb7a.svg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/gan-da-jue-zhan-2-0ban-ben-xian-feng-ce-shi-zheng-shi-kai-qi.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
cMrDKn.emLmm9kiiOOF64ulDT4DRy6LK
content-encoding
gzip
via
1.1 varnish
date
Fri, 17 Nov 2023 23:28:19 GMT
x-amz-request-id
Y1PG8J215N22T8P1
age
26
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1758
x-amz-id-2
Uw5tFQx0SXBhUtt7LR3tzPg4AwJsLw0b0pfPCtMtj2dH9WxEQG/AKgaWCN1zlzUHI1DQ4s8JfL8=
x-served-by
cache-fra-eddf8230122-FRA
last-modified
Wed, 07 Feb 2018 11:15:52 GMT
server
AmazonS3
x-timer
S1700263699.267541,VS0,VE0
etag
"b8b410e4b18d45aa2f3d9bc09cd335fb"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
abp
97
cache-control
private,max-age=31536000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
21
/
onetag-sys.com/usync/ Frame 53C7 		2 KB
864 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
ima3.js
imasdk.googleapis.com/js/sdkloader/ 		365 KB
126 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4b11a3cb86b8e90ee13ac577dbb1a2398373c7d7777a18066cf50b991ecae129
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 23:28:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
128095
x-xss-protection
0
expires
Fri, 17 Nov 2023 23:28:19 GMT
inview.min.js
ad.vidverto.io/js/ima2/2/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/js/ima2/2/inview.min.js
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.180.223.221 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-180-223-221.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
2ebcdc45625d8bd6eb8cea62780c1128df28c86ef0e10a6369ec23c97d61d92c

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 23:28:19 GMT
content-encoding
gzip
last-modified
Wed, 10 Jun 2020 14:52:51 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"5ee0f3c3-1389"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600, public, max-age=3600
expires
Sat, 18 Nov 2023 00:28:19 GMT
vast-client.min.js
ad.vidverto.io/js/ima2/2/ 		60 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/js/ima2/2/vast-client.min.js
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.180.223.221 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-180-223-221.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
ccd7b25b5061d883c7bf728947fb876d6225f3d8cd4b23dd7a0fb575b6f08b3f

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 23:28:19 GMT
content-encoding
gzip
last-modified
Tue, 03 Oct 2023 13:43:37 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"651c1a89-ee50"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600, public, max-age=3600
expires
Sat, 18 Nov 2023 00:28:19 GMT
ima.min.js
ad.vidverto.io/js/ima2/2/ 		88 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/js/ima2/2/ima.min.js?correlator=014c5c39987adb8c121409403556206f
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.180.223.221 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-180-223-221.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
a4892c9c2afde9a0b57ecab9049dd4c625fc9bb7051941dd222eb8ba97b09b3f

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 23:28:19 GMT
content-encoding
gzip
last-modified
Wed, 15 Nov 2023 11:21:43 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"6554a9c7-161f9"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600, public, max-age=3600
expires
Sat, 18 Nov 2023 00:28:19 GMT
vidvertoplayer.js
ad.vidverto.io/vidverto/player/ 		130 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/vidverto/player/vidvertoplayer.js
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.180.223.221 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-180-223-221.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
a61d8ed19b5bba32c11ba948036fe83489cc0a85662a9031e9db1707518ccd61

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 23:28:19 GMT
content-encoding
gzip
last-modified
Wed, 01 Nov 2023 15:40:22 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"65427166-20687"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600, public, max-age=3600
expires
Sat, 18 Nov 2023 00:28:19 GMT
prebid.js
ad.vidverto.io/js/achernar/ 		293 KB
98 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/js/achernar/prebid.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/gan-da-jue-zhan-2-0ban-ben-xian-feng-ce-shi-zheng-shi-kai-qi.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.180.223.221 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-180-223-221.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
b2d20ef01157e938babf09976dc9371124204b5e7ffa9d9d9898cd99cdca0c5a

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 23:28:19 GMT
content-encoding
gzip
last-modified
Tue, 24 Oct 2023 15:09:23 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"6537de23-49456"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600, public, max-age=3600
expires
Sat, 18 Nov 2023 00:28:19 GMT
invocation.min.css
ad.vidverto.io/vidverto/ 		3 KB
850 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/vidverto/invocation.min.css
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.180.223.221 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-180-223-221.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
60f74110267d386c033ca330fc5bbd7d2472c972b63b33fa8000e87c8f815de6

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 23:28:19 GMT
content-encoding
gzip
last-modified
Wed, 11 Nov 2020 16:53:37 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"5fac1711-a0a"
vary
Accept-Encoding
content-type
text/css
sync
ad.vidverto.io/delivery/v2/
Redirect Chain
  • https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fad.vidverto.io%2Fdelivery%2Fv2%2Fsync%3Fuserid%3D%7Buser_id%7D%26p_id%3D23
  • https://ad.vidverto.io/delivery/v2/sync?userid=8409e5b5-cc54-4059-b7b1-b1c4a5d37885&p_id=23
0
151 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.vidverto.io/delivery/v2/sync?userid=8409e5b5-cc54-4059-b7b1-b1c4a5d37885&p_id=23
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/gan-da-jue-zhan-2-0ban-ben-xian-feng-ce-shi-zheng-shi-kai-qi.html
Protocol
H2
Server
185.180.223.221 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-180-223-221.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 23:28:19 GMT
content-length
0
server
nginx/1.14.0 (Ubuntu)

Redirect headers

location
https://ad.vidverto.io/delivery/v2/sync?userid=8409e5b5-cc54-4059-b7b1-b1c4a5d37885&p_id=23
date
Fri, 17 Nov 2023 23:28:19 GMT
cache-control
no-store no-transform
server
nginx
content-length
161
content-type
text/html; charset=utf-8
match
ads.betweendigital.com/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=prodoohmox&user_id=3e6dc184-c3ac-42f1-802e-bca5e8773876&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=prodoohmox&user_id=3e6dc184-c3ac-42f1-802e-bca5e8773876&gdpr=0&gdpr_consent=
  • https://ads.betweendigital.com/match?bidder_id=43092&gdpr=0&consent=&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dprodoohmox%26expires%3D30%...
  • https://ads.betweendigital.com/match?bidder_id=43092&gdpr=0&consent=&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dprodoohmox%26expires%3D30%...
68 B
598 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.betweendigital.com/match?bidder_id=43092&gdpr=0&consent=&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dprodoohmox%26expires%3D30%26user_group%3D%24%7BUSER_GROUP%7D%26gdpr%3D0%26gdpr_consent%3D&crf=1&rts=3921345365013208513
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/gan-da-jue-zhan-2-0ban-ben-xian-feng-ce-shi-zheng-shi-kai-qi.html
Protocol
H2
Server
188.42.34.64 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
68
content-type
image/png

Redirect headers

location
/match?bidder_id=43092&gdpr=0&consent=&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dprodoohmox%26expires%3D30%26user_group%3D%24%7BUSER_GROUP%7D%26gdpr%3D0%26gdpr_consent%3D&crf=1&rts=3921345365013208513
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
favicon-16px.png
ad.vidverto.io/images/ 		900 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.vidverto.io/images/favicon-16px.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/gan-da-jue-zhan-2-0ban-ben-xian-feng-ce-shi-zheng-shi-kai-qi.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.180.223.221 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-180-223-221.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
42fe10d8382d3fb7f84308b95ae83c5959838f0aeff2cb1733bab9d394c5a2d7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 23:28:19 GMT
last-modified
Wed, 10 Jun 2020 14:52:51 GMT
server
nginx/1.14.0 (Ubuntu)
etag
"5ee0f3c3-384"
content-type
image/png
cache-control
max-age=604800, public, max-age=604800
accept-ranges
bytes
content-length
900
expires
Fri, 24 Nov 2023 23:28:19 GMT
963e558e79307944164d2526e2db3998.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_975%2Cw_1300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		77 KB
78 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_975%2Cw_1300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/963e558e79307944164d2526e2db3998.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/gan-da-jue-zhan-2-0ban-ben-xian-feng-ce-shi-zheng-shi-kai-qi.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
eb570121cd7cfaeac0419f8c4772d1a8caf06866d528bf0f3e13b83ea8655721

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
2
date
Fri, 17 Nov 2023 23:28:19 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_975%2Cw_1300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/963e558e79307944164d2526e2db3998.jpg
age
880363
edge-cache-tag
330983892321446896557571553910849670348,300725542225319019678437132620861179772,29ecf9b93bbf306179626feeda1fab70
cache-tag
330983892321446896557571553910849670348,300725542225319019678437132620861179772,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time
589
req-referer
https://www.stiripesurse.ro/
content-length
78802
x-request-id
89bd6e82e1487da9883982b54928281f
x-backend-name
US_nlb106
x-served-by
cache-iad-kjyo7100140-IAD, cache-iad-kcgs7200058-IAD, cache-lga21934-LGA, cache-iad-kcgs7200153-IAD, cache-fra-eddf8230122-FRA
last-modified
Mon, 06 Nov 2023 20:39:06 GMT
server
nginx
surrogate-reporting
width=1440,height=1080,bytes=110565,owidth=1920,oheight=1080,obytes=2008660
x-timer
S1700263699.362268,VS0,VE2
etag
"86a39a6edbd439d5b3e326b383a790f4"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 0, 1, 1
963e558e79307944164d2526e2db3998.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		37 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/963e558e79307944164d2526e2db3998.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/gan-da-jue-zhan-2-0ban-ben-xian-feng-ce-shi-zheng-shi-kai-qi.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
23cc6027794cfafa2c79f4a6bac7df9543751b62d5c033749fbc713c57b9cab5

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
2
date
Fri, 17 Nov 2023 23:28:19 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/963e558e79307944164d2526e2db3998.jpg
age
960553
edge-cache-tag
330983892321446896557571553910849670348,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag
330983892321446896557571553910849670348,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
208
req-referer
https://www.msnbc.com/
content-length
38382
x-request-id
66fe4591ecf5d32985eb8c160f70fc0c
x-backend-name
LA_nlb203
x-served-by
cache-iad-kjyo7100051-IAD, cache-iad-kjyo7100116-IAD, cache-lax-kwhp1940078-LAX, cache-iad-kcgs7200077-IAD, cache-fra-eddf8230122-FRA
last-modified
Mon, 06 Nov 2023 20:38:17 GMT
server
nginx
surrogate-reporting
width=1920,height=960,bytes=114375,owidth=1920,oheight=1080,obytes=2008660
x-timer
S1700263699.395703,VS0,VE2
etag
"6b1ca92805295f3adde11c6a6d0e3a5a"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 1, 1, 1
60c3066b8360e6746575c7c3524700f2.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/60c3066b8360e6746575c7c3524700f2.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/gan-da-jue-zhan-2-0ban-ben-xian-feng-ce-shi-zheng-shi-kai-qi.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
aba4433c326a47ff70fbf9ec973e6aed78cac71047de9f3820406147d344698c

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Fri, 17 Nov 2023 23:28:19 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/60c3066b8360e6746575c7c3524700f2.png
age
2588180
edge-cache-tag
500629582064787076250330989933903002781,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
cache-tag
500629582064787076250330989933903002781,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
92
expiration
expiry-date="Sun, 01 Oct 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.st-georg.de/
content-length
13644
x-backend-name
LA_nlb201
x-served-by
cache-iad-kcgs7200087-IAD, cache-iad-kiad7000165-IAD, cache-sna10725-LGB, cache-iad-kcgs7200102-IAD, cache-fra-eddf8230122-FRA
last-modified
Thu, 31 Aug 2023 17:07:07 GMT
server
nginx
surrogate-reporting
width=460,height=256,owidth=1200,oheight=800,obytes=1094111
x-timer
S1700263699.433550,VS0,VE1
etag
"32ff0e0da5a78f593d26d0bf1f1f50f9"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 1, 82, 1
6ba92762f00547cba55c12516062ca84.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6ba92762f00547cba55c12516062ca84.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/gan-da-jue-zhan-2-0ban-ben-xian-feng-ce-shi-zheng-shi-kai-qi.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
f085978c529da4d9008c5c56ffb96aa9ca8f03026e32d78a67c533e3c3426d33

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Fri, 17 Nov 2023 23:28:19 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6ba92762f00547cba55c12516062ca84.jpg
age
1969518
edge-cache-tag
622708829367251367636539331549801324199,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
cache-tag
622708829367251367636539331549801324199,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
x-cache
Miss from cloudfront, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
225
expiration
expiry-date="Fri, 13 Oct 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.gazzetta.it/
content-length
16924
x-backend-name
CH_nlb802
x-served-by
cache-iad-kcgs7200056-IAD, cache-iad-kiad7000028-IAD, cache-iad-kcgs7200095-IAD, cache-fra-eddf8230122-FRA
last-modified
Tue, 12 Sep 2023 18:01:20 GMT
server
nginx
surrogate-reporting
width=460,height=256,bytes=24048,owidth=1200,oheight=800,obytes=480216
x-timer
S1700263699.468117,VS0,VE1
etag
"0217b0b072d209654689a00d8394a5e4"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 273, 1
1e4dd89cf1893fe4cbdd6161b6df0e64.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/1e4dd89cf1893fe4cbdd6161b6df0e64.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/gan-da-jue-zhan-2-0ban-ben-xian-feng-ce-shi-zheng-shi-kai-qi.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
c5cfca5db05ee1dd43e1d02aa73aa35416a62f9d00faadb64d4eb069c647f5f1

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
2
date
Fri, 17 Nov 2023 23:28:19 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/1e4dd89cf1893fe4cbdd6161b6df0e64.jpg
age
4529522
edge-cache-tag
531400109958685558821733347851376617772,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag
531400109958685558821733347851376617772,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
182
req-referer
https://thetimecave.com/
content-length
13180
x-request-id
c3282fc51936cc0db6551f840acd88be
x-backend-name
US_nlb102
x-served-by
cache-iad-kiad7000172-IAD, cache-iad-kjyo7100073-IAD, cache-iad-kjyo7100160-IAD, cache-fra-eddf8230122-FRA
last-modified
Fri, 01 Sep 2023 03:05:20 GMT
server
nginx
surrogate-reporting
width=1000,height=500,bytes=36253,owidth=1000,oheight=600,obytes=171352
x-timer
S1700263699.495530,VS0,VE2
etag
"0112b9988b8f0081fb72eba760fc6aeb"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 8, 1
d487e454b6e8c2bdd00ae3e285662fb7.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d487e454b6e8c2bdd00ae3e285662fb7.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/gan-da-jue-zhan-2-0ban-ben-xian-feng-ce-shi-zheng-shi-kai-qi.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
28a3320749440ee186044135d5f8df9d013ee44e3056ef87abc0edac2e80757d

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Fri, 17 Nov 2023 23:28:19 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d487e454b6e8c2bdd00ae3e285662fb7.jpg
age
1418393
edge-cache-tag
574752983566478366042810641110588364102,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
cache-tag
574752983566478366042810641110588364102,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
x-cache
Miss from cloudfront, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
53
expiration
expiry-date="Thu, 23 Nov 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.carscoops.com/
content-length
8202
x-backend-name
US_nlb102
x-served-by
cache-iad-kiad7000179-IAD, cache-iad-kiad7000108-IAD, cache-iad-kiad7000113-IAD, cache-fra-eddf8230122-FRA
last-modified
Mon, 23 Oct 2023 11:33:05 GMT
server
nginx
surrogate-reporting
width=460,height=256,bytes=19552,owidth=1200,oheight=800,obytes=384488
x-timer
S1700263700.522564,VS0,VE1
etag
"2ab09194cbfd18a791103c6697590d5d"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 71, 1
91119c8b5f84f0656fbec35da540a9e1.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/91119c8b5f84f0656fbec35da540a9e1.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/gan-da-jue-zhan-2-0ban-ben-xian-feng-ce-shi-zheng-shi-kai-qi.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e9400808ca642c98fa31fc4de1f92353db8562c93f2a22e45744796c160f760e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Fri, 17 Nov 2023 23:28:19 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/91119c8b5f84f0656fbec35da540a9e1.png
age
2299238
edge-cache-tag
514131800169836084066220265251633699810,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
514131800169836084066220265251633699810,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache
Miss from cloudfront, MISS, HIT, MISS, HIT
x-envoy-upstream-service-time
113
expiration
expiry-date="Sat, 21 Oct 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.news.de/
content-length
7646
x-backend-name
CH_nlb802
x-served-by
cache-iad-kjyo7100167-IAD, cache-iad-kiad7000067-IAD, cache-iad-kcgs7200117-IAD, cache-fra-eddf8230122-FRA
last-modified
Wed, 20 Sep 2023 19:38:36 GMT
server
nginx
surrogate-reporting
width=600,height=333,bytes=13979,owidth=600,oheight=400,obytes=208025
x-timer
S1700263700.555663,VS0,VE1
etag
"cfd16e1ca62237241f1bcf0d8a922e4f"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 0, 1
963e558e79307944164d2526e2db3998.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		45 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/963e558e79307944164d2526e2db3998.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/gan-da-jue-zhan-2-0ban-ben-xian-feng-ce-shi-zheng-shi-kai-qi.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e223c9339b772da14e6fa034aca885cd46434691572fbe8ed8a3e1f3d2bd71ee

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
14
date
Fri, 17 Nov 2023 23:28:19 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/963e558e79307944164d2526e2db3998.jpg
age
881120
edge-cache-tag
330983892321446896557571553910849670348,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
330983892321446896557571553910849670348,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
312
req-referer
https://www.mz.de/
content-length
46472
x-request-id
98ee6d4832838d8b570b559d0f276e44
x-backend-name
US_nlb106
x-served-by
cache-iad-kcgs7200137-IAD, cache-iad-kcgs7200030-IAD, cache-lga21925-LGA, cache-iad-kjyo7100049-IAD, cache-fra-eddf8230122-FRA
last-modified
Mon, 06 Nov 2023 20:39:06 GMT
server
nginx
surrogate-reporting
width=1920,height=1066,bytes=132833,owidth=1920,oheight=1080,obytes=2008660
x-timer
S1700263700.556000,VS0,VE14
etag
"7e72c4965544decf855c09465cac1939"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1, 275, 1
pb.42753.1698934930219.js
cdn.adpushup.com/prebid/ 		437 KB
127 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/489A) /
Resource Hash
6356de0eb2efef06a8338e5779a7d4e0f35fb127823cf356c6e3d5495d96b230

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-client-geo
CH
date
Fri, 17 Nov 2023 23:28:19 GMT
content-encoding
br
age
1255477
x-cache
HIT
x-client-device
desktop
content-length
130160
last-modified
Thu, 02 Nov 2023 14:21:48 GMT
server
ECAcc (ama/489A)
etag
W/"6543b07c-6d3da"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
expires
Sat, 16 Nov 2024 23:28:19 GMT
quantcast.js
cdn.adpushup.com/pbuseridscripts/ 		450 B
309 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/48CB) /
Resource Hash
26914004d3a8d5ddde2202b642d7936eb61c9f195b5cd3c87e44ef8ad4d57c16

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-client-geo
CH
date
Fri, 17 Nov 2023 23:28:19 GMT
content-encoding
br
age
8526521
x-cache
HIT
x-client-device
desktop
content-length
211
last-modified
Mon, 28 Jun 2021 04:15:23 GMT
server
ECAcc (ama/48CB)
etag
W/"60d94cdb-1c2"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
expires
Sat, 16 Nov 2024 23:28:19 GMT
logs
http-intake.logs.datadoghq.com/api/v2/ 		2 B
253 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://http-intake.logs.datadoghq.com/api/v2/logs?dd-api-key=pub6b45632781dd758b20e9d8357c39efab&ddsource=nodejs&service=adpushup.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:24e6:b901:c5b4:8cba:7a26:df2a Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 17 Nov 2023 23:28:19 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
accept-encoding
identity,gzip,x-gzip,deflate,x-deflate,zstd
content-type
application/json
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
2
linkPreview.js
cdn.adpushup.com/42753/ 		75 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/42753/linkPreview.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/gan-da-jue-zhan-2-0ban-ben-xian-feng-ce-shi-zheng-shi-kai-qi.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/48AA) /
Resource Hash
6b278e48df6b2e2f917803f532a9257fbb46bf576a8dfc07f1f8eb94468b54e8

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-client-geo
CH
date
Fri, 17 Nov 2023 23:28:19 GMT
content-encoding
br
age
5558236
x-cache
HIT
x-client-device
desktop
content-length
18371
last-modified
Tue, 13 Dec 2022 07:20:55 GMT
server
ECAcc (ama/48AA)
etag
W/"639827d7-12dc3"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
expires
Sat, 16 Nov 2024 23:28:19 GMT
testmode
e3.adpushup.com/AdPushupFeedbackWebService/feedback/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/testmode?data=eyJjcmVhdGVkVFMiOjE3MDAyNjM2OTkzNzgsInBhY2tldElkIjoiMDAwMEE3MDEtOWFkNDUwNzEtODRiMC00OTZjLTkwNGYtZjA0YmRjM2NiOGQ1Iiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL2dhbi1kYS1qdWUtemhhbi0yLTBiYW4tYmVuLXhpYW4tZmVuZy1jZS1zaGktemhlbmctc2hpLWthaS1xaS5odG1sIiwibW9kZSI6NCwiZXJyb3JDb2RlIjowLCJyZWZlcnJlciI6IiIsInBsYXRmb3JtIjoiREVTS1RPUCIsImlzR2VuaWVlIjpmYWxzZSwic2VjdGlvbnMiOm51bGwsImNvdW50cnkiOiJDSCJ9&c_b=2682.599998474121
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/gan-da-jue-zhan-2-0ban-ben-xian-feng-ce-shi-zheng-shi-kai-qi.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 23:28:19 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
sync
e3.adpushup.com/AdPushupFeedbackWebService/user/ 		70 B
364 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/user/sync
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/gan-da-jue-zhan-2-0ban-ben-xian-feng-ce-shi-zheng-shi-kai-qi.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 23:28:19 GMT
server
nginx/1.18.0 (Ubuntu)
ap-cookie-status
cookies ap_uid and ap_usid not set due to GDPR
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
1e4dd89cf1893fe4cbdd6161b6df0e64.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/1e4dd89cf1893fe4cbdd6161b6df0e64.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/gan-da-jue-zhan-2-0ban-ben-xian-feng-ce-shi-zheng-shi-kai-qi.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
b071ace54b58bc9051e327a188f87bea7c1f877539a4daf49b026e4b4fa0a3e1

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Fri, 17 Nov 2023 23:28:19 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/1e4dd89cf1893fe4cbdd6161b6df0e64.jpg
age
2625149
edge-cache-tag
531400109958685558821733347851376617772,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
531400109958685558821733347851376617772,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
203
req-referer
https://www.conectate.com.do/
content-length
15230
x-request-id
3ebb3ba8e0fe88a2e957207c8552139c
x-backend-name
CH_nlb803
x-served-by
cache-iad-kiad7000158-IAD, cache-iad-kjyo7100162-IAD, cache-iad-kjyo7100022-IAD, cache-fra-eddf8230122-FRA
last-modified
Fri, 01 Sep 2023 03:05:20 GMT
server
nginx
x-timer
S1700263700.571431,VS0,VE1
etag
"845f412d871ead323c7ae203b1d23d82"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 135, 1
60c3066b8360e6746575c7c3524700f2.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/60c3066b8360e6746575c7c3524700f2.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/gan-da-jue-zhan-2-0ban-ben-xian-feng-ce-shi-zheng-shi-kai-qi.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
3a3790beb69a7947610ec1a3063b6df868d75c1da9aec99c0a28e1202f6adaf3

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Fri, 17 Nov 2023 23:28:19 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/60c3066b8360e6746575c7c3524700f2.png
age
4534938
edge-cache-tag
500629582064787076250330989933903002781,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
500629582064787076250330989933903002781,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
398
expiration
expiry-date="Sat, 19 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.tag24.de/
content-length
33296
x-backend-name
LA_nlb201
x-served-by
cache-iad-kiad7000021-IAD, cache-iad-kcgs7200052-IAD, cache-sna10729-LGB, cache-iad-kjyo7100029-IAD, cache-fra-eddf8230122-FRA
last-modified
Wed, 19 Jul 2023 11:47:45 GMT
server
nginx
x-timer
S1700263700.573991,VS0,VE0
etag
"e27c10776e8acb7d55ac3095f7ebf0b2"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 17, 1, 342, 2
6ba92762f00547cba55c12516062ca84.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		43 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6ba92762f00547cba55c12516062ca84.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/gan-da-jue-zhan-2-0ban-ben-xian-feng-ce-shi-zheng-shi-kai-qi.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
0ce745060b8cd1a52914309520fd2ab2ffe29bff83d0f40e3f49370100720dfe

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Fri, 17 Nov 2023 23:28:19 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6ba92762f00547cba55c12516062ca84.jpg
age
1487593
edge-cache-tag
622708829367251367636539331549801324199,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
622708829367251367636539331549801324199,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
296
expiration
expiry-date="Mon, 18 Sep 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.sueddeutsche.de/
content-length
43716
x-backend-name
CH_nlb802
x-served-by
cache-iad-kiad7000165-IAD, cache-iad-kiad7000054-IAD, cache-iad-kcgs7200112-IAD, cache-fra-eddf8230122-FRA
last-modified
Fri, 18 Aug 2023 04:52:08 GMT
server
nginx
x-timer
S1700263700.574560,VS0,VE1
etag
"1005dacaa3b7c1a9da3c5c78e1ed9259"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 19, 1
UnitFeedManagerDesktop.min.js
vidstat.taboola.com/lite-unit/4.5.7/ 		130 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/lite-unit/4.5.7/UnitFeedManagerDesktop.min.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231116-8-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f3a5c0220cd47633052fafc7165b728d2fa3c0afcb4e6c093f60d430a6a9d5cd

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 23:28:19 GMT
via
1.1 f192553c835240a9b5df520fb7ffd876.cloudfront.net (CloudFront), 1.1 varnish
content-encoding
gzip
x-amz-cf-pop
FRA60-P5
age
311713
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront, HIT
content-length
35262
x-served-by
cache-fra-eddf8230122-FRA
last-modified
Tue, 14 Nov 2023 08:52:22 GMT
server
AmazonS3
x-timer
S1700263700.662648,VS0,VE0
etag
"acbf4feb7c49eb33282548b433b4476b"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
Jo5l-Lqg8vP3PvPYFHU-4aF9JButzd_bIlasCp5HILfOA__dzXaDuw==
x-cache-hits
54536
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame AC3D 		24 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1f71f425ebf58edf402895f752e6816cb7fa556422d626a1ef419c62c01d8a8b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 23:28:19 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10176
x-xss-protection
0
server
cafe
etag
13383596380719410595
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 17 Nov 2023 23:28:19 GMT
cookieSyncIframe.html
cdn.aralego.net/ucfad/cookie/ Frame D9DB 		714 B
783 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:467 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
47b193b0d3ac7fcb7bf22555b602c310145a0f6c1fd9acae397c121b22203f19

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
age
9018
alt-svc
h3=":443"; ma=86400
cache-control
max-age=14400
cf-cache-status
HIT
cf-ray
827bbfda98019b22-FRA
content-encoding
br
content-type
text/html
date
Fri, 17 Nov 2023 23:28:19 GMT
last-modified
Wed, 09 Feb 2022 05:59:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5b2Bv8mxXsPOUIAJC3%2F%2FJtNyEhIKcdcQ3Rb5mBvvg4PTValqk8uLRxmV4KfjvIXS%2FnjnjuGJ572qcJaZE7nowtiTDsgOUq40RYW3LHhI9u9%2FjIDhDe6irdEUk4dhIndOzOMtY6r9zcFecf4nMg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame B622
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adiiix
  • https://eus.rubiconproject.com/usync.html?p=adiiix
281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=adiiix
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-22-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 17 Nov 2023 23:28:19 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Fri, 17 Nov 2023 23:28:19 GMT
location
https://eus.rubiconproject.com/usync.html?p=adiiix
server
AkamaiGHost
idsync
sync.aralego.com/ 		35 B
273 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.aralego.com/idsync?euconsent-v2=${GDPR_CONSENT_607}&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/gan-da-jue-zhan-2-0ban-ben-xian-feng-ce-shi-zheng-shi-kai-qi.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.210.196.208 Lanham, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 23:28:19 GMT
connection
close
content-length
35
content-type
image/gif
feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE3MDAyNjM2OTk2MzUsInBhY2tldElkIjoiMDAwMEE3MDEtOWFkNDUwNzEtODRiMC00OTZjLTkwNGYtZjA0YmRjM2NiOGQ1Iiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL2dhbi1kYS1qdWUtemhhbi0yLTBiYW4tYmVuLXhpYW4tZmVuZy1jZS1zaGktemhlbmctc2hpLWthaS1xaS5odG1sIiwibW9kZSI6MSwiZXJyb3JDb2RlIjoxLCJyZWZlcnJlciI6IiIsInBsYXRmb3JtIjoiREVTS1RPUCIsImlzR2VuaWVlIjpmYWxzZSwic2VjdGlvbnMiOlt7InNlY3Rpb25JZCI6Ijc3YTljMjJmLWFjMDItNDVkZC05NmJjLWIwODk2YThhN2Q1YSIsInNlY3Rpb25OYW1lIjoiQVBfTF9EX0FSVElDTEVfNzI4WDI1MF83N2E5YyIsInN0YXR1cyI6MSwibmV0d29yayI6ImFkcFRhZ3MiLCJuZXR3b3JrQWRVbml0SWQiOiJBRFBfNDI3NTNfNzI4WDI1MF83N2E5YzIyZi1hYzAyLTQ1ZGQtOTZiYy1iMDg5NmE4YTdkNWEiLCJzZXJ2aWNlcyI6WzEsM10sImFkVW5pdFR5cGUiOjF9XSwicGFnZUdyb3VwIjoiQVJUSUNMRSIsInBhZ2VWYXJpYXRpb25JZCI6Ijk2NzUwMTI1LWI5MGMtNDk3YS04Njk5LTczMTcxZjdiNDkzNSIsInBhZ2VWYXJpYXRpb25OYW1lIjoiQWRQdXNodXAiLCJwYWdlVmFyaWF0aW9uVHlwZSI6MSwiY291bnRyeSI6IkNIIn0%3D&c_b=2939.099998474121
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/gan-da-jue-zhan-2-0ban-ben-xian-feng-ce-shi-zheng-shi-kai-qi.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 23:28:19 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 		70 B
318 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE3MDAyNjM2OTk2NDEsInBhY2tldElkIjoiMDAwMEE3MDEtOWFkNDUwNzEtODRiMC00OTZjLTkwNGYtZjA0YmRjM2NiOGQ1Iiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL2dhbi1kYS1qdWUtemhhbi0yLTBiYW4tYmVuLXhpYW4tZmVuZy1jZS1zaGktemhlbmctc2hpLWthaS1xaS5odG1sIiwibW9kZSI6MSwiZXJyb3JDb2RlIjoxLCJyZWZlcnJlciI6IiIsInBsYXRmb3JtIjoiREVTS1RPUCIsImlzR2VuaWVlIjpmYWxzZSwic2VjdGlvbnMiOlt7InNlY3Rpb25JZCI6ImQxYzEwYTcyLTI3YjQtNDkzMS04Y2U3LTk5YTE4ZWJiZGJhZSIsInNlY3Rpb25OYW1lIjoiQVBfSV9EX0FSVElDTEVfNzI4WDkwX2QxYzEwIiwic3RhdHVzIjoxLCJuZXR3b3JrIjoiYWRwVGFncyIsIm5ldHdvcmtBZFVuaXRJZCI6IlNUSUNLWV9BRFBfNDI3NTNfNzI4WDkwX2QxYzEwYTcyLTI3YjQtNDkzMS04Y2U3LTk5YTE4ZWJiZGJhZSIsInNlcnZpY2VzIjpbNSwzXSwiYWRVbml0VHlwZSI6M31dLCJwYWdlR3JvdXAiOiJBUlRJQ0xFIiwicGFnZVZhcmlhdGlvbklkIjoiOTY3NTAxMjUtYjkwYy00OTdhLTg2OTktNzMxNzFmN2I0OTM1IiwicGFnZVZhcmlhdGlvbk5hbWUiOiJBZFB1c2h1cCIsInBhZ2VWYXJpYXRpb25UeXBlIjoxLCJjb3VudHJ5IjoiQ0gifQ%3D%3D&c_b=2944.699996948242
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/gan-da-jue-zhan-2-0ban-ben-xian-feng-ce-shi-zheng-shi-kai-qi.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 23:28:19 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE3MDAyNjM2OTk2NDQsInBhY2tldElkIjoiMDAwMEE3MDEtOWFkNDUwNzEtODRiMC00OTZjLTkwNGYtZjA0YmRjM2NiOGQ1Iiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL2dhbi1kYS1qdWUtemhhbi0yLTBiYW4tYmVuLXhpYW4tZmVuZy1jZS1zaGktemhlbmctc2hpLWthaS1xaS5odG1sIiwibW9kZSI6MSwiZXJyb3JDb2RlIjoxLCJyZWZlcnJlciI6IiIsInBsYXRmb3JtIjoiREVTS1RPUCIsImlzR2VuaWVlIjpmYWxzZSwic2VjdGlvbnMiOlt7InNlY3Rpb25JZCI6Ijg2MWUwZjVlLTE0ZjAtNGZlMC1iMWY2LTM1YTI4ZjMzZDIyOCIsInNlY3Rpb25OYW1lIjoiQVBfSV9EXzMzNlgyODBfODYxZTAiLCJzdGF0dXMiOjEsIm5ldHdvcmsiOiJhZHBUYWdzIiwibmV0d29ya0FkVW5pdElkIjoiQURQXzQyNzUzXzMzNlgyODBfODYxZTBmNWUtMTRmMC00ZmUwLWIxZjYtMzVhMjhmMzNkMjI4Iiwic2VydmljZXMiOls1XSwiYWRVbml0VHlwZSI6OH1dLCJwYWdlR3JvdXAiOiJBUlRJQ0xFIiwicGFnZVZhcmlhdGlvbklkIjoiOTY3NTAxMjUtYjkwYy00OTdhLTg2OTktNzMxNzFmN2I0OTM1IiwicGFnZVZhcmlhdGlvbk5hbWUiOiJBZFB1c2h1cCIsInBhZ2VWYXJpYXRpb25UeXBlIjoxLCJjb3VudHJ5IjoiQ0gifQ%3D%3D&c_b=2947.2999954223633
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/gan-da-jue-zhan-2-0ban-ben-xian-feng-ce-shi-zheng-shi-kai-qi.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 23:28:19 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
ads
securepubads.g.doubleclick.net/gampad/ 		47 KB
16 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2268578495133496&correlator=1536250161936631&eid=31079527&output=ldjh&gdfp_req=1&vrg=202311090101&ptt=17&impl=fif&iu_parts=103512698%3A22574853003%2C22967173653&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=2&sfv=1-0-40&ists=1&fas=8&eri=1&sc=1&cookie=ID%3D67ba635910e4b7f5%3AT%3D1700263698%3ART%3D1700263698%3AS%3DALNI_MYfdLeeGEUs_u4xhLyM1aaGhlYZ8A&gpic=UID%3D00000ccb78c79d18%3AT%3D1700263698%3ART%3D1700263698%3AS%3DALNI_Ma9K7e3u3n3MVNni0SLNgfeVAFKew&arp=1&abxe=1&dt=1700263699652&lmt=1700263699&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fgan-da-jue-zhan-2-0ban-ben-xian-feng-ce-shi-zheng-shi-kai-qi.html&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1983550272.1700263699&ga_sid=1700263699&ga_hid=290412771&ga_fc=true&dlt=1700263697876&idt=795&prev_scp=stopUnfilledRefresh3%3Dd_g0_u0%26adpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D0%26fluid%3D0%26vacant_variation%3Dcontrol_bp_0%26vacant_RCA%3DC_0%26refreshcount%3D0%26refreshrate%3D30%26control_reporting%3Dchrome_DESKTOP_15_2_pv%26cluster_reporting%3Dchrome_DESKTOP_15_1_active_2_pv%26ap_refresh_type%3DAV_8%26fcEnabled%3D0&cust_params=da%3Dadx%26outbrain%3Dtrue%26ap_product%3Dadpushup%26pubmatic_eb_disable%3Dfalse%26ap_fp_engine_ran%3D1%26fp_engine_ran%3D1_3%26ap_fp_engine_type%3DhcFloors_HCAB%26ap_fp_engine_temp%3DhcFloors_HCAB_3%26faid%3Dfalse%26adro%3Dv8_c&adks=3412779558&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
14fd36d51a0c92f76e85caf1daae9909998844a576daaddc0275f412128db111
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 23:28:19 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16300
x-xss-protection
0
google-lineitem-id
6393702623
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138449822902
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl_page_level_ads.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/ 		39 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl_page_level_ads.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e329117bbdc12ee0649ed6654138a9ba8e600eaddf9138752631a50d236d135a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 23:16:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
681
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13750
x-xss-protection
0
server
cafe
etag
15254217830347453119
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Sat, 16 Nov 2024 23:16:58 GMT
testmode
e3.adpushup.com/AdPushupFeedbackWebService/feedback/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/testmode?data=eyJjcmVhdGVkVFMiOjE3MDAyNjM2OTk2MzUsInBhY2tldElkIjoiMDAwMEE3MDEtOWFkNDUwNzEtODRiMC00OTZjLTkwNGYtZjA0YmRjM2NiOGQ1Iiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL2dhbi1kYS1qdWUtemhhbi0yLTBiYW4tYmVuLXhpYW4tZmVuZy1jZS1zaGktemhlbmctc2hpLWthaS1xaS5odG1sIiwibW9kZSI6NSwiZXJyb3JDb2RlIjoxLCJyZWZlcnJlciI6IiIsInBsYXRmb3JtIjoiREVTS1RPUCIsImlzR2VuaWVlIjpmYWxzZSwic2VjdGlvbnMiOm51bGwsInBhZ2VHcm91cCI6IkFSVElDTEUiLCJwYWdlVmFyaWF0aW9uSWQiOiI5Njc1MDEyNS1iOTBjLTQ5N2EtODY5OS03MzE3MWY3YjQ5MzUiLCJwYWdlVmFyaWF0aW9uTmFtZSI6IkFkUHVzaHVwIiwicGFnZVZhcmlhdGlvblR5cGUiOjEsImNvdW50cnkiOiJDSCJ9&c_b=2968.2999954223633
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/gan-da-jue-zhan-2-0ban-ben-xian-feng-ce-shi-zheng-shi-kai-qi.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 23:28:19 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame D9DB 		100 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b0ea816de0b904f0c986a08f68c1bafff71902d51c2463e9c7a3ff2b3ddbee77
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 23:28:19 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31359
x-xss-protection
0
server
cafe
etag
906 / 19678 / m202311090101 / config-hash: 16204867678510254442
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 17 Nov 2023 23:28:19 GMT
next-up-widget.20231116-8-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/next-up-widget.20231116-8-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
44c41505855cf99a43c8f8be8de705bd5800b802b7ecfda0f2d664fa8b1920ac

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
3NrCsrdFOl.u1W0jyLjXCYbht8t996Vs
content-encoding
gzip
via
1.1 varnish
date
Fri, 17 Nov 2023 23:28:19 GMT
x-amz-request-id
4B1G7VAZ4EHBDAY9
age
132219
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
4623
x-amz-id-2
Vtr7+gs/2G9rlcdeQmz64XAYIGYa9S2g/8mfcvkoswiNL2oTXiKZuJ0chAdorjT0W1Pu5P94vcI=
x-served-by
cache-fra-eddf8230122-FRA
last-modified
Thu, 16 Nov 2023 10:43:50 GMT
server
AmazonS3
x-timer
S1700263700.676778,VS0,VE0
etag
"448f6eba05b4a5ae20f922469c822de4"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
89
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
27067
supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&tvi2=13726&tvi48=-48&tvi50=13923&lti=deflated&ri=1e53d6dd37a5d18f02aa4e4a5351210d&sd=v2_6e6f543d754776e5bc1ecf6525494d92_56f56543-f743-4ff6-b824-ab7719aee298-tuctc517c92_1700263698_1700263698_CNawjgYQ2YJdGO_C9Py9MSABKAEwKziy0A1AzYgQSMvt5ANQ____________AVgAYABosa_ptcr9986tAXAA&ui=56f56543-f743-4ff6-b824-ab7719aee298-tuctc517c92&pi=/a/gan-da-jue-zhan-2-0ban-ben-xian-feng-ce-shi-zheng-shi-kai-qi.html&wi=8948403851919908545&pt=text&vi=1700263698799&d=%7B%22event_type%22%3A%22distance_from_article%22%2C%22event_state%22%3A%22reported%22%2C%22event_value%22%3A%22344.984375%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=00%3A28%3A19.680&id=8729&llvl=2&cv=20231116-8-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/gan-da-jue-zhan-2-0ban-ben-xian-feng-ce-shi-zheng-shi-kai-qi.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Fri, 17 Nov 2023 23:28:19 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&tvi2=13726&tvi48=-48&tvi50=13923&lti=deflated&ri=1e53d6dd37a5d18f02aa4e4a5351210d&sd=v2_6e6f543d754776e5bc1ecf6525494d92_56f56543-f743-4ff6-b824-ab7719aee298-tuctc517c92_1700263698_1700263698_CNawjgYQ2YJdGO_C9Py9MSABKAEwKziy0A1AzYgQSMvt5ANQ____________AVgAYABosa_ptcr9986tAXAA&ui=56f56543-f743-4ff6-b824-ab7719aee298-tuctc517c92&pi=/a/gan-da-jue-zhan-2-0ban-ben-xian-feng-ce-shi-zheng-shi-kai-qi.html&wi=8948403851919908545&pt=text&vi=1700263698799&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22taboola-vignette-script-loaded%22%2C%22type%22%3A%22%7B%5C%22timeFromLoad%5C%22%3A1524%7D%22%2C%22eventTime%22%3A1700263699682%7D&tim=00%3A28%3A19.682&id=2887&llvl=2&cv=20231116-8-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/gan-da-jue-zhan-2-0ban-ben-xian-feng-ce-shi-zheng-shi-kai-qi.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Fri, 17 Nov 2023 23:28:19 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=00%3A28%3A19.693&type=warn&msg=TRC.TranslationsManager%20-%20missing%20feature%20in%20translationMap%3A%20userx.&llvl=2&id=466&cv=20231116-8-RELEASE&lt=deflated&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/gan-da-jue-zhan-2-0ban-ben-xian-feng-ce-shi-zheng-shi-kai-qi.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 23:28:19 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
74436
css2
fonts.googleapis.com/ 		20 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231116-8-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a44f5d561cd3e602e092304c1356809a206492fa189be1c11d923e8e768b06b5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 17 Nov 2023 23:28:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 17 Nov 2023 22:32:10 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 17 Nov 2023 23:28:19 GMT
spa-detector.20231116-8-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/spa-detector.20231116-8-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2dd20c9f608f4732b5cd45798d8a80feff63851f59549bdc56a867089834051e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
7QcC5tadVgGiWdOmI5x_aGnuaxCJwtWb
content-encoding
gzip
via
1.1 varnish
date
Fri, 17 Nov 2023 23:28:19 GMT
x-amz-request-id
VP9C8CC6TNVCFPYZ
age
132228
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
779
x-amz-id-2
cmhQ6Adg4ZgChe+SUW2uWvq8vo0lLXxH0HdjMtI+d91UfNhv+wCNkOMcYqibUMJmy/SNGZi8Tgc=
x-served-by
cache-fra-eddf8230122-FRA
last-modified
Thu, 16 Nov 2023 10:43:43 GMT
server
AmazonS3
x-timer
S1700263700.732828,VS0,VE0
etag
"7653a5dacee64271085316a2604ddf96"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
1
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
143815
supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&tvi2=13726&tvi48=-48&tvi50=13923&lti=deflated&ri=1e53d6dd37a5d18f02aa4e4a5351210d&sd=v2_6e6f543d754776e5bc1ecf6525494d92_56f56543-f743-4ff6-b824-ab7719aee298-tuctc517c92_1700263698_1700263698_CNawjgYQ2YJdGO_C9Py9MSABKAEwKziy0A1AzYgQSMvt5ANQ____________AVgAYABosa_ptcr9986tAXAA&ui=56f56543-f743-4ff6-b824-ab7719aee298-tuctc517c92&pi=/a/gan-da-jue-zhan-2-0ban-ben-xian-feng-ce-shi-zheng-shi-kai-qi.html&wi=8948403851919908545&pt=text&vi=1700263698799&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22AVAILABLE%22%2C%22event_value%22%3A%22%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=00%3A28%3A19.695&id=391&llvl=2&cv=20231116-8-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/gan-da-jue-zhan-2-0ban-ben-xian-feng-ce-shi-zheng-shi-kai-qi.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Fri, 17 Nov 2023 23:28:19 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&tvi2=13726&tvi48=-48&tvi50=13923&lti=deflated&ri=1e53d6dd37a5d18f02aa4e4a5351210d&sd=v2_6e6f543d754776e5bc1ecf6525494d92_56f56543-f743-4ff6-b824-ab7719aee298-tuctc517c92_1700263698_1700263698_CNawjgYQ2YJdGO_C9Py9MSABKAEwKziy0A1AzYgQSMvt5ANQ____________AVgAYABosa_ptcr9986tAXAA&ui=56f56543-f743-4ff6-b824-ab7719aee298-tuctc517c92&pi=/a/gan-da-jue-zhan-2-0ban-ben-xian-feng-ce-shi-zheng-shi-kai-qi.html&wi=8948403851919908545&pt=text&vi=1700263698799&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22explore-more%22%2C%22type%22%3A%22header%20found%22%2C%22eventTime%22%3A1700263699711%7D&tim=00%3A28%3A19.712&id=6421&llvl=2&cv=20231116-8-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/gan-da-jue-zhan-2-0ban-ben-xian-feng-ce-shi-zheng-shi-kai-qi.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Fri, 17 Nov 2023 23:28:19 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&tvi2=13726&tvi48=-48&tvi50=13923&lti=deflated&ri=1e53d6dd37a5d18f02aa4e4a5351210d&sd=v2_6e6f543d754776e5bc1ecf6525494d92_56f56543-f743-4ff6-b824-ab7719aee298-tuctc517c92_1700263698_1700263698_CNawjgYQ2YJdGO_C9Py9MSABKAEwKziy0A1AzYgQSMvt5ANQ____________AVgAYABosa_ptcr9986tAXAA&ui=56f56543-f743-4ff6-b824-ab7719aee298-tuctc517c92&pi=/a/gan-da-jue-zhan-2-0ban-ben-xian-feng-ce-shi-zheng-shi-kai-qi.html&wi=8948403851919908545&pt=text&vi=1700263698799&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22CLICKABLE%22%2C%22event_value%22%3A%22tblOriginalState%3A%20true%22%2C%22event_msg%22%3A%22back%20button%20enabled%2C%20history%20changed.%22%2C%22event_key%22%3A%22%22%7D&tim=00%3A28%3A19.715&id=3654&llvl=2&cv=20231116-8-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/gan-da-jue-zhan-2-0ban-ben-xian-feng-ce-shi-zheng-shi-kai-qi.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Fri, 17 Nov 2023 23:28:19 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&tvi2=13726&tvi48=-48&tvi50=13923&lti=deflated&ri=1e53d6dd37a5d18f02aa4e4a5351210d&sd=v2_6e6f543d754776e5bc1ecf6525494d92_56f56543-f743-4ff6-b824-ab7719aee298-tuctc517c92_1700263698_1700263698_CNawjgYQ2YJdGO_C9Py9MSABKAEwKziy0A1AzYgQSMvt5ANQ____________AVgAYABosa_ptcr9986tAXAA&ui=56f56543-f743-4ff6-b824-ab7719aee298-tuctc517c92&pi=/a/gan-da-jue-zhan-2-0ban-ben-xian-feng-ce-shi-zheng-shi-kai-qi.html&wi=8948403851919908545&pt=text&vi=1700263698799&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22explore-more%22%2C%22type%22%3A%22explore-more-available%22%2C%22eventTime%22%3A1700263699718%7D&tim=00%3A28%3A19.718&id=1261&llvl=2&cv=20231116-8-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/gan-da-jue-zhan-2-0ban-ben-xian-feng-ce-shi-zheng-shi-kai-qi.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Fri, 17 Nov 2023 23:28:19 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
quant.js
secure.quantserve.com/ 		21 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:7eb1:3826:be7e:d981 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
77daa4388c965a3e23b5a6c800727d8025ab108f89cf5679e79136986d5b4561

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 23:28:19 GMT
content-encoding
gzip
etag
"e23JaXq4HVtlOmThpFhluQ=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Fri, 24 Nov 2023 23:28:19 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame AC3D 		151 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
be602d06ca964737667a0318dc2f4efd248809e80060840e657afc46c218c680
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 23:28:19 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52859
x-xss-protection
0
server
cafe
etag
5870940234235313478
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 17 Nov 2023 23:28:19 GMT
adxprebid.1.2.aspx
inv-nets.admixer.net/ 		0
262 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://inv-nets.admixer.net/adxprebid.1.2.aspx
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/js/achernar/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
167.235.184.171 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.171.184.235.167.clients.your-server.de
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://www.bg3.co
date
Fri, 17 Nov 2023 23:28:19 GMT
access-control-allow-credentials
true
server
nginx
keep-alive
timeout=25
x-xss-protection
0
p3p
CP="NID DSP ALL COR"
v1
prg.smartadserver.com/prebid/ 		745 B
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/js/achernar/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.95 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
4b0086b13675452a1054d753bd2c0fad406632538d17323e7b8d6feaeb394f0d

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 23:28:19 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
prebid-request
onetag-sys.com/ 		15 B
406 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/js/achernar/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://www.bg3.co
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20231118
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4df58cee20a9a69513c308801405c294e57e222ddfef71dedaf9a99da600ee43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 17 Nov 2023 23:28:19 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
26850
x-jsd-version
1.0.1877
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230097-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"641-1YKVPSNSxEtps6XrkJSRmQ2Gkf8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uFzZlFBnbnc6J2CeDmqHd9CCn0CqefydiX%2B79D%2BSHiw2llJIVF3gR9SXvxYZ7OLNeHZoX5xuGa4gcxe7pdjIn%2F6PrIhm4gzLNoAVq7KX70AxWVuWhrkTDT5RpUf%2F%2B5gNxuGoMFQoO5m%2BWt0Xf2E%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
827bbfdcefcc9191-FRA
cdb
bidder.criteo.com/ 		0
189 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=35&wv=7.48.0&cb=53246109838&lsavail=0
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.bg3.co
date
Fri, 17 Nov 2023 23:28:19 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
pbjs
htlb.casalemedia.com/openrtb/ 		36 B
310 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=693656
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1135bc706b0ebafd25df676990f7f650aa3d4d2a121039eae6008c0050aaf410

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 23:28:20 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NoIfHWCvg4x2EyJkRzTAklVRHLdO8YtZXPc7EyFJqAyspKzgRNRm7I%2B0FATU4d248lRyPXEfsCTf4GBMI3Eu234bjbQE5j2Meg3Bcfhr7IJ5VUB%2FEc1Az2MemtxXg%2FZLNQaS%2B4cX"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
827bbfdd2e591d9a-FRA
alt-svc
h3=":443"; ma=86400
content-length
36
expires
0
pbjs
htlb.casalemedia.com/openrtb/ 		36 B
539 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=693656
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1135bc706b0ebafd25df676990f7f650aa3d4d2a121039eae6008c0050aaf410

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 23:28:20 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BM5RVXy32t0veIygUuETR0tjmG5WTQps5hoez8twuDZg6aMA2WLfkpo9YI7dNSwoiDVnFHrgp5pOe%2FUTgsrxsYrxchomyi6xYWWdMeeFfAA7eHhq821wjBFbUAsvURkojyzx3oPP"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
827bbfdd2e5e1d9a-FRA
alt-svc
h3=":443"; ma=86400
content-length
36
expires
0
auction
prebid-server.rubiconproject.com/openrtb2/ 		184 B
467 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.173.144.137 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
6d9fb720ceb219d82d918eb06145270d9609a934fdf3cca03ab546a540bb93fa

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
content-encoding
gzip
x-prebid
pbs-java/2.3.0
Content-Type
application/json
access-control-allow-origin
https://www.bg3.co
Cache-Control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
174
Expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		398 B
909 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20616&site_id=395958&zone_id=2209398&size_id=15&alt_size_ids=2%2C1%2C13%2C14%2C19%2C43%2C44%2C117&rp_schain=1.0,1!adpushup.com,062d9a21f747ddee7c25d4297776e0aa,1,,,&eid_pubcid.org=394f553e-024d-41f2-b55e-d68bc3933ee8%5E1&rf=https%3A%2F%2Fwww.bg3.co%2Fa%2Fgan-da-jue-zhan-2-0ban-ben-xian-feng-ce-shi-zheng-shi-kai-qi.html&kw=%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E%EF%BC%8C%E3%80%8A%E6%95%A2%E9%81%94%E6%B1%BA%E6%88%B0%E3%80%8B2.0%E7%89%88%E6%9C%AC%E5%85%88%E9%8B%92%E6%B8%AC%E8%A9%A6%E6%AD%A3%E5%BC%8F%E9%96%8B%E5%95%93&tg_i.domain=bg3.co&tg_i.page=https%3A%2F%2Fwww.bg3.co%2Fa%2Fgan-da-jue-zhan-2-0ban-ben-xian-feng-ce-shi-zheng-shi-kai-qi.html&tk_flint=pbjs_lite_v7.48.0&x_source.tid=3f77ddd6-b9a2-4b69-b6fa-129e0735ab9d&l_pb_bid_id=1211ab55ade8a3d&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=3f77ddd6-b9a2-4b69-b6fa-129e0735ab9d&rp_maxbids=1&slots=1&rand=0.8553529359467054
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::45 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
9cfee26fa04720149547f225f34a8574f3b996e80f24640b0a54cfee92e935f4

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 23:28:20 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
398
expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid
ib.adnxs.com/ut/v3/ 		19 B
580 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 23:28:20 GMT
an-x-request-uuid
86921b9d-eb00-4324-aebc-c9df35be9eec
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
195.206.105.131; 195.206.105.131; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
19
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid-request
onetag-sys.com/ 		15 B
406 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://www.bg3.co
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
c
prebid.a-mo.net/a/ 		0
272 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.97.67 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.bg3.co
date
Fri, 17 Nov 2023 23:28:19 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
9
server
envoy
vary
origin, Accept-Encoding
auction
tlx.3lift.com/header/ 		19 B
636 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=7.48.0&referrer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fgan-da-jue-zhan-2-0ban-ben-xian-feng-ce-shi-zheng-shi-kai-qi.html&tmax=2500
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.59.116.26 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-59-116-26.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 23:28:20 GMT
accept-ch
sec-ch-ua-platform,sec-ch-prefers-color-scheme,sec-ch-ua-full-version-list,sec-ch-downlink,sec-ch-viewport-width,sec-ch-ua-mobile,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua-full-version,sec-ch-ua,sec-ch-ua-bitness,sec-ch-device-memory,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ect,sec-ch-save-data,sec-ch-viewport-height,sec-ch-width,user-agent,sec-ch-dpr
x-auction-status
29, 29, 29, 29, 29, 29, 29
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
hbjson
grid.bidswitch.net/ 		24 B
361 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://grid.bidswitch.net/hbjson
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.121.101.248 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-121-101-248.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e00137611091f326d1c4a89aec3a7d6c44bd776d30f90fd1c0702b11c8980820

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 17 Nov 2023 23:28:20 GMT
Content-Encoding
gzip
Server
nginx
Content-Type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
49
/
prebid.smilewanted.com/ 		0
306 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 17 Nov 2023 23:28:20 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
827bbfdd4df25d5b-FRA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
bid-request
a.teads.tv/hb/ 		16 B
611 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-35.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 23:28:20 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Fri, 17 Nov 2023 23:28:20 GMT
prebidjs
rtb.openx.net/openrtbb/ 		53 B
337 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
/
Resource Hash
e9e1056a7349f3c99ea917ddf5c7f77f0c8b05556337273095120fc6af8eb52d

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 17 Nov 2023 23:28:20 GMT
content-encoding
gzip
via
1.1 google
vary
Origin
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77
prebidjs
rtb.openx.net/openrtbb/ 		53 B
229 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
/
Resource Hash
e9e1056a7349f3c99ea917ddf5c7f77f0c8b05556337273095120fc6af8eb52d

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 17 Nov 2023 23:28:20 GMT
content-encoding
gzip
via
1.1 google
vary
Origin
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77
v1
hb-api.omnitagjs.com/hb-api/prebid/ 		3 B
517 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fgan-da-jue-zhan-2-0ban-ben-xian-feng-ce-shi-zheng-shi-kai-qi.html&PageUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fgan-da-jue-zhan-2-0ban-ben-xian-feng-ce-shi-zheng-shi-kai-qi.html&PageReferrer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fgan-da-jue-zhan-2-0ban-ben-xian-feng-ce-shi-zheng-shi-kai-qi.html&CanonicalUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fgan-da-jue-zhan-2-0ban-ben-xian-feng-ce-shi-zheng-shi-kai-qi.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.19.228.53 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-228-53.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
37517e5f3dc66819f61f5a7bb8ace1921282415f10551d2defa5c3eb0985b570
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 17 Nov 2023 23:28:20 GMT
via
kong/2.8.4
x-content-type-options
nosniff
x-kong-proxy-latency
0
p3p
CP="CAO PSA OUR"
x-kong-upstream-latency
7
content-length
3
pragma
no-cache
access-control-max-age
3600
access-control-allow-methods
OPTIONS, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Accept-Encoding
access-control-allow-headers
Accept-Encoding, Content-Type
expires
0
adreq
ads.servenobid.com/ 		592 B
668 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/adreq?cb=10861
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.31.140.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-31-140-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
7e3eb2c03cf0ef62a868c317c96873227fe90f0e1e4d2ba3930a4639bdb1556e

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 17 Nov 2023 23:28:20 GMT
content-encoding
gzip
amp-access-control-allow-source-origin
*
vary
accept-encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
prebid
prebid.media.net/rtb/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUPEPKI9
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
153.63.120.34.bc.googleusercontent.com
Software
envoy /
Resource Hash
ec4456237fdc1281f78b8ec22dc0c1e775af4b173086f4534e31f5e3cc578fc3

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 23:28:20 GMT
via
1.1 google
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
server
envoy
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
82
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 17 Nov 2023 23:28:20 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/ Frame D9DB 		429 KB
134 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b04dfae5d49297b8b6a514bd8bf1c7bea7ebe622232401a5abed5a92809a2b66
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 17:09:33 GMT
content-encoding
br
x-content-type-options
nosniff
age
22727
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
137535
x-xss-protection
0
server
cafe
etag
18342593356503948095
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Sat, 16 Nov 2024 17:09:33 GMT
usync.js
eus.rubiconproject.com/ Frame B622 		46 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-22-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
e92610c8ef333bcc5802150887076cfd1a1b6590432185f2bc0a0abff06d906d

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=adiiix
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 17 Nov 2023 23:28:20 GMT
Content-Encoding
gzip
Last-Modified
Fri, 17 Nov 2023 11:35:45 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=43604
Connection
keep-alive
Content-Length
13230
Expires
Sat, 18 Nov 2023 11:35:04 GMT
963e558e79307944164d2526e2db3998.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/963e558e79307944164d2526e2db3998.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/gan-da-jue-zhan-2-0ban-ben-xian-feng-ce-shi-zheng-shi-kai-qi.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
c45f53ddd444acc09ab379559072fe963dc73b8d17052df9802e92a75f01818a

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Fri, 17 Nov 2023 23:28:20 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/963e558e79307944164d2526e2db3998.jpg
age
880546
edge-cache-tag
330983892321446896557571553910849670348,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
cache-tag
330983892321446896557571553910849670348,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, MISS, MISS, MISS, HIT
x-envoy-upstream-service-time
472
req-referer
https://tuzzy.com/
content-length
6498
x-request-id
88e7345f1913418c984fdd95861c0661
x-backend-name
US_nlb101
x-served-by
cache-iad-kjyo7100129-IAD, cache-iad-kjyo7100115-IAD, cache-lga21963-LGA, cache-iad-kjyo7100028-IAD, cache-fra-eddf8230122-FRA
last-modified
Mon, 06 Nov 2023 20:39:06 GMT
server
nginx
surrogate-reporting
width=160,height=160,bytes=8004,owidth=1920,oheight=1080,obytes=2008660
x-timer
S1700263700.160283,VS0,VE1
etag
"ea1f76a89df80d0a023edca5f94b5e2b"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 0, 1
1e4dd89cf1893fe4cbdd6161b6df0e64.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/1e4dd89cf1893fe4cbdd6161b6df0e64.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/gan-da-jue-zhan-2-0ban-ben-xian-feng-ce-shi-zheng-shi-kai-qi.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
90bfd79c2e8bfe91fa637503b34a2eab3e4b7b20d920b5f0e03d8bbd765e624e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Fri, 17 Nov 2023 23:28:20 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/1e4dd89cf1893fe4cbdd6161b6df0e64.jpg
age
1675555
edge-cache-tag
531400109958685558821733347851376617772,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
cache-tag
531400109958685558821733347851376617772,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
72
expiration
expiry-date="Mon, 02 Oct 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://mejorconsalud.as.com/
content-length
2742
x-backend-name
CH_nlb802
x-served-by
cache-iad-kjyo7100079-IAD, cache-iad-kjyo7100046-IAD, cache-iad-kiad7000128-IAD, cache-fra-eddf8230122-FRA
last-modified
Fri, 01 Sep 2023 08:38:38 GMT
server
nginx
surrogate-reporting
width=160,height=160,owidth=1000,oheight=600,obytes=171352
x-timer
S1700263700.160238,VS0,VE1
etag
"65ae6080610f2337c92519aa97ebae38"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 6, 1
6ba92762f00547cba55c12516062ca84.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6ba92762f00547cba55c12516062ca84.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/gan-da-jue-zhan-2-0ban-ben-xian-feng-ce-shi-zheng-shi-kai-qi.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
f89fc3bf8b990e758dfac5c218ed9941fbb28369ccab34d9a0a80ef9c3186690

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
2
date
Fri, 17 Nov 2023 23:28:20 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6ba92762f00547cba55c12516062ca84.jpg
age
404602
edge-cache-tag
622708829367251367636539331549801324199,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
cache-tag
622708829367251367636539331549801324199,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
466
req-referer
https://gossip.hirufm.lk/
content-length
5486
x-request-id
9278e56864fc95fdc1060267d107484c
x-backend-name
US_nlb101
x-served-by
cache-iad-kjyo7100148-IAD, cache-iad-kiad7000101-IAD, cache-iad-kcgs7200030-IAD, cache-fra-eddf8230122-FRA
last-modified
Fri, 01 Sep 2023 20:24:28 GMT
server
nginx
x-timer
S1700263700.160220,VS0,VE2
etag
"c1286a1895dfae4c77bdf1b613143973"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 44, 1
css2
fonts.googleapis.com/ Frame A6E8 		4 KB
767 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 17 Nov 2023 23:28:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 17 Nov 2023 21:47:08 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 17 Nov 2023 23:28:20 GMT
interstitial_ad_frame_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/ Frame A6E8 		21 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/interstitial_ad_frame_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
25b1b4e9934aa4cb8e8bdf5fd7911f6ec67acde6b6b39f1561aec2244f7826af
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 03:59:33 GMT
content-encoding
br
x-content-type-options
nosniff
age
70127
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8781
x-xss-protection
0
server
cafe
etag
9666818975682992898
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 01 Dec 2023 03:59:33 GMT
rules-p-54Nt-1NAaEEe0.js
rules.quantcount.com/ 		160 B
643 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-54Nt-1NAaEEe0.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:9200:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
edc30a0e05622f71d52d07a0b7b5e94e654ee06854f893be1954336730eb0db6

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 23:09:41 GMT
via
1.1 c2e56cd54e2593df95ccca8a6d98c958.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
1127
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
160
last-modified
Thu, 13 Oct 2022 15:29:19 GMT
server
AmazonS3
etag
"05b131079c67d484167fd1b1f6c79577"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
33ak1_H0ZxeS2TV0RBmASmlnwLwZ4z9xWJWJoAw-oY06-ptfY5SMJw==
cdb
bidder.criteo.com/ 		0
188 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=35&wv=7.48.0&cb=93138875990&lsavail=0
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.bg3.co
date
Fri, 17 Nov 2023 23:28:19 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
prebid-request
onetag-sys.com/ 		15 B
406 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://www.bg3.co
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
prebidjs
rtb.openx.net/openrtbb/ 		53 B
229 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
/
Resource Hash
68876eff57356f08becb6f5b6fffcfb9d3499f39079a8d679f3b1014c7e84eff

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 17 Nov 2023 23:28:20 GMT
content-encoding
gzip
via
1.1 google
vary
Origin
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77
prebidjs
rtb.openx.net/openrtbb/ 		53 B
229 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
/
Resource Hash
68876eff57356f08becb6f5b6fffcfb9d3499f39079a8d679f3b1014c7e84eff

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 17 Nov 2023 23:28:20 GMT
content-encoding
gzip
via
1.1 google
vary
Origin
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77
adreq
ads.servenobid.com/ 		592 B
657 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/adreq?cb=5878
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.31.140.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-31-140-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
d0443a7dade78700fd1f70e614b29fd8f7c6a80077204624d42e8c59b0ecfe1f

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 17 Nov 2023 23:28:20 GMT
content-encoding
gzip
amp-access-control-allow-source-origin
*
vary
accept-encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
317 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=693656
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb293753a8c516478ac800166f478929daf928468b0cdc9c3f6c6403c89ae293

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 23:28:20 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fkr82P%2FT56bsCT6%2BN254XVN5fPV8aR%2FvS4pamWVLY6Sq3wiqsHhIa%2BwO0Uv%2FV%2F5mYTwmM0ECXXMTdUaQ8DoPy%2BgBjZWj30usFbDOVq5i4IPUSGhAy3HdDcftFpzr17bKkSOaG7pe"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
827bbfde4f141d9a-FRA
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
309 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=693656
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb293753a8c516478ac800166f478929daf928468b0cdc9c3f6c6403c89ae293

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 23:28:20 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0Pql6SS91ZvkObqa8taYsNosXwpnuhcQ6pU3%2FxEzJ5Y9FvwUwjmD2buZlQuB0j%2Fwa3bE0OrWJ6wimsvRWl9w5dL%2FSoZR9LH57JbeehTdpYETfkX6wjEM6kKV9d90ynaBLglD0Uxa"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
827bbfde4f151d9a-FRA
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
313 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=693656
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb293753a8c516478ac800166f478929daf928468b0cdc9c3f6c6403c89ae293

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 23:28:20 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FY2HHzmCyCtOHgD2FhcgRiNLCetDpxQCAf50WWxMATpC5ldVm%2ByrRN7asrpj0KnPhGkkip8kMlAQ1%2Bk%2BPAfFNBbeqfq5FaRhREtMnEZjwrjhKZjWX3QYIh4F7p9ir8jfMUXbwuuR"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
827bbfde4f161d9a-FRA
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
hbjson
grid.bidswitch.net/ 		24 B
361 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://grid.bidswitch.net/hbjson
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.121.101.248 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-121-101-248.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
3f0a33b868064f8db4272841e06389a7f03019ee2511f91395627f7d11043a69

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 17 Nov 2023 23:28:20 GMT
Content-Encoding
gzip
Server
nginx
Content-Type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
49
auction
prebid-server.rubiconproject.com/openrtb2/ 		184 B
466 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.173.144.137 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
3ed0da6755921704ecfb28f62737f989abc8b0358983ebbb764e2af0de4b99db

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
content-encoding
gzip
x-prebid
pbs-java/2.3.0
Content-Type
application/json
access-control-allow-origin
https://www.bg3.co
Cache-Control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
173
Expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		385 B
722 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20616&site_id=395958&zone_id=2209398&size_id=2&alt_size_ids=1%2C43%2C44%2C55&rp_schain=1.0,1!adpushup.com,062d9a21f747ddee7c25d4297776e0aa,1,,,&eid_pubcid.org=394f553e-024d-41f2-b55e-d68bc3933ee8%5E1&rf=https%3A%2F%2Fwww.bg3.co%2Fa%2Fgan-da-jue-zhan-2-0ban-ben-xian-feng-ce-shi-zheng-shi-kai-qi.html&kw=%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E%EF%BC%8C%E3%80%8A%E6%95%A2%E9%81%94%E6%B1%BA%E6%88%B0%E3%80%8B2.0%E7%89%88%E6%9C%AC%E5%85%88%E9%8B%92%E6%B8%AC%E8%A9%A6%E6%AD%A3%E5%BC%8F%E9%96%8B%E5%95%93&tg_i.domain=bg3.co&tg_i.page=https%3A%2F%2Fwww.bg3.co%2Fa%2Fgan-da-jue-zhan-2-0ban-ben-xian-feng-ce-shi-zheng-shi-kai-qi.html&tk_flint=pbjs_lite_v7.48.0&x_source.tid=a862ab4d-2e9f-4faa-a43f-8d1fb30a3d05&l_pb_bid_id=6854b6ad827f13c&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=a862ab4d-2e9f-4faa-a43f-8d1fb30a3d05&rp_maxbids=1&slots=1&rand=0.16077867873591156
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::45 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
6394c7ea90fc591b8ca6534e287bce09655c437e64f1d1b22e8f1e9d0c11c4d8

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 23:28:20 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
385
expires
Wed, 17 Sep 1975 21:32:10 GMT
auction
tlx.3lift.com/header/ 		19 B
587 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=7.48.0&referrer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fgan-da-jue-zhan-2-0ban-ben-xian-feng-ce-shi-zheng-shi-kai-qi.html&tmax=2500
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.59.116.26 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-59-116-26.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 23:28:20 GMT
accept-ch
sec-ch-viewport-height,sec-ch-save-data,sec-ch-ect,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-device-memory,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-full-version,sec-ch-ua-arch,sec-ch-rtt,sec-ch-ua-mobile,sec-ch-viewport-width,sec-ch-downlink,sec-ch-ua-full-version-list,sec-ch-prefers-color-scheme,sec-ch-ua-platform,sec-ch-dpr,user-agent,sec-ch-width
x-auction-status
29, 29, 29, 29
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
/
prebid.smilewanted.com/ 		0
35 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 17 Nov 2023 23:28:20 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
827bbfde4e715d5b-FRA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
c
prebid.a-mo.net/a/ 		0
153 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.97.67 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.bg3.co
date
Fri, 17 Nov 2023 23:28:20 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
9
server
envoy
vary
origin, Accept-Encoding
v1
hb-api.omnitagjs.com/hb-api/prebid/ 		3 B
516 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fgan-da-jue-zhan-2-0ban-ben-xian-feng-ce-shi-zheng-shi-kai-qi.html&PageUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fgan-da-jue-zhan-2-0ban-ben-xian-feng-ce-shi-zheng-shi-kai-qi.html&PageReferrer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fgan-da-jue-zhan-2-0ban-ben-xian-feng-ce-shi-zheng-shi-kai-qi.html&CanonicalUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fgan-da-jue-zhan-2-0ban-ben-xian-feng-ce-shi-zheng-shi-kai-qi.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.19.228.53 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-228-53.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
37517e5f3dc66819f61f5a7bb8ace1921282415f10551d2defa5c3eb0985b570
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 17 Nov 2023 23:28:20 GMT
via
kong/2.8.4
x-content-type-options
nosniff
x-kong-proxy-latency
0
p3p
CP="CAO PSA OUR"
x-kong-upstream-latency
9
content-length
3
pragma
no-cache
access-control-max-age
3600
access-control-allow-methods
OPTIONS, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Accept-Encoding
access-control-allow-headers
Accept-Encoding, Content-Type
expires
0
bid-request
a.teads.tv/hb/ 		16 B
611 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-35.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 23:28:20 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Fri, 17 Nov 2023 23:28:20 GMT
prebid
prebid.media.net/rtb/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUPEPKI9
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
153.63.120.34.bc.googleusercontent.com
Software
envoy /
Resource Hash
6afccbefc1ddca038bb870a10a6444a1fd529a0f8318d29bda771cf318ca8fe9

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 23:28:19 GMT
via
1.1 google
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
server
envoy
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
65
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 17 Nov 2023 23:28:20 GMT
prebid
ib.adnxs.com/ut/v3/ 		19 B
579 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 23:28:20 GMT
an-x-request-uuid
39e18c1e-46b8-4cf8-8020-2629503442aa
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
195.206.105.131; 195.206.105.131; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
19
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/ Frame AC3D 		397 KB
134 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/show_ads_impl_fy2021.js?bust=31079757
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
39ad9a054662965f4a2dc4a0dae920718de6fb2bef9f31185c3bacd9685cfc82
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 23:28:20 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
137248
x-xss-protection
0
server
cafe
etag
15965821609705221782
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Fri, 17 Nov 2023 23:28:20 GMT
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/ Frame DC18 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
5460
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4118
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 17 Nov 2023 21:57:20 GMT
etag
16674218716276178799
expires
Fri, 01 Dec 2023 21:57:20 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
khaos.json
token.rubiconproject.com/ Frame B622 		7 B
778 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
3bafef7aa4e37890defcd73f0a080481
Expires
0
a1550967.js
js.genieessp.com/t/550/967/ Frame EC89 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.genieessp.com/t/550/967/a1550967.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/gan-da-jue-zhan-2-0ban-ben-xian-feng-ce-shi-zheng-shi-kai-qi.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
222.230.178.132 Tokyo, Japan, ASN2519 (VECTANT ARTERIA Networks Corporation, JP),
Reverse DNS
Software
nginx /
Resource Hash
128161533312fa79a057e50dfaf61f7ab9b2d44c4be01fb22d125b1b2e3c23d9

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 23:28:21 GMT
content-encoding
gzip
last-modified
Wed, 13 Sep 2023 08:08:17 GMT
server
nginx
etag
W/"65016df1-2598"
content-type
application/javascript
cache-control
max-age=900, private
cross-origin-resource-policy
cross-origin
expires
Fri, 17 Nov 2023 23:43:21 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame EC89 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/gan-da-jue-zhan-2-0ban-ben-xian-feng-ce-shi-zheng-shi-kai-qi.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 23:28:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65070
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1700193896630564"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 17 Nov 2023 23:28:20 GMT
bulk
trc.taboola.com/palmate-bg3co/log/3/ 		0
280 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/palmate-bg3co/log/3/bulk?tvi2=13726&tvi48=-48&tvi50=13923&route=AM%3AIL%3AV&lti=deflated&bulkSize=12
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231116-8-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
87
date
Fri, 17 Nov 2023 23:28:20 GMT
via
1.1 varnish
x-fastly-to-nlb-rtt
68867
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-fra-eddf8230122-FRA
pragma
no-cache
server
nginx
x-timer
S1700263700.340798,VS0,VE87
content-type
image/gif
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
video_playlist.js
ad.vidverto.io/vidverto/player/ui/js/ 		112 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/vidverto/player/ui/js/video_playlist.js?v=1698683788
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/player/vidvertoplayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.180.223.221 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-180-223-221.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
1a1d718d37cfe41f443875b0e534554d59fc224d8ea838cfbfcb5d9d426a2a59

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 23:28:20 GMT
content-encoding
gzip
last-modified
Mon, 30 Oct 2023 17:37:37 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"653fe9e1-1bee3"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600, public, max-age=3600
expires
Sat, 18 Nov 2023 00:28:20 GMT
video_playlist.css
ad.vidverto.io/vidverto/player/ui/css/ 		61 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/vidverto/player/ui/css/video_playlist.css?v=1698683788
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/player/vidvertoplayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.180.223.221 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-180-223-221.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
79e5889c36479f99096a96a61cbfa92fc35ecf12d233635e0224b2c415859de1

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 23:28:20 GMT
content-encoding
gzip
last-modified
Sun, 28 Feb 2021 22:32:40 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"603c1a08-f52f"
vary
Accept-Encoding
content-type
text/css
bridge3.605.0_en.html
imasdk.googleapis.com/js/core/ Frame 2344 		752 KB
241 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a2eacbd0a55e794d92e79a03b68c07f613a0ab710ffaffe5f1d12d67aac843a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
246818
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
246766
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Wed, 15 Nov 2023 02:54:42 GMT
expires
Thu, 14 Nov 2024 02:54:42 GMT
last-modified
Wed, 15 Nov 2023 02:49:47 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/ 		44 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 23:28:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 17 Nov 2023 23:28:20 GMT
truncated
/ 		71 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a79afc8be38c66a19e0dcfce66ec28d53571f8aec65320785f790910cd068141

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 8022 		40 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 22:55:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1970
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13893
x-xss-protection
0
last-modified
Wed, 09 Aug 2023 15:57:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Fri, 17 Nov 2023 23:55:30 GMT
video
ad.vidverto.io/delivery/rtb/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.vidverto.io/delivery/rtb/video?data=iT4HJVSNQdyOBE9H6DevUP21EcSv6gXGWHsD0fQjlHvheGon75RhTJZCpAnckOS7eBnH0DmibjXJ0Ohi22ZW6sVmBlRZ%2F%2BKVBTdfNmXLANtHUKvj8vRUcbgYUvmkeHEMfV6vNB4DpGNNw23dOoEOYR7GsKvPRzWETm99NRu6pMOOMPpD2MAuEAHU9YrpHFTMuX0Y9HPc9Q7ZRZKdZRrAeqw7R6zMRQEMivq07YMWz4D0T6ox7qxmuNCn%2BqqXcsvYNEmQQrZWogwe7JaEY%2Fl%2BpwapnHQ0a7UnBIhYCIxtGFJLU2fPJKj502fLiFKZy1ziEAgOf7pG8Bv9cFNbw4u6e69E95GANpAPQyVRCG2%2BfWR%2B17kOXzKK1mPhEW3vytppS5CfarBoonXw0aKelLKD0%2BZxwi2gwlicWw5E78GWXxCgkBPRzpFtIUE9eB6kRNCWpLaQBXbPwa4YfNp9MPiAaPXm%2FUD1l5%2BOHQAiOaDaeWYoUu%2BOYc2Scu7KSpuNpBCC4t%2F7IQnJSd1YUXZmp52iErV%2B4pDdU1h4NUe9ZAtRONV2lzjgKNYw5rP8b2A9%2BJdrAUC%2BXM6OHcZZNQpzKQKyJPKO1ykFh8NvtjvpUZIZ1%2FvdJI7zrZVeV%2FLcPTU3EvR76PXpnHM5OQ1xJVh%2BQwanaifRjADtiRBGOSBmFYP3pJWpWDoQTzoaHjcly4e0MCA84v1UOQaM8to1mBVVYtQWCBPQP9YPKFXHgJGM3FDOp9M%3D
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/gan-da-jue-zhan-2-0ban-ben-xian-feng-ce-shi-zheng-shi-kai-qi.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.180.223.221 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-180-223-221.hosted-by-worldstream.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
ads
securepubads.g.doubleclick.net/gampad/ Frame D9DB 		499 B
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3634275245084312&correlator=3819096542121505&eid=31079667&output=ldjh&gdfp_req=1&vrg=202311090101&ptt=17&impl=fifs&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&sfv=1-0-40&sc=1&cdm=cdn.aralego.net&abxe=1&dt=1700263700364&lmt=1644386353&adxs=-12245933&adys=-12245933&biw=-12245933&bih=-12245933&scr_x=-12245933&scr_y=-12245933&ucis=vmua87t83qyl&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&nhd=1&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2FcookieSyncIframe.html&ref=https%3A%2F%2Fwww.bg3.co%2F&top=https%3A%2F%2Fwww.bg3.co%2F&etu=AA-V4qNuaGrciGbCvINbaGrd3-YNLUD4O-nXAUSbAoh6g_bKaE-YaK3C1nJb-Kd-AvzUI1zunfF4C4Z2FGX_QYsvZ088JF6BISDuiDBayICfnz7wt28wIELJHrJNDHwzZO-USvdbZfipyZqE2KXz26xvA0E5KC57Dd-N&vis=1&psz=0x0&msz=0x-1&fws=256&ohw=0&ea=0&ga_vid=683960718.1700263700&ga_sid=1700263700&ga_hid=484562148&ga_fc=false&dlt=1700263699666&idt=610&adks=64515409&frm=24
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
29bfba349323f5c85b8297f26c721288df62ca5040a715807d8b78f8bb9ee92b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 23:28:20 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
244
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://cdn.aralego.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame D9DB 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202311090101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
727c182dc0608c81e14c2be476f743b79c9fd2822f72e6d8fd80b2d4652714dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 23:28:20 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12395
x-xss-protection
0
container.html
f28f00025ef74e8a36f5965b6cd3361f.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 9B39 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://f28f00025ef74e8a36f5965b6cd3361f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 17 Nov 2023 23:28:20 GMT
expires
Sat, 16 Nov 2024 23:28:20 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
480_650.mp4
cdn.vidverto.io/secured2/B2F_unTG1wMPI6PDUqtOfw:1700267299/1327/video/1812/ 		1 MB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.vidverto.io/secured2/B2F_unTG1wMPI6PDUqtOfw:1700267299/1327/video/1812/480_650.mp4
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/gan-da-jue-zhan-2-0ban-ben-xian-feng-ce-shi-zheng-shi-kai-qi.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
175.110.113.214 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
175-110-113-214.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash

Request headers

Referer
https://www.bg3.co/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

Date
Fri, 17 Nov 2023 23:28:20 GMT
Last-Modified
Thu, 02 Sep 2021 16:35:01 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"6130fd35-101b90c"
Content-Type
video/mp4
Access-Control-Allow-Origin
*
Content-Range
bytes 0-16890123/16890124
Connection
keep-alive
Content-Length
16890124
st
imprammp.taboola.com/ Frame 8A3B 		422 B
382 B 		Document
General
Check archive.org
Download Go to
Full URL
https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66622845&crid=6926735&dast=V8vJwCLAbUW0BpuoeoshOot4DSdA9RZS8AAABgYID-AEnObL6RYWNxi3YL31q0mM3WwplnspaZJiPPaLAbLWabISDBlW1hMbmGa5VptVmLBpvBWjlYWNyqjc23nM0cw9lgMwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZWaDodPte9Xvf73SU-z1zj9yv8OofdLXK4pa6XW3p02N2StWDisLslLrtb-HTY3TKX3efWuNyao9MtPbrsPrfm6HRrHU634mkXmt5mOwAAAAB4AJAW-wjhBxAAIAIAAACABAAAAAAKARX-LQhcAAAAAMAAsHC7qgHgmUMDOwxil8fosrxMp5c_AAA8FIAAABDAIAGAgH5YAiDGeO8EAAAAAAAAAACL_____xgD-JV9MggG1mt6ADz4AHggUiBahBEAAACAYee0wSOTdIKKRRUAAIJ0KwBXAAACFr87R07CAAAACIxZoIfF7zc77Bq_22UAAAAAAAAAAMz8n_lHI5TjSpEGaLzwQ80vIADAml9AAAA26gYA4I0AnKBD0IrBYHUCYnYAAAAA7vz____rAbGVbeYabUa-1Wi3m61cE49j5bHZVpPVaDkaOSfbg18qIW6DoS7cZ0NYZr_voKCcnh6zyyBjuUwG8UHDsJwMgvmZsMVoNZlslsPZcjEZDEfD0Wh_BHA5QBMxWC4nk8VktxqtRpvhbjQbLJBADCaIokWDyWo0miwmw9VospotF7vdBlG0ajUbbQbD1Wwy2-1Ww8FwORqhCVuMVpPJZjmcLReTwXA0HI2GCKZmM9dsNdqsZb7RZi2a2WxriXEyWissvt1iuXC5LMvhWvT6mD6uxW7jnGyRYADXXgQX6UTwMLsdppdb4vNs_BaxRHOySCeyy762ss1co83ItxrtdrOVa-JxrDw222qyGi1HI-dk35rNXLPVaLOW-UabtWhms60lxslorbD4dovlwuWyLIdr0etj-rgWu41zsm_sBoPJbDNbDveN3WAwmW1my-G-Q2f4rj5no7Ksknx8foc5aD7XnAaFy2DxvtSn87BgLKjPnqPTpp1eCzqj3-_3-_1-v9_v9xu0noPZoPA9D3_h9LE8l8PZ6EFsMChiieB0kU5EL-PpIpZInhbpRDRcWBaL0cI5WdicC9tmORzNRg6PyeYaDQeblWsilihNF-lEr_DrHHa3yOGWul5u6dFhd0vWgonD7pa47G7h02F3y1x2n1vjcmuOTrf06LL73Jqj0611ON2Kp11oepst6j96iOVqLhnM5orBaq7YLFYJAAAAAAAAAMASTDPdBAAAAMDJoIab4WK1XAAXQVm6gE0AAAAAAACKNfZYAzzMbofp5Zb4PBu_lQFIMOcx28wzglir1bIGAAAggA0AACCAm268CViJ5OwDwnrgQqkXfuRXEJvlZLN_ACrEWq2WzxdrtVoC_____wE!&cmcv=&pix=undefined&cb=1700263700390&uv=3358&tms=1700263700390&abt=adxsub-out_vA!adxsub-out_vB!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=9ff7d0cb-47a7-4166-8f32-f42d34074163&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.5.7/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
be03b5162280de94a716a0062a490774e611ad942f442e40e1aa859574733178

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-type
text/html;charset=ISO-8859-1
date
Fri, 17 Nov 2023 23:28:20 GMT
server
nginx
vary
Accept-Encoding
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-fra-eddf8230122-FRA
x-timer
S1700263700.408084,VS0,VE10
sync
am-match.taboola.com/ Frame DC04 		439 B
525 B 		Document
General
Check archive.org
Download Go to
Full URL
https://am-match.taboola.com/sync?dast=V8vJwCLAbUW0BpuoeoshOot4DSdA9RZS8AAABgYID-AEnObL6RYWNxi3YL31q0mM3WwplnspaZJiPPaLAbLWabISDBlW1hMbmGa5VptVmLBpvBWjlYWNyqjc23nM0cw9lgMwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZWaDodPte9Xvf73SU-z1zj9yv8OofdLXK4pa6XW3p02N2StWDisLslLrtb-HTY3TKX3efWuNyao9MtPbrsPrfm6HRrHU634mkXmt5mOwAAAAB4AJAW-wjhBxAAIAIAAACABAAAAAAKARX-LQhcAAAAAMAAsHC7qgHgmUMDOwxil8fosrxMp5c_AAA8FIAAABDAIAGAgH5YAiDGeO8EAAAAAAAAAACL_____xgD-JV9MggG1mt6ADz4AHggUiBahBEAAACAYee0wSOTdIKKRRUAAIJ0KwBXAAACFr87R07CAAAACIxZoIfF7zc77Bq_22UAAAAAAAAAAMz8n_lHI5TjSpEGaLzwQ80vIADAml9AAAA26gYA4I0AnKBD0IrBYHUCYnYAAAAA7vz____rAbGVbeYabUa-1Wi3m61cE49j5bHZVpPVaDkaOSfbg18qIW6DoS7cZ0NYZr_voKCcnh6zyyBjuUwG8UHDsJwMgvmZsMVoNZlslsPZcjEZDEfD0Wh_BHA5QBMxWC4nk8VktxqtRpvhbjQbLJBADCaIokWDyWo0miwmw9VospotF7vdBlG0ajUbbQbD1Wwy2-1Ww8FwORqhCVuMVpPJZjmcLReTwXA0HI2GCKZmM9dsNdqsZb7RZi2a2WxriXEyWissvt1iuXC5LMvhWvT6mD6uxW7jnGyRYADXXgQX6UTwMLsdppdb4vNs_BaxRHOySCeyy762ss1co83ItxrtdrOVa-JxrDw222qyGi1HI-dk35rNXLPVaLOW-UabtWhms60lxslorbD4dovlwuWyLIdr0etj-rgWu41zsm_sBoPJbDNbDveN3WAwmW1my-G-Q2f4rj5no7Ksknx8foc5aD7XnAaFy2DxvtSn87BgLKjPnqPTpp1eCzqj3-_3-_1-v9_v9xu0noPZoPA9D3_h9LE8l8PZ6EFsMChiieB0kU5EL-PpIpZInhbpRDRcWBaL0cI5WdicC9tmORzNRg6PyeYaDQeblWsilihNF-lEr_DrHHa3yOGWul5u6dFhd0vWgonD7pa47G7h02F3y1x2n1vjcmuOTrf06LL73Jqj0611ON2Kp11oepst6j96iOVqLhnM5orBaq7YLFYJAAAAAAAAAMASTDPdBAAAAMDJoIab4WK1XAAXQVm6gE0AAAAAAACKNfZYAzzMbofp5Zb4PBu_lQFIMOcx28wzglir1bIGAAAggA0AACCAm268CViJ5OwDwnrgQqkXfuRXEJvlZLN_ACrEWq2WzxdrtVoC_____wE!&excid=22&docw=0&cijs=1&nlb=true
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.5.7/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
593470e06ee3cc3ff7eafa7771990b08d683d88ead09d99dd2575a9571228698

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

content-type
text/html;charset=ISO-8859-1
date
Fri, 17 Nov 2023 23:28:20 GMT
machineid
3408
server
nginx
VideoBidRequestHandlerServlet
wf.taboola.com/ 		2 KB
691 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=6926735&noaop=3&sortOrderType=0&cb=1700263700396&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=1&pv=1573&pt=1674462963&tz=60&viewable=true&ddast=V8vJwCLAbUW0BpuoeoshOot4DSdA9RZS8AAABgYID-AEnObL6RYWNxi3YL31q0mM3WwplnspaZJiPPaLAbLWabISDBlW1hMbmGa5VptVmLBpvBWjlYWNyqjc23nM0cw9lgMwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZWaDodPte9Xvf73SU-z1zj9yv8OofdLXK4pa6XW3p02N2StWDisLslLrtb-HTY3TKX3efWuNyao9MtPbrsPrfm6HRrHU634mkXmt5mOwAAAAB4AJAW-wjhBxAAIAIAAACABAAAAAAKARX-LQhcAAAAAMAAsHC7qgHgmUMDOwxil8fosrxMp5c_AAA8FIAAABDAIAGAgH5YAiDGeO8EAAAAAAAAAACL_____xgD-JV9MggG1mt6ADz4AHggUiBahBEAAACAYee0wSOTdIKKRRUAAIJ0KwBXAAACFr87R07CAAAACIxZoIfF7zc77Bq_22UAAAAAAAAAAMz8n_lHI5TjSpEGaLzwQ80vIADAml9AAAA26gYA4I0AnKBD0IrBYHUCYnYAAAAA7vz____rAbGVbeYabUa-1Wi3m61cE49j5bHZVpPVaDkaOSfbg18qIW6DoS7cZ0NYZr_voKCcnh6zyyBjuUwG8UHDsJwMgvmZsMVoNZlslsPZcjEZDEfD0Wh_BHA5QBMxWC4nk8VktxqtRpvhbjQbLJBADCaIokWDyWo0miwmw9VospotF7vdBlG0ajUbbQbD1Wwy2-1Ww8FwORqhCVuMVpPJZjmcLReTwXA0HI2GCKZmM9dsNdqsZb7RZi2a2WxriXEyWissvt1iuXC5LMvhWvT6mD6uxW7jnGyRYADXXgQX6UTwMLsdppdb4vNs_BaxRHOySCeyy762ss1co83ItxrtdrOVa-JxrDw222qyGi1HI-dk35rNXLPVaLOW-UabtWhms60lxslorbD4dovlwuWyLIdr0etj-rgWu41zsm_sBoPJbDNbDveN3WAwmW1my-G-Q2f4rj5no7Ksknx8foc5aD7XnAaFy2DxvtSn87BgLKjPnqPTpp1eCzqj3-_3-_1-v9_v9xu0noPZoPA9D3_h9LE8l8PZ6EFsMChiieB0kU5EL-PpIpZInhbpRDRcWBaL0cI5WdicC9tmORzNRg6PyeYaDQeblWsilihNF-lEr_DrHHa3yOGWul5u6dFhd0vWgonD7pa47G7h02F3y1x2n1vjcmuOTrf06LL73Jqj0611ON2Kp11oepst6j96iOVqLhnM5orBaq7YLFYJAAAAAAAAAMASTDPdBAAAAMDJoIab4WK1XAAXQVm6gE0AAAAAAACKNfZYAzzMbofp5Zb4PBu_lQFIMOcx28wzglir1bIGAAAggA0AACCAm268CViJ5OwDwnrgQqkXfuRXEJvlZLN_ACrEWq2WzxdrtVoC_____wE!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=3262075&dpubid=583815&abtst=adxsub-out_vA!adxsub-out_vB!ufm_vD&mPre=0.033&cirf=https%3A%2F%2Fwww.bg3.co&en=1&subu=3
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.5.7/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
82719adf5645098b9ba67c2ca6c471e029c486becc2c75998449b892a2b57941

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
text/plain

Response headers

x-cache-hits
0
date
Fri, 17 Nov 2023 23:28:20 GMT
content-encoding
gzip
via
1.1 varnish
machineid
1456
x-cache
MISS
x-served-by
cache-fra-eddf8230122-FRA
pragma
no-cache
server
nginx
x-timer
S1700263700.413038,VS0,VE33
vary
Accept-Encoding
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
accept-ranges
bytes
expires
Sat, 26 Jul 1997 05:00:00 GMT
auctionData
e3.adpushup.com/AdPushupFeedbackWebService/feedback/aphb/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/aphb/auctionData?data=eyJzaXRlSWQiOjQyNzUzLCJ1cmwiOiJodHRwczovL3d3dy5iZzMuY28vYS9nYW4tZGEtanVlLXpoYW4tMi0wYmFuLWJlbi14aWFuLWZlbmctY2Utc2hpLXpoZW5nLXNoaS1rYWktcWkuaHRtbCIsInNpdGVEb21haW4iOiJodHRwczovL2JnMy5jby8iLCJwbGF0Zm9ybSI6IkRFU0tUT1AiLCJwYWNrZXRJZCI6IjAwMDBBNzAxLTlhZDQ1MDcxLTg0YjAtNDk2Yy05MDRmLWYwNGJkYzNjYjhkNSIsInBhZ2VHcm91cCI6IkFSVElDTEUiLCJwYWdlVmFyaWF0aW9uSWQiOiI5Njc1MDEyNS1iOTBjLTQ5N2EtODY5OS03MzE3MWY3YjQ5MzUiLCJwYWdlVmFyaWF0aW9uTmFtZSI6IkFkUHVzaHVwIiwicGFnZVZhcmlhdGlvblR5cGUiOjEsInNlY3Rpb25zIjpbeyJzZWN0aW9uSWQiOiI3N2E5YzIyZi1hYzAyLTQ1ZGQtOTZiYy1iMDg5NmE4YTdkNWEiLCJzZWN0aW9uTmFtZSI6IkFQX0xfRF9BUlRJQ0xFXzcyOFgyNTBfNzdhOWMiLCJwbGFjZW1lbnQiOjEsInJlZnJlc2hDb3VudCI6MCwicHJlYmlkQXVjdGlvbklkIjoiZWJmMjU3YTctZjA4My00ZjMxLTlhZjItYzY2YzI1ZGFjMTljIiwidGltZU9mQXVjdGlvbiI6MTcwMDI2MzY5OTkyNiwiYmlkcyI6W10sInRpbWVkT3V0QmlkZGVycyI6W10sInJlcXVlc3RlZEZvcm1hdHMiOlsiZGlzcGxheSIsInZpZGVvIiwibmF0aXZlIl19XSwiY291bnRyeSI6IkNIIn0%3D&c_b=3731.199996948242
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/gan-da-jue-zhan-2-0ban-ben-xian-feng-ce-shi-zheng-shi-kai-qi.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 23:28:20 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
ads
securepubads.g.doubleclick.net/gampad/ 		27 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2268578495133496&correlator=2493127085632837&eid=31079527&output=ldjh&gdfp_req=1&vrg=202311090101&ptt=17&impl=fif&iu_parts=103512698%3A22574853003%2C22477626096&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C728x250%7C728x90%7C690x90%7C690x250%7C675x90%7C675x250%7C670x90%7C670x250%7C650x90%7C650x250%7C650x150%7C630x90%7C630x250%7C602x100%7C600x90%7C600x250%7C580x90%7C570x90%7C550x150%7C468x60%7C320x50%7C320x100%7C300x50%7C300x100%7C300x75%7C300x250%7C250x250%7C200x200&fluid=height&ifi=3&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D67ba635910e4b7f5%3AT%3D1700263698%3ART%3D1700263698%3AS%3DALNI_MYfdLeeGEUs_u4xhLyM1aaGhlYZ8A&gpic=UID%3D00000ccb78c79d18%3AT%3D1700263698%3ART%3D1700263698%3AS%3DALNI_Ma9K7e3u3n3MVNni0SLNgfeVAFKew&arp=1&abxe=1&dt=1700263700517&lmt=1700263700&adxs=236&adys=60&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fgan-da-jue-zhan-2-0ban-ben-xian-feng-ce-shi-zheng-shi-kai-qi.html&vis=1&psz=728x-1&msz=728x-1&fws=4&ohw=728&psts=AOrYGsmKhOkiHmdhirHtUH7NSeBSljHjWbi8VuwiEFuoXClqC99qXkcDETx7DfS5v2GCKNEIK-uyplaoPIYfxut7fEg&ga_vid=1983550272.1700263699&ga_sid=1700263699&ga_hid=290412771&ga_fc=true&dlt=1700263697876&idt=795&prev_scp=stopUnfilledRefresh3%3Dd_g0_u0%26adpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D1%26fluid%3D0%26vacant_variation%3Dcontrol_bp_0%26vacant_RCA%3DC_0%26refreshcount%3D0%26refreshrate%3D27%26control_reporting%3Dchrome_DESKTOP_15_2%26cluster_reporting%3Dchrome_DESKTOP_15_1_active_2%26refresh27Split%3Drefresh_experiment_3_pv%26ap_refresh_type%3DAV_1%26fcEnabled%3D0&cust_params=da%3Dadx%26outbrain%3Dtrue%26ap_product%3Dadpushup%26pubmatic_eb_disable%3Dfalse%26ap_fp_engine_ran%3D1%26fp_engine_ran%3D1_3%26ap_fp_engine_type%3DhcFloors_HCAB%26ap_fp_engine_temp%3DhcFloors_HCAB_3%26faid%3Dfalse%26adro%3Dv8_c&adks=2102018513&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1da8a6807c18900493b5f6e572288493ef4e9285a43c79b1c5e2687e86377a67
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 23:28:20 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12732
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 73A5 		96 KB
36 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301107&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1700263700&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fgan-da-jue-zhan-2-0ban-ben-xian-feng-ce-shi-zheng-shi-kai-qi.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700263699852&bpp=373&bdt=957&idt=674&shv=r20231109&mjsv=m202311150101&ptt=5&saldr=sd&cookie=ID%3D67ba635910e4b7f5%3AT%3D1700263698%3ART%3D1700263698%3AS%3DALNI_MYfdLeeGEUs_u4xhLyM1aaGhlYZ8A&gpic=UID%3D00000ccb78c79d18%3AT%3D1700263698%3ART%3D1700263698%3AS%3DALNI_Ma9K7e3u3n3MVNni0SLNgfeVAFKew&correlator=4811963659438&frm=23&ife=1&pv=2&ga_vid=1983550272.1700263699&ga_sid=1700263701&ga_hid=1445068936&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=4601&biw=1600&bih=1200&isw=336&ish=280&ifk=4111683719&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44809315%2C31078297%2C31079757%2C44807764%2C44808148%2C44808284%2C44809055%2C31079654&oid=2&pvsid=223067076498789&tmod=1819883492&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.d74at48l467t&btvi=1&fsb=1&dtd=866
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/show_ads_impl_fy2021.js?bust=31079757
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0e78a33a9f4ba12a6cd939159c37f10e906f8e18d77f6e2661e4fff7fafe3af5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
36728
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 17 Nov 2023 23:28:21 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
pixel;r=2060536597;rf=0;a=p-54Nt-1NAaEEe0;url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fgan-da-jue-zhan-2-0ban-ben-xian-feng-ce-shi-zheng-shi-kai-qi.html;uh=e51ed67dfb8d91dc24b15e2ace0c3bc33bc53c3e1dfb09200d6...
pixel.quantserve.com/ 		35 B
372 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=2060536597;rf=0;a=p-54Nt-1NAaEEe0;url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fgan-da-jue-zhan-2-0ban-ben-xian-feng-ce-shi-zheng-shi-kai-qi.html;uh=e51ed67dfb8d91dc24b15e2ace0c3bc33bc53c3e1dfb09200d6c2f8387d67ea6;uht=2;fpan=1;fpa=P0-1240432547-1700263700180;pbc=394f553e-024d-41f2-b55e-d68bc3933ee8;ns=0;ce=1;qjs=1;qv=6076e8c2-20231114150359;cm=;gdpr=0;ref=;d=bg3.co;dst=1;et=1700263700730;tzo=-60;ogl=;ses=05dd7f6d-ec8a-43de-8d72-767b128f0a74;mdl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/gan-da-jue-zhan-2-0ban-ben-xian-feng-ce-shi-zheng-shi-kai-qi.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:7eb1:3826:be7e:d981 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 23:28:20 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
generic
match.adsrvr.org/track/cmf/ Frame 8A3B 		70 B
149 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66622845&crid=6926735&dast=V8vJwCLAbUW0BpuoeoshOot4DSdA9RZS8AAABgYID-AEnObL6RYWNxi3YL31q0mM3WwplnspaZJiPPaLAbLWabISDBlW1hMbmGa5VptVmLBpvBWjlYWNyqjc23nM0cw9lgMwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZWaDodPte9Xvf73SU-z1zj9yv8OofdLXK4pa6XW3p02N2StWDisLslLrtb-HTY3TKX3efWuNyao9MtPbrsPrfm6HRrHU634mkXmt5mOwAAAAB4AJAW-wjhBxAAIAIAAACABAAAAAAKARX-LQhcAAAAAMAAsHC7qgHgmUMDOwxil8fosrxMp5c_AAA8FIAAABDAIAGAgH5YAiDGeO8EAAAAAAAAAACL_____xgD-JV9MggG1mt6ADz4AHggUiBahBEAAACAYee0wSOTdIKKRRUAAIJ0KwBXAAACFr87R07CAAAACIxZoIfF7zc77Bq_22UAAAAAAAAAAMz8n_lHI5TjSpEGaLzwQ80vIADAml9AAAA26gYA4I0AnKBD0IrBYHUCYnYAAAAA7vz____rAbGVbeYabUa-1Wi3m61cE49j5bHZVpPVaDkaOSfbg18qIW6DoS7cZ0NYZr_voKCcnh6zyyBjuUwG8UHDsJwMgvmZsMVoNZlslsPZcjEZDEfD0Wh_BHA5QBMxWC4nk8VktxqtRpvhbjQbLJBADCaIokWDyWo0miwmw9VospotF7vdBlG0ajUbbQbD1Wwy2-1Ww8FwORqhCVuMVpPJZjmcLReTwXA0HI2GCKZmM9dsNdqsZb7RZi2a2WxriXEyWissvt1iuXC5LMvhWvT6mD6uxW7jnGyRYADXXgQX6UTwMLsdppdb4vNs_BaxRHOySCeyy762ss1co83ItxrtdrOVa-JxrDw222qyGi1HI-dk35rNXLPVaLOW-UabtWhms60lxslorbD4dovlwuWyLIdr0etj-rgWu41zsm_sBoPJbDNbDveN3WAwmW1my-G-Q2f4rj5no7Ksknx8foc5aD7XnAaFy2DxvtSn87BgLKjPnqPTpp1eCzqj3-_3-_1-v9_v9xu0noPZoPA9D3_h9LE8l8PZ6EFsMChiieB0kU5EL-PpIpZInhbpRDRcWBaL0cI5WdicC9tmORzNRg6PyeYaDQeblWsilihNF-lEr_DrHHa3yOGWul5u6dFhd0vWgonD7pa47G7h02F3y1x2n1vjcmuOTrf06LL73Jqj0611ON2Kp11oepst6j96iOVqLhnM5orBaq7YLFYJAAAAAAAAAMASTDPdBAAAAMDJoIab4WK1XAAXQVm6gE0AAAAAAACKNfZYAzzMbofp5Zb4PBu_lQFIMOcx28wzglir1bIGAAAggA0AACCAm268CViJ5OwDwnrgQqkXfuRXEJvlZLN_ACrEWq2WzxdrtVoC_____wE!&cmcv=&pix=undefined&cb=1700263700390&uv=3358&tms=1700263700390&abt=adxsub-out_vA!adxsub-out_vB!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=9ff7d0cb-47a7-4166-8f32-f42d34074163&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 23:28:20 GMT
server
Kestrel
content-length
70
content-type
image/gif
56f56543-f743-4ff6-b824-ab7719aee298-tuctc517c92
pr-bh.ybp.yahoo.com/sync/taboola/ Frame 8A3B 		43 B
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/taboola/56f56543-f743-4ff6-b824-ab7719aee298-tuctc517c92?gdpr=1&us_privacy=1---
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66622845&crid=6926735&dast=V8vJwCLAbUW0BpuoeoshOot4DSdA9RZS8AAABgYID-AEnObL6RYWNxi3YL31q0mM3WwplnspaZJiPPaLAbLWabISDBlW1hMbmGa5VptVmLBpvBWjlYWNyqjc23nM0cw9lgMwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZWaDodPte9Xvf73SU-z1zj9yv8OofdLXK4pa6XW3p02N2StWDisLslLrtb-HTY3TKX3efWuNyao9MtPbrsPrfm6HRrHU634mkXmt5mOwAAAAB4AJAW-wjhBxAAIAIAAACABAAAAAAKARX-LQhcAAAAAMAAsHC7qgHgmUMDOwxil8fosrxMp5c_AAA8FIAAABDAIAGAgH5YAiDGeO8EAAAAAAAAAACL_____xgD-JV9MggG1mt6ADz4AHggUiBahBEAAACAYee0wSOTdIKKRRUAAIJ0KwBXAAACFr87R07CAAAACIxZoIfF7zc77Bq_22UAAAAAAAAAAMz8n_lHI5TjSpEGaLzwQ80vIADAml9AAAA26gYA4I0AnKBD0IrBYHUCYnYAAAAA7vz____rAbGVbeYabUa-1Wi3m61cE49j5bHZVpPVaDkaOSfbg18qIW6DoS7cZ0NYZr_voKCcnh6zyyBjuUwG8UHDsJwMgvmZsMVoNZlslsPZcjEZDEfD0Wh_BHA5QBMxWC4nk8VktxqtRpvhbjQbLJBADCaIokWDyWo0miwmw9VospotF7vdBlG0ajUbbQbD1Wwy2-1Ww8FwORqhCVuMVpPJZjmcLReTwXA0HI2GCKZmM9dsNdqsZb7RZi2a2WxriXEyWissvt1iuXC5LMvhWvT6mD6uxW7jnGyRYADXXgQX6UTwMLsdppdb4vNs_BaxRHOySCeyy762ss1co83ItxrtdrOVa-JxrDw222qyGi1HI-dk35rNXLPVaLOW-UabtWhms60lxslorbD4dovlwuWyLIdr0etj-rgWu41zsm_sBoPJbDNbDveN3WAwmW1my-G-Q2f4rj5no7Ksknx8foc5aD7XnAaFy2DxvtSn87BgLKjPnqPTpp1eCzqj3-_3-_1-v9_v9xu0noPZoPA9D3_h9LE8l8PZ6EFsMChiieB0kU5EL-PpIpZInhbpRDRcWBaL0cI5WdicC9tmORzNRg6PyeYaDQeblWsilihNF-lEr_DrHHa3yOGWul5u6dFhd0vWgonD7pa47G7h02F3y1x2n1vjcmuOTrf06LL73Jqj0611ON2Kp11oepst6j96iOVqLhnM5orBaq7YLFYJAAAAAAAAAMASTDPdBAAAAMDJoIab4WK1XAAXQVm6gE0AAAAAAACKNfZYAzzMbofp5Zb4PBu_lQFIMOcx28wzglir1bIGAAAggA0AACCAm268CViJ5OwDwnrgQqkXfuRXEJvlZLN_ACrEWq2WzxdrtVoC_____wE!&cmcv=&pix=undefined&cb=1700263700390&uv=3358&tms=1700263700390&abt=adxsub-out_vA!adxsub-out_vB!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=9ff7d0cb-47a7-4166-8f32-f42d34074163&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3605:4684:36f0:2036:f07d Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 23:28:20 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
sync
x.bidswitch.net/ Frame 8A3B 		43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66622845&crid=6926735&dast=V8vJwCLAbUW0BpuoeoshOot4DSdA9RZS8AAABgYID-AEnObL6RYWNxi3YL31q0mM3WwplnspaZJiPPaLAbLWabISDBlW1hMbmGa5VptVmLBpvBWjlYWNyqjc23nM0cw9lgMwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZWaDodPte9Xvf73SU-z1zj9yv8OofdLXK4pa6XW3p02N2StWDisLslLrtb-HTY3TKX3efWuNyao9MtPbrsPrfm6HRrHU634mkXmt5mOwAAAAB4AJAW-wjhBxAAIAIAAACABAAAAAAKARX-LQhcAAAAAMAAsHC7qgHgmUMDOwxil8fosrxMp5c_AAA8FIAAABDAIAGAgH5YAiDGeO8EAAAAAAAAAACL_____xgD-JV9MggG1mt6ADz4AHggUiBahBEAAACAYee0wSOTdIKKRRUAAIJ0KwBXAAACFr87R07CAAAACIxZoIfF7zc77Bq_22UAAAAAAAAAAMz8n_lHI5TjSpEGaLzwQ80vIADAml9AAAA26gYA4I0AnKBD0IrBYHUCYnYAAAAA7vz____rAbGVbeYabUa-1Wi3m61cE49j5bHZVpPVaDkaOSfbg18qIW6DoS7cZ0NYZr_voKCcnh6zyyBjuUwG8UHDsJwMgvmZsMVoNZlslsPZcjEZDEfD0Wh_BHA5QBMxWC4nk8VktxqtRpvhbjQbLJBADCaIokWDyWo0miwmw9VospotF7vdBlG0ajUbbQbD1Wwy2-1Ww8FwORqhCVuMVpPJZjmcLReTwXA0HI2GCKZmM9dsNdqsZb7RZi2a2WxriXEyWissvt1iuXC5LMvhWvT6mD6uxW7jnGyRYADXXgQX6UTwMLsdppdb4vNs_BaxRHOySCeyy762ss1co83ItxrtdrOVa-JxrDw222qyGi1HI-dk35rNXLPVaLOW-UabtWhms60lxslorbD4dovlwuWyLIdr0etj-rgWu41zsm_sBoPJbDNbDveN3WAwmW1my-G-Q2f4rj5no7Ksknx8foc5aD7XnAaFy2DxvtSn87BgLKjPnqPTpp1eCzqj3-_3-_1-v9_v9xu0noPZoPA9D3_h9LE8l8PZ6EFsMChiieB0kU5EL-PpIpZInhbpRDRcWBaL0cI5WdicC9tmORzNRg6PyeYaDQeblWsilihNF-lEr_DrHHa3yOGWul5u6dFhd0vWgonD7pa47G7h02F3y1x2n1vjcmuOTrf06LL73Jqj0611ON2Kp11oepst6j96iOVqLhnM5orBaq7YLFYJAAAAAAAAAMASTDPdBAAAAMDJoIab4WK1XAAXQVm6gE0AAAAAAACKNfZYAzzMbofp5Zb4PBu_lQFIMOcx28wzglir1bIGAAAggA0AACCAm268CViJ5OwDwnrgQqkXfuRXEJvlZLN_ACrEWq2WzxdrtVoC_____wE!&cmcv=&pix=undefined&cb=1700263700390&uv=3358&tms=1700263700390&abt=adxsub-out_vA!adxsub-out_vB!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=9ff7d0cb-47a7-4166-8f32-f42d34074163&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.185.187.133 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-185-187-133.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 23:28:20 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
generic
match.adsrvr.org/track/cmf/ Frame B622
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=adiiix&khaos=LP393VEY-13-34K2
  • https://sync.aralego.com/idsync?ucf_nid=dsp-34BA74DB2DB8A36B0867EE4A76799A2&ucf_user_id=LP393VEY-13-34K2
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/gan-da-jue-zhan-2-0ban-ben-xian-feng-ce-shi-zheng-shi-kai-qi.html
Protocol
H2
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 23:28:21 GMT
server
Kestrel
content-length
70
content-type
image/gif

Redirect headers

location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
date
Fri, 17 Nov 2023 23:28:21 GMT
connection
close
content-length
111
vary
Accept, Accept-Encoding
content-type
text/plain; charset=utf-8
cmOsUnit.css
vidstat.taboola.com/vpaid/units/33_5_8/assets/css/ 		60 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/units/33_5_8/assets/css/cmOsUnit.css
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.5.7/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
83ecdfb76c38605f0e3538a0a9de0f1e57a457a2dfebe0654ee2f9b13c49a2ec

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-meta-mtime
1700031478
date
Fri, 17 Nov 2023 23:28:20 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
01ZE3T7XP57151WV
age
232158
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-meta-ctime
1700031478
x-amz-meta-mode
33188
content-length
7924
x-amz-id-2
k9gB+Y29FuCyJHskv/394eW+LOyrVO+qIGhB9T9SBj9XBZsWz0mtij14fjN8fn2goV1aIx2T/Zg=
x-served-by
cache-fra-eddf8230122-FRA
last-modified
Wed, 15 Nov 2023 06:57:59 GMT
server
AmazonS3-br
x-timer
S1700263701.781899,VS0,VE0
etag
"a6067988de416f653559cce5285c7c1b"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
301078
cmTagFEED_MANAGER.js
vidstat.taboola.com/vpaid/units/33_5_8/infra/ 		604 KB
121 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/units/33_5_8/infra/cmTagFEED_MANAGER.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.5.7/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
b87f3aad27cbbca4f420872f410bde6254aa7235d6db390730f1d9f46511dd97

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-meta-mtime
1700031467
date
Fri, 17 Nov 2023 23:28:20 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
01Z2TXEZZ8JF4AVH
age
232158
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-meta-ctime
1700031468
x-amz-meta-mode
33188
content-length
123398
x-amz-id-2
NS2Ow4as7ytlYWEYMfJ1Q7B4SNOr19XVQQpMwKelifcyO9+4eIHJ+x74kkTTgqn0EVOjr+aQJUc=
x-served-by
cache-fra-eddf8230122-FRA
last-modified
Wed, 15 Nov 2023 06:57:49 GMT
server
AmazonS3-br
x-timer
S1700263701.794276,VS0,VE0
etag
"e8023cd27890386539e680dcc790152c"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
242705
auctionData
e3.adpushup.com/AdPushupFeedbackWebService/feedback/aphb/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/aphb/auctionData?data=eyJzaXRlSWQiOjQyNzUzLCJ1cmwiOiJodHRwczovL3d3dy5iZzMuY28vYS9nYW4tZGEtanVlLXpoYW4tMi0wYmFuLWJlbi14aWFuLWZlbmctY2Utc2hpLXpoZW5nLXNoaS1rYWktcWkuaHRtbCIsInNpdGVEb21haW4iOiJodHRwczovL2JnMy5jby8iLCJwbGF0Zm9ybSI6IkRFU0tUT1AiLCJwYWNrZXRJZCI6IjAwMDBBNzAxLTlhZDQ1MDcxLTg0YjAtNDk2Yy05MDRmLWYwNGJkYzNjYjhkNSIsInBhZ2VHcm91cCI6IkFSVElDTEUiLCJwYWdlVmFyaWF0aW9uSWQiOiI5Njc1MDEyNS1iOTBjLTQ5N2EtODY5OS03MzE3MWY3YjQ5MzUiLCJwYWdlVmFyaWF0aW9uTmFtZSI6IkFkUHVzaHVwIiwicGFnZVZhcmlhdGlvblR5cGUiOjEsInNlY3Rpb25zIjpbeyJzZWN0aW9uSWQiOiJkMWMxMGE3Mi0yN2I0LTQ5MzEtOGNlNy05OWExOGViYmRiYWUiLCJzZWN0aW9uTmFtZSI6IkFQX0lfRF9BUlRJQ0xFXzcyOFg5MF9kMWMxMCIsInBsYWNlbWVudCI6MSwicmVmcmVzaENvdW50IjowLCJwcmViaWRBdWN0aW9uSWQiOiI4OGM5YTMxNS05YTNlLTRlOGMtODlhYy1kNDQ4YTFmZmM0OWIiLCJ0aW1lT2ZBdWN0aW9uIjoxNzAwMjYzNjk5OTk2LCJiaWRzIjpbXSwidGltZWRPdXRCaWRkZXJzIjpbXSwicmVxdWVzdGVkRm9ybWF0cyI6WyJkaXNwbGF5IiwidmlkZW8iLCJuYXRpdmUiXX1dLCJjb3VudHJ5IjoiQ0gifQ%3D%3D&c_b=4087.199996948242
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/gan-da-jue-zhan-2-0ban-ben-xian-feng-ce-shi-zheng-shi-kai-qi.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 23:28:20 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame D9DB 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 23:28:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 17 Nov 2023 23:28:20 GMT
f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ 		254 B
708 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/gan-da-jue-zhan-2-0ban-ben-xian-feng-ce-shi-zheng-shi-kai-qi.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
date
Fri, 17 Nov 2023 23:28:20 GMT
via
1.1 varnish
x-amz-request-id
1V3H9VCVPBG1B2M0
age
19237
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
254
x-amz-id-2
ecEkqIT2UiXx3kNvrYZW8vzeO4j3+ukvjDCTHGC9cb5Y1awQ9zHumBitHqhNLm54Y/VcUMLqVJ0=
x-served-by
cache-fra-eddf8230122-FRA
last-modified
Wed, 24 Jun 2015 07:14:11 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer
S1700263701.803591,VS0,VE0
etag
"dfa7b52c86e56bd67fa4002f6ed19854"
content-type
image/png
abp
31
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
6618
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v12/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v12/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/player/ui/css/video_playlist.css?v=1698683788
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4ab7918478793ceb022d3f5449e401b44b78d87bc4429058ebb8b64163640da2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ad.vidverto.io/
Origin
https://www.bg3.co
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 23:16:58 GMT
x-content-type-options
nosniff
age
87082
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18684
x-xss-protection
0
last-modified
Tue, 07 Nov 2017 15:24:32 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 15 Nov 2024 23:16:58 GMT
JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v12/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v12/JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/player/ui/css/video_playlist.css?v=1698683788
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
746589ecfb4406519933a6aea5f1149224afcba81e3c3ef0541e7ad6c8111b7e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ad.vidverto.io/
Origin
https://www.bg3.co
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 20:42:52 GMT
x-content-type-options
nosniff
age
9928
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18956
x-xss-protection
0
last-modified
Tue, 07 Nov 2017 15:27:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 16 Nov 2024 20:42:52 GMT
logo.svg
ad.vidverto.io/vidverto/player/ 		414 B
551 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.vidverto.io/vidverto/player/logo.svg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/gan-da-jue-zhan-2-0ban-ben-xian-feng-ce-shi-zheng-shi-kai-qi.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.180.223.221 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-180-223-221.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
8d5d4d2769bdb28802f4309747ef6a358007eeb37daadc66a78ba0ca81cd4bce

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 23:28:20 GMT
last-modified
Wed, 04 May 2022 14:39:21 GMT
server
nginx/1.14.0 (Ubuntu)
accept-ranges
bytes
etag
"62729019-19e"
content-length
414
content-type
image/svg+xml
generic
match.adsrvr.org/track/cmf/ Frame DC04 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8vJwCLAbUW0BpuoeoshOot4DSdA9RZS8AAABgYID-AEnObL6RYWNxi3YL31q0mM3WwplnspaZJiPPaLAbLWabISDBlW1hMbmGa5VptVmLBpvBWjlYWNyqjc23nM0cw9lgMwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZWaDodPte9Xvf73SU-z1zj9yv8OofdLXK4pa6XW3p02N2StWDisLslLrtb-HTY3TKX3efWuNyao9MtPbrsPrfm6HRrHU634mkXmt5mOwAAAAB4AJAW-wjhBxAAIAIAAACABAAAAAAKARX-LQhcAAAAAMAAsHC7qgHgmUMDOwxil8fosrxMp5c_AAA8FIAAABDAIAGAgH5YAiDGeO8EAAAAAAAAAACL_____xgD-JV9MggG1mt6ADz4AHggUiBahBEAAACAYee0wSOTdIKKRRUAAIJ0KwBXAAACFr87R07CAAAACIxZoIfF7zc77Bq_22UAAAAAAAAAAMz8n_lHI5TjSpEGaLzwQ80vIADAml9AAAA26gYA4I0AnKBD0IrBYHUCYnYAAAAA7vz____rAbGVbeYabUa-1Wi3m61cE49j5bHZVpPVaDkaOSfbg18qIW6DoS7cZ0NYZr_voKCcnh6zyyBjuUwG8UHDsJwMgvmZsMVoNZlslsPZcjEZDEfD0Wh_BHA5QBMxWC4nk8VktxqtRpvhbjQbLJBADCaIokWDyWo0miwmw9VospotF7vdBlG0ajUbbQbD1Wwy2-1Ww8FwORqhCVuMVpPJZjmcLReTwXA0HI2GCKZmM9dsNdqsZb7RZi2a2WxriXEyWissvt1iuXC5LMvhWvT6mD6uxW7jnGyRYADXXgQX6UTwMLsdppdb4vNs_BaxRHOySCeyy762ss1co83ItxrtdrOVa-JxrDw222qyGi1HI-dk35rNXLPVaLOW-UabtWhms60lxslorbD4dovlwuWyLIdr0etj-rgWu41zsm_sBoPJbDNbDveN3WAwmW1my-G-Q2f4rj5no7Ksknx8foc5aD7XnAaFy2DxvtSn87BgLKjPnqPTpp1eCzqj3-_3-_1-v9_v9xu0noPZoPA9D3_h9LE8l8PZ6EFsMChiieB0kU5EL-PpIpZInhbpRDRcWBaL0cI5WdicC9tmORzNRg6PyeYaDQeblWsilihNF-lEr_DrHHa3yOGWul5u6dFhd0vWgonD7pa47G7h02F3y1x2n1vjcmuOTrf06LL73Jqj0611ON2Kp11oepst6j96iOVqLhnM5orBaq7YLFYJAAAAAAAAAMASTDPdBAAAAMDJoIab4WK1XAAXQVm6gE0AAAAAAACKNfZYAzzMbofp5Zb4PBu_lQFIMOcx28wzglir1bIGAAAggA0AACCAm268CViJ5OwDwnrgQqkXfuRXEJvlZLN_ACrEWq2WzxdrtVoC_____wE!&excid=22&docw=0&cijs=1&nlb=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 23:28:20 GMT
server
Kestrel
content-length
70
content-type
image/gif
56f56543-f743-4ff6-b824-ab7719aee298-tuctc517c92
pr-bh.ybp.yahoo.com/sync/taboola/ Frame DC04 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/taboola/56f56543-f743-4ff6-b824-ab7719aee298-tuctc517c92?gdpr=1&us_privacy=1---
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8vJwCLAbUW0BpuoeoshOot4DSdA9RZS8AAABgYID-AEnObL6RYWNxi3YL31q0mM3WwplnspaZJiPPaLAbLWabISDBlW1hMbmGa5VptVmLBpvBWjlYWNyqjc23nM0cw9lgMwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZWaDodPte9Xvf73SU-z1zj9yv8OofdLXK4pa6XW3p02N2StWDisLslLrtb-HTY3TKX3efWuNyao9MtPbrsPrfm6HRrHU634mkXmt5mOwAAAAB4AJAW-wjhBxAAIAIAAACABAAAAAAKARX-LQhcAAAAAMAAsHC7qgHgmUMDOwxil8fosrxMp5c_AAA8FIAAABDAIAGAgH5YAiDGeO8EAAAAAAAAAACL_____xgD-JV9MggG1mt6ADz4AHggUiBahBEAAACAYee0wSOTdIKKRRUAAIJ0KwBXAAACFr87R07CAAAACIxZoIfF7zc77Bq_22UAAAAAAAAAAMz8n_lHI5TjSpEGaLzwQ80vIADAml9AAAA26gYA4I0AnKBD0IrBYHUCYnYAAAAA7vz____rAbGVbeYabUa-1Wi3m61cE49j5bHZVpPVaDkaOSfbg18qIW6DoS7cZ0NYZr_voKCcnh6zyyBjuUwG8UHDsJwMgvmZsMVoNZlslsPZcjEZDEfD0Wh_BHA5QBMxWC4nk8VktxqtRpvhbjQbLJBADCaIokWDyWo0miwmw9VospotF7vdBlG0ajUbbQbD1Wwy2-1Ww8FwORqhCVuMVpPJZjmcLReTwXA0HI2GCKZmM9dsNdqsZb7RZi2a2WxriXEyWissvt1iuXC5LMvhWvT6mD6uxW7jnGyRYADXXgQX6UTwMLsdppdb4vNs_BaxRHOySCeyy762ss1co83ItxrtdrOVa-JxrDw222qyGi1HI-dk35rNXLPVaLOW-UabtWhms60lxslorbD4dovlwuWyLIdr0etj-rgWu41zsm_sBoPJbDNbDveN3WAwmW1my-G-Q2f4rj5no7Ksknx8foc5aD7XnAaFy2DxvtSn87BgLKjPnqPTpp1eCzqj3-_3-_1-v9_v9xu0noPZoPA9D3_h9LE8l8PZ6EFsMChiieB0kU5EL-PpIpZInhbpRDRcWBaL0cI5WdicC9tmORzNRg6PyeYaDQeblWsilihNF-lEr_DrHHa3yOGWul5u6dFhd0vWgonD7pa47G7h02F3y1x2n1vjcmuOTrf06LL73Jqj0611ON2Kp11oepst6j96iOVqLhnM5orBaq7YLFYJAAAAAAAAAMASTDPdBAAAAMDJoIab4WK1XAAXQVm6gE0AAAAAAACKNfZYAzzMbofp5Zb4PBu_lQFIMOcx28wzglir1bIGAAAggA0AACCAm268CViJ5OwDwnrgQqkXfuRXEJvlZLN_ACrEWq2WzxdrtVoC_____wE!&excid=22&docw=0&cijs=1&nlb=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3605:4684:36f0:2036:f07d Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 23:28:20 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
sync
ups.analytics.yahoo.com/ups/58785/ Frame DC04 		0
125 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58785/sync?redir=true&gdpr=1&us_privacy=1---
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8vJwCLAbUW0BpuoeoshOot4DSdA9RZS8AAABgYID-AEnObL6RYWNxi3YL31q0mM3WwplnspaZJiPPaLAbLWabISDBlW1hMbmGa5VptVmLBpvBWjlYWNyqjc23nM0cw9lgMwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZWaDodPte9Xvf73SU-z1zj9yv8OofdLXK4pa6XW3p02N2StWDisLslLrtb-HTY3TKX3efWuNyao9MtPbrsPrfm6HRrHU634mkXmt5mOwAAAAB4AJAW-wjhBxAAIAIAAACABAAAAAAKARX-LQhcAAAAAMAAsHC7qgHgmUMDOwxil8fosrxMp5c_AAA8FIAAABDAIAGAgH5YAiDGeO8EAAAAAAAAAACL_____xgD-JV9MggG1mt6ADz4AHggUiBahBEAAACAYee0wSOTdIKKRRUAAIJ0KwBXAAACFr87R07CAAAACIxZoIfF7zc77Bq_22UAAAAAAAAAAMz8n_lHI5TjSpEGaLzwQ80vIADAml9AAAA26gYA4I0AnKBD0IrBYHUCYnYAAAAA7vz____rAbGVbeYabUa-1Wi3m61cE49j5bHZVpPVaDkaOSfbg18qIW6DoS7cZ0NYZr_voKCcnh6zyyBjuUwG8UHDsJwMgvmZsMVoNZlslsPZcjEZDEfD0Wh_BHA5QBMxWC4nk8VktxqtRpvhbjQbLJBADCaIokWDyWo0miwmw9VospotF7vdBlG0ajUbbQbD1Wwy2-1Ww8FwORqhCVuMVpPJZjmcLReTwXA0HI2GCKZmM9dsNdqsZb7RZi2a2WxriXEyWissvt1iuXC5LMvhWvT6mD6uxW7jnGyRYADXXgQX6UTwMLsdppdb4vNs_BaxRHOySCeyy762ss1co83ItxrtdrOVa-JxrDw222qyGi1HI-dk35rNXLPVaLOW-UabtWhms60lxslorbD4dovlwuWyLIdr0etj-rgWu41zsm_sBoPJbDNbDveN3WAwmW1my-G-Q2f4rj5no7Ksknx8foc5aD7XnAaFy2DxvtSn87BgLKjPnqPTpp1eCzqj3-_3-_1-v9_v9xu0noPZoPA9D3_h9LE8l8PZ6EFsMChiieB0kU5EL-PpIpZInhbpRDRcWBaL0cI5WdicC9tmORzNRg6PyeYaDQeblWsilihNF-lEr_DrHHa3yOGWul5u6dFhd0vWgonD7pa47G7h02F3y1x2n1vjcmuOTrf06LL73Jqj0611ON2Kp11oepst6j96iOVqLhnM5orBaq7YLFYJAAAAAAAAAMASTDPdBAAAAMDJoIab4WK1XAAXQVm6gE0AAAAAAACKNfZYAzzMbofp5Zb4PBu_lQFIMOcx28wzglir1bIGAAAggA0AACCAm268CViJ5OwDwnrgQqkXfuRXEJvlZLN_ACrEWq2WzxdrtVoC_____wE!&excid=22&docw=0&cijs=1&nlb=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-75-62-37.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.87 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 23:28:21 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
ads
securepubads.g.doubleclick.net/gampad/ 		25 KB
11 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2268578495133496&correlator=2853829108302928&eid=31079527&output=ldjh&gdfp_req=1&vrg=202311090101&ptt=17&impl=fif&iu_parts=103512698%3A22574853003%2C22479095528&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C970x90%7C900x90%7C728x90%7C690x90%7C675x90%7C670x90%7C650x90%7C630x90%7C600x90%7C580x90%7C570x90%7C468x60%7C320x50%7C300x50%7C300x75&fluid=height&ifi=4&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D67ba635910e4b7f5%3AT%3D1700263698%3ART%3D1700263698%3AS%3DALNI_MYfdLeeGEUs_u4xhLyM1aaGhlYZ8A&gpic=UID%3D00000ccb78c79d18%3AT%3D1700263698%3ART%3D1700263698%3AS%3DALNI_Ma9K7e3u3n3MVNni0SLNgfeVAFKew&arp=1&abxe=1&dt=1700263700874&lmt=1700263700&adxs=315&adys=1110&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fgan-da-jue-zhan-2-0ban-ben-xian-feng-ce-shi-zheng-shi-kai-qi.html&vis=1&psz=970x-1&msz=970x-1&fws=516&ohw=1600&psts=AOrYGsmKhOkiHmdhirHtUH7NSeBSljHjWbi8VuwiEFuoXClqC99qXkcDETx7DfS5v2GCKNEIK-uyplaoPIYfxut7fEg&ga_vid=1983550272.1700263699&ga_sid=1700263699&ga_hid=290412771&ga_fc=true&dlt=1700263697876&idt=795&prev_scp=stopUnfilledRefresh3%3Dd_g0_u0%26adpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D1%26fluid%3D0%26vacant_variation%3Dcontrol_bp_0%26vacant_RCA%3DC_0%26refreshcount%3D0%26refreshrate%3D30%26control_reporting%3Dchrome_DESKTOP_15_2%26cluster_reporting%3Dchrome_DESKTOP_15_1_active_2%26ap_refresh_type%3DAV_3%26fcEnabled%3D0&cust_params=da%3Dadx%26outbrain%3Dtrue%26ap_product%3Dadpushup%26pubmatic_eb_disable%3Dfalse%26ap_fp_engine_ran%3D1%26fp_engine_ran%3D1_3%26ap_fp_engine_type%3DhcFloors_HCAB%26ap_fp_engine_temp%3DhcFloors_HCAB_3%26faid%3Dfalse%26adro%3Dv8_c&adks=3374688892&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d10860a476cfe68be0f72d4167cc293d81ed990ac9cdae2d4b1d3217e48ff88e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 23:28:21 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11639
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
L2EvZ2FuLWRhLWp1ZS16aGFuLTItMGJhbi1iZW4teGlhbi1mZW5nLWNlLXNoaS16aGVuZy1zaGkta2FpLXFpLmh0bWw=.json
cdn.adpushup.com/42753/ 		555 B
235 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/42753/L2EvZ2FuLWRhLWp1ZS16aGFuLTItMGJhbi1iZW4teGlhbi1mZW5nLWNlLXNoaS16aGVuZy1zaGkta2FpLXFpLmh0bWw=.json
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
6d83b77c3d8c5c0ccc7078540a1fb0bd9fa43eeb82b89f83264d469aa100c088

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Sat, 16 Nov 2024 23:28:21 GMT
date
Fri, 17 Nov 2023 23:27:19 GMT
content-encoding
br
server
nginx/1.18.0
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
cache-control
max-age=31536000
x-client-device
desktop
x-client-geo
CH
480_650.mp4
cdn.vidverto.io/secured2/B2F_unTG1wMPI6PDUqtOfw:1700267299/1327/video/1812/ 		88 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.vidverto.io/secured2/B2F_unTG1wMPI6PDUqtOfw:1700267299/1327/video/1812/480_650.mp4
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/gan-da-jue-zhan-2-0ban-ben-xian-feng-ce-shi-zheng-shi-kai-qi.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
175.110.113.214 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
175-110-113-214.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash

Request headers

Referer
https://www.bg3.co/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

Date
Fri, 17 Nov 2023 23:28:21 GMT
Last-Modified
Thu, 02 Sep 2021 16:35:01 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"6130fd35-101b90c"
Content-Type
video/mp4
Access-Control-Allow-Origin
*
Content-Range
bytes 0-16890123/16890124
Connection
keep-alive
Content-Length
16890124
ppub_config
securepubads.g.doubleclick.net/pagead/ 		0
0
bridge3.605.0_en.html
imasdk.googleapis.com/js/core/ Frame 1CB9 		752 KB
241 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a2eacbd0a55e794d92e79a03b68c07f613a0ab710ffaffe5f1d12d67aac843a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
246818
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
246766
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Wed, 15 Nov 2023 02:54:42 GMT
expires
Thu, 14 Nov 2024 02:54:42 GMT
last-modified
Wed, 15 Nov 2023 02:49:47 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame A926 		40 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 22:55:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1970
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13893
x-xss-protection
0
last-modified
Wed, 09 Aug 2023 15:57:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Fri, 17 Nov 2023 23:55:30 GMT
setuid
px.ads.linkedin.com/ Frame B622
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LP393VEY-13-34K2
0
645 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LP393VEY-13-34K2
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/gan-da-jue-zhan-2-0ban-ben-xian-feng-ce-shi-zheng-shi-kai-qi.html
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 23:28:21 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: FFC32A39C7674A2591EB4C9F11FFFD96 Ref B: ZRHEDGE1214 Ref C: 2023-11-17T23:28:21Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYKYX3zEe7KS7sa2Yit/A==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LP393VEY-13-34K2
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
3bafef7aa4e37890defcd73f0a080481
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
rubicon
match.adsrvr.org/track/cmf/ Frame B622 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/rubicon
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/gan-da-jue-zhan-2-0ban-ben-xian-feng-ce-shi-zheng-shi-kai-qi.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 23:28:20 GMT
server
Kestrel
content-length
70
content-type
image/gif
ecm3
s.amazon-adsystem.com/ Frame B622
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=x8nzNW1qQ0OQLAR35Vsl-g&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=x8nzNW1qQ0OQLAR35Vsl-g
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=x8nzNW1qQ0OQLAR35Vsl-g
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/gan-da-jue-zhan-2-0ban-ben-xian-feng-ce-shi-zheng-shi-kai-qi.html
Protocol
HTTP/1.1
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 17 Nov 2023 23:28:21 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
R7W65JK2QZ16H6MZG8AG
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=x8nzNW1qQ0OQLAR35Vsl-g
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
28e1e7d28d06b07ec669bc9e43057b8e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame B622
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEA7N95yhSwVqFyy8Gb_uY9w&google_cver=1
42 B
691 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEA7N95yhSwVqFyy8Gb_uY9w&google_cver=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/gan-da-jue-zhan-2-0ban-ben-xian-feng-ce-shi-zheng-shi-kai-qi.html
Protocol
HTTP/1.1
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
28e1e7d28d06b07ec669bc9e43057b8e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Fri, 17 Nov 2023 23:28:21 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEA7N95yhSwVqFyy8Gb_uY9w&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ecm3
aax-eu.amazon-adsystem.com/s/ Frame B622
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=Bd2vmEiIRPGYqHkZbtQLEg&rk=usync-other
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=Bd2vmEiIRPGYqHkZbtQLEg
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=Bd2vmEiIRPGYqHkZbtQLEg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/gan-da-jue-zhan-2-0ban-ben-xian-feng-ce-shi-zheng-shi-kai-qi.html
Protocol
HTTP/1.1
Server
52.95.126.160 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 17 Nov 2023 23:28:21 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
PXHTY2YQWFWBYFTRXPB2
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=Bd2vmEiIRPGYqHkZbtQLEg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
28e1e7d28d06b07ec669bc9e43057b8e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame B622
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/DGKxtr0nr4ZePCDQ3U826sn5EUdSAgOZEtemQ7w0kco?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-QaYJ4zNE2oJEpJGNxamR.Rozl4KW60r5_UNliw--~A
42 B
691 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-QaYJ4zNE2oJEpJGNxamR.Rozl4KW60r5_UNliw--~A
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/gan-da-jue-zhan-2-0ban-ben-xian-feng-ce-shi-zheng-shi-kai-qi.html
Protocol
HTTP/1.1
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
28e1e7d28d06b07ec669bc9e43057b8e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Fri, 17 Nov 2023 23:28:21 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-QaYJ4zNE2oJEpJGNxamR.Rozl4KW60r5_UNliw--~A
content-length
0
pixel
cm.g.doubleclick.net/ Frame B622
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OTZmN2U0MTM3MjI0YjJlMzBlY2YzMjA2MTdjYTM3YzQ4MzM5ODBjYQ
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OTZmN2U0MTM3MjI0YjJlMzBlY2YzMjA2MTdjYTM3YzQ4MzM5ODBjYQ
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/gan-da-jue-zhan-2-0ban-ben-xian-feng-ce-shi-zheng-shi-kai-qi.html
Protocol
H2
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s10-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 23:28:21 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OTZmN2U0MTM3MjI0YjJlMzBlY2YzMjA2MTdjYTM3YzQ4MzM5ODBjYQ
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
e06182bf224d96e6550f4595601cdb0b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame B622
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TFAzOTNWRVktMTMtMzRLMg==
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEIgwm2P1dze4FsPDnYMWknY&google_cver=1
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFAzOTNWRVktMTMtMzRLMg==&google_push=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFAzOTNWRVktMTMtMzRLMg==&google_push=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/gan-da-jue-zhan-2-0ban-ben-xian-feng-ce-shi-zheng-shi-kai-qi.html
Protocol
H3
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s10-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 23:28:21 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFAzOTNWRVktMTMtMzRLMg==&google_push=
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
28e1e7d28d06b07ec669bc9e43057b8e
Expires
0
ecm3
s.amazon-adsystem.com/ Frame B622
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=a9us
  • https://s.amazon-adsystem.com/ecm3?id=LP393VEY-13-34K2&ex=d-rubiconproject.com&status=ok
43 B
720 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=LP393VEY-13-34K2&ex=d-rubiconproject.com&status=ok
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/gan-da-jue-zhan-2-0ban-ben-xian-feng-ce-shi-zheng-shi-kai-qi.html
Protocol
HTTP/1.1
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 17 Nov 2023 23:28:21 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
AP2ABTF4CQ5YXJPHDZHX
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://s.amazon-adsystem.com/ecm3?id=LP393VEY-13-34K2&ex=d-rubiconproject.com&status=ok
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
28e1e7d28d06b07ec669bc9e43057b8e
Expires
0
tap.php
pixel.rubiconproject.com/ Frame B622
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&_bee_ppp=1
  • https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AADJOU7Kr-4AABUq5wrxPg&expires=30
42 B
691 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AADJOU7Kr-4AABUq5wrxPg&expires=30
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/gan-da-jue-zhan-2-0ban-ben-xian-feng-ce-shi-zheng-shi-kai-qi.html
Protocol
HTTP/1.1
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
28e1e7d28d06b07ec669bc9e43057b8e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AADJOU7Kr-4AABUq5wrxPg&expires=30
Date
Fri, 17 Nov 2023 23:28:21 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
pixel
capi.connatix.com/us/ Frame B622
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=19564
  • https://capi.connatix.com/us/pixel?puid=LP393VEY-13-34K2&pId=11&gdpr=&gdpr_consent=&us_privacy=
  • https://capi.connatix.com/us/pixel?puid=LP393VEY-13-34K2&pId=11&gdpr=&gdpr_consent=&us_privacy=&final=true
82 B
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://capi.connatix.com/us/pixel?puid=LP393VEY-13-34K2&pId=11&gdpr=&gdpr_consent=&us_privacy=&final=true
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/gan-da-jue-zhan-2-0ban-ben-xian-feng-ce-shi-zheng-shi-kai-qi.html
Protocol
H2
Server
104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 23:28:21 GMT
cf-cache-status
DYNAMIC
server
cloudflare
surrogate-control
no-cache, no-store, must-revalidate, max-age=0
vary
Accept-Encoding
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, max-age=0
cf-ray
827bbfe69ea271cb-FRA
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Fri, 17 Nov 2023 23:28:21 GMT
cf-cache-status
DYNAMIC
server
cloudflare
location
https://capi.connatix.com/us/pixel?puid=LP393VEY-13-34K2&pId=11&gdpr=&gdpr_consent=&us_privacy=&final=true
cache-control
no-cache, no-store, must-revalidate, max-age=0
cf-ray
827bbfe61e4571cb-FRA
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
content-length
0
alt-svc
h3=":443"; ma=86400
liveCS.php
live.primis.tech/live/ Frame B622
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=primis
  • https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LP393VEY-13-34K2
0
525 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LP393VEY-13-34K2
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/gan-da-jue-zhan-2-0ban-ben-xian-feng-ce-shi-zheng-shi-kai-qi.html
Protocol
H2
Server
2600:9000:2251:9a00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 23:28:21 GMT
content-encoding
gzip
via
1.1 79272ab9b399ee696b329d4f677dca48.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA60-P3
age
0
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/html; charset=utf-8
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
TdKasaAdmoBI7DYENpAQsQKltqFw5Zvz96arsBryXWGUUL1PphwhRA==

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LP393VEY-13-34K2
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
Expires
0
v1
match.sharethrough.com/sync/ Frame B622
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=18694
  • https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LP393VEY-13-34K2
0
35 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LP393VEY-13-34K2
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/gan-da-jue-zhan-2-0ban-ben-xian-feng-ce-shi-zheng-shi-kai-qi.html
Protocol
H2
Server
52.59.59.191 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-59-59-191.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 23:28:21 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LP393VEY-13-34K2
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
Expires
0
check
pixel.tapad.com/idsync/ex/receive/ Frame B622
Redirect Chain
  • https://token.rubiconproject.com/token?pid=37556&a=1
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LP393VEY-13-34K2
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3355&partner_device_id=LP393VEY-13-34K2
95 B
436 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3355&partner_device_id=LP393VEY-13-34K2
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/gan-da-jue-zhan-2-0ban-ben-xian-feng-ce-shi-zheng-shi-kai-qi.html
Protocol
H2
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 23:28:21 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

date
Fri, 17 Nov 2023 23:28:21 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin
*
location
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3355&partner_device_id=LP393VEY-13-34K2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
cksync
hb.yahoo.net/ Frame B622
Redirect Chain
  • https://token.rubiconproject.com/token?pid=26594
  • https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LP393VEY-13-34K2&redir=true
  • https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=58160&ovsid=LP393VEY-13-34K2&redir=true
  • https://hb.yahoo.net/cksync?cs=63&axid_e=eS1iWi5JNTRCRTJ1SHhqNzNUMVV5cldFMUE4ZmJVYjJIQ35B&ovsid=LP393VEY-13-34K2&dpid=58160
52 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hb.yahoo.net/cksync?cs=63&axid_e=eS1iWi5JNTRCRTJ1SHhqNzNUMVV5cldFMUE4ZmJVYjJIQ35B&ovsid=LP393VEY-13-34K2&dpid=58160
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/gan-da-jue-zhan-2-0ban-ben-xian-feng-ce-shi-zheng-shi-kai-qi.html
Protocol
H2
Server
2.21.20.146 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-21-20-146.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
5f20338b9aab2f5f33562eb3b0b23d999896ce426cacd2231b4123510571df4e
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains, max-age=604800

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=86400 ; includeSubDomains, max-age=604800
date
Fri, 17 Nov 2023 23:28:21 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
52
x-mnet-hl2
E
expires
Fri, 17 Nov 2023 23:28:21 GMT

Redirect headers

location
https://hb.yahoo.net/cksync?cs=63&axid_e=eS1iWi5JNTRCRTJ1SHhqNzNUMVV5cldFMUE4ZmJVYjJIQ35B&ovsid=LP393VEY-13-34K2&dpid=58160
date
Fri, 17 Nov 2023 23:28:21 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
setuid
ib.adnxs.com/prebid/ Frame B622
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-apn
  • https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LP393VEY-13-34K2
43 B
944 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LP393VEY-13-34K2
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/gan-da-jue-zhan-2-0ban-ben-xian-feng-ce-shi-zheng-shi-kai-qi.html
Protocol
H2
Server
185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 23:28:21 GMT
an-x-request-uuid
5c3de742-98ca-453f-baa3-136bdc1b5d66
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
195.206.105.131; 195.206.105.131; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LP393VEY-13-34K2
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
28e1e7d28d06b07ec669bc9e43057b8e
Expires
0
container.html
e69be1acc319b7940667230e1b27285a.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame AA7E 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://e69be1acc319b7940667230e1b27285a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 17 Nov 2023 23:28:18 GMT
expires
Sat, 16 Nov 2024 23:28:18 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
2Gwk2r4Ar4zIw%2BxUlL34F4IfrfoJUM5S5RzQr6AHqgd8hOU00LT8CQa0egOzENAWEw51DSV%2B4uRl7vIgxQ1coog55pOA6VXqNALxtCfI%2BUe8JxDKHuMMiqxKdyaTDKDE4bMoe9yaxkdhw9VG4sPhil%2FCws%2BvDz28gPBfcokDYXdVYAFMdjeyGVT%2BU...
ad.vidverto.io/delivery/video/pod/ Frame 2344 		53 KB
21 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/delivery/video/pod/2Gwk2r4Ar4zIw%2BxUlL34F4IfrfoJUM5S5RzQr6AHqgd8hOU00LT8CQa0egOzENAWEw51DSV%2B4uRl7vIgxQ1coog55pOA6VXqNALxtCfI%2BUe8JxDKHuMMiqxKdyaTDKDE4bMoe9yaxkdhw9VG4sPhil%2FCws%2BvDz28gPBfcokDYXdVYAFMdjeyGVT%2BUcCqkQJSiwHcFx99ZKAiIbTeLU06cLK%2BV3%2BOOAr5J2RbSosF0rH7AHrrbEF1DqF%2B4juplKZezidG1HUQSuJldaDQG0GkbCdAkVV4dYQbswtYcOKax8JUxgF%2BbYI9F3g2O22kyhXFiNWli7iVH%2FbBg3mCYistcr11g2Qnw%2Fi9SN0N%2B6BkGLG04WHnavoo9TgilgOeEPl8WWTn5ZR%2F%2F3Lcgjp5eNsjfOokfB9Bda%2FaIpQxQhLAllo9WDbCiiN%2BLqvQACwb7Dpn%2BTBv14FbSYqywfzsu26Ycbs%2FI1V1QEmxwvzmhJbmKZ3oAGcHVW2tqS5Kaf2cxFRgoh22NvEgiejRf8BCc4%2BEBE4AhL7jb6G0gHzll4j3wLs1Xaw%2BFVNyd6CWoQrTqwQIT3NvEGrcElS0Xgc9xCsKXUl2KqbkdE%2FAm6hypKhodAlC6OyXn2728za3ZMHgvNTnF72WFwYKE9dtO1VW1dAs8xfbb07ZLNuo%2BDSTxtkn9z2zpnTET7vrhSkeaLPDfZbO%2BU7cVSlY9Srybe%2F86FPIRVV1aT2X72MuzxRxR%2BDWrgkaVdgOjhWJU9dOWwoS56qbMnb%2FaJfEZpT1dTEuahU0eE96ZjltKWR2syinQ5gyzJpj7i4nhp%2BwoAmPDmHiBQPgCQtsVsXrTMkfIgsj%2BYggkw%3D%3D?bids=%7B%7D
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.180.223.221 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-180-223-221.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
74335cb189c20907c1aed27f6210eaf255ac150e234cb3a547f12d49922a0a81

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://imasdk.googleapis.com
date
Fri, 17 Nov 2023 23:28:21 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/xml;charset=UTF-8
480_650.mp4
cdn.vidverto.io/secured2/B2F_unTG1wMPI6PDUqtOfw:1700267299/1327/video/1812/ 		238 KB
239 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.vidverto.io/secured2/B2F_unTG1wMPI6PDUqtOfw:1700267299/1327/video/1812/480_650.mp4
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/gan-da-jue-zhan-2-0ban-ben-xian-feng-ce-shi-zheng-shi-kai-qi.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
175.110.113.214 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
175-110-113-214.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
912a5d971a91fa00887fd85e3ef500b031f2f89c93ab9668c5e66d6cdf5a3f3d

Request headers

Referer
https://www.bg3.co/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=16646144-

Response headers

Date
Fri, 17 Nov 2023 23:28:21 GMT
Last-Modified
Thu, 02 Sep 2021 16:35:01 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"6130fd35-101b90c"
Content-Type
video/mp4
Access-Control-Allow-Origin
*
Content-Range
bytes 16646144-16890123/16890124
Connection
keep-alive
Content-Length
243980
ppub_config
securepubads.g.doubleclick.net/pagead/ 		305 B
221 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=https%3A%2F%2Fwww.bg3.co%2Fa%2Fgan-da-jue-zhan-2-0ban-ben-xian-feng-ce-shi-zheng-shi-kai-qi.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e2504adf4a61804f414bb67079b74595eb0beaf474c7149dac76a9a3b060b6b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 23:28:21 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
196
x-xss-protection
0
expires
Fri, 17 Nov 2023 23:28:21 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame EAF4 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
3548
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 17 Nov 2023 22:29:13 GMT
expires
Sat, 16 Nov 2024 22:29:13 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame DE9E 		829 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
dbf5bd3fcea97b51e516a53ffbb0c87a71692b14d6871e6ec2acefbe73a06028
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-5l6XqIRScCzKF-R9n3Sipw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-5l6XqIRScCzKF-R9n3Sipw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 17 Nov 2023 23:28:21 GMT
expires
Fri, 17 Nov 2023 23:28:21 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
pixel
googleads.g.doubleclick.net/xbbe/ Frame 491E 		478 B
195 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxiXyYjGATAB&v=APEucNWV0Pbo_K31BUCPtOM26L15-sMCBxS8hnhhmWhST8-cvnb0VKSJDiUtdxJniY9rq1ragpkXd0UI11aqq6XnFMn_kfdNSA
Requested by
Host: e69be1acc319b7940667230e1b27285a.safeframe.googlesyndication.com
URL: https://e69be1acc319b7940667230e1b27285a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0414d0221112224b4c926de91a6e316f9d9aba685aa8b05fd0654848d8fcdf55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://e69be1acc319b7940667230e1b27285a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
175
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 17 Nov 2023 23:28:21 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame AA7E 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: e69be1acc319b7940667230e1b27285a.safeframe.googlesyndication.com
URL: https://e69be1acc319b7940667230e1b27285a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://e69be1acc319b7940667230e1b27285a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 23:28:21 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31485
x-xss-protection
0
server
cafe
etag
7119415641918660631
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Fri, 17 Nov 2023 23:28:21 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame AA7E 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-B9BqZ1sG7vFn97NnKMggsc6DrX30aGW5_dHBkGN1jpDUgpQE3ze-dg28gCGhLxtFCYY_xhiXt6HahzSTfS0_CytLtTvdddRWSdQm63zTeXAFRdplQ
Requested by
Host: e69be1acc319b7940667230e1b27285a.safeframe.googlesyndication.com
URL: https://e69be1acc319b7940667230e1b27285a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://e69be1acc319b7940667230e1b27285a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 23:28:21 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame AA7E 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=4499885098868246665&x=1&ct=77
Requested by
Host: e69be1acc319b7940667230e1b27285a.safeframe.googlesyndication.com
URL: https://e69be1acc319b7940667230e1b27285a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://e69be1acc319b7940667230e1b27285a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 23:28:21 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame AA7E 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js
Requested by
Host: e69be1acc319b7940667230e1b27285a.safeframe.googlesyndication.com
URL: https://e69be1acc319b7940667230e1b27285a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://e69be1acc319b7940667230e1b27285a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 11:00:57 GMT
content-encoding
br
x-content-type-options
nosniff
age
44844
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 01 Dec 2023 11:00:57 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame AA7E 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: e69be1acc319b7940667230e1b27285a.safeframe.googlesyndication.com
URL: https://e69be1acc319b7940667230e1b27285a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://e69be1acc319b7940667230e1b27285a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 23:16:57 GMT
content-encoding
br
x-content-type-options
nosniff
age
684
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8541
x-xss-protection
0
server
cafe
etag
737174102934380276
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 01 Dec 2023 23:16:57 GMT
l
www.google.com/ads/measurement/ Frame AA7E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQdY9Zku0cWhFsVZZWOMwYY2G3LBdS3pFCTQuohQ-pn2W9DV07PC7LmK9EoVyxNw1TAY9DYNItRVLXyPzDD_WU55El3dg
Requested by
Host: e69be1acc319b7940667230e1b27285a.safeframe.googlesyndication.com
URL: https://e69be1acc319b7940667230e1b27285a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://e69be1acc319b7940667230e1b27285a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame AA7E 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: e69be1acc319b7940667230e1b27285a.safeframe.googlesyndication.com
URL: https://e69be1acc319b7940667230e1b27285a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://e69be1acc319b7940667230e1b27285a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 23:28:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65070
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1700193896630564"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 17 Nov 2023 23:28:21 GMT
content_v3.js
vidstat.taboola.com/ 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/content_v3.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/33_5_8/infra/cmTagFEED_MANAGER.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
12af7975664854ca36da674714083fa05297940fce71e42dabf688e2eb19a0f1

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 23:28:21 GMT
via
1.1 857b0dca772798c338c78a1be69c955c.cloudfront.net (CloudFront), 1.1 varnish
content-encoding
gzip
x-amz-cf-pop
FRA60-P1
age
1467084
x-cache
Hit from cloudfront, HIT
content-length
4839
x-served-by
cache-fra-eddf8230122-FRA
last-modified
Wed, 20 Jul 2022 13:23:50 GMT
server
AmazonS3
x-timer
S1700263701.220710,VS0,VE0
etag
"f7533e747bb02a8eb527ada4f2749620"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
WPQDSHjI0-yBKHiRyp0A6R83yvp_1Crbueri-3T9dZgaMPkT7wTTlA==
x-cache-hits
46339
OvaMediaPlayer.js
vidstat.taboola.com/vpaid/vPlayer/player/v15.7.3/ 		427 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/vPlayer/player/v15.7.3/OvaMediaPlayer.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/33_5_8/infra/cmTagFEED_MANAGER.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
f173ffc3d40264f06e43fcda7beece82038701518b76317b5a3e94ccb6f1a19d

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-meta-mtime
1700123877
date
Fri, 17 Nov 2023 23:28:21 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
TM6A5JR15KMRX4A9
age
139784
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-meta-ctime
1700123890
x-amz-meta-mode
33188
content-length
81612
x-amz-id-2
WWxa5Yx6lYIC1hyCK1wBgSijKv3fJvw5DqBFGdy/3sBBnytkWsmbSBGlIc9sKVFHPXnxfssdpCw=
x-served-by
cache-fra-eddf8230122-FRA
last-modified
Thu, 16 Nov 2023 08:38:11 GMT
server
AmazonS3-br
x-timer
S1700263701.225735,VS0,VE0
etag
"3d881848170c7ab7d2916771d7b9012f"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
206857
sync
am-match.taboola.com/ Frame 45DC 		439 B
533 B 		Document
General
Check archive.org
Download Go to
Full URL
https://am-match.taboola.com/sync?dast=V8vJwCLAbUW0BpuoeoshOot4DSdA9RZS8AAABgYID-AEnObL6RYWNxi3YL31q0mM3WwplnspaZJiPPaLAbLWabISDBlW1hMbmGa5VptVmLBpvBWjlYWNyqjc23nM0cw9lgMwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZWaDodPte9Xvf73SU-z1zj9yv8OofdLXK4pa6XW3p02N2StWDisLslLrtb-HTY3TKX3efWuNyao9MtPbrsPrfm6HRrHU634mkXmt5mOwAAAAB4AJAW-wjhBxAAIAIAAACABAAAAAAKARX-LQhcAAAAAMAAsHC7qgHgmUMDOwxil8fosrxMp5c_AAA8FIAAABDAIAGAgH5YAiDGeO8EAAAAAAAAAACL_____xgD-JV9MggG1mt6ADz4AHggUiBahBEAAACAYee0wSOTdIKKRRUAAIJ0KwBXAAACFr87R07CAAAACIxZoIfF7zc77Bq_22UAAAAAAAAAAMz8n_lHI5TjSpEGaLzwQ80vIADAml9AAAA26gYA4I0AnKBD0IrBYHUCYnYAAAAA7vz____rAbGVbeYabUa-1Wi3m61cE49j5bHZVpPVaDkaOSfbg18qIW6DoS7cZ0NYZr_voKCcnh6zyyBjuUwG8UHDsJwMgvmZsMVoNZlslsPZcjEZDEfD0Wh_BHA5QBMxWC4nk8VktxqtRpvhbjQbLJBADCaIokWDyWo0miwmw9VospotF7vdBlG0ajUbbQbD1Wwy2-1Ww8FwORqhCVuMVpPJZjmcLReTwXA0HI2GCKZmM9dsNdqsZb7RZi2a2WxriXEyWissvt1iuXC5LMvhWvT6mD6uxW7jnGyRYADXXgQX6UTwMLsdppdb4vNs_BaxRHOySCeyy762ss1co83ItxrtdrOVa-JxrDw222qyGi1HI-dk35rNXLPVaLOW-UabtWhms60lxslorbD4dovlwuWyLIdr0etj-rgWu41zsm_sBoPJbDNbDveN3WAwmW1my-G-Q2f4rj5no7Ksknx8foc5aD7XnAaFy2DxvtSn87BgLKjPnqPTpp1eCzqj3-_3-_1-v9_v9xu0noPZoPA9D3_h9LE8l8PZ6EFsMChiieB0kU5EL-PpIpZInhbpRDRcWBaL0cI5WdicC9tmORzNRg6PyeYaDQeblWsilihNF-lEr_DrHHa3yOGWul5u6dFhd0vWgonD7pa47G7h02F3y1x2n1vjcmuOTrf06LL73Jqj0611ON2Kp11oepst6j96iOVqLhnM5orBaq7YLFYJAAAAAAAAAMASTDPdBAAAAMDJoIab4WK1XAAXQVm6gE0AAAAAAACKNfZYAzzMbofp5Zb4PBu_lQFIMOcx28wzglir1bIGAAAggA0AACCAm268CViJ5OwDwnrgQqkXfuRXEJvlZLN_ACrEWq2WzxdrtVoC_____wE!&excid=22&docw=0&cijs=1&nlb=true
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/33_5_8/infra/cmTagFEED_MANAGER.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
593470e06ee3cc3ff7eafa7771990b08d683d88ead09d99dd2575a9571228698

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

content-type
text/html;charset=ISO-8859-1
date
Fri, 17 Nov 2023 23:28:21 GMT
machineid
3402
server
nginx
st
am-vid-events.taboola.com/ 		0
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=16&cisd=convusmp&cipid=66622845&crid=6926735&dast=V8vJwCLAbUW0BpuoeoshOot4DSdA9RZS8AAABgYID-AEnObL6RYWNxi3YL31q0mM3WwplnspaZJiPPaLAbLWabISDBlW1hMbmGa5VptVmLBpvBWjlYWNyqjc23nM0cw9lgMwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZWaDodPte9Xvf73SU-z1zj9yv8OofdLXK4pa6XW3p02N2StWDisLslLrtb-HTY3TKX3efWuNyao9MtPbrsPrfm6HRrHU634mkXmt5mOwAAAAB4AJAW-wjhBxAAIAIAAACABAAAAAAKARX-LQhcAAAAAMAAsHC7qgHgmUMDOwxil8fosrxMp5c_AAA8FIAAABDAIAGAgH5YAiDGeO8EAAAAAAAAAACL_____xgD-JV9MggG1mt6ADz4AHggUiBahBEAAACAYee0wSOTdIKKRRUAAIJ0KwBXAAACFr87R07CAAAACIxZoIfF7zc77Bq_22UAAAAAAAAAAMz8n_lHI5TjSpEGaLzwQ80vIADAml9AAAA26gYA4I0AnKBD0IrBYHUCYnYAAAAA7vz____rAbGVbeYabUa-1Wi3m61cE49j5bHZVpPVaDkaOSfbg18qIW6DoS7cZ0NYZr_voKCcnh6zyyBjuUwG8UHDsJwMgvmZsMVoNZlslsPZcjEZDEfD0Wh_BHA5QBMxWC4nk8VktxqtRpvhbjQbLJBADCaIokWDyWo0miwmw9VospotF7vdBlG0ajUbbQbD1Wwy2-1Ww8FwORqhCVuMVpPJZjmcLReTwXA0HI2GCKZmM9dsNdqsZb7RZi2a2WxriXEyWissvt1iuXC5LMvhWvT6mD6uxW7jnGyRYADXXgQX6UTwMLsdppdb4vNs_BaxRHOySCeyy762ss1co83ItxrtdrOVa-JxrDw222qyGi1HI-dk35rNXLPVaLOW-UabtWhms60lxslorbD4dovlwuWyLIdr0etj-rgWu41zsm_sBoPJbDNbDveN3WAwmW1my-G-Q2f4rj5no7Ksknx8foc5aD7XnAaFy2DxvtSn87BgLKjPnqPTpp1eCzqj3-_3-_1-v9_v9xu0noPZoPA9D3_h9LE8l8PZ6EFsMChiieB0kU5EL-PpIpZInhbpRDRcWBaL0cI5WdicC9tmORzNRg6PyeYaDQeblWsilihNF-lEr_DrHHa3yOGWul5u6dFhd0vWgonD7pa47G7h02F3y1x2n1vjcmuOTrf06LL73Jqj0611ON2Kp11oepst6j96iOVqLhnM5orBaq7YLFYJAAAAAAAAAMASTDPdBAAAAMDJoIab4WK1XAAXQVm6gE0AAAAAAACKNfZYAzzMbofp5Zb4PBu_lQFIMOcx28wzglir1bIGAAAggA0AACCAm268CViJ5OwDwnrgQqkXfuRXEJvlZLN_ACrEWq2WzxdrtVoC_____wE!&cmcv=&pix=31579697&cb=1700263701187&uv=3358&tms=1700263701187&su=3&abt=adxsub-out_vA!adxsub-out_vB!ufm_vG&ft=0&unm=FEED_MANAGER&su=3&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/gan-da-jue-zhan-2-0ban-ben-xian-feng-ce-shi-zheng-shi-kai-qi.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 23:28:21 GMT
content-length
0
server
nginx
csi
csi.gstatic.com/ Frame 2344 		0
234 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~lp393vo8&c=4811963659438&slotId=2405981829719&eee=missing-element&bi=missing-id&vast_v=3.0&lima_p_ich=0&lima_p_icu=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2800:3f0:4001:82a::2003 São Paulo, Brazil, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 23:28:21 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
blackScreen5.mp4
vidstatb.taboola.com/vid/ 		89 KB
89 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://vidstatb.taboola.com/vid/blackScreen5.mp4
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/gan-da-jue-zhan-2-0ban-ben-xian-feng-ce-shi-zheng-shi-kai-qi.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0407dafc112212a135d1aa4dd9b40ba0208c6bb6b1959f5535af093254189d66

Request headers

Referer
https://www.bg3.co/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

x-amz-meta-mtime
1497790207
date
Fri, 17 Nov 2023 23:28:21 GMT
via
1.1 795296520f6c881b9bc43c02feb87e9a.cloudfront.net (CloudFront), 1.1 varnish
x-amz-cf-pop
WAW51-P3
age
1054793
x-cache
Hit from cloudfront, HIT
Content-Range
bytes 0-90783/90784
x-amz-meta-mode
33188
Content-Length
90784
x-served-by
cache-fra-eddf8230122-FRA
last-modified
Sun, 02 Jul 2017 20:40:57 GMT
server
AmazonS3
x-timer
S1700263701.333449,VS0,VE0
etag
"b2b087fe4ae638c533731c347fcd4df8"
x-amz-meta-uid
0
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
video/mp4
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
xtvdtXdg65Tse6z_ZJhus8xqGCETujMuNl_HaJqQ-1vnBjJJMisxCQ==
x-cache-hits
49879
pixel
cm.g.doubleclick.net/ Frame 491E 		170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_dbm
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxiXyYjGATAB&v=APEucNWV0Pbo_K31BUCPtOM26L15-sMCBxS8hnhhmWhST8-cvnb0VKSJDiUtdxJniY9rq1ragpkXd0UI11aqq6XnFMn_kfdNSA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s10-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 23:28:21 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 491E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB9bpfmFYqDWv5O2nIpE6Js&google_cver=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB9bpfmFYqDWv5O2nIpE6Js&google_cver=1&C=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB9bpfmFYqDWv5O2nIpE6Js&google_cver=1&C=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxiXyYjGATAB&v=APEucNWV0Pbo_K31BUCPtOM26L15-sMCBxS8hnhhmWhST8-cvnb0VKSJDiUtdxJniY9rq1ragpkXd0UI11aqq6XnFMn_kfdNSA
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 23:28:21 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HmRZoJW09hYDL873BxViYu6W3V9bSM9jD7iEQUIhPeURrP%2F7avlrHphQStowrrm4vwBuaGdx8T0y3jvFleyaEoSaVNyOF2Rng1bKv2Y1vJQQED6BxW2UG77MaSXzhW06aEtRqMUhidYujQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
827bbfe61e985b8c-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 17 Nov 2023 23:28:21 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nOIwo1sLoNYS1n0zJExvLzIe5ZfD3cmJyY8iSC7AH4Y8HJMQUH1J7gG2NG72miu4Xj7TPPFZLr6HaGA4pdTDYUWRkgVBJOT433wUEoR2GCPmdS1hr%2BxHYmz4rXIa%2F%2FNcNXwQL%2FcdRIwkFQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
/rum?cm_dsp_id=45&external_user_id=CAESEB9bpfmFYqDWv5O2nIpE6Js&google_cver=1&C=1
cache-control
no-cache
cf-ray
827bbfe5bc021d9a-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
rum
dsum-sec.casalemedia.com/ Frame 491E
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZVf3FXv2.3cGhZO-l-xfEwAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB9bpfmFYqDWv5O2nIpE6Js&google_cver=1&google_hm=2
43 B
734 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB9bpfmFYqDWv5O2nIpE6Js&google_cver=1&google_hm=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxiXyYjGATAB&v=APEucNWV0Pbo_K31BUCPtOM26L15-sMCBxS8hnhhmWhST8-cvnb0VKSJDiUtdxJniY9rq1ragpkXd0UI11aqq6XnFMn_kfdNSA
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 23:28:21 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cYsYpwg21XtSQswtZyc29f5OxOfudqGZLsZ2jV7OgT6QBjpqDXkwsb8f7i%2FVlKjD%2By84aevNzexJJ0LjqrdqzmlbM8QgM0zr%2FEnDaIrrDro30FYuMPIILI5w9N%2F9vmAvj2rBU3FBpZDp2w%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
827bbfe6aecc5b8c-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 17 Nov 2023 23:28:21 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB9bpfmFYqDWv5O2nIpE6Js&google_cver=1&google_hm=2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame AA7E 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=7805821863162&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://e69be1acc319b7940667230e1b27285a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 23:28:21 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame AA7E 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=7805821863162&version=m202309260101&ct=77&x=1&cor=4499885098868246500
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://e69be1acc319b7940667230e1b27285a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 23:28:21 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame AA7E 		21 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DMnTf5amq2ioj_X1MzPDBY8wdGhf90pE6_vgfZTZE6rGQe1A9neW2ykVPazkydIem0Qi5gENw2DRyV6H1gu_7quuIRxNUuqsLiu-e_Jxr0dIsgYn4UZ5B505npgo0FSZJkjSSzTA1R5plFqDG_fZQyoEkHTeTcwfh8dGrhodx5S5L3pcg&cry=1&dbm_d=AKAmf-DepntxUWziDs8IZN_JHL8mJe14dW84QiJC3bh7VQFB1RMk66A3tKoQT5iUJjKFaowxVJorVXaqOBgF7-Ly_jZyZTRSSWVAt6gBIbM5Tg_8g8VDR6OEBc2mhuMD05p6ZqeFvxOmvHERH_LZqDkuw_CvNWeEqtoTexWIg75juebUxFcZepHqDHFcREjA5CFsNV7tEKyoMOsvPIjNuowOGihwG6TxNg11EOrtGAAgZtDXbn1bEefPcohC2Y4F-6iP44i3xzKyiYbxr1hX7ZHnWHt6oYv9cXCTfMDAyutT_5PHvuhLbBBksCZZlnrURTLF1nW7UPgGADyyB4SQO2RyacBV920FgUEDHxSIC1jZ47R__79wK9UqE45cmkbUAZp197DzYWZuyZ19ApeYlYDt9rpLFqt8h97errYtaB4mWtO9e_fGrW8rjLuDFHRAxY1fN4HXckZGxAL_82aGaaZ1W1cv2BQRczTeV_UyUNqx1WtdQ7zfHviQTKckBUzO9FxMuC3zn_EZWgqFrow1VxvLFQFEWezlhdkrNr9Ex79-omdIzL7xfyaIAOPP14KeZXF-TG5f_q9MRyZtq_nYH0gD2yfIMlUloqvy2vvbKLyCHhPAz_NQtsqIZ6Y08g6wCdqDw4M6VgH6pUxZN-PGiB07Bpg6wJi0rd-uO3FUoJTXFYASHszRVtdtF_ohIL9mU54H3Ew9QlGHqn6lnly5vA10ZcHbmstkYlOOXukG7Qyf0_pg43DmTccA7ODLViNhz-kDhPC-9tL806LwTw_01F02UJC7ujx3MYoqFg0NK9WpPQr9LZfkWUBwsccaY_iF5449yyWdnHFEtDNRz8sUbZM6JHkJpily9s2QZttwBDQiXeZJNmmecsC7DlYj0hFFe6ea9NFZA9Q5Txge2ad8dOTFwSgGX5inhwd2my6E1h5olKf7kk8tNFRF-GDKM3E0Vag75VLBggzu7U3GfgMPh42DAq72hHv-YGdJ17IXkumbvlLOxDSIUuIoCcfaNKLkE_-vI_cBoibv8l9o6pl15vJ6oNf7GwTBCaRVyR4SN0lbFyM15cdw9yl6G92vxuggM2momVjAk3DaV8vDol1wmxnNUKJzuZh8XOM9qzSyeD48KtdAWSEUD-P926NFp3qZ41s7lLEHxpg1CJYEpF5bHbo8MdO4W-Wyh-kCEoHFuyA4w0-laPlVREYfGjMo5G5qH0aDXZNtJxfVTfmn2okt4up5q0XMbbdrmxv68i4TDlD-gPZoHkO8MdrnueZtleYhYkGRLl_OfydHaiBDeSydzTeMCYm-YF79sBK8Cgx1sisG476dME6e1m8Iy-D_2bhRkbWy24UkWyR5MpbLe0E3f_0ofvcIvJ-_BEKwYOsOs_XitqMIYnukacZ5LpuUdCE8C1alA4ppF7WerS3meJ4xJBMBGLxCi_7y5r_XDwxiho5Wm5wr_RWaklOMM9gKCv5R8UUj_xjyECGIe_QxbmLWLFccBAdj0xznZCfFZypYfc-5fyK4NKDVfDn_7DHQShH49A0f5lrXHMglr9uflw7OiJKn3hNmu5zd7GAO_EUGRjD2V1KOra7SpFVT1Avd2fIT_EMYz5gvV34z_ZkH9cyTWfyLe4KZWrc7fASY2D9D0XLa-1fRGVGLDnn9q2DlLU5quuiCgv-stpkZGUhj4XSpWrdAyNiECKb15B4rlnVJkicxT90mA6Y2bIHpJpT1VXn8dKRlGBW6JrdtWQX_iRWgI-E33kggeGWWm8T88RaTiVJq_5oayTs9-BByUoYSDWkISisTk2Zlwg5st6ntY13R777LMYZUG-ryP5cqVcrKVWzx-NsjvFFDLOpZqJE4f8KwP4GKu3cRymADZ-3t64t8tinkSF0WYi-CK7QNWVXm1ijJpT8yrY94LCLsC-OhjzIkyJVsN_sfWoF-fi5E403smJXJaeAhwdXjfJ2zxKJSJjoKvBdMlu0DMQmnQMgFciVOC3YuOp42_ddNDRyHcF4LJ4uwxsuPMo02njpSecGaJhCL5oIUZyw6nnYkNiSGRQ-ecyx1oonk9aGVkrD08SN2WXHkFgd1iwaCA88mNIGwEat0Fi59sBR7VAj-F34toenY17HI01SO20PgvMMw8Ld5hR-mUIOcMy5qnjPNUmND9bdBNCdxqbk2INJD1JsFjw1pxwMRmkg8Bw4Xg77FiBfjUJ8mOTPJqEAIimMofPQNPZ0AHA_EYkRw7WQr1vPjuzy2eoAaMjsJ7cFiQE8-Ml-LaaJ8irEptpdeCwN3yWD3CS3jf8C4Eq7z8YD5UIVfOKJQhntk98tEjYq8UiFyW4dMGK_vQlor-tAMVwWr_gQjwCU9xuMVlh_owZxZKeFlI7TNg_t0zcW0YdyfA_Y2B6YgotTTz82N7qwwHCT52inK0Jb44vxXG5Gc48w8dZP4xhU9FJ_KPalzAoXy5YjwPnYsZ_8F2sHF_UeSPk43cpyypavYxG0Tw0xQwLYNLS31XEW2x68L6R5BV3UiFLMhX8qY3mFerX8Y1lIR1J_a4GfHzANAy1Jph5W0EtwB9xrTh3ZLHkjxYUb7Zwn1owMS1qcnZruyFENLkuaPbaW3zCiYXLAoTbDVMRROWpmKpS2SyQ7LuxYUPuB4b1k3EG-jaSM2n6LUWAR_53fEuGMd9AOC2wUbR71vvsatSBxUCuhvo0g3RMDhP33rYvHQhDiWMLjkumDC_0kLlT9kFpFWjgPKhI48BZw-lhgiDTW8iJe4C3rX1tjAeofaGZARQoKnyFFN58AfFGHwfH8MHJZjUSN8wASk5nFSo_Ol1l-rsshlm89DT8pwwvg9l6iYgyo5Kf5oATGZ4SdvPSGmVevXtm3cUBR2p482E0GhaD-jVAAxvXAGsI0gW20vVArX1qC72VRUjTAkKGBdxyvEKthrYkkLp2rPiS_iu8wYoIJZl_zNVd5WKfNhOABz7tWzWFyTDD1VTNi2h-QrANo4bQuhHbjLdsmvZ0d4XIfKCan4xk_gNu4wWvE_GHIUS6l9lsjlngA-W99Stm5JMolWM37IMVR6pr-_Z-Y9rkbQRXYHyRQbRnE9_4-XHa-mFsUSGGG3c74ijMvTfHUCFsfxmXCfoMgQcF-2LcGAsDaL8D1kY6hEL1knctCEJ9dYphcbKig3-rcsk13uA5xyste_taWfKApXANZKS7D45NkoCf_tle6i-ux6E4zpTbq9PCY9rxLmeJInzkCRunSpAaNxW5tNbteTXIlkJuFZ44DNkoS9JNWHS1Xie7dmAlpcRvrfr0V9qRKCCOHpQf4nSMqCQp0L7RrBOj30QM_45uk5sXerV3M5-j60LDwZ5sxAJIzkVsfkwndkI8S7t0UdDHQh13r9-zjXCr7ADpKY5F_K6X-B1fjZ24APEGxRGaJE_lkotk6WzoCi3O5jvNkEOf61H1rJCZUdak7xRsku1rO_Tsr2MIq0x-oDWiS6JZ8WUhu33fmOaAD-fXlqZE3paRH3w4T8o1QkdGEG-dgpRI8k_1_05_w4ZkaugEM7H9jrPIMxJCQ2LAUgVU3b-4E6K9ITbqVr5S0XsvNWk9ZGCTLmMqbsq_LpE9c5jxd2vsTnXXvNAFj4P8j77ld5-3AkW5N1NSsx7HmDMpVDOo7mzBfQRBbXBiPS2wNJIGRcREYdjrVRP0BBdLkK3tJGiuZY5v0wQPUQn3UjSL8wU9pc2IAa0gvBtLvz1pR38x1EXd_gJcL93XUryQgCXgAUgLRUl2zj3aoWgCnIHIEy73q983992w62qcXhVol1ei0DQv55oL9xwsloZ0HO463cOWGSssj04F1gXYOHjdZ--a0sy0ONLnIpfvyRUdtB9_4CiVyY7YT-RvjGLXgUdqUQrDuKC29iX60MBAJJ2cr0gCsaihrwHZ69I4EAHY1fm8SavAKMVRqRXcU7oKpcpxndBeJbR9NKdk3pJMqY5bn3PB1iRFaVrtVtS_4C3KW1YLgPVbYcpt9nyRM-ypaUlvdXTwOyOvJ9Oc2rTSYBTtcCb9d-zY32kvCmIAO1cHonIZoFjaGG9peX-WhFhHIi5V_AFehpxkGuShfylTw8-XQovC6fh7InQCj2v_ySaeM8BZwXbkj-zWtDTuRdBq-WiKuWzm_AscH92Q&cid=CAQSOwDICaaNonCv42U-V00sIxS6ShBUvzNkB12a227OL6ZaMDUVKNa-ovkijV3RNzk-BLoQTtbI6QvbZ5_UGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.bg3.co%2F&ds=l&xdt=1&iif=1&cor=4499885098868246500&adk=2004672170&idt=123&cac=0&dtd=74
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3ed2400cad64ef834f7c172072c549314d481a38414366db161c178b210d6592
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://e69be1acc319b7940667230e1b27285a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 23:28:21 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14176
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
generic
match.adsrvr.org/track/cmf/ Frame 45DC 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8vJwCLAbUW0BpuoeoshOot4DSdA9RZS8AAABgYID-AEnObL6RYWNxi3YL31q0mM3WwplnspaZJiPPaLAbLWabISDBlW1hMbmGa5VptVmLBpvBWjlYWNyqjc23nM0cw9lgMwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZWaDodPte9Xvf73SU-z1zj9yv8OofdLXK4pa6XW3p02N2StWDisLslLrtb-HTY3TKX3efWuNyao9MtPbrsPrfm6HRrHU634mkXmt5mOwAAAAB4AJAW-wjhBxAAIAIAAACABAAAAAAKARX-LQhcAAAAAMAAsHC7qgHgmUMDOwxil8fosrxMp5c_AAA8FIAAABDAIAGAgH5YAiDGeO8EAAAAAAAAAACL_____xgD-JV9MggG1mt6ADz4AHggUiBahBEAAACAYee0wSOTdIKKRRUAAIJ0KwBXAAACFr87R07CAAAACIxZoIfF7zc77Bq_22UAAAAAAAAAAMz8n_lHI5TjSpEGaLzwQ80vIADAml9AAAA26gYA4I0AnKBD0IrBYHUCYnYAAAAA7vz____rAbGVbeYabUa-1Wi3m61cE49j5bHZVpPVaDkaOSfbg18qIW6DoS7cZ0NYZr_voKCcnh6zyyBjuUwG8UHDsJwMgvmZsMVoNZlslsPZcjEZDEfD0Wh_BHA5QBMxWC4nk8VktxqtRpvhbjQbLJBADCaIokWDyWo0miwmw9VospotF7vdBlG0ajUbbQbD1Wwy2-1Ww8FwORqhCVuMVpPJZjmcLReTwXA0HI2GCKZmM9dsNdqsZb7RZi2a2WxriXEyWissvt1iuXC5LMvhWvT6mD6uxW7jnGyRYADXXgQX6UTwMLsdppdb4vNs_BaxRHOySCeyy762ss1co83ItxrtdrOVa-JxrDw222qyGi1HI-dk35rNXLPVaLOW-UabtWhms60lxslorbD4dovlwuWyLIdr0etj-rgWu41zsm_sBoPJbDNbDveN3WAwmW1my-G-Q2f4rj5no7Ksknx8foc5aD7XnAaFy2DxvtSn87BgLKjPnqPTpp1eCzqj3-_3-_1-v9_v9xu0noPZoPA9D3_h9LE8l8PZ6EFsMChiieB0kU5EL-PpIpZInhbpRDRcWBaL0cI5WdicC9tmORzNRg6PyeYaDQeblWsilihNF-lEr_DrHHa3yOGWul5u6dFhd0vWgonD7pa47G7h02F3y1x2n1vjcmuOTrf06LL73Jqj0611ON2Kp11oepst6j96iOVqLhnM5orBaq7YLFYJAAAAAAAAAMASTDPdBAAAAMDJoIab4WK1XAAXQVm6gE0AAAAAAACKNfZYAzzMbofp5Zb4PBu_lQFIMOcx28wzglir1bIGAAAggA0AACCAm268CViJ5OwDwnrgQqkXfuRXEJvlZLN_ACrEWq2WzxdrtVoC_____wE!&excid=22&docw=0&cijs=1&nlb=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 23:28:21 GMT
server
Kestrel
content-length
70
content-type
image/gif
/
sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/ Frame 45DC
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/taboola/56f56543-f743-4ff6-b824-ab7719aee298-tuctc517c92?gdpr=1&us_privacy=1---
  • https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-7Q2VkYhE2oQwr3B1njXypJJ7oRABNgB66XRn9g--~A
0
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-7Q2VkYhE2oQwr3B1njXypJJ7oRABNgB66XRn9g--~A
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8vJwCLAbUW0BpuoeoshOot4DSdA9RZS8AAABgYID-AEnObL6RYWNxi3YL31q0mM3WwplnspaZJiPPaLAbLWabISDBlW1hMbmGa5VptVmLBpvBWjlYWNyqjc23nM0cw9lgMwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZWaDodPte9Xvf73SU-z1zj9yv8OofdLXK4pa6XW3p02N2StWDisLslLrtb-HTY3TKX3efWuNyao9MtPbrsPrfm6HRrHU634mkXmt5mOwAAAAB4AJAW-wjhBxAAIAIAAACABAAAAAAKARX-LQhcAAAAAMAAsHC7qgHgmUMDOwxil8fosrxMp5c_AAA8FIAAABDAIAGAgH5YAiDGeO8EAAAAAAAAAACL_____xgD-JV9MggG1mt6ADz4AHggUiBahBEAAACAYee0wSOTdIKKRRUAAIJ0KwBXAAACFr87R07CAAAACIxZoIfF7zc77Bq_22UAAAAAAAAAAMz8n_lHI5TjSpEGaLzwQ80vIADAml9AAAA26gYA4I0AnKBD0IrBYHUCYnYAAAAA7vz____rAbGVbeYabUa-1Wi3m61cE49j5bHZVpPVaDkaOSfbg18qIW6DoS7cZ0NYZr_voKCcnh6zyyBjuUwG8UHDsJwMgvmZsMVoNZlslsPZcjEZDEfD0Wh_BHA5QBMxWC4nk8VktxqtRpvhbjQbLJBADCaIokWDyWo0miwmw9VospotF7vdBlG0ajUbbQbD1Wwy2-1Ww8FwORqhCVuMVpPJZjmcLReTwXA0HI2GCKZmM9dsNdqsZb7RZi2a2WxriXEyWissvt1iuXC5LMvhWvT6mD6uxW7jnGyRYADXXgQX6UTwMLsdppdb4vNs_BaxRHOySCeyy762ss1co83ItxrtdrOVa-JxrDw222qyGi1HI-dk35rNXLPVaLOW-UabtWhms60lxslorbD4dovlwuWyLIdr0etj-rgWu41zsm_sBoPJbDNbDveN3WAwmW1my-G-Q2f4rj5no7Ksknx8foc5aD7XnAaFy2DxvtSn87BgLKjPnqPTpp1eCzqj3-_3-_1-v9_v9xu0noPZoPA9D3_h9LE8l8PZ6EFsMChiieB0kU5EL-PpIpZInhbpRDRcWBaL0cI5WdicC9tmORzNRg6PyeYaDQeblWsilihNF-lEr_DrHHa3yOGWul5u6dFhd0vWgonD7pa47G7h02F3y1x2n1vjcmuOTrf06LL73Jqj0611ON2Kp11oepst6j96iOVqLhnM5orBaq7YLFYJAAAAAAAAAMASTDPdBAAAAMDJoIab4WK1XAAXQVm6gE0AAAAAAACKNfZYAzzMbofp5Zb4PBu_lQFIMOcx28wzglir1bIGAAAggA0AACCAm268CViJ5OwDwnrgQqkXfuRXEJvlZLN_ACrEWq2WzxdrtVoC_____wE!&excid=22&docw=0&cijs=1&nlb=true
Protocol
H2
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 23:28:21 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
36626

Redirect headers

date
Fri, 17 Nov 2023 23:28:21 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-7Q2VkYhE2oQwr3B1njXypJJ7oRABNgB66XRn9g--~A
content-length
0
sync
ups.analytics.yahoo.com/ups/58785/ Frame 45DC 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58785/sync?redir=true&gdpr=1&us_privacy=1---
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8vJwCLAbUW0BpuoeoshOot4DSdA9RZS8AAABgYID-AEnObL6RYWNxi3YL31q0mM3WwplnspaZJiPPaLAbLWabISDBlW1hMbmGa5VptVmLBpvBWjlYWNyqjc23nM0cw9lgMwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZWaDodPte9Xvf73SU-z1zj9yv8OofdLXK4pa6XW3p02N2StWDisLslLrtb-HTY3TKX3efWuNyao9MtPbrsPrfm6HRrHU634mkXmt5mOwAAAAB4AJAW-wjhBxAAIAIAAACABAAAAAAKARX-LQhcAAAAAMAAsHC7qgHgmUMDOwxil8fosrxMp5c_AAA8FIAAABDAIAGAgH5YAiDGeO8EAAAAAAAAAACL_____xgD-JV9MggG1mt6ADz4AHggUiBahBEAAACAYee0wSOTdIKKRRUAAIJ0KwBXAAACFr87R07CAAAACIxZoIfF7zc77Bq_22UAAAAAAAAAAMz8n_lHI5TjSpEGaLzwQ80vIADAml9AAAA26gYA4I0AnKBD0IrBYHUCYnYAAAAA7vz____rAbGVbeYabUa-1Wi3m61cE49j5bHZVpPVaDkaOSfbg18qIW6DoS7cZ0NYZr_voKCcnh6zyyBjuUwG8UHDsJwMgvmZsMVoNZlslsPZcjEZDEfD0Wh_BHA5QBMxWC4nk8VktxqtRpvhbjQbLJBADCaIokWDyWo0miwmw9VospotF7vdBlG0ajUbbQbD1Wwy2-1Ww8FwORqhCVuMVpPJZjmcLReTwXA0HI2GCKZmM9dsNdqsZb7RZi2a2WxriXEyWissvt1iuXC5LMvhWvT6mD6uxW7jnGyRYADXXgQX6UTwMLsdppdb4vNs_BaxRHOySCeyy762ss1co83ItxrtdrOVa-JxrDw222qyGi1HI-dk35rNXLPVaLOW-UabtWhms60lxslorbD4dovlwuWyLIdr0etj-rgWu41zsm_sBoPJbDNbDveN3WAwmW1my-G-Q2f4rj5no7Ksknx8foc5aD7XnAaFy2DxvtSn87BgLKjPnqPTpp1eCzqj3-_3-_1-v9_v9xu0noPZoPA9D3_h9LE8l8PZ6EFsMChiieB0kU5EL-PpIpZInhbpRDRcWBaL0cI5WdicC9tmORzNRg6PyeYaDQeblWsilihNF-lEr_DrHHa3yOGWul5u6dFhd0vWgonD7pa47G7h02F3y1x2n1vjcmuOTrf06LL73Jqj0611ON2Kp11oepst6j96iOVqLhnM5orBaq7YLFYJAAAAAAAAAMASTDPdBAAAAMDJoIab4WK1XAAXQVm6gE0AAAAAAACKNfZYAzzMbofp5Zb4PBu_lQFIMOcx28wzglir1bIGAAAggA0AACCAm268CViJ5OwDwnrgQqkXfuRXEJvlZLN_ACrEWq2WzxdrtVoC_____wE!&excid=22&docw=0&cijs=1&nlb=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-75-62-37.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.87 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 23:28:21 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
container.html
e69be1acc319b7940667230e1b27285a.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame F8BC 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://e69be1acc319b7940667230e1b27285a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
3
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 17 Nov 2023 23:28:18 GMT
expires
Sat, 16 Nov 2024 23:28:18 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
js
www.googletagmanager.com/gtag/ 		271 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JLX4K2W8JS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b73f7b0585d2042850242622420ff3c996ff9a0a1fa5e37fc7d1842ee99611d9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 23:28:21 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
91854
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 17 Nov 2023 23:28:21 GMT
logs
http-intake.logs.datadoghq.com/api/v2/ 		2 B
252 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://http-intake.logs.datadoghq.com/api/v2/logs?dd-api-key=pub6b45632781dd758b20e9d8357c39efab&ddsource=nodejs&service=adpushup.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:24e6:b901:c5b4:8cba:7a26:df2a Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 17 Nov 2023 23:28:21 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
accept-encoding
identity,gzip,x-gzip,deflate,x-deflate,zstd
content-type
application/json
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
2
/
adx3.adform.net/adx/ Frame 2344 		65 B
656 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx3.adform.net/adx/?mid=1743473&t=2
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.84.60.23 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
cecd140859fded0e3056368fb89485ec9b8a63ea24c6a8dfb3d18f6a5f407772
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 23:28:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma
no-cache
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary
Accept-Encoding
access-control-allow-methods
GET,OPTIONS
content-type
text/xml
access-control-allow-origin
https://imasdk.googleapis.com
access-control-max-age
86400
access-control-allow-credentials
true
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
ads
pubads.g.doubleclick.net/gampad/ Frame 2344 		156 B
186 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F52555387%2C22574853003%2Fbg3.co_video_preroll&description_url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fgan-da-jue-zhan-2-0ban-ben-xian-feng-ce-shi-zheng-shi-kai-qi.html&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fgan-da-jue-zhan-2-0ban-ben-xian-feng-ce-shi-zheng-shi-kai-qi.html&tfcd=0&npa=0&sz=1x1%7C300x250%7C320x480%7C400x300%7C444x250%7C480x320%7C480x360%7C600x252%7C600x338%7C640x360%7C640x480%7C720x405%7C1024x768%7C1280x720&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=3930637283086977&ppid=3e6dc184-c3ac-42f1-802e-bca5e8773876&sdkv=h.3.605.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&u_so=l&ctv=0&mpt=vidvertoplayer&mpv=1.0.0&sdki=445&ptt=20&adk=2251205480&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.605.0&media_url=https%3A%2F%2Fcdn.vidverto.io%2Fsecured2%2FB2F_unTG1wMPI6PDUqtOfw%3A1700267299%2F1327%2Fvideo%2F1812%2F480_650.mp4&sid=D02E4035-FF16-42DD-B91E-8739613B52BD&nel=0&eid=44752996%2C44772139%2C44777649%2C44781409%2C44802074%2C44802463%2C44804291%2C44804616&top=https%3A%2F%2Fwww.bg3.co%2Fa%2Fgan-da-jue-zhan-2-0ban-ben-xian-feng-ce-shi-zheng-shi-kai-qi.html&loc=https%3A%2F%2Fwww.bg3.co%2Fa%2Fgan-da-jue-zhan-2-0ban-ben-xian-feng-ce-shi-zheng-shi-kai-qi.html&dt=1700263701487&cookie=ID%3D67ba635910e4b7f5%3AT%3D1700263698%3ART%3D1700263698%3AS%3DALNI_MYfdLeeGEUs_u4xhLyM1aaGhlYZ8A&gpic=UID%3D00000ccb78c79d18%3AT%3D1700263698%3ART%3D1700263698%3AS%3DALNI_Ma9K7e3u3n3MVNni0SLNgfeVAFKew&scor=62049649981992&ged=ve4_td3_tt0_pd3_la3000_er697.400.698.800_vi0.0.1200.1600_vp100_ts0_eb24171
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 23:28:21 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/live/ Frame 2344 		156 B
227 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/live/ads?iu=%2F21986089839%2C22574853003%2Fivm_video%2Fivm_bg3.co_video&description_url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fgan-da-jue-zhan-2-0ban-ben-xian-feng-ce-shi-zheng-shi-kai-qi.html&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fgan-da-jue-zhan-2-0ban-ben-xian-feng-ce-shi-zheng-shi-kai-qi.html&tfcd=0&npa=0&sz=1x1%7C300x250%7C320x480%7C400x300%7C480x320%7C480x360%7C600x338%7C640x480%7C720x405&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=3930637283086977&cust_params=mt_fln%3D1.5&sdkv=h.3.605.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&u_so=l&ctv=0&mpt=vidvertoplayer&mpv=1.0.0&sdki=445&ptt=20&adk=2251205480&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.605.0&media_url=https%3A%2F%2Fcdn.vidverto.io%2Fsecured2%2FB2F_unTG1wMPI6PDUqtOfw%3A1700267299%2F1327%2Fvideo%2F1812%2F480_650.mp4&sid=D02E4035-FF16-42DD-B91E-8739613B52BD&nel=0&eid=44752996%2C44772139%2C44777649%2C44781409%2C44802074%2C44802463%2C44804291%2C44804616&top=https%3A%2F%2Fwww.bg3.co%2Fa%2Fgan-da-jue-zhan-2-0ban-ben-xian-feng-ce-shi-zheng-shi-kai-qi.html&loc=https%3A%2F%2Fwww.bg3.co%2Fa%2Fgan-da-jue-zhan-2-0ban-ben-xian-feng-ce-shi-zheng-shi-kai-qi.html&dt=1700263701499&cookie=ID%3D67ba635910e4b7f5%3AT%3D1700263698%3ART%3D1700263698%3AS%3DALNI_MYfdLeeGEUs_u4xhLyM1aaGhlYZ8A&gpic=UID%3D00000ccb78c79d18%3AT%3D1700263698%3ART%3D1700263698%3AS%3DALNI_Ma9K7e3u3n3MVNni0SLNgfeVAFKew&scor=62049649981992&ged=ve4_td3_tt0_pd3_la3000_er697.400.698.800_vi0.0.1200.1600_vp100_ts0_eb24171
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ltt /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 23:28:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
153
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
ltt
google-mediationtag-id
-2
google-creative-id
-2
x-frame-options
SAMEORIGIN
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/live/ Frame 2344 		156 B
227 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/live/ads?iu=%2F21679382043%2C22574853003%2Fmt_video_NPR%2Fmt_bg3.co_video&description_url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fgan-da-jue-zhan-2-0ban-ben-xian-feng-ce-shi-zheng-shi-kai-qi.html&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fgan-da-jue-zhan-2-0ban-ben-xian-feng-ce-shi-zheng-shi-kai-qi.html&tfcd=0&npa=0&sz=1x1%7C300x250%7C320x480%7C400x300%7C480x320%7C480x360%7C600x338%7C640x480%7C720x405&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=3930637283086977&cust_params=mt_fln%3D1.3&sdkv=h.3.605.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&u_so=l&ctv=0&mpt=vidvertoplayer&mpv=1.0.0&sdki=445&ptt=20&adk=2251205480&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.605.0&media_url=https%3A%2F%2Fcdn.vidverto.io%2Fsecured2%2FB2F_unTG1wMPI6PDUqtOfw%3A1700267299%2F1327%2Fvideo%2F1812%2F480_650.mp4&sid=D02E4035-FF16-42DD-B91E-8739613B52BD&nel=0&eid=44752996%2C44772139%2C44777649%2C44781409%2C44802074%2C44802463%2C44804291%2C44804616&top=https%3A%2F%2Fwww.bg3.co%2Fa%2Fgan-da-jue-zhan-2-0ban-ben-xian-feng-ce-shi-zheng-shi-kai-qi.html&loc=https%3A%2F%2Fwww.bg3.co%2Fa%2Fgan-da-jue-zhan-2-0ban-ben-xian-feng-ce-shi-zheng-shi-kai-qi.html&dt=1700263701506&cookie=ID%3D67ba635910e4b7f5%3AT%3D1700263698%3ART%3D1700263698%3AS%3DALNI_MYfdLeeGEUs_u4xhLyM1aaGhlYZ8A&gpic=UID%3D00000ccb78c79d18%3AT%3D1700263698%3ART%3D1700263698%3AS%3DALNI_Ma9K7e3u3n3MVNni0SLNgfeVAFKew&scor=62049649981992&ged=ve4_td3_tt0_pd3_la3000_er697.400.698.800_vi0.0.1200.1600_vp100_ts0_eb24171
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ltt /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 23:28:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
153
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
ltt
google-mediationtag-id
-2
google-creative-id
-2
x-frame-options
SAMEORIGIN
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame 2344 		156 B
676 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21830442390%2C22574853003%2Fbg3.co%2Fvast_1.0&description_url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fgan-da-jue-zhan-2-0ban-ben-xian-feng-ce-shi-zheng-shi-kai-qi.html&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fgan-da-jue-zhan-2-0ban-ben-xian-feng-ce-shi-zheng-shi-kai-qi.html&tfcd=0&npa=0&sz=1x1%7C300x250%7C320x480%7C400x300%7C444x250%7C480x320%7C480x360%7C600x252%7C600x338%7C640x360%7C640x480%7C720x405%7C1024x768%7C1280x720&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=3930637283086977&ppid=3e6dc184-c3ac-42f1-802e-bca5e8773876&sdkv=h.3.605.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&u_so=l&ctv=0&mpt=vidvertoplayer&mpv=1.0.0&sdki=445&ptt=20&adk=2251205480&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.605.0&media_url=https%3A%2F%2Fcdn.vidverto.io%2Fsecured2%2FB2F_unTG1wMPI6PDUqtOfw%3A1700267299%2F1327%2Fvideo%2F1812%2F480_650.mp4&sid=D02E4035-FF16-42DD-B91E-8739613B52BD&nel=0&eid=44752996%2C44772139%2C44777649%2C44781409%2C44802074%2C44802463%2C44804291%2C44804616&top=https%3A%2F%2Fwww.bg3.co%2Fa%2Fgan-da-jue-zhan-2-0ban-ben-xian-feng-ce-shi-zheng-shi-kai-qi.html&loc=https%3A%2F%2Fwww.bg3.co%2Fa%2Fgan-da-jue-zhan-2-0ban-ben-xian-feng-ce-shi-zheng-shi-kai-qi.html&dt=1700263701508&cookie=ID%3D67ba635910e4b7f5%3AT%3D1700263698%3ART%3D1700263698%3AS%3DALNI_MYfdLeeGEUs_u4xhLyM1aaGhlYZ8A&gpic=UID%3D00000ccb78c79d18%3AT%3D1700263698%3ART%3D1700263698%3AS%3DALNI_Ma9K7e3u3n3MVNni0SLNgfeVAFKew&scor=62049649981992&ged=ve4_td3_tt0_pd3_la3000_er697.400.698.800_vi0.0.1200.1600_vp100_ts0_eb24171
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 23:28:21 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame 2344 		156 B
186 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21830442390%2C22574853003%2Fbg3.co%2Fvast_0.7&description_url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fgan-da-jue-zhan-2-0ban-ben-xian-feng-ce-shi-zheng-shi-kai-qi.html&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fgan-da-jue-zhan-2-0ban-ben-xian-feng-ce-shi-zheng-shi-kai-qi.html&tfcd=0&npa=0&sz=1x1%7C300x250%7C320x480%7C400x300%7C444x250%7C480x320%7C480x360%7C600x252%7C600x338%7C640x360%7C640x480%7C720x405%7C1024x768%7C1280x720&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=3930637283086977&ppid=3e6dc184-c3ac-42f1-802e-bca5e8773876&sdkv=h.3.605.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&u_so=l&ctv=0&mpt=vidvertoplayer&mpv=1.0.0&sdki=445&ptt=20&adk=2251205480&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.605.0&media_url=https%3A%2F%2Fcdn.vidverto.io%2Fsecured2%2FB2F_unTG1wMPI6PDUqtOfw%3A1700267299%2F1327%2Fvideo%2F1812%2F480_650.mp4&sid=D02E4035-FF16-42DD-B91E-8739613B52BD&nel=0&eid=44752996%2C44772139%2C44777649%2C44781409%2C44802074%2C44802463%2C44804291%2C44804616&top=https%3A%2F%2Fwww.bg3.co%2Fa%2Fgan-da-jue-zhan-2-0ban-ben-xian-feng-ce-shi-zheng-shi-kai-qi.html&loc=https%3A%2F%2Fwww.bg3.co%2Fa%2Fgan-da-jue-zhan-2-0ban-ben-xian-feng-ce-shi-zheng-shi-kai-qi.html&dt=1700263701511&cookie=ID%3D67ba635910e4b7f5%3AT%3D1700263698%3ART%3D1700263698%3AS%3DALNI_MYfdLeeGEUs_u4xhLyM1aaGhlYZ8A&gpic=UID%3D00000ccb78c79d18%3AT%3D1700263698%3ART%3D1700263698%3AS%3DALNI_Ma9K7e3u3n3MVNni0SLNgfeVAFKew&scor=62049649981992&ged=ve4_td3_tt0_pd3_la3000_er697.400.698.800_vi0.0.1200.1600_vp100_ts0_eb24171
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 23:28:22 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/live/ Frame 2344 		156 B
260 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/live/ads?iu=%2F21679382043%2C22574853003%2Fmt_video_NPR%2Fmt_bg3.co_video&description_url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fgan-da-jue-zhan-2-0ban-ben-xian-feng-ce-shi-zheng-shi-kai-qi.html&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fgan-da-jue-zhan-2-0ban-ben-xian-feng-ce-shi-zheng-shi-kai-qi.html&tfcd=0&npa=0&sz=1x1%7C300x250%7C320x480%7C400x300%7C480x320%7C480x360%7C600x338%7C640x480%7C720x405&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=3930637283086977&cust_params=mt_fln%3D0.8&sdkv=h.3.605.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&u_so=l&ctv=0&mpt=vidvertoplayer&mpv=1.0.0&sdki=445&ptt=20&adk=2251205480&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.605.0&media_url=https%3A%2F%2Fcdn.vidverto.io%2Fsecured2%2FB2F_unTG1wMPI6PDUqtOfw%3A1700267299%2F1327%2Fvideo%2F1812%2F480_650.mp4&sid=D02E4035-FF16-42DD-B91E-8739613B52BD&nel=0&eid=44752996%2C44772139%2C44777649%2C44781409%2C44802074%2C44802463%2C44804291%2C44804616&top=https%3A%2F%2Fwww.bg3.co%2Fa%2Fgan-da-jue-zhan-2-0ban-ben-xian-feng-ce-shi-zheng-shi-kai-qi.html&loc=https%3A%2F%2Fwww.bg3.co%2Fa%2Fgan-da-jue-zhan-2-0ban-ben-xian-feng-ce-shi-zheng-shi-kai-qi.html&dt=1700263701514&cookie=ID%3D67ba635910e4b7f5%3AT%3D1700263698%3ART%3D1700263698%3AS%3DALNI_MYfdLeeGEUs_u4xhLyM1aaGhlYZ8A&gpic=UID%3D00000ccb78c79d18%3AT%3D1700263698%3ART%3D1700263698%3AS%3DALNI_Ma9K7e3u3n3MVNni0SLNgfeVAFKew&scor=62049649981992&ged=ve4_td3_tt0_pd3_la3000_er697.400.698.800_vi0.0.1200.1600_vp100_ts0_eb24171
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ltt /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 23:28:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
153
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
ltt
google-mediationtag-id
-2
google-creative-id
-2
x-frame-options
SAMEORIGIN
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/live/ Frame 2344 		156 B
227 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/live/ads?iu=%2F21679382043%2C22574853003%2Fmt_video_NPR%2Fmt_bg3.co_video&description_url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fgan-da-jue-zhan-2-0ban-ben-xian-feng-ce-shi-zheng-shi-kai-qi.html&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fgan-da-jue-zhan-2-0ban-ben-xian-feng-ce-shi-zheng-shi-kai-qi.html&tfcd=0&npa=0&sz=1x1%7C300x250%7C320x480%7C400x300%7C480x320%7C480x360%7C600x338%7C640x480%7C720x405&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=3930637283086977&cust_params=target%3D0.5&sdkv=h.3.605.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&u_so=l&ctv=0&mpt=vidvertoplayer&mpv=1.0.0&sdki=445&ptt=20&adk=2251205480&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.605.0&media_url=https%3A%2F%2Fcdn.vidverto.io%2Fsecured2%2FB2F_unTG1wMPI6PDUqtOfw%3A1700267299%2F1327%2Fvideo%2F1812%2F480_650.mp4&sid=D02E4035-FF16-42DD-B91E-8739613B52BD&nel=0&eid=44752996%2C44772139%2C44777649%2C44781409%2C44802074%2C44802463%2C44804291%2C44804616&top=https%3A%2F%2Fwww.bg3.co%2Fa%2Fgan-da-jue-zhan-2-0ban-ben-xian-feng-ce-shi-zheng-shi-kai-qi.html&loc=https%3A%2F%2Fwww.bg3.co%2Fa%2Fgan-da-jue-zhan-2-0ban-ben-xian-feng-ce-shi-zheng-shi-kai-qi.html&dt=1700263701517&cookie=ID%3D67ba635910e4b7f5%3AT%3D1700263698%3ART%3D1700263698%3AS%3DALNI_MYfdLeeGEUs_u4xhLyM1aaGhlYZ8A&gpic=UID%3D00000ccb78c79d18%3AT%3D1700263698%3ART%3D1700263698%3AS%3DALNI_Ma9K7e3u3n3MVNni0SLNgfeVAFKew&scor=62049649981992&ged=ve4_td3_tt0_pd3_la3000_er697.400.698.800_vi0.0.1200.1600_vp100_ts0_eb24171
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ltt /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 23:28:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
153
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
ltt
google-mediationtag-id
-2
google-creative-id
-2
x-frame-options
SAMEORIGIN
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 73A5 		2 KB
822 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301107&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1700263700&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fgan-da-jue-zhan-2-0ban-ben-xian-feng-ce-shi-zheng-shi-kai-qi.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700263699852&bpp=373&bdt=957&idt=674&shv=r20231109&mjsv=m202311150101&ptt=5&saldr=sd&cookie=ID%3D67ba635910e4b7f5%3AT%3D1700263698%3ART%3D1700263698%3AS%3DALNI_MYfdLeeGEUs_u4xhLyM1aaGhlYZ8A&gpic=UID%3D00000ccb78c79d18%3AT%3D1700263698%3ART%3D1700263698%3AS%3DALNI_Ma9K7e3u3n3MVNni0SLNgfeVAFKew&correlator=4811963659438&frm=23&ife=1&pv=2&ga_vid=1983550272.1700263699&ga_sid=1700263701&ga_hid=1445068936&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=4601&biw=1600&bih=1200&isw=336&ish=280&ifk=4111683719&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44809315%2C31078297%2C31079757%2C44807764%2C44808148%2C44808284%2C44809055%2C31079654&oid=2&pvsid=223067076498789&tmod=1819883492&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.d74at48l467t&btvi=1&fsb=1&dtd=866
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 15:51:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
27412
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
795
x-xss-protection
0
server
cafe
etag
4925184154378345226
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 01 Dec 2023 15:51:29 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame 73A5 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301107&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1700263700&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fgan-da-jue-zhan-2-0ban-ben-xian-feng-ce-shi-zheng-shi-kai-qi.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700263699852&bpp=373&bdt=957&idt=674&shv=r20231109&mjsv=m202311150101&ptt=5&saldr=sd&cookie=ID%3D67ba635910e4b7f5%3AT%3D1700263698%3ART%3D1700263698%3AS%3DALNI_MYfdLeeGEUs_u4xhLyM1aaGhlYZ8A&gpic=UID%3D00000ccb78c79d18%3AT%3D1700263698%3ART%3D1700263698%3AS%3DALNI_Ma9K7e3u3n3MVNni0SLNgfeVAFKew&correlator=4811963659438&frm=23&ife=1&pv=2&ga_vid=1983550272.1700263699&ga_sid=1700263701&ga_hid=1445068936&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=4601&biw=1600&bih=1200&isw=336&ish=280&ifk=4111683719&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44809315%2C31078297%2C31079757%2C44807764%2C44808148%2C44808284%2C44809055%2C31079654&oid=2&pvsid=223067076498789&tmod=1819883492&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.d74at48l467t&btvi=1&fsb=1&dtd=866
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:17:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
76256
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9282
x-xss-protection
0
server
cafe
etag
14645652906762492339
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 01 Dec 2023 02:17:25 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 73A5 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301107&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1700263700&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fgan-da-jue-zhan-2-0ban-ben-xian-feng-ce-shi-zheng-shi-kai-qi.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700263699852&bpp=373&bdt=957&idt=674&shv=r20231109&mjsv=m202311150101&ptt=5&saldr=sd&cookie=ID%3D67ba635910e4b7f5%3AT%3D1700263698%3ART%3D1700263698%3AS%3DALNI_MYfdLeeGEUs_u4xhLyM1aaGhlYZ8A&gpic=UID%3D00000ccb78c79d18%3AT%3D1700263698%3ART%3D1700263698%3AS%3DALNI_Ma9K7e3u3n3MVNni0SLNgfeVAFKew&correlator=4811963659438&frm=23&ife=1&pv=2&ga_vid=1983550272.1700263699&ga_sid=1700263701&ga_hid=1445068936&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=4601&biw=1600&bih=1200&isw=336&ish=280&ifk=4111683719&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44809315%2C31078297%2C31079757%2C44807764%2C44808148%2C44808284%2C44809055%2C31079654&oid=2&pvsid=223067076498789&tmod=1819883492&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.d74at48l467t&btvi=1&fsb=1&dtd=866
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 11:00:57 GMT
content-encoding
br
x-content-type-options
nosniff
age
44844
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 01 Dec 2023 11:00:57 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 73A5 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301107&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1700263700&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fgan-da-jue-zhan-2-0ban-ben-xian-feng-ce-shi-zheng-shi-kai-qi.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700263699852&bpp=373&bdt=957&idt=674&shv=r20231109&mjsv=m202311150101&ptt=5&saldr=sd&cookie=ID%3D67ba635910e4b7f5%3AT%3D1700263698%3ART%3D1700263698%3AS%3DALNI_MYfdLeeGEUs_u4xhLyM1aaGhlYZ8A&gpic=UID%3D00000ccb78c79d18%3AT%3D1700263698%3ART%3D1700263698%3AS%3DALNI_Ma9K7e3u3n3MVNni0SLNgfeVAFKew&correlator=4811963659438&frm=23&ife=1&pv=2&ga_vid=1983550272.1700263699&ga_sid=1700263701&ga_hid=1445068936&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=4601&biw=1600&bih=1200&isw=336&ish=280&ifk=4111683719&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44809315%2C31078297%2C31079757%2C44807764%2C44808148%2C44808284%2C44809055%2C31079654&oid=2&pvsid=223067076498789&tmod=1819883492&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.d74at48l467t&btvi=1&fsb=1&dtd=866
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 23:16:57 GMT
content-encoding
br
x-content-type-options
nosniff
age
684
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8541
x-xss-protection
0
server
cafe
etag
737174102934380276
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 01 Dec 2023 23:16:57 GMT
l
www.google.com/ads/measurement/ Frame 73A5 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTfQAvDvvCB6rhkGtHOHYV-wGOHm6cnGZKZ1ZDfg3f1XvrJhwYtLaBGWSLc5U08cJDzY-J_zE4ujtCJ3RsfJQiarEJh4Q
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301107&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1700263700&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fgan-da-jue-zhan-2-0ban-ben-xian-feng-ce-shi-zheng-shi-kai-qi.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700263699852&bpp=373&bdt=957&idt=674&shv=r20231109&mjsv=m202311150101&ptt=5&saldr=sd&cookie=ID%3D67ba635910e4b7f5%3AT%3D1700263698%3ART%3D1700263698%3AS%3DALNI_MYfdLeeGEUs_u4xhLyM1aaGhlYZ8A&gpic=UID%3D00000ccb78c79d18%3AT%3D1700263698%3ART%3D1700263698%3AS%3DALNI_Ma9K7e3u3n3MVNni0SLNgfeVAFKew&correlator=4811963659438&frm=23&ife=1&pv=2&ga_vid=1983550272.1700263699&ga_sid=1700263701&ga_hid=1445068936&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=4601&biw=1600&bih=1200&isw=336&ish=280&ifk=4111683719&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44809315%2C31078297%2C31079757%2C44807764%2C44808148%2C44808284%2C44809055%2C31079654&oid=2&pvsid=223067076498789&tmod=1819883492&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.d74at48l467t&btvi=1&fsb=1&dtd=866
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 73A5 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301107&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1700263700&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fgan-da-jue-zhan-2-0ban-ben-xian-feng-ce-shi-zheng-shi-kai-qi.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700263699852&bpp=373&bdt=957&idt=674&shv=r20231109&mjsv=m202311150101&ptt=5&saldr=sd&cookie=ID%3D67ba635910e4b7f5%3AT%3D1700263698%3ART%3D1700263698%3AS%3DALNI_MYfdLeeGEUs_u4xhLyM1aaGhlYZ8A&gpic=UID%3D00000ccb78c79d18%3AT%3D1700263698%3ART%3D1700263698%3AS%3DALNI_Ma9K7e3u3n3MVNni0SLNgfeVAFKew&correlator=4811963659438&frm=23&ife=1&pv=2&ga_vid=1983550272.1700263699&ga_sid=1700263701&ga_hid=1445068936&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=4601&biw=1600&bih=1200&isw=336&ish=280&ifk=4111683719&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44809315%2C31078297%2C31079757%2C44807764%2C44808148%2C44808284%2C44809055%2C31079654&oid=2&pvsid=223067076498789&tmod=1819883492&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.d74at48l467t&btvi=1&fsb=1&dtd=866
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 23:28:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65070
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1700193896630564"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 17 Nov 2023 23:28:21 GMT
a6de5423b7c632060e8f86136bd5d27a.js
www.gstatic.com/mysidia/ Frame 73A5 		37 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/a6de5423b7c632060e8f86136bd5d27a.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301107&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1700263700&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fgan-da-jue-zhan-2-0ban-ben-xian-feng-ce-shi-zheng-shi-kai-qi.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700263699852&bpp=373&bdt=957&idt=674&shv=r20231109&mjsv=m202311150101&ptt=5&saldr=sd&cookie=ID%3D67ba635910e4b7f5%3AT%3D1700263698%3ART%3D1700263698%3AS%3DALNI_MYfdLeeGEUs_u4xhLyM1aaGhlYZ8A&gpic=UID%3D00000ccb78c79d18%3AT%3D1700263698%3ART%3D1700263698%3AS%3DALNI_Ma9K7e3u3n3MVNni0SLNgfeVAFKew&correlator=4811963659438&frm=23&ife=1&pv=2&ga_vid=1983550272.1700263699&ga_sid=1700263701&ga_hid=1445068936&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=4601&biw=1600&bih=1200&isw=336&ish=280&ifk=4111683719&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44809315%2C31078297%2C31079757%2C44807764%2C44808148%2C44808284%2C44809055%2C31079654&oid=2&pvsid=223067076498789&tmod=1819883492&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.d74at48l467t&btvi=1&fsb=1&dtd=866
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0c21f21f7b1658ed6ab5c0461020a21d62f9e0a7cd7cf3d9e6ef61a2c481f31e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 09:24:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
50612
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15478
x-xss-protection
0
last-modified
Tue, 14 Nov 2023 14:10:21 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Thu, 15 Feb 2024 09:24:49 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame DE9E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202311090101&jk=3634275245084312&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/gan-da-jue-zhan-2-0ban-ben-xian-feng-ce-shi-zheng-shi-kai-qi.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
pixel
googleads.g.doubleclick.net/xbbe/ Frame EA13 		611 B
263 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CICSjpAFEL_Xk7MFGJm3nv0BMAE&v=APEucNV76Er58snaS69f70Y5LC7kDRq2f7nNo5GsQVoXErHcct0TBveTDv05G4igKBNvTsYA6XTrRSm-6OtrGzyxJQ_vCM5O-A
Requested by
Host: e69be1acc319b7940667230e1b27285a.safeframe.googlesyndication.com
URL: https://e69be1acc319b7940667230e1b27285a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
55b198b5ed1bd02e77f84c6971a69d5c2160c0c32fd770ce33405e194750f5fd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://e69be1acc319b7940667230e1b27285a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
243
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 17 Nov 2023 23:28:21 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame F8BC 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: e69be1acc319b7940667230e1b27285a.safeframe.googlesyndication.com
URL: https://e69be1acc319b7940667230e1b27285a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://e69be1acc319b7940667230e1b27285a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 23:28:21 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31485
x-xss-protection
0
server
cafe
etag
7119415641918660631
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Fri, 17 Nov 2023 23:28:21 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame F8BC 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BTh8YSDvzQUaNuy5SvFwS5-umA6ljvI7FDS5MsBbO0jM6GyMiXAWkMr_ZmMPUJoaiMVznxHecqjMkX9BRKXd--SVjOH_KywlTh3gjQ5MVFxM8go-k
Requested by
Host: e69be1acc319b7940667230e1b27285a.safeframe.googlesyndication.com
URL: https://e69be1acc319b7940667230e1b27285a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://e69be1acc319b7940667230e1b27285a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 23:28:21 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame F8BC 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=4735922097654296733&x=1&ct=76
Requested by
Host: e69be1acc319b7940667230e1b27285a.safeframe.googlesyndication.com
URL: https://e69be1acc319b7940667230e1b27285a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://e69be1acc319b7940667230e1b27285a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 23:28:21 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame F8BC 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js
Requested by
Host: e69be1acc319b7940667230e1b27285a.safeframe.googlesyndication.com
URL: https://e69be1acc319b7940667230e1b27285a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://e69be1acc319b7940667230e1b27285a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 11:00:57 GMT
content-encoding
br
x-content-type-options
nosniff
age
44844
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 01 Dec 2023 11:00:57 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame F8BC 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: e69be1acc319b7940667230e1b27285a.safeframe.googlesyndication.com
URL: https://e69be1acc319b7940667230e1b27285a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://e69be1acc319b7940667230e1b27285a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 23:16:57 GMT
content-encoding
br
x-content-type-options
nosniff
age
684
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8541
x-xss-protection
0
server
cafe
etag
737174102934380276
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 01 Dec 2023 23:16:57 GMT
l
www.google.com/ads/measurement/ Frame F8BC 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTiRaVC0dwz3coRXMYUbv1WaJnFsCvgshkeaf-wkalc5jm4vD9Ad_itSZOab74zvH3JqOfdBvrC3KSR1njMf_ig1iWfpQ
Requested by
Host: e69be1acc319b7940667230e1b27285a.safeframe.googlesyndication.com
URL: https://e69be1acc319b7940667230e1b27285a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://e69be1acc319b7940667230e1b27285a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame F8BC 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: e69be1acc319b7940667230e1b27285a.safeframe.googlesyndication.com
URL: https://e69be1acc319b7940667230e1b27285a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://e69be1acc319b7940667230e1b27285a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 23:28:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65070
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1700193896630564"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 17 Nov 2023 23:28:21 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame AA7E 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DMnTf5amq2ioj_X1MzPDBY8wdGhf90pE6_vgfZTZE6rGQe1A9neW2ykVPazkydIem0Qi5gENw2DRyV6H1gu_7quuIRxNUuqsLiu-e_Jxr0dIsgYn4UZ5B505npgo0FSZJkjSSzTA1R5plFqDG_fZQyoEkHTeTcwfh8dGrhodx5S5L3pcg&cry=1&dbm_d=AKAmf-DepntxUWziDs8IZN_JHL8mJe14dW84QiJC3bh7VQFB1RMk66A3tKoQT5iUJjKFaowxVJorVXaqOBgF7-Ly_jZyZTRSSWVAt6gBIbM5Tg_8g8VDR6OEBc2mhuMD05p6ZqeFvxOmvHERH_LZqDkuw_CvNWeEqtoTexWIg75juebUxFcZepHqDHFcREjA5CFsNV7tEKyoMOsvPIjNuowOGihwG6TxNg11EOrtGAAgZtDXbn1bEefPcohC2Y4F-6iP44i3xzKyiYbxr1hX7ZHnWHt6oYv9cXCTfMDAyutT_5PHvuhLbBBksCZZlnrURTLF1nW7UPgGADyyB4SQO2RyacBV920FgUEDHxSIC1jZ47R__79wK9UqE45cmkbUAZp197DzYWZuyZ19ApeYlYDt9rpLFqt8h97errYtaB4mWtO9e_fGrW8rjLuDFHRAxY1fN4HXckZGxAL_82aGaaZ1W1cv2BQRczTeV_UyUNqx1WtdQ7zfHviQTKckBUzO9FxMuC3zn_EZWgqFrow1VxvLFQFEWezlhdkrNr9Ex79-omdIzL7xfyaIAOPP14KeZXF-TG5f_q9MRyZtq_nYH0gD2yfIMlUloqvy2vvbKLyCHhPAz_NQtsqIZ6Y08g6wCdqDw4M6VgH6pUxZN-PGiB07Bpg6wJi0rd-uO3FUoJTXFYASHszRVtdtF_ohIL9mU54H3Ew9QlGHqn6lnly5vA10ZcHbmstkYlOOXukG7Qyf0_pg43DmTccA7ODLViNhz-kDhPC-9tL806LwTw_01F02UJC7ujx3MYoqFg0NK9WpPQr9LZfkWUBwsccaY_iF5449yyWdnHFEtDNRz8sUbZM6JHkJpily9s2QZttwBDQiXeZJNmmecsC7DlYj0hFFe6ea9NFZA9Q5Txge2ad8dOTFwSgGX5inhwd2my6E1h5olKf7kk8tNFRF-GDKM3E0Vag75VLBggzu7U3GfgMPh42DAq72hHv-YGdJ17IXkumbvlLOxDSIUuIoCcfaNKLkE_-vI_cBoibv8l9o6pl15vJ6oNf7GwTBCaRVyR4SN0lbFyM15cdw9yl6G92vxuggM2momVjAk3DaV8vDol1wmxnNUKJzuZh8XOM9qzSyeD48KtdAWSEUD-P926NFp3qZ41s7lLEHxpg1CJYEpF5bHbo8MdO4W-Wyh-kCEoHFuyA4w0-laPlVREYfGjMo5G5qH0aDXZNtJxfVTfmn2okt4up5q0XMbbdrmxv68i4TDlD-gPZoHkO8MdrnueZtleYhYkGRLl_OfydHaiBDeSydzTeMCYm-YF79sBK8Cgx1sisG476dME6e1m8Iy-D_2bhRkbWy24UkWyR5MpbLe0E3f_0ofvcIvJ-_BEKwYOsOs_XitqMIYnukacZ5LpuUdCE8C1alA4ppF7WerS3meJ4xJBMBGLxCi_7y5r_XDwxiho5Wm5wr_RWaklOMM9gKCv5R8UUj_xjyECGIe_QxbmLWLFccBAdj0xznZCfFZypYfc-5fyK4NKDVfDn_7DHQShH49A0f5lrXHMglr9uflw7OiJKn3hNmu5zd7GAO_EUGRjD2V1KOra7SpFVT1Avd2fIT_EMYz5gvV34z_ZkH9cyTWfyLe4KZWrc7fASY2D9D0XLa-1fRGVGLDnn9q2DlLU5quuiCgv-stpkZGUhj4XSpWrdAyNiECKb15B4rlnVJkicxT90mA6Y2bIHpJpT1VXn8dKRlGBW6JrdtWQX_iRWgI-E33kggeGWWm8T88RaTiVJq_5oayTs9-BByUoYSDWkISisTk2Zlwg5st6ntY13R777LMYZUG-ryP5cqVcrKVWzx-NsjvFFDLOpZqJE4f8KwP4GKu3cRymADZ-3t64t8tinkSF0WYi-CK7QNWVXm1ijJpT8yrY94LCLsC-OhjzIkyJVsN_sfWoF-fi5E403smJXJaeAhwdXjfJ2zxKJSJjoKvBdMlu0DMQmnQMgFciVOC3YuOp42_ddNDRyHcF4LJ4uwxsuPMo02njpSecGaJhCL5oIUZyw6nnYkNiSGRQ-ecyx1oonk9aGVkrD08SN2WXHkFgd1iwaCA88mNIGwEat0Fi59sBR7VAj-F34toenY17HI01SO20PgvMMw8Ld5hR-mUIOcMy5qnjPNUmND9bdBNCdxqbk2INJD1JsFjw1pxwMRmkg8Bw4Xg77FiBfjUJ8mOTPJqEAIimMofPQNPZ0AHA_EYkRw7WQr1vPjuzy2eoAaMjsJ7cFiQE8-Ml-LaaJ8irEptpdeCwN3yWD3CS3jf8C4Eq7z8YD5UIVfOKJQhntk98tEjYq8UiFyW4dMGK_vQlor-tAMVwWr_gQjwCU9xuMVlh_owZxZKeFlI7TNg_t0zcW0YdyfA_Y2B6YgotTTz82N7qwwHCT52inK0Jb44vxXG5Gc48w8dZP4xhU9FJ_KPalzAoXy5YjwPnYsZ_8F2sHF_UeSPk43cpyypavYxG0Tw0xQwLYNLS31XEW2x68L6R5BV3UiFLMhX8qY3mFerX8Y1lIR1J_a4GfHzANAy1Jph5W0EtwB9xrTh3ZLHkjxYUb7Zwn1owMS1qcnZruyFENLkuaPbaW3zCiYXLAoTbDVMRROWpmKpS2SyQ7LuxYUPuB4b1k3EG-jaSM2n6LUWAR_53fEuGMd9AOC2wUbR71vvsatSBxUCuhvo0g3RMDhP33rYvHQhDiWMLjkumDC_0kLlT9kFpFWjgPKhI48BZw-lhgiDTW8iJe4C3rX1tjAeofaGZARQoKnyFFN58AfFGHwfH8MHJZjUSN8wASk5nFSo_Ol1l-rsshlm89DT8pwwvg9l6iYgyo5Kf5oATGZ4SdvPSGmVevXtm3cUBR2p482E0GhaD-jVAAxvXAGsI0gW20vVArX1qC72VRUjTAkKGBdxyvEKthrYkkLp2rPiS_iu8wYoIJZl_zNVd5WKfNhOABz7tWzWFyTDD1VTNi2h-QrANo4bQuhHbjLdsmvZ0d4XIfKCan4xk_gNu4wWvE_GHIUS6l9lsjlngA-W99Stm5JMolWM37IMVR6pr-_Z-Y9rkbQRXYHyRQbRnE9_4-XHa-mFsUSGGG3c74ijMvTfHUCFsfxmXCfoMgQcF-2LcGAsDaL8D1kY6hEL1knctCEJ9dYphcbKig3-rcsk13uA5xyste_taWfKApXANZKS7D45NkoCf_tle6i-ux6E4zpTbq9PCY9rxLmeJInzkCRunSpAaNxW5tNbteTXIlkJuFZ44DNkoS9JNWHS1Xie7dmAlpcRvrfr0V9qRKCCOHpQf4nSMqCQp0L7RrBOj30QM_45uk5sXerV3M5-j60LDwZ5sxAJIzkVsfkwndkI8S7t0UdDHQh13r9-zjXCr7ADpKY5F_K6X-B1fjZ24APEGxRGaJE_lkotk6WzoCi3O5jvNkEOf61H1rJCZUdak7xRsku1rO_Tsr2MIq0x-oDWiS6JZ8WUhu33fmOaAD-fXlqZE3paRH3w4T8o1QkdGEG-dgpRI8k_1_05_w4ZkaugEM7H9jrPIMxJCQ2LAUgVU3b-4E6K9ITbqVr5S0XsvNWk9ZGCTLmMqbsq_LpE9c5jxd2vsTnXXvNAFj4P8j77ld5-3AkW5N1NSsx7HmDMpVDOo7mzBfQRBbXBiPS2wNJIGRcREYdjrVRP0BBdLkK3tJGiuZY5v0wQPUQn3UjSL8wU9pc2IAa0gvBtLvz1pR38x1EXd_gJcL93XUryQgCXgAUgLRUl2zj3aoWgCnIHIEy73q983992w62qcXhVol1ei0DQv55oL9xwsloZ0HO463cOWGSssj04F1gXYOHjdZ--a0sy0ONLnIpfvyRUdtB9_4CiVyY7YT-RvjGLXgUdqUQrDuKC29iX60MBAJJ2cr0gCsaihrwHZ69I4EAHY1fm8SavAKMVRqRXcU7oKpcpxndBeJbR9NKdk3pJMqY5bn3PB1iRFaVrtVtS_4C3KW1YLgPVbYcpt9nyRM-ypaUlvdXTwOyOvJ9Oc2rTSYBTtcCb9d-zY32kvCmIAO1cHonIZoFjaGG9peX-WhFhHIi5V_AFehpxkGuShfylTw8-XQovC6fh7InQCj2v_ySaeM8BZwXbkj-zWtDTuRdBq-WiKuWzm_AscH92Q&cid=CAQSOwDICaaNonCv42U-V00sIxS6ShBUvzNkB12a227OL6ZaMDUVKNa-ovkijV3RNzk-BLoQTtbI6QvbZ5_UGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.bg3.co%2F&ds=l&xdt=1&iif=1&cor=4499885098868246500&adk=2004672170&idt=123&cac=0&dtd=74
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://e69be1acc319b7940667230e1b27285a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 18:05:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
19393
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 16 Nov 2024 18:05:08 GMT
attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwMDI2MzcwMTQ2OTIwMQogIHNlcnZlcl9pcDogMTM1MzkyNDgwCiAgcHJvY2Vzc19pZDogMzcyNTU4MDMzOAp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiAxMTg2ODk0...
ad.doubleclick.net/ddm/activity/ Frame AA7E 		0
858 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/ddm/activity/attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwMDI2MzcwMTQ2OTIwMQogIHNlcnZlcl9pcDogMTM1MzkyNDgwCiAgcHJvY2Vzc19pZDogMzcyNTU4MDMzOAp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiAxMTg2ODk0MwphZHZlcnRpc2VyX2RvbWFpbjogImh0dHBzOi8vcmVkaW50ZWxsaWdlbmNlLm5ldCIKeGZhX2F0dHJpYnV0aW9uX2ludGVyYWN0aW9uX3R5cGU6IFZJRVcKaW1wcmVzc2lvbl9wcmlvcml0eTogMAppbXByZXNzaW9uX2V4cGlyeV9pbl9kYXlzOiAzMApldmVudF9pbXByZXNzaW9uX2lkOiAyNTI1MTg2MzQ5NjA3ODA1MzM1CmRlYnVnX2tleTogNTQ2OTYyNjgyMzkwMTAzODA4MgppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9QUk9EVUNUX1RZUEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDIKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fSU5URVJBQ1RJT05fVFlQRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMwogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9JTlRFUkFDVElPTl9EQVRFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIHN0cmluZ192YWx1ZTogIjIwMjMtMTEtMTciCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0ZMT09ETElHSFRfQ09ORklHX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAxMTg2ODk0MwogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9DT1JFX1BMQVRGT1JNX1NFUlZJQ0UKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDAKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUExBVEZPUk1fVFlQRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMAogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9RVUVSWV9DT1VOVFJZCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIHN0cmluZ192YWx1ZTogIlVTIgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9QTEFDRU1FTlRfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDMzMjE0OTUxMgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9EVjNfQURWRVJUSVNFUl9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogODc4MjQzNjk2CiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0RWM19MSU5FX0lURU1fSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDE2NjI2NzkwMjA5CiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0RWM19DUkVBVElWRV9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogNDE1Mzc2NTM1CiAgfQp9CmFyY2hldHlwZV9pZDogMTIKYXJjaGV0eXBlX2lkOiAxMwphcmNoZXR5cGVfaWQ6IDE0CmFyY2hldHlwZV9pZDogMTUKYWR2ZXJ0aXNlcl9jb252ZXJzaW9uX2RvbWFpbnM6ICJodHRwczovL3JlZGludGVsbGlnZW5jZS5uZXQiCmFkdmVydGlzZXJfY29udmVyc2lvbl9kb21haW5zOiAiaHR0cHM6Ly9hZC1zcnYubmV0IgphZHZlcnRpc2VyX2NvbnZlcnNpb25fZG9tYWluczogImh0dHBzOi8va2xpY2std2VsdC5kZSIKaW1wcmVzc2lvbl9ldmVudF9yZXBvcnRpbmdfd2luZG93X2RheXM6IDQKYnJvd3Nlcl9hdHRyaWJ1dGlvbl9hcGlfcmVxdWVzdF9wcm9jZXNzaW5nX2JpdHM6IDc1NDk3NDcyMAo
Requested by
Host: e69be1acc319b7940667230e1b27285a.safeframe.googlesyndication.com
URL: https://e69be1acc319b7940667230e1b27285a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f6.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://e69be1acc319b7940667230e1b27285a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 23:28:21 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"aggregation_keys":{"12":"0x5e5b09cb561a004f0000000000000000","13":"0xcdd198c6cac28eb30000000000000000","14":"0x3e4d0f3d7697134a0000000000000000","15":"0xffb6c7f24e85850c0000000000000000"},"debug_key":"5469626823901038082","debug_reporting":true,"destination":"https://redintelligence.net","event_report_window":"345600","expiry":"2592000","filter_data":{"14":[],"8":["11868943"]},"priority":"0","source_event_id":"2525186349607805335"}
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
image/png
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
jsk
ialaddin.genieesspv.jp/yie/ld/ Frame EC89 		724 B
643 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ialaddin.genieesspv.jp/yie/ld/jsk?zoneid=1550967&cb=18784303454&charset=UTF-8&loc=https%3A%2F%2Fwww.bg3.co%2Fa%2Fgan-da-jue-zhan-2-0ban-ben-xian-feng-ce-shi-zheng-shi-kai-qi.html&sw=1200&sh=1600&topframe=0
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/gan-da-jue-zhan-2-0ban-ben-xian-feng-ce-shi-zheng-shi-kai-qi.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
133.186.12.11 Yokohama, Japan, ASN10010 (TOKAI TOKAI Communications Corporation, JP),
Reverse DNS
p011.net133186012.broadline.ne.jp
Software
/
Resource Hash
f37bbc7351a147c46e39abbc29083386e848eb80396410db8bf3257732926c5d

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 23:28:22 GMT
content-encoding
gzip
content-type
text/javascript; charset=UTF-8
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
cross-origin-resource-policy
cross-origin
expires
Mon, 26 Jul 1997 05:00:00 GMT
im-uid-hook.js
dmp.im-apps.net/scripts/ Frame EC89 		633 B
597 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dmp.im-apps.net/scripts/im-uid-hook.js?cid=3929
Requested by
Host: js.genieessp.com
URL: https://js.genieessp.com/t/550/967/a1550967.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:25::1726:6212 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
21bd977042a76480805895c3bc4371d79fe7da93c8cf7af08687e0b58f4e39ad

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 23:28:21 GMT
content-encoding
gzip
vary
Accept-Encoding
p3p
CP="NOI PSD OTR"
content-type
text/javascript
cache-control
private, max-age=14400
content-length
445
expires
Sat, 18 Nov 2023 03:28:21 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 0F4C 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301107&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1700263700&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fgan-da-jue-zhan-2-0ban-ben-xian-feng-ce-shi-zheng-shi-kai-qi.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700263699852&bpp=373&bdt=957&idt=674&shv=r20231109&mjsv=m202311150101&ptt=5&saldr=sd&cookie=ID%3D67ba635910e4b7f5%3AT%3D1700263698%3ART%3D1700263698%3AS%3DALNI_MYfdLeeGEUs_u4xhLyM1aaGhlYZ8A&gpic=UID%3D00000ccb78c79d18%3AT%3D1700263698%3ART%3D1700263698%3AS%3DALNI_Ma9K7e3u3n3MVNni0SLNgfeVAFKew&correlator=4811963659438&frm=23&ife=1&pv=2&ga_vid=1983550272.1700263699&ga_sid=1700263701&ga_hid=1445068936&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=4601&biw=1600&bih=1200&isw=336&ish=280&ifk=4111683719&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44809315%2C31078297%2C31079757%2C44807764%2C44808148%2C44808284%2C44809055%2C31079654&oid=2&pvsid=223067076498789&tmod=1819883492&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.d74at48l467t&btvi=1&fsb=1&dtd=866
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
50586
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 17 Nov 2023 09:25:15 GMT
etag
48472445140208031
expires
Sat, 18 Nov 2023 09:25:15 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
2807012581319857726
tpc.googlesyndication.com/daca_images/simgad/ Frame 73A5 		55 KB
55 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/daca_images/simgad/2807012581319857726?w=600&h=500&tw=1&q=75
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301107&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1700263700&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fgan-da-jue-zhan-2-0ban-ben-xian-feng-ce-shi-zheng-shi-kai-qi.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700263699852&bpp=373&bdt=957&idt=674&shv=r20231109&mjsv=m202311150101&ptt=5&saldr=sd&cookie=ID%3D67ba635910e4b7f5%3AT%3D1700263698%3ART%3D1700263698%3AS%3DALNI_MYfdLeeGEUs_u4xhLyM1aaGhlYZ8A&gpic=UID%3D00000ccb78c79d18%3AT%3D1700263698%3ART%3D1700263698%3AS%3DALNI_Ma9K7e3u3n3MVNni0SLNgfeVAFKew&correlator=4811963659438&frm=23&ife=1&pv=2&ga_vid=1983550272.1700263699&ga_sid=1700263701&ga_hid=1445068936&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=4601&biw=1600&bih=1200&isw=336&ish=280&ifk=4111683719&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44809315%2C31078297%2C31079757%2C44807764%2C44808148%2C44808284%2C44809055%2C31079654&oid=2&pvsid=223067076498789&tmod=1819883492&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.d74at48l467t&btvi=1&fsb=1&dtd=866
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6f02440a5873adfe5e342a770c2f2b17479d8fad97eacd09ba09714df6548b51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 23:28:21 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
55838
x-xss-protection
0
last-modified
Mon, 08 May 2023 19:22:37 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 24 Nov 2023 23:28:21 GMT
GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
pagead2.googlesyndication.com/bg/ Frame EAF4 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 09:24:52 GMT
content-encoding
br
x-content-type-options
nosniff
age
50609
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15296
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 16:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 16 Nov 2024 09:24:52 GMT
so0m3m0ljrhx
hal9000.redintelligence.net/zone/ Frame AA7E 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal9000.redintelligence.net/zone/so0m3m0ljrhx?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC6pZEFPdXZa_XIsqwjuwPh4KTwAuRwdCbadvvg5LcD_AuEAEguoTAM2D1lc6B4ATIAQmpAgB3GZzURLI-qAMByAObBKoElQJP0MuAmbni0qRdAl2GQ15mfJqI8jBT1EXLmBaN8QGTUSyxI2DIL1LWDQlRV3ErfFUQN2xZhcZcYjfHpd02WbYpYVcgxVa_h3w9SzfyL5M-jaer2oq7oE4trf7asYFUPk2cylZiVItmQl-50fmEMzQCfc_KeY6ZkT0MYqDWMVjGDLnhUTl_UskokwgmgjiVCGJiya8Y7YsC7x_tznb6L_IMT7liQArEj7nLjzgQAodvL-ez8eSZ6BOubOUQryLo4rG2VX5RxTxrCxgoYilh5v9iF5TfVwPvQ8HJADU9BGw2hW3HmjOxpzL-yoqZHv3xYcMeQ2i2fjdoUdGMsigM7326qt8ogxzdcIgMoah1TwNF_nBjkP_2wAT6xouO_APgBAOIBcHeovg9kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgGEQARgdMgKKAjoCgEBIvf3BOvIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MIAKA5gLAcgLAYAMAaIMECoOCgzktLEC7rWxArW4sQKqDQJDSOINEwjSmpXvl8yCAxVKmIMHHQfBBLiwE5W10Q7QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSOwDICaaNonCv42U-V00sIxS6ShBUvzNkB12a227OL6ZaMDUVKNa-ovkijV3RNzk-BLoQTtbI6QvbZ5_UGAE%26sig%3DAOD64_3xDkeHHdnKrkP34zL7BjtLu2G2pw%26client%3Dca-pub-8933329999391104%26dbm_c%3DAKAmf-CdRn7msXOEYnftea3QbCUVnoG3r-rQc2EDLIbEfzrNWh9FW93SCO7y_M-9TZQoXl6kiyPsHiHLGx_0wTXvLuNxNmZV3ckUXPRwffhLq49Qw9sRXxzSgu1t_WbKYlENTu5AlpldCPsZf--1L7-7XHqj3E_DtXCB_i03u_8EIYlvip9f7gI%26cry%3D1%26dbm_d%3DAKAmf-B8_CuodcRBauxTE69TYKyNvCJmF4Eq6_zinXqVVdmO9XEpu2KCO9bgga3KZmrhlNus8j0iwaOy88htQ6F1H0ERMIbaW46ZqaCn61mI6SmDiTFCiYfiwA9Sls60SL-MTAsDtw4CP9ymZbhcKNakahRHgr8a9E0wgzby-qS5fif0lyHWBS61bWogaN6XXCKm3tz2HHSulzU1Ltcxzb3NJyDfI-nByTKDBBCgkxklffCK1TiSg2zoSeaKmcQL9LzCK2ck5lz8wZJXwXpqunIN8CYWCK_w8cBuJsKt4MpYYQE44VEsG6NN6xuX2nghb3WV1UfUcEJZLaE7AUE35o06PvT7PZl_PfRgVQrqqAcsDtdjvNDdNT3r-Kw4BkERKzatsVuLN83hdOmTp6KeIRRVoiTo3rYg2PTxZjCeJVpWwmF42oH0grM32tvnuTSxeaJTcxsvz4XKPnusBocjPDd9Pq5ZqXtVoCmVegdflj4nhoRPSbRYZrZMqfX59OfejAEVW-5Wcir3LoWHsK8SqlZOEPrTq0dyhhiUTkKCMUSv200XjH5KV9PJ9qYQlgdo9X3emWShRzuBjnQ5Zo8pRFy64nCbLs9mL0ZYMOcrowfvFRCfKr1ckfbytQxiMQpdKfOJWBHa_rdB%26adurl%3D
Requested by
Host: e69be1acc319b7940667230e1b27285a.safeframe.googlesyndication.com
URL: https://e69be1acc319b7940667230e1b27285a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
94.130.102.164 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.164.102.130.94.clients.your-server.de
Software
Apache /
Resource Hash
f74a63a9271ef4e3636372bba5b8dfd7c24f4b1276f6d517550ba5f4794a5d41

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://e69be1acc319b7940667230e1b27285a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 17 Nov 2023 23:28:21 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
4292
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
collect
region1.google-analytics.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-Z0TZ7TDHS1&gtm=45je3b81v886690812&_p=1700263698186&gcd=11l1l1l1l1&dma=0&cid=1983550272.1700263699&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1700263701&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fgan-da-jue-zhan-2-0ban-ben-xian-feng-ce-shi-zheng-shi-kai-qi.html&dt=%E3%80%8A%E6%95%A2%E9%81%94%E6%B1%BA%E6%88%B0%E3%80%8B2.0%E7%89%88%E6%9C%AC%E5%85%88%E9%8B%92%E6%B8%AC%E8%A9%A6%E6%AD%A3%E5%BC%8F%E9%96%8B%E5%95%93%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&en=link_preview&_fv=1&_ss=1&_ee=1&epn.value=1&epn.siteid=42753&ep.error_msg=no_mapping_success&tfd=5038
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 23:28:21 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bounce
ib.adnxs.com/ Frame EA13
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEJcWd79BewZmjR1xvJaVtDM&google_cver=1
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEJcWd79BewZmjR1xvJaVtDM%26google_cver%3D1
43 B
929 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEJcWd79BewZmjR1xvJaVtDM%26google_cver%3D1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CICSjpAFEL_Xk7MFGJm3nv0BMAE&v=APEucNV76Er58snaS69f70Y5LC7kDRq2f7nNo5GsQVoXErHcct0TBveTDv05G4igKBNvTsYA6XTrRSm-6OtrGzyxJQ_vCM5O-A
Protocol
H2
Server
185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 23:28:21 GMT
an-x-request-uuid
38a1f6e9-85d9-4b29-98ba-1510c5bd65a3
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
195.206.105.131; 195.206.105.131; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 17 Nov 2023 23:28:21 GMT
an-x-request-uuid
d8fa2e83-3ede-47a2-b386-90b77d8970a3
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
location
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEJcWd79BewZmjR1xvJaVtDM%26google_cver%3D1
cache-control
no-store, no-cache, private
x-proxy-origin
195.206.105.131; 195.206.105.131; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame EA13
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTAxMTQyNDIzNTY4NjAxNjA4MQ%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTAxMTQyNDIzNTY4NjAxNjA4MQ%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CICSjpAFEL_Xk7MFGJm3nv0BMAE&v=APEucNV76Er58snaS69f70Y5LC7kDRq2f7nNo5GsQVoXErHcct0TBveTDv05G4igKBNvTsYA6XTrRSm-6OtrGzyxJQ_vCM5O-A
Protocol
H3
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s10-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 23:28:21 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 17 Nov 2023 23:28:21 GMT
an-x-request-uuid
36c7b318-ebf7-4b30-8017-9ea3577fb646
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTAxMTQyNDIzNTY4NjAxNjA4MQ%3D%3D
x-proxy-origin
195.206.105.131; 195.206.105.131; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame EA13
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEPbO6BoYRSY-2skzJzKDhAs&google_cver=1
  • https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESEPbO6BoYRSY-2skzJzKDhAs&google_cver=1
43 B
180 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESEPbO6BoYRSY-2skzJzKDhAs&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CICSjpAFEL_Xk7MFGJm3nv0BMAE&v=APEucNV76Er58snaS69f70Y5LC7kDRq2f7nNo5GsQVoXErHcct0TBveTDv05G4igKBNvTsYA6XTrRSm-6OtrGzyxJQ_vCM5O-A
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 23:28:21 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESEPbO6BoYRSY-2skzJzKDhAs&google_cver=1
date
Fri, 17 Nov 2023 23:28:21 GMT
via
1.1 google
server
OXGW/0.0.0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
p3p
CP="CUR ADM OUR NOR STA NID"
pixel
cm.g.doubleclick.net/ Frame EA13
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
  • https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YWY1Y2U1NmEtZmMxNC0yMjNhLWY2M2ItNTQ2M2RmYWZkN2E5
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YWY1Y2U1NmEtZmMxNC0yMjNhLWY2M2ItNTQ2M2RmYWZkN2E5
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CICSjpAFEL_Xk7MFGJm3nv0BMAE&v=APEucNV76Er58snaS69f70Y5LC7kDRq2f7nNo5GsQVoXErHcct0TBveTDv05G4igKBNvTsYA6XTrRSm-6OtrGzyxJQ_vCM5O-A
Protocol
H3
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s10-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 23:28:21 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Fri, 17 Nov 2023 23:28:21 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YWY1Y2U1NmEtZmMxNC0yMjNhLWY2M2ItNTQ2M2RmYWZkN2E5
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame F8BC 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=671176202785&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://e69be1acc319b7940667230e1b27285a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 23:28:21 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame F8BC 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=671176202785&version=m202309260101&ct=76&x=1&cor=4735922097654297000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://e69be1acc319b7940667230e1b27285a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 23:28:21 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame F8BC 		91 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CJ0dopTW99RVXMkwGyPRforKeqonl14px6BUuJcPK6ekP52coiAfPWsG9679pYnsS1SH3H-yrMKb_N0f5vnsEXB-dJxWNMX-nV4wQjYcOTSAoAm_z2P9GYHJPFKYfSv2B1KISoV11CDIsvqp1D0-Y3UqNRRK-cYOMK3haGidZfmGuJyvw&dbm_d=AKAmf-BV_DTI5uh_xLH2-5ks_tnYCpdkHE2YKGv2gSD8mLdQt2_awENI5mOlDvJtAmzn_wsMb7t4Mb38fxPGyCo2aItHWAoVVBZiJqLyoSNsdI5GbcPCS2tJUEedy8Hxkqm0kVwwy9ZzDsxVdS8lzkIyFAkO3beJq_2PVusy5xOY5ucp6p6_nDOt4RH1oZfTstzj4LYCSar9hljxMdtuyt5BDUuF4-97gyk7jweKj7-EfvNVGDtUirYWQ2lodIet87nnGTZbPZO-RGB-pPQUl__u-qswYYx_rx75u-CYSpKwUJAP3_2GsJwCitRZV4pQDMHMbQWetHBvxM3RtBofhSp5HNYxlk9sOBmWyE3JUfxSE9u9la90S2W5Z83ujD-nguZF1aftBD08bV9xXFymhtQxT27oGOujsxIrcjdD7S4-eVrfcOVq7NdaxB0mgMlXVjrMXjJTVTaZ8rwV9K3BiEdkTQs6GtL9dbXZSJnjMUmjBWpiSJXys7YWC_Kw2AZ6jxUWPSh2EtKmpPECjoqsRA0cSEf0hHAagLZseY6mRDHXCQZgTs_xqocngGizjKOuA0ziO0T4fhM1Ox0K0k3d2fncPGni-iW-tSPkxxMIDEnw_0lO7SRa195UFm5eTIWlBwaIucD8iblMa-KXPlWN0aqrNyXkeWis89SJ3B2EE3fHLkbiZgcvl-5HwrQWg6EAOyeA6tPwGhEfTtZBw-S-U-QhenRCZyrIER2exc7yjYYiH66k-2ehBNp9J360CeLOBzsFLZVAhVoXER51760CyB7VmzZdIa-fUtqS9hdatvur-BKT0nP39_oCkTiFthBsz7tIQ4UhfFI28UBg6rPjKezs6-9up_4Qv0vrerbKYMLrLPYrjqDk8MmaXYOzgimrmRZ3TeevMxxpy_uOEjp4pIVazWIC-4rBfJIshIzbEI7rWfDzUC5jCD4lYSTm-VQesRK9cCYMnyzexm3d3gRFSR_bWYYHUrBCUGYAL9N1eSsbpyKkPBTg90RGjGzIZlgTfw6f3dguEIY3KkTcUo8Z0p6kqGhWez_w4dLSplvhTmNgVoyhfYBVwXS6mFvhXz-bbOem5aJVR86V7KX7OM9UrFNGi34gEpfSUOkFuAl9PhJIIDLb1cSzsUH-tMphC5TDcBjTeT20M-J91Ekekv6_EN9-8RkdgzA2W7jrqVYiyBmwa3e718puzYjK6iTUAk0UEIyOmB9Kg1qy5Zp7BFnmbBaXv46kZ47ZPBYJkCdMsU6kBScU61ACvFFCTu0hxyzZJRpqkGtaB-u9K_PsX20IE8D9pUhYdtrWfy6__ag4vr1UhEP7fhIStB1dNmJAyrSc8BVw-qOQ0JLzj-rfwAP7tH4hU3wMK2f8ARMHEKQHg4FJLn4cCYNMvY0sscKSGoemrAgiWCKU6uFsweRO2Y-vdmUrwQENaNFD6CQPDE8fe0wH27jo9zZpDb8y0GQX-4ptfEEpDGJDjfy4o337bpwUVvoAE7f_PXjDR0h1qEQHdEJBaa9zC_0GzErnH4B9R_nMF-FtMnxFwUVVQvn0FoK0yRpuo06nMLKYIoA5JMGx828qzbOQU3OIy7gg7o-tTKjvskbJ6S8xc5GbpIQEb3WC-oWBr3LC5OyRLQW5P9QiVh67rE4Ukt9fKhFSYgPuV6ZRzxPQtd4KxAiYXOvUHfArAlxGOwCcC_fZ1BJyO9zZPSq_8GlXe8z96Yc07rhoFgc0u5mO0VUK7tSYJ6J7rkmk1ea665kSJIyIr7tkpFouMiRHAsBiS2Hs1G1AzGULKtQkKJqlBv2mOJosa4h6exIkhxPx67g6ldblTargaBlFGA0hc823McIYYax9whBdFyJVUDJosnQMAI6jJ3CP1xw4VjcdV4I3LExkhmdzA6UOX6LXPcmpcAOjniHUIl_PFFCJbprdMQ4ANtTjUXHEoND7Muqu9hhaosWApyH6MfT5Zt0Fik5PjsSdz95L9bCYHrlgONHZbNMgTQEN7q_kfxPKrl4-042H_-aTF311KQ5RxYrWbz3Gd344beXWtMzOo6HIvssUNiXJ6mZcdoVjtC8sm0kox5aP2TUHexthcIYFlswyZZCtYk4SGBqFF7ZkH9_NoOg60w0CcNfC-jA2UKXVfhf3flqE9G1zIWpua4qrtr00ejWVAmV-uzWpqX-QUmxu-uM6DBcRUa96UBmmqiBvNAo1_TVGo82WvuITGZtMGbnKDEeZ655CZp_t1ICkbVLW4wix2OEI6zqENhXbCN7d4miMkA6nTR69tovqvfda4lPO6QwSyKkheC7ag6LedJaEBM2ti0JVPSCRkNvzGRMWZtMGUac5k-hbtSjdcF4ggM2bcGYMlw1MfoUXzhPJG9YvJeglAktJ5TqNy6fxFv99Me-9pOUBeRI6nu9LKP1C3a21Yay7Ft0NdTZPPko-Pq4h4I4Tp2mcRmkcden0pD8CT3-yD_tc8gN4yBU9-nogBojCa3oPCMLi7F5K75dJhvCkDlnL2mn-EdKR6zXZqkMKbBKlimTwVkAtZ9vxI-VqGToBDb14fgZ3ZIW54PI1FOFXMAiG9wd3Cy2ByxCz5joW3S4c1OEH8Qmzp8r8Z95HVcyYd9FzHrx-QRboLeob1T_ULitNOeTuZAZOY0ErKx54q2Ss6A5O75npwl43UwCkUsCfHW1Pd7IUPljrb3zEXSmN5QO8DGzkLSrxgZ2nZmiXzck5tjvrv-8Lkk4BKPQJ37xRWKZCs9qt8kQE_zJz-C_z5nd0OBc7DWeZBlPg8tftQjmsZokRSWgwgnMXmvCsI-GwFQymQ-zXbHz7BkW2aTw0yV9Myx-e4kw1tmTxSXGJLobuVFzR0HEvVOdpAfouuep67FPBNPmi7RNH01ybw1Ac1GbyB-cPoauDC3zaNmRJdj4346B7i0oPnbIVc9dXnbQ6JAQiltrzzTr6zmMEElsBMIu_aGdIbaeb3KrlhwAr6YBIDJiUO799W9wB7-8gsrH2Nm3qd_r8OAFzHFdgbzbhVs4TeGAc2TE7B2Ooj9lQTc9DqyapJe4pfvrzSyV-e-TqhSlxIWqM_jlbhRgJ6-b57N-daSHB9kQkD6j66bkUXbqTNw1iXNvYzxLDW0-Of_44ixfa-2mUmDOwiYUUAr2pouzzowzU36VUta7h8oKyQlHwrVYCX8RHA_QQ5AfdHo30Lr6YAdXIlBiRy53qStrcpsbIfQjXKgRIRZXwjVmTPflkaGAmisCMn-APe5YZDMEPu5SthEt_cEf-V7LRpmvd-T3amGixK9YsIAwUA7IYIaEaGHX2YUHZOPGh8pV1jbIorRj3thZdkv_VKThtmMTIg5eRRDQAx97t-lZxmM4SUHzr9H6iql497uKg45i6ZIEV1NIzH4_4gYglDoX7CoMOnUE8FGxTZz36VlE253ClOghqK_8eU4Zs0qF5J_vX1jiQl_OgGVFZO789bs9aeUr8v1HxqQGr8bBqwRuyGDOSmGp0d5jc4bh4wEIuBsBT2_oaaKNDnChrY-82Y02GGQXJDZyBe4Q6_RJMmqhBY-N0-Vy4Vf8auUNH82WJ5t8jxlZNVvqZstRD3JGaYnz3nKbfGxoq2wUZ4Dk5wEN0nsV2d9ZfZnbT0-UDyHxy8Sz0OsQRKgkwcomI3eXJFe6yGKTGBA5hSLMd7KgNP-xgXdHxLucMx4n306n-iZ5nNBLLg4HZERxiWlOzLxXEogFtalE6Vo2n5RD6SOqL9-EBEc7dj4UrRaprnfBpWQfOEb2kNOXMM0CmV2HbyeXfj4Imrj5qUHwbbFORNo5ixOLC83KWHJD_aO88SEcCUDgin-a5YUz4UrKGZkqrq0xKbGoUggA5wm9PLJFnoqHh4UsADKwu9CgeXEWpD5TvHQv1dMMGNR86CCcNFQ4EA_XwpVp6Qhg4E58ZGX-cN1ezf_4EZxiBOygkRzES_Hw3n4Mr0VfwKpIAnGrea9NH_yYCejWjZs6DZQQsw_irMkFe2Qkr3gpdF0tp4UYPWcUS42RGt7U4ARmPjadiMWwFi6LSw9hfzq5nrOHuCiUmv5v2rKw2BaUiCP6vKLNAG52GOgo8M722xn_yOkOEZW7RhFM&cid=CAQSOwDICaaNenLNWjULoOSx9ZfWg57BNHcFaVU6RfXQUVw_cEdSNFn428AXA_X80h1ORO5JjaOTY9mcZmLxGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.bg3.co%2F&ds=l&xdt=1&iif=1&cor=4735922097654297000&adk=3661671305&idt=66&cac=0&dtd=7
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e6446f24a6beff2d543e5993037fa1adf7fdb49f3ad0d2dbe968466f90e1cad4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://e69be1acc319b7940667230e1b27285a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 23:28:21 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39088
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame 73A5 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f9a31c51aefdaa704fb11e7c510ea28abcc7205cac08e6ca5c6fed4644ca718b

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 986B 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://e69be1acc319b7940667230e1b27285a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
63841
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 17 Nov 2023 05:44:20 GMT
expires
Sat, 16 Nov 2024 05:44:20 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pixel
cm.g.doubleclick.net/ Frame 0F4C
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEHenlYn4jYXHtikWzTxgS40&google_cve...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEHenlYn4jYXHtikWzTxgS40&goog...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=UDRQNWU2SVoxUjQ4ZzU1&google_gid=CAESEHenlYn4jYXHtikWzTxgS40&google_cver=1&google_push=AXcoOmRuOpgtp1k9C0CCSV4ZZj-LnMi_l25P-f7dpRU7CEm...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=UDRQNWU2SVoxUjQ4ZzU1&google_gid=CAESEHenlYn4jYXHtikWzTxgS40&google_cver=1&google_push=AXcoOmRuOpgtp1k9C0CCSV4ZZj-LnMi_l25P-f7dpRU7CEmjJdDemfWY9wbwUnbCIh_F_B9Mfkr2-ZHLRZ33-ZqsMj8T3c-rbw8bJwak132BhhGFPxPLncauAfpfNDkpyFw_77j9Y4vD-eV0p-sve_rInB0a
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/gan-da-jue-zhan-2-0ban-ben-xian-feng-ce-shi-zheng-shi-kai-qi.html
Protocol
H3
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s10-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 23:28:22 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 17 Nov 2023 23:28:21 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-795-gb641a57#rel-ec2-master i-006fa252bd7417634@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=UDRQNWU2SVoxUjQ4ZzU1&google_gid=CAESEHenlYn4jYXHtikWzTxgS40&google_cver=1&google_push=AXcoOmRuOpgtp1k9C0CCSV4ZZj-LnMi_l25P-f7dpRU7CEmjJdDemfWY9wbwUnbCIh_F_B9Mfkr2-ZHLRZ33-ZqsMj8T3c-rbw8bJwak132BhhGFPxPLncauAfpfNDkpyFw_77j9Y4vD-eV0p-sve_rInB0a
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 0F4C
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEGnHlKRRpC7LShq6n2wU4gI&google_cver=1&google_push=AXcoOmQjOZvTbo2MMbp8aJtorMQa6XXjd4uQCmeibqWRUJIOvST71Iku139klXT8NwaaiOWmtaCM_D04n-7N9I_fYOmwBGiWVWWLoI...
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=8137914E08E64EA796299417CD1DED1B&google_push=AXcoOmQjOZvTbo2MMbp8aJtorMQa6XXjd4uQCmeibqWRUJIOvST71Iku139klXT8NwaaiOWmtaCM_D04n-7N9I_...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=8137914E08E64EA796299417CD1DED1B&google_push=AXcoOmQjOZvTbo2MMbp8aJtorMQa6XXjd4uQCmeibqWRUJIOvST71Iku139klXT8NwaaiOWmtaCM_D04n-7N9I_fYOmwBGiWVWWLoI2L1tbfIAkR2UeL1I6hOhcLynuNlYPj6xTnxup185bXpmS762fpmZQ
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/gan-da-jue-zhan-2-0ban-ben-xian-feng-ce-shi-zheng-shi-kai-qi.html
Protocol
H3
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s10-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 23:28:22 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Fri, 17 Nov 2023 23:28:21 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=8137914E08E64EA796299417CD1DED1B&google_push=AXcoOmQjOZvTbo2MMbp8aJtorMQa6XXjd4uQCmeibqWRUJIOvST71Iku139klXT8NwaaiOWmtaCM_D04n-7N9I_fYOmwBGiWVWWLoI2L1tbfIAkR2UeL1I6hOhcLynuNlYPj6xTnxup185bXpmS762fpmZQ
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Thu, 16 Nov 2023 23:28:21 GMT
pixel
cm.g.doubleclick.net/ Frame 0F4C
Redirect Chain
  • https://ums.acuityplatform.com/tum?umid=4&uid=CAESEJt4QpbQi1cou9jyE_L_KxM&google_cver=1&google_push=AXcoOmRvPc3YHImgBOrhEgF-CDYP1ZSuDjDf_ZTKIItqrrRIGBTRqa7iskDmvsFG0FbcwmalOoRcdxL51GsqeaEwint7h7vUP...
  • https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=853567152842&us_privacy=1---
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=853567152842&us_privacy=1---
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/gan-da-jue-zhan-2-0ban-ben-xian-feng-ce-shi-zheng-shi-kai-qi.html
Protocol
H3
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s10-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 23:28:22 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

access-control-allow-origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=853567152842&us_privacy=1---
content-length
0
pixel
cm.g.doubleclick.net/ Frame 0F4C
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEJy3a7e3CyWb-R4wpB5JP64&google_cver=1&google_push=AXcoOmTA2St3ipZP2u4KKbW3FueUGIlTpYr8ja4JguhszbsqdKBC-7xc5zVvqvEMQ9mgW3r6x5K7v0U8...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEJy3a7e3CyWb-R4wpB5JP64&google_cver=1&google_push=AXcoOmTA2St3ipZP2u4KKbW3FueUGIlTpYr8ja4JguhszbsqdKBC-7xc5zVvqvEMQ9mgW3r6x5K...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Mjc4NTQwMzE2MTExNzE0MzY4&google_push=AXcoOmTA2St3ipZP2u4KKbW3FueUGIlTpYr8ja4JguhszbsqdKBC-7xc5zVvqvEMQ9mgW3r6x5K7v0U8...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Mjc4NTQwMzE2MTExNzE0MzY4&google_push=AXcoOmTA2St3ipZP2u4KKbW3FueUGIlTpYr8ja4JguhszbsqdKBC-7xc5zVvqvEMQ9mgW3r6x5K7v0U8ACpZXQOaU160_g6TnJseCgMB6X5rpI8bnpFZ7I0QHTr3IoESLZUQ96GSGOaRreQzhz5pVJDm8A5m
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/gan-da-jue-zhan-2-0ban-ben-xian-feng-ce-shi-zheng-shi-kai-qi.html
Protocol
H3
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s10-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 23:28:22 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 17 Nov 2023 23:28:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Mjc4NTQwMzE2MTExNzE0MzY4&google_push=AXcoOmTA2St3ipZP2u4KKbW3FueUGIlTpYr8ja4JguhszbsqdKBC-7xc5zVvqvEMQ9mgW3r6x5K7v0U8ACpZXQOaU160_g6TnJseCgMB6X5rpI8bnpFZ7I0QHTr3IoESLZUQ96GSGOaRreQzhz5pVJDm8A5m
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame 0F4C
Redirect Chain
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEDdKdWUhedOaMRn-oXZmGQc&google_cver=1&google_push=AXcoOmRt9mSDMi1SBmGgpxCN0grX4cc_V51S0MQBxIGwQ0a3la2HpKWbSzWMuVTsBoD-aLcLG2W8360c57Tp7...
  • https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEDdKdWUhedOaMRn-oXZmGQc&google_push=AXcoOmRt9mSDMi1SBmGgpxCN0grX4cc_V51S0MQBxIGwQ0a3la2HpKWbSzWMuVTsBoD-aLcLG2W8360c57Tp7...
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmRt9mSDMi1SBmGgpxCN0grX4cc_V51S0MQBxIGwQ0a3la2HpKWbSzWMuVTsBoD-aLcLG2W8360c57Tp7wOYXacj70USKg9aYfBlv2BU98s4LyRQ8pKqckxIjsM1jVb...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmRt9mSDMi1SBmGgpxCN0grX4cc_V51S0MQBxIGwQ0a3la2HpKWbSzWMuVTsBoD-aLcLG2W8360c57Tp7wOYXacj70USKg9aYfBlv2BU98s4LyRQ8pKqckxIjsM1jVbgKv0tVYKQkwhN3E2aPwnOLL3v&google_hm=WWxFWUlhZ3RBNEVzN2tScC14QjI=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/gan-da-jue-zhan-2-0ban-ben-xian-feng-ce-shi-zheng-shi-kai-qi.html
Protocol
H3
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s10-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 23:28:22 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 17 Nov 2023 23:28:22 GMT
Content-Type
text/html; charset=utf-8
Location
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmRt9mSDMi1SBmGgpxCN0grX4cc_V51S0MQBxIGwQ0a3la2HpKWbSzWMuVTsBoD-aLcLG2W8360c57Tp7wOYXacj70USKg9aYfBlv2BU98s4LyRQ8pKqckxIjsM1jVbgKv0tVYKQkwhN3E2aPwnOLL3v&google_hm=WWxFWUlhZ3RBNEVzN2tScC14QjI=
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
292
Expires
Thu, 01 Dec 1994 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 0F4C
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEM740JeQKVDqmg2I1AmrMy0&google_cver=1&google_push=AXcoOmQnlirDdu2IBYuy7FF_CAal8oEhcLfXMcekUutNnD4r2pJftoTkBH5bTyWd0abC0kweD72gLi...
  • https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AXcoOmQnlirDdu2IBYuy7FF_CAal8oEhcLfXMcekUutNnD4r2pJftoTkBH5bTyWd0abC0kweD72gLiQiO7vcZJy8W81Gq7j99w4GRn7LXvOhyERHcmsTWysAJ...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AXcoOmQnlirDdu2IBYuy7FF_CAal8oEhcLfXMcekUutNnD4r2pJftoTkBH5bTyWd0abC0kweD72gLiQiO7vcZJy8W81Gq7j99w4GRn7LXvOhyERHcmsTWysAJw7utd96nAs4FOrDc9fhOkzReGoRCOtWy10T&google_hm=MTY2MzMzNjk2OTA2OTAzNTU0NA%3D%3D
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/gan-da-jue-zhan-2-0ban-ben-xian-feng-ce-shi-zheng-shi-kai-qi.html
Protocol
H3
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s10-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 23:28:22 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AXcoOmQnlirDdu2IBYuy7FF_CAal8oEhcLfXMcekUutNnD4r2pJftoTkBH5bTyWd0abC0kweD72gLiQiO7vcZJy8W81Gq7j99w4GRn7LXvOhyERHcmsTWysAJw7utd96nAs4FOrDc9fhOkzReGoRCOtWy10T&google_hm=MTY2MzMzNjk2OTA2OTAzNTU0NA%3D%3D
date
Fri, 17 Nov 2023 23:28:21 GMT
content-length
0
attr
cm.g.doubleclick.net/pixel/ Frame 0F4C 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Ib_-_MY8xzI842jtpysMowB4qH2aokMhsZd9rObwpJW7Xd9YZ_dBZJjUo6L9EhXA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301107&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1700263700&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fgan-da-jue-zhan-2-0ban-ben-xian-feng-ce-shi-zheng-shi-kai-qi.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700263699852&bpp=373&bdt=957&idt=674&shv=r20231109&mjsv=m202311150101&ptt=5&saldr=sd&cookie=ID%3D67ba635910e4b7f5%3AT%3D1700263698%3ART%3D1700263698%3AS%3DALNI_MYfdLeeGEUs_u4xhLyM1aaGhlYZ8A&gpic=UID%3D00000ccb78c79d18%3AT%3D1700263698%3ART%3D1700263698%3AS%3DALNI_Ma9K7e3u3n3MVNni0SLNgfeVAFKew&correlator=4811963659438&frm=23&ife=1&pv=2&ga_vid=1983550272.1700263699&ga_sid=1700263701&ga_hid=1445068936&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=4601&biw=1600&bih=1200&isw=336&ish=280&ifk=4111683719&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44809315%2C31078297%2C31079757%2C44807764%2C44808148%2C44808284%2C44809055%2C31079654&oid=2&pvsid=223067076498789&tmod=1819883492&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.d74at48l467t&btvi=1&fsb=1&dtd=866
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s10-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 23:28:21 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
csi
csi.gstatic.com/ Frame 2344 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~lp393w91&c=4811963659438&slotId=2405981829719&ghmsh_eids=44752996%2C44772139%2C44777649%2C44781409%2C44802074%2C44802463%2C44804291%2C44804616&vast_v=4.0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2800:3f0:4001:82a::2003 São Paulo, Brazil, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 23:28:22 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel.gif
ad.vidverto.io/vidverto/test/ Frame 2344 		42 B
175 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/vidverto/test/pixel.gif
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.180.223.221 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-180-223-221.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 23:28:21 GMT
last-modified
Mon, 26 Oct 2020 16:14:05 GMT
server
nginx/1.14.0 (Ubuntu)
accept-ranges
bytes
etag
"5f96f5cd-2a"
content-length
42
content-type
image/gif
request.php
hal900026.redintelligence.net/ Frame AA7E
Redirect Chain
  • https://hal900026.redintelligence.net/request.php?zone=so0m3m0ljrhx&nw=20&renderingType=javascript&namespace=84a024f24a&subid=&uid=c7a972e3b0e02511&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
  • https://hal900026.redintelligence.net/request.php?zone=so0m3m0ljrhx&nw=20&renderingType=javascript&namespace=84a024f24a&subid=&uid=c7a972e3b0e02511&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
611 B
936 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900026.redintelligence.net/request.php?zone=so0m3m0ljrhx&nw=20&renderingType=javascript&namespace=84a024f24a&subid=&uid=c7a972e3b0e02511&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x75&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC6pZEFPdXZa_XIsqwjuwPh4KTwAuRwdCbadvvg5LcD_AuEAEguoTAM2D1lc6B4ATIAQmpAgB3GZzURLI-qAMByAObBKoElQJP0MuAmbni0qRdAl2GQ15mfJqI8jBT1EXLmBaN8QGTUSyxI2DIL1LWDQlRV3ErfFUQN2xZhcZcYjfHpd02WbYpYVcgxVa_h3w9SzfyL5M-jaer2oq7oE4trf7asYFUPk2cylZiVItmQl-50fmEMzQCfc_KeY6ZkT0MYqDWMVjGDLnhUTl_UskokwgmgjiVCGJiya8Y7YsC7x_tznb6L_IMT7liQArEj7nLjzgQAodvL-ez8eSZ6BOubOUQryLo4rG2VX5RxTxrCxgoYilh5v9iF5TfVwPvQ8HJADU9BGw2hW3HmjOxpzL-yoqZHv3xYcMeQ2i2fjdoUdGMsigM7326qt8ogxzdcIgMoah1TwNF_nBjkP_2wAT6xouO_APgBAOIBcHeovg9kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgGEQARgdMgKKAjoCgEBIvf3BOvIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MIAKA5gLAcgLAYAMAaIMECoOCgzktLEC7rWxArW4sQKqDQJDSOINEwjSmpXvl8yCAxVKmIMHHQfBBLiwE5W10Q7QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSOwDICaaNonCv42U-V00sIxS6ShBUvzNkB12a227OL6ZaMDUVKNa-ovkijV3RNzk-BLoQTtbI6QvbZ5_UGAE%26sig%3DAOD64_3xDkeHHdnKrkP34zL7BjtLu2G2pw%26client%3Dca-pub-8933329999391104%26dbm_c%3DAKAmf-CdRn7msXOEYnftea3QbCUVnoG3r-rQc2EDLIbEfzrNWh9FW93SCO7y_M-9TZQoXl6kiyPsHiHLGx_0wTXvLuNxNmZV3ckUXPRwffhLq49Qw9sRXxzSgu1t_WbKYlENTu5AlpldCPsZf--1L7-7XHqj3E_DtXCB_i03u_8EIYlvip9f7gI%26cry%3D1%26dbm_d%3DAKAmf-B8_CuodcRBauxTE69TYKyNvCJmF4Eq6_zinXqVVdmO9XEpu2KCO9bgga3KZmrhlNus8j0iwaOy88htQ6F1H0ERMIbaW46ZqaCn61mI6SmDiTFCiYfiwA9Sls60SL-MTAsDtw4CP9ymZbhcKNakahRHgr8a9E0wgzby-qS5fif0lyHWBS61bWogaN6XXCKm3tz2HHSulzU1Ltcxzb3NJyDfI-nByTKDBBCgkxklffCK1TiSg2zoSeaKmcQL9LzCK2ck5lz8wZJXwXpqunIN8CYWCK_w8cBuJsKt4MpYYQE44VEsG6NN6xuX2nghb3WV1UfUcEJZLaE7AUE35o06PvT7PZl_PfRgVQrqqAcsDtdjvNDdNT3r-Kw4BkERKzatsVuLN83hdOmTp6KeIRRVoiTo3rYg2PTxZjCeJVpWwmF42oH0grM32tvnuTSxeaJTcxsvz4XKPnusBocjPDd9Pq5ZqXtVoCmVegdflj4nhoRPSbRYZrZMqfX59OfejAEVW-5Wcir3LoWHsK8SqlZOEPrTq0dyhhiUTkKCMUSv200XjH5KV9PJ9qYQlgdo9X3emWShRzuBjnQ5Zo8pRFy64nCbLs9mL0ZYMOcrowfvFRCfKr1ckfbytQxiMQpdKfOJWBHa_rdB%26adurl%3D&documentReferer=https%3A%2F%2Fwww.bg3.co%2F&ancestorOrigins=https%3A%2F%2Fwww.bg3.co&random=7219934115838&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by
Host: e69be1acc319b7940667230e1b27285a.safeframe.googlesyndication.com
URL: https://e69be1acc319b7940667230e1b27285a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Server
138.201.84.244 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.244.84.201.138.clients.your-server.de
Software
Apache /
Resource Hash
2d4a4c81de094642a2a1d2ce6faee4b6aadd0e063b252cdba0e78ba55ea79622

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://e69be1acc319b7940667230e1b27285a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 17 Nov 2023 23:28:22 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type
application/x-javascript; charset=utf-8
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId
21765500001811404438446012512026
Connection
close
Content-Length
330
Expires
Fri, 17 Nov 2023 23:28:22 +0100

Redirect headers

Pragma
no-cache
Date
Fri, 17 Nov 2023 23:28:21 GMT
Server
Apache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location
request.php?zone=so0m3m0ljrhx&nw=20&renderingType=javascript&namespace=84a024f24a&subid=&uid=c7a972e3b0e02511&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x75&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC6pZEFPdXZa_XIsqwjuwPh4KTwAuRwdCbadvvg5LcD_AuEAEguoTAM2D1lc6B4ATIAQmpAgB3GZzURLI-qAMByAObBKoElQJP0MuAmbni0qRdAl2GQ15mfJqI8jBT1EXLmBaN8QGTUSyxI2DIL1LWDQlRV3ErfFUQN2xZhcZcYjfHpd02WbYpYVcgxVa_h3w9SzfyL5M-jaer2oq7oE4trf7asYFUPk2cylZiVItmQl-50fmEMzQCfc_KeY6ZkT0MYqDWMVjGDLnhUTl_UskokwgmgjiVCGJiya8Y7YsC7x_tznb6L_IMT7liQArEj7nLjzgQAodvL-ez8eSZ6BOubOUQryLo4rG2VX5RxTxrCxgoYilh5v9iF5TfVwPvQ8HJADU9BGw2hW3HmjOxpzL-yoqZHv3xYcMeQ2i2fjdoUdGMsigM7326qt8ogxzdcIgMoah1TwNF_nBjkP_2wAT6xouO_APgBAOIBcHeovg9kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgGEQARgdMgKKAjoCgEBIvf3BOvIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MIAKA5gLAcgLAYAMAaIMECoOCgzktLEC7rWxArW4sQKqDQJDSOINEwjSmpXvl8yCAxVKmIMHHQfBBLiwE5W10Q7QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSOwDICaaNonCv42U-V00sIxS6ShBUvzNkB12a227OL6ZaMDUVKNa-ovkijV3RNzk-BLoQTtbI6QvbZ5_UGAE%26sig%3DAOD64_3xDkeHHdnKrkP34zL7BjtLu2G2pw%26client%3Dca-pub-8933329999391104%26dbm_c%3DAKAmf-CdRn7msXOEYnftea3QbCUVnoG3r-rQc2EDLIbEfzrNWh9FW93SCO7y_M-9TZQoXl6kiyPsHiHLGx_0wTXvLuNxNmZV3ckUXPRwffhLq49Qw9sRXxzSgu1t_WbKYlENTu5AlpldCPsZf--1L7-7XHqj3E_DtXCB_i03u_8EIYlvip9f7gI%26cry%3D1%26dbm_d%3DAKAmf-B8_CuodcRBauxTE69TYKyNvCJmF4Eq6_zinXqVVdmO9XEpu2KCO9bgga3KZmrhlNus8j0iwaOy88htQ6F1H0ERMIbaW46ZqaCn61mI6SmDiTFCiYfiwA9Sls60SL-MTAsDtw4CP9ymZbhcKNakahRHgr8a9E0wgzby-qS5fif0lyHWBS61bWogaN6XXCKm3tz2HHSulzU1Ltcxzb3NJyDfI-nByTKDBBCgkxklffCK1TiSg2zoSeaKmcQL9LzCK2ck5lz8wZJXwXpqunIN8CYWCK_w8cBuJsKt4MpYYQE44VEsG6NN6xuX2nghb3WV1UfUcEJZLaE7AUE35o06PvT7PZl_PfRgVQrqqAcsDtdjvNDdNT3r-Kw4BkERKzatsVuLN83hdOmTp6KeIRRVoiTo3rYg2PTxZjCeJVpWwmF42oH0grM32tvnuTSxeaJTcxsvz4XKPnusBocjPDd9Pq5ZqXtVoCmVegdflj4nhoRPSbRYZrZMqfX59OfejAEVW-5Wcir3LoWHsK8SqlZOEPrTq0dyhhiUTkKCMUSv200XjH5KV9PJ9qYQlgdo9X3emWShRzuBjnQ5Zo8pRFy64nCbLs9mL0ZYMOcrowfvFRCfKr1ckfbytQxiMQpdKfOJWBHa_rdB%26adurl%3D&documentReferer=https%3A%2F%2Fwww.bg3.co%2F&ancestorOrigins=https%3A%2F%2Fwww.bg3.co&random=7219934115838&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Content-Type
text/html; charset=UTF-8
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Length
0
Expires
Fri, 17 Nov 2023 23:28:21 +0100
sodar
pagead2.googlesyndication.com/getconfig/ Frame AC3D 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231109&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/show_ads_impl_fy2021.js?bust=31079757
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00d49d1a214f5043a727abc1e12c4bf62c485a2db2eadec6e43310cd8d483523
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 23:28:21 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12499
x-xss-protection
0
im-uid.js
dmp.im-apps.net/sdk/ Frame EC89 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dmp.im-apps.net/sdk/im-uid.js
Requested by
Host: dmp.im-apps.net
URL: https://dmp.im-apps.net/scripts/im-uid-hook.js?cid=3929
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:25::1726:6212 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
957135063edbb7272a9f5247b887095262f77644fa42419381bf7ca2b0622bb8

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
Ewv0cV5pGNUFzf4cpCFpusOmzbO5pqOY
content-encoding
gzip
date
Fri, 17 Nov 2023 23:28:21 GMT
last-modified
Fri, 21 Apr 2023 06:05:08 GMT
etag
"14ccaf76e8933bdcf899015e943cd2df"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript
p3p
CP="NOI PSD OTR"
cache-control
max-age=10800
x-amz-replication-status
COMPLETED
accept-ranges
bytes
content-length
2434
expires
Sat, 18 Nov 2023 02:28:21 GMT
csi
csi.gstatic.com/ Frame 2344 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=3~lp393wqe&c=4811963659438&slotId=2405981829719&faa=1
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2800:3f0:4001:82a::2003 São Paulo, Brazil, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 23:28:22 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel.gif
ad.vidverto.io/vidverto/test/ Frame 2344 		42 B
174 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/vidverto/test/pixel.gif
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.180.223.221 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-180-223-221.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 23:28:21 GMT
last-modified
Mon, 26 Oct 2020 16:14:05 GMT
server
nginx/1.14.0 (Ubuntu)
accept-ranges
bytes
etag
"5f96f5cd-2a"
content-length
42
content-type
image/gif
Yf5BzeG23wDzTlqXlXQekm6IYbjoDTlv95nUi6zaUwA.js
pagead2.googlesyndication.com/bg/ Frame 3273 		38 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Yf5BzeG23wDzTlqXlXQekm6IYbjoDTlv95nUi6zaUwA.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301107&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1700263700&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fgan-da-jue-zhan-2-0ban-ben-xian-feng-ce-shi-zheng-shi-kai-qi.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700263699852&bpp=373&bdt=957&idt=674&shv=r20231109&mjsv=m202311150101&ptt=5&saldr=sd&cookie=ID%3D67ba635910e4b7f5%3AT%3D1700263698%3ART%3D1700263698%3AS%3DALNI_MYfdLeeGEUs_u4xhLyM1aaGhlYZ8A&gpic=UID%3D00000ccb78c79d18%3AT%3D1700263698%3ART%3D1700263698%3AS%3DALNI_Ma9K7e3u3n3MVNni0SLNgfeVAFKew&correlator=4811963659438&frm=23&ife=1&pv=2&ga_vid=1983550272.1700263699&ga_sid=1700263701&ga_hid=1445068936&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=4601&biw=1600&bih=1200&isw=336&ish=280&ifk=4111683719&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44809315%2C31078297%2C31079757%2C44807764%2C44808148%2C44808284%2C44809055%2C31079654&oid=2&pvsid=223067076498789&tmod=1819883492&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.d74at48l467t&btvi=1&fsb=1&dtd=866
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61fe41cde1b6df00f34e5a9795741e926e8861b8e80d396ff799d48bacda5300
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 13 Nov 2023 03:55:31 GMT
content-encoding
br
x-content-type-options
nosniff
age
415970
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14900
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 16:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 12 Nov 2024 03:55:31 GMT
pixel.gif
ad.vidverto.io/vidverto/test/ Frame 2344 		42 B
174 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/vidverto/test/pixel.gif
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.180.223.221 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-180-223-221.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 23:28:21 GMT
last-modified
Mon, 26 Oct 2020 16:14:05 GMT
server
nginx/1.14.0 (Ubuntu)
accept-ranges
bytes
etag
"5f96f5cd-2a"
content-length
42
content-type
image/gif
express_html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame F8BC 		111 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/gan-da-jue-zhan-2-0ban-ben-xian-feng-ce-shi-zheng-shi-kai-qi.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://e69be1acc319b7940667230e1b27285a.safeframe.googlesyndication.com/
Origin
https://e69be1acc319b7940667230e1b27285a.safeframe.googlesyndication.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 05:44:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
63852
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39806
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:44:05 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 18 Nov 2023 05:44:10 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/ Frame F8BC 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CJ0dopTW99RVXMkwGyPRforKeqonl14px6BUuJcPK6ekP52coiAfPWsG9679pYnsS1SH3H-yrMKb_N0f5vnsEXB-dJxWNMX-nV4wQjYcOTSAoAm_z2P9GYHJPFKYfSv2B1KISoV11CDIsvqp1D0-Y3UqNRRK-cYOMK3haGidZfmGuJyvw&dbm_d=AKAmf-BV_DTI5uh_xLH2-5ks_tnYCpdkHE2YKGv2gSD8mLdQt2_awENI5mOlDvJtAmzn_wsMb7t4Mb38fxPGyCo2aItHWAoVVBZiJqLyoSNsdI5GbcPCS2tJUEedy8Hxkqm0kVwwy9ZzDsxVdS8lzkIyFAkO3beJq_2PVusy5xOY5ucp6p6_nDOt4RH1oZfTstzj4LYCSar9hljxMdtuyt5BDUuF4-97gyk7jweKj7-EfvNVGDtUirYWQ2lodIet87nnGTZbPZO-RGB-pPQUl__u-qswYYx_rx75u-CYSpKwUJAP3_2GsJwCitRZV4pQDMHMbQWetHBvxM3RtBofhSp5HNYxlk9sOBmWyE3JUfxSE9u9la90S2W5Z83ujD-nguZF1aftBD08bV9xXFymhtQxT27oGOujsxIrcjdD7S4-eVrfcOVq7NdaxB0mgMlXVjrMXjJTVTaZ8rwV9K3BiEdkTQs6GtL9dbXZSJnjMUmjBWpiSJXys7YWC_Kw2AZ6jxUWPSh2EtKmpPECjoqsRA0cSEf0hHAagLZseY6mRDHXCQZgTs_xqocngGizjKOuA0ziO0T4fhM1Ox0K0k3d2fncPGni-iW-tSPkxxMIDEnw_0lO7SRa195UFm5eTIWlBwaIucD8iblMa-KXPlWN0aqrNyXkeWis89SJ3B2EE3fHLkbiZgcvl-5HwrQWg6EAOyeA6tPwGhEfTtZBw-S-U-QhenRCZyrIER2exc7yjYYiH66k-2ehBNp9J360CeLOBzsFLZVAhVoXER51760CyB7VmzZdIa-fUtqS9hdatvur-BKT0nP39_oCkTiFthBsz7tIQ4UhfFI28UBg6rPjKezs6-9up_4Qv0vrerbKYMLrLPYrjqDk8MmaXYOzgimrmRZ3TeevMxxpy_uOEjp4pIVazWIC-4rBfJIshIzbEI7rWfDzUC5jCD4lYSTm-VQesRK9cCYMnyzexm3d3gRFSR_bWYYHUrBCUGYAL9N1eSsbpyKkPBTg90RGjGzIZlgTfw6f3dguEIY3KkTcUo8Z0p6kqGhWez_w4dLSplvhTmNgVoyhfYBVwXS6mFvhXz-bbOem5aJVR86V7KX7OM9UrFNGi34gEpfSUOkFuAl9PhJIIDLb1cSzsUH-tMphC5TDcBjTeT20M-J91Ekekv6_EN9-8RkdgzA2W7jrqVYiyBmwa3e718puzYjK6iTUAk0UEIyOmB9Kg1qy5Zp7BFnmbBaXv46kZ47ZPBYJkCdMsU6kBScU61ACvFFCTu0hxyzZJRpqkGtaB-u9K_PsX20IE8D9pUhYdtrWfy6__ag4vr1UhEP7fhIStB1dNmJAyrSc8BVw-qOQ0JLzj-rfwAP7tH4hU3wMK2f8ARMHEKQHg4FJLn4cCYNMvY0sscKSGoemrAgiWCKU6uFsweRO2Y-vdmUrwQENaNFD6CQPDE8fe0wH27jo9zZpDb8y0GQX-4ptfEEpDGJDjfy4o337bpwUVvoAE7f_PXjDR0h1qEQHdEJBaa9zC_0GzErnH4B9R_nMF-FtMnxFwUVVQvn0FoK0yRpuo06nMLKYIoA5JMGx828qzbOQU3OIy7gg7o-tTKjvskbJ6S8xc5GbpIQEb3WC-oWBr3LC5OyRLQW5P9QiVh67rE4Ukt9fKhFSYgPuV6ZRzxPQtd4KxAiYXOvUHfArAlxGOwCcC_fZ1BJyO9zZPSq_8GlXe8z96Yc07rhoFgc0u5mO0VUK7tSYJ6J7rkmk1ea665kSJIyIr7tkpFouMiRHAsBiS2Hs1G1AzGULKtQkKJqlBv2mOJosa4h6exIkhxPx67g6ldblTargaBlFGA0hc823McIYYax9whBdFyJVUDJosnQMAI6jJ3CP1xw4VjcdV4I3LExkhmdzA6UOX6LXPcmpcAOjniHUIl_PFFCJbprdMQ4ANtTjUXHEoND7Muqu9hhaosWApyH6MfT5Zt0Fik5PjsSdz95L9bCYHrlgONHZbNMgTQEN7q_kfxPKrl4-042H_-aTF311KQ5RxYrWbz3Gd344beXWtMzOo6HIvssUNiXJ6mZcdoVjtC8sm0kox5aP2TUHexthcIYFlswyZZCtYk4SGBqFF7ZkH9_NoOg60w0CcNfC-jA2UKXVfhf3flqE9G1zIWpua4qrtr00ejWVAmV-uzWpqX-QUmxu-uM6DBcRUa96UBmmqiBvNAo1_TVGo82WvuITGZtMGbnKDEeZ655CZp_t1ICkbVLW4wix2OEI6zqENhXbCN7d4miMkA6nTR69tovqvfda4lPO6QwSyKkheC7ag6LedJaEBM2ti0JVPSCRkNvzGRMWZtMGUac5k-hbtSjdcF4ggM2bcGYMlw1MfoUXzhPJG9YvJeglAktJ5TqNy6fxFv99Me-9pOUBeRI6nu9LKP1C3a21Yay7Ft0NdTZPPko-Pq4h4I4Tp2mcRmkcden0pD8CT3-yD_tc8gN4yBU9-nogBojCa3oPCMLi7F5K75dJhvCkDlnL2mn-EdKR6zXZqkMKbBKlimTwVkAtZ9vxI-VqGToBDb14fgZ3ZIW54PI1FOFXMAiG9wd3Cy2ByxCz5joW3S4c1OEH8Qmzp8r8Z95HVcyYd9FzHrx-QRboLeob1T_ULitNOeTuZAZOY0ErKx54q2Ss6A5O75npwl43UwCkUsCfHW1Pd7IUPljrb3zEXSmN5QO8DGzkLSrxgZ2nZmiXzck5tjvrv-8Lkk4BKPQJ37xRWKZCs9qt8kQE_zJz-C_z5nd0OBc7DWeZBlPg8tftQjmsZokRSWgwgnMXmvCsI-GwFQymQ-zXbHz7BkW2aTw0yV9Myx-e4kw1tmTxSXGJLobuVFzR0HEvVOdpAfouuep67FPBNPmi7RNH01ybw1Ac1GbyB-cPoauDC3zaNmRJdj4346B7i0oPnbIVc9dXnbQ6JAQiltrzzTr6zmMEElsBMIu_aGdIbaeb3KrlhwAr6YBIDJiUO799W9wB7-8gsrH2Nm3qd_r8OAFzHFdgbzbhVs4TeGAc2TE7B2Ooj9lQTc9DqyapJe4pfvrzSyV-e-TqhSlxIWqM_jlbhRgJ6-b57N-daSHB9kQkD6j66bkUXbqTNw1iXNvYzxLDW0-Of_44ixfa-2mUmDOwiYUUAr2pouzzowzU36VUta7h8oKyQlHwrVYCX8RHA_QQ5AfdHo30Lr6YAdXIlBiRy53qStrcpsbIfQjXKgRIRZXwjVmTPflkaGAmisCMn-APe5YZDMEPu5SthEt_cEf-V7LRpmvd-T3amGixK9YsIAwUA7IYIaEaGHX2YUHZOPGh8pV1jbIorRj3thZdkv_VKThtmMTIg5eRRDQAx97t-lZxmM4SUHzr9H6iql497uKg45i6ZIEV1NIzH4_4gYglDoX7CoMOnUE8FGxTZz36VlE253ClOghqK_8eU4Zs0qF5J_vX1jiQl_OgGVFZO789bs9aeUr8v1HxqQGr8bBqwRuyGDOSmGp0d5jc4bh4wEIuBsBT2_oaaKNDnChrY-82Y02GGQXJDZyBe4Q6_RJMmqhBY-N0-Vy4Vf8auUNH82WJ5t8jxlZNVvqZstRD3JGaYnz3nKbfGxoq2wUZ4Dk5wEN0nsV2d9ZfZnbT0-UDyHxy8Sz0OsQRKgkwcomI3eXJFe6yGKTGBA5hSLMd7KgNP-xgXdHxLucMx4n306n-iZ5nNBLLg4HZERxiWlOzLxXEogFtalE6Vo2n5RD6SOqL9-EBEc7dj4UrRaprnfBpWQfOEb2kNOXMM0CmV2HbyeXfj4Imrj5qUHwbbFORNo5ixOLC83KWHJD_aO88SEcCUDgin-a5YUz4UrKGZkqrq0xKbGoUggA5wm9PLJFnoqHh4UsADKwu9CgeXEWpD5TvHQv1dMMGNR86CCcNFQ4EA_XwpVp6Qhg4E58ZGX-cN1ezf_4EZxiBOygkRzES_Hw3n4Mr0VfwKpIAnGrea9NH_yYCejWjZs6DZQQsw_irMkFe2Qkr3gpdF0tp4UYPWcUS42RGt7U4ARmPjadiMWwFi6LSw9hfzq5nrOHuCiUmv5v2rKw2BaUiCP6vKLNAG52GOgo8M722xn_yOkOEZW7RhFM&cid=CAQSOwDICaaNenLNWjULoOSx9ZfWg57BNHcFaVU6RfXQUVw_cEdSNFn428AXA_X80h1ORO5JjaOTY9mcZmLxGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.bg3.co%2F&ds=l&xdt=1&iif=1&cor=4735922097654297000&adk=3661671305&idt=66&cac=0&dtd=7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://e69be1acc319b7940667230e1b27285a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:35:01 GMT
content-encoding
br
x-content-type-options
nosniff
age
75200
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4206
x-xss-protection
0
server
cafe
etag
17947678125179771625
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 01 Dec 2023 02:35:01 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame F8BC 		31 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CJ0dopTW99RVXMkwGyPRforKeqonl14px6BUuJcPK6ekP52coiAfPWsG9679pYnsS1SH3H-yrMKb_N0f5vnsEXB-dJxWNMX-nV4wQjYcOTSAoAm_z2P9GYHJPFKYfSv2B1KISoV11CDIsvqp1D0-Y3UqNRRK-cYOMK3haGidZfmGuJyvw&dbm_d=AKAmf-BV_DTI5uh_xLH2-5ks_tnYCpdkHE2YKGv2gSD8mLdQt2_awENI5mOlDvJtAmzn_wsMb7t4Mb38fxPGyCo2aItHWAoVVBZiJqLyoSNsdI5GbcPCS2tJUEedy8Hxkqm0kVwwy9ZzDsxVdS8lzkIyFAkO3beJq_2PVusy5xOY5ucp6p6_nDOt4RH1oZfTstzj4LYCSar9hljxMdtuyt5BDUuF4-97gyk7jweKj7-EfvNVGDtUirYWQ2lodIet87nnGTZbPZO-RGB-pPQUl__u-qswYYx_rx75u-CYSpKwUJAP3_2GsJwCitRZV4pQDMHMbQWetHBvxM3RtBofhSp5HNYxlk9sOBmWyE3JUfxSE9u9la90S2W5Z83ujD-nguZF1aftBD08bV9xXFymhtQxT27oGOujsxIrcjdD7S4-eVrfcOVq7NdaxB0mgMlXVjrMXjJTVTaZ8rwV9K3BiEdkTQs6GtL9dbXZSJnjMUmjBWpiSJXys7YWC_Kw2AZ6jxUWPSh2EtKmpPECjoqsRA0cSEf0hHAagLZseY6mRDHXCQZgTs_xqocngGizjKOuA0ziO0T4fhM1Ox0K0k3d2fncPGni-iW-tSPkxxMIDEnw_0lO7SRa195UFm5eTIWlBwaIucD8iblMa-KXPlWN0aqrNyXkeWis89SJ3B2EE3fHLkbiZgcvl-5HwrQWg6EAOyeA6tPwGhEfTtZBw-S-U-QhenRCZyrIER2exc7yjYYiH66k-2ehBNp9J360CeLOBzsFLZVAhVoXER51760CyB7VmzZdIa-fUtqS9hdatvur-BKT0nP39_oCkTiFthBsz7tIQ4UhfFI28UBg6rPjKezs6-9up_4Qv0vrerbKYMLrLPYrjqDk8MmaXYOzgimrmRZ3TeevMxxpy_uOEjp4pIVazWIC-4rBfJIshIzbEI7rWfDzUC5jCD4lYSTm-VQesRK9cCYMnyzexm3d3gRFSR_bWYYHUrBCUGYAL9N1eSsbpyKkPBTg90RGjGzIZlgTfw6f3dguEIY3KkTcUo8Z0p6kqGhWez_w4dLSplvhTmNgVoyhfYBVwXS6mFvhXz-bbOem5aJVR86V7KX7OM9UrFNGi34gEpfSUOkFuAl9PhJIIDLb1cSzsUH-tMphC5TDcBjTeT20M-J91Ekekv6_EN9-8RkdgzA2W7jrqVYiyBmwa3e718puzYjK6iTUAk0UEIyOmB9Kg1qy5Zp7BFnmbBaXv46kZ47ZPBYJkCdMsU6kBScU61ACvFFCTu0hxyzZJRpqkGtaB-u9K_PsX20IE8D9pUhYdtrWfy6__ag4vr1UhEP7fhIStB1dNmJAyrSc8BVw-qOQ0JLzj-rfwAP7tH4hU3wMK2f8ARMHEKQHg4FJLn4cCYNMvY0sscKSGoemrAgiWCKU6uFsweRO2Y-vdmUrwQENaNFD6CQPDE8fe0wH27jo9zZpDb8y0GQX-4ptfEEpDGJDjfy4o337bpwUVvoAE7f_PXjDR0h1qEQHdEJBaa9zC_0GzErnH4B9R_nMF-FtMnxFwUVVQvn0FoK0yRpuo06nMLKYIoA5JMGx828qzbOQU3OIy7gg7o-tTKjvskbJ6S8xc5GbpIQEb3WC-oWBr3LC5OyRLQW5P9QiVh67rE4Ukt9fKhFSYgPuV6ZRzxPQtd4KxAiYXOvUHfArAlxGOwCcC_fZ1BJyO9zZPSq_8GlXe8z96Yc07rhoFgc0u5mO0VUK7tSYJ6J7rkmk1ea665kSJIyIr7tkpFouMiRHAsBiS2Hs1G1AzGULKtQkKJqlBv2mOJosa4h6exIkhxPx67g6ldblTargaBlFGA0hc823McIYYax9whBdFyJVUDJosnQMAI6jJ3CP1xw4VjcdV4I3LExkhmdzA6UOX6LXPcmpcAOjniHUIl_PFFCJbprdMQ4ANtTjUXHEoND7Muqu9hhaosWApyH6MfT5Zt0Fik5PjsSdz95L9bCYHrlgONHZbNMgTQEN7q_kfxPKrl4-042H_-aTF311KQ5RxYrWbz3Gd344beXWtMzOo6HIvssUNiXJ6mZcdoVjtC8sm0kox5aP2TUHexthcIYFlswyZZCtYk4SGBqFF7ZkH9_NoOg60w0CcNfC-jA2UKXVfhf3flqE9G1zIWpua4qrtr00ejWVAmV-uzWpqX-QUmxu-uM6DBcRUa96UBmmqiBvNAo1_TVGo82WvuITGZtMGbnKDEeZ655CZp_t1ICkbVLW4wix2OEI6zqENhXbCN7d4miMkA6nTR69tovqvfda4lPO6QwSyKkheC7ag6LedJaEBM2ti0JVPSCRkNvzGRMWZtMGUac5k-hbtSjdcF4ggM2bcGYMlw1MfoUXzhPJG9YvJeglAktJ5TqNy6fxFv99Me-9pOUBeRI6nu9LKP1C3a21Yay7Ft0NdTZPPko-Pq4h4I4Tp2mcRmkcden0pD8CT3-yD_tc8gN4yBU9-nogBojCa3oPCMLi7F5K75dJhvCkDlnL2mn-EdKR6zXZqkMKbBKlimTwVkAtZ9vxI-VqGToBDb14fgZ3ZIW54PI1FOFXMAiG9wd3Cy2ByxCz5joW3S4c1OEH8Qmzp8r8Z95HVcyYd9FzHrx-QRboLeob1T_ULitNOeTuZAZOY0ErKx54q2Ss6A5O75npwl43UwCkUsCfHW1Pd7IUPljrb3zEXSmN5QO8DGzkLSrxgZ2nZmiXzck5tjvrv-8Lkk4BKPQJ37xRWKZCs9qt8kQE_zJz-C_z5nd0OBc7DWeZBlPg8tftQjmsZokRSWgwgnMXmvCsI-GwFQymQ-zXbHz7BkW2aTw0yV9Myx-e4kw1tmTxSXGJLobuVFzR0HEvVOdpAfouuep67FPBNPmi7RNH01ybw1Ac1GbyB-cPoauDC3zaNmRJdj4346B7i0oPnbIVc9dXnbQ6JAQiltrzzTr6zmMEElsBMIu_aGdIbaeb3KrlhwAr6YBIDJiUO799W9wB7-8gsrH2Nm3qd_r8OAFzHFdgbzbhVs4TeGAc2TE7B2Ooj9lQTc9DqyapJe4pfvrzSyV-e-TqhSlxIWqM_jlbhRgJ6-b57N-daSHB9kQkD6j66bkUXbqTNw1iXNvYzxLDW0-Of_44ixfa-2mUmDOwiYUUAr2pouzzowzU36VUta7h8oKyQlHwrVYCX8RHA_QQ5AfdHo30Lr6YAdXIlBiRy53qStrcpsbIfQjXKgRIRZXwjVmTPflkaGAmisCMn-APe5YZDMEPu5SthEt_cEf-V7LRpmvd-T3amGixK9YsIAwUA7IYIaEaGHX2YUHZOPGh8pV1jbIorRj3thZdkv_VKThtmMTIg5eRRDQAx97t-lZxmM4SUHzr9H6iql497uKg45i6ZIEV1NIzH4_4gYglDoX7CoMOnUE8FGxTZz36VlE253ClOghqK_8eU4Zs0qF5J_vX1jiQl_OgGVFZO789bs9aeUr8v1HxqQGr8bBqwRuyGDOSmGp0d5jc4bh4wEIuBsBT2_oaaKNDnChrY-82Y02GGQXJDZyBe4Q6_RJMmqhBY-N0-Vy4Vf8auUNH82WJ5t8jxlZNVvqZstRD3JGaYnz3nKbfGxoq2wUZ4Dk5wEN0nsV2d9ZfZnbT0-UDyHxy8Sz0OsQRKgkwcomI3eXJFe6yGKTGBA5hSLMd7KgNP-xgXdHxLucMx4n306n-iZ5nNBLLg4HZERxiWlOzLxXEogFtalE6Vo2n5RD6SOqL9-EBEc7dj4UrRaprnfBpWQfOEb2kNOXMM0CmV2HbyeXfj4Imrj5qUHwbbFORNo5ixOLC83KWHJD_aO88SEcCUDgin-a5YUz4UrKGZkqrq0xKbGoUggA5wm9PLJFnoqHh4UsADKwu9CgeXEWpD5TvHQv1dMMGNR86CCcNFQ4EA_XwpVp6Qhg4E58ZGX-cN1ezf_4EZxiBOygkRzES_Hw3n4Mr0VfwKpIAnGrea9NH_yYCejWjZs6DZQQsw_irMkFe2Qkr3gpdF0tp4UYPWcUS42RGt7U4ARmPjadiMWwFi6LSw9hfzq5nrOHuCiUmv5v2rKw2BaUiCP6vKLNAG52GOgo8M722xn_yOkOEZW7RhFM&cid=CAQSOwDICaaNenLNWjULoOSx9ZfWg57BNHcFaVU6RfXQUVw_cEdSNFn428AXA_X80h1ORO5JjaOTY9mcZmLxGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.bg3.co%2F&ds=l&xdt=1&iif=1&cor=4735922097654297000&adk=3661671305&idt=66&cac=0&dtd=7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
610d24f5996131b3ab98f18e05441cc246aa8674c3842df0df2b40b57ac9fd0c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://e69be1acc319b7940667230e1b27285a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 04:49:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
67112
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11874
x-xss-protection
0
server
cafe
etag
3876053170955424897
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 01 Dec 2023 04:49:49 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame F8BC 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/gan-da-jue-zhan-2-0ban-ben-xian-feng-ce-shi-zheng-shi-kai-qi.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://e69be1acc319b7940667230e1b27285a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 18:05:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
19393
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 16 Nov 2024 18:05:08 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame C283 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: e69be1acc319b7940667230e1b27285a.safeframe.googlesyndication.com
URL: https://e69be1acc319b7940667230e1b27285a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://e69be1acc319b7940667230e1b27285a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
50586
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 17 Nov 2023 09:25:15 GMT
etag
48472445140208031
expires
Sat, 18 Nov 2023 09:25:15 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame F8BC 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f5d89a3a7cc4dd6c90d7f59cdfc0eada62720f9eae895feee3e675647eb6f7e4

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
pagead2.googlesyndication.com/bg/ Frame 986B 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 09:24:52 GMT
content-encoding
br
x-content-type-options
nosniff
age
50610
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15296
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 16:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 16 Nov 2024 09:24:52 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame AC3D 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/show_ads_impl_fy2021.js?bust=31079757
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 23:28:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 17 Nov 2023 23:28:22 GMT
get
audiencedata.im-apps.net/imuid/ Frame EC89 		10 B
180 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://audiencedata.im-apps.net/imuid/get?cid=3929&vid=01HFFSTBG91G3Q4BEM73RZDKHT
Requested by
Host: dmp.im-apps.net
URL: https://dmp.im-apps.net/sdk/im-uid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:e207:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
bb54369234516c2f2469a9989fce0f73145879defec57a2b276b5b1e0bf92336

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://www.bg3.co
date
Fri, 17 Nov 2023 23:28:22 GMT
via
1.1 google
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10
content-type
application/json
csi
csi.gstatic.com/ Frame 2344 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=4~lp393wqz&c=4811963659438&slotId=2405981829719&fas=1
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2800:3f0:4001:82a::2003 São Paulo, Brazil, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 23:28:22 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel.gif
ad.vidverto.io/vidverto/test/ Frame 2344 		42 B
174 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/vidverto/test/pixel.gif
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.180.223.221 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-180-223-221.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 23:28:22 GMT
last-modified
Mon, 26 Oct 2020 16:14:05 GMT
server
nginx/1.14.0 (Ubuntu)
accept-ranges
bytes
etag
"5f96f5cd-2a"
content-length
42
content-type
image/gif
pixel.gif
ad.vidverto.io/vidverto/test/ Frame 2344 		42 B
174 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/vidverto/test/pixel.gif
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.180.223.221 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-180-223-221.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 23:28:22 GMT
last-modified
Mon, 26 Oct 2020 16:14:05 GMT
server
nginx/1.14.0 (Ubuntu)
accept-ranges
bytes
etag
"5f96f5cd-2a"
content-length
42
content-type
image/gif
pixel.gif
ad.vidverto.io/vidverto/test/ Frame 2344 		42 B
174 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/vidverto/test/pixel.gif
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.180.223.221 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-180-223-221.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 23:28:22 GMT
last-modified
Mon, 26 Oct 2020 16:14:05 GMT
server
nginx/1.14.0 (Ubuntu)
accept-ranges
bytes
etag
"5f96f5cd-2a"
content-length
42
content-type
image/gif
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 77E2 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://e69be1acc319b7940667230e1b27285a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
63842
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 17 Nov 2023 05:44:20 GMT
expires
Sat, 16 Nov 2024 05:44:20 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pixel
cm.g.doubleclick.net/ Frame C283
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEHenlYn4jYXHtikWzTxgS40&google_cve...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=UDRQNWU2SVoxUjQ4ZzU1&google_gid=CAESEHenlYn4jYXHtikWzTxgS40&google_cver=1&google_push=AXcoOmSEOtXvvpVbhCanyBeQy9Lp2o5vpXFAd7-fiGFu7Qs...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=UDRQNWU2SVoxUjQ4ZzU1&google_gid=CAESEHenlYn4jYXHtikWzTxgS40&google_cver=1&google_push=AXcoOmSEOtXvvpVbhCanyBeQy9Lp2o5vpXFAd7-fiGFu7QsLoBSl2vKJxJNabUsoQKHuSaEzZrisHJyInjfSb8eajDmMfXXjpd72
Requested by
Host: e69be1acc319b7940667230e1b27285a.safeframe.googlesyndication.com
URL: https://e69be1acc319b7940667230e1b27285a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s10-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 23:28:22 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 17 Nov 2023 23:28:21 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-795-gb641a57#rel-ec2-master i-029f22d856dc4e10e@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=UDRQNWU2SVoxUjQ4ZzU1&google_gid=CAESEHenlYn4jYXHtikWzTxgS40&google_cver=1&google_push=AXcoOmSEOtXvvpVbhCanyBeQy9Lp2o5vpXFAd7-fiGFu7QsLoBSl2vKJxJNabUsoQKHuSaEzZrisHJyInjfSb8eajDmMfXXjpd72
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame C283
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEGnHlKRRpC7LShq6n2wU4gI&google_cver=1&google_push=AXcoOmRvgH-CuJudmG-LOH2MK1atp20lAYVhKoWYblNAgc4rRtMS9EtCXZ25oDm-Ni7OHt5xgGkjm1z5OjgvI_1XMiyzJfinQ4c
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=8137914E08E64EA796299417CD1DED1B&google_push=AXcoOmRvgH-CuJudmG-LOH2MK1atp20lAYVhKoWYblNAgc4rRtMS9EtCXZ25oDm-Ni7OHt5xgGkjm1z5OjgvI_1...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=8137914E08E64EA796299417CD1DED1B&google_push=AXcoOmRvgH-CuJudmG-LOH2MK1atp20lAYVhKoWYblNAgc4rRtMS9EtCXZ25oDm-Ni7OHt5xgGkjm1z5OjgvI_1XMiyzJfinQ4c
Requested by
Host: e69be1acc319b7940667230e1b27285a.safeframe.googlesyndication.com
URL: https://e69be1acc319b7940667230e1b27285a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s10-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 23:28:22 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Fri, 17 Nov 2023 23:28:22 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=8137914E08E64EA796299417CD1DED1B&google_push=AXcoOmRvgH-CuJudmG-LOH2MK1atp20lAYVhKoWYblNAgc4rRtMS9EtCXZ25oDm-Ni7OHt5xgGkjm1z5OjgvI_1XMiyzJfinQ4c
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Thu, 16 Nov 2023 23:28:22 GMT
pixel
cm.g.doubleclick.net/ Frame C283
Redirect Chain
  • https://ums.acuityplatform.com/tum?umid=4&uid=CAESEJt4QpbQi1cou9jyE_L_KxM&google_cver=1&google_push=AXcoOmSEbnUwqIg4xH5FN7f6kxEo-Td-VLDaksf0etMsG-JC9eLnpv29rkGSZmjugy0Fi2OHO9grTtZSxKIxYALwIRxAFIMscOpH
  • https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=853567152842&us_privacy=1---
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=853567152842&us_privacy=1---
Requested by
Host: e69be1acc319b7940667230e1b27285a.safeframe.googlesyndication.com
URL: https://e69be1acc319b7940667230e1b27285a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s10-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 23:28:22 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

access-control-allow-origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=853567152842&us_privacy=1---
content-length
0
pixel
cm.g.doubleclick.net/ Frame C283
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEJy3a7e3CyWb-R4wpB5JP64&google_cver=1&google_push=AXcoOmTKI_-4fPY9iruroLWzNG2F7GsZMjP9OWiZ-W_0eumOQCelmRemwp2fHl8_7CtSXJKzlQUk2cE6...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Mjc4NTQwMzE2MTExNzE0MzY4&google_push=AXcoOmTKI_-4fPY9iruroLWzNG2F7GsZMjP9OWiZ-W_0eumOQCelmRemwp2fHl8_7CtSXJKzlQUk2cE6...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Mjc4NTQwMzE2MTExNzE0MzY4&google_push=AXcoOmTKI_-4fPY9iruroLWzNG2F7GsZMjP9OWiZ-W_0eumOQCelmRemwp2fHl8_7CtSXJKzlQUk2cE6LbcZxiCwy8xthDYbgA
Requested by
Host: e69be1acc319b7940667230e1b27285a.safeframe.googlesyndication.com
URL: https://e69be1acc319b7940667230e1b27285a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s10-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 23:28:22 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 17 Nov 2023 23:28:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Mjc4NTQwMzE2MTExNzE0MzY4&google_push=AXcoOmTKI_-4fPY9iruroLWzNG2F7GsZMjP9OWiZ-W_0eumOQCelmRemwp2fHl8_7CtSXJKzlQUk2cE6LbcZxiCwy8xthDYbgA
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame C283
Redirect Chain
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEDdKdWUhedOaMRn-oXZmGQc&google_cver=1&google_push=AXcoOmT2eckvmMRlWl2CfTCizcrbZeJnnAVGrvq-UXK9xXfvWkCO03QLTX5t80R7Imr7Mvyyg_M8hsaREhA66...
  • https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEDdKdWUhedOaMRn-oXZmGQc&google_push=AXcoOmT2eckvmMRlWl2CfTCizcrbZeJnnAVGrvq-UXK9xXfvWkCO03QLTX5t80R7Imr7Mvyyg_M8hsaREhA66...
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmT2eckvmMRlWl2CfTCizcrbZeJnnAVGrvq-UXK9xXfvWkCO03QLTX5t80R7Imr7Mvyyg_M8hsaREhA66k-l6GTLh2BlCTta&google_hm=cGZ0ZHdjOVplbW1VNkl6...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmT2eckvmMRlWl2CfTCizcrbZeJnnAVGrvq-UXK9xXfvWkCO03QLTX5t80R7Imr7Mvyyg_M8hsaREhA66k-l6GTLh2BlCTta&google_hm=cGZ0ZHdjOVplbW1VNkl6ZndSZHY=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/gan-da-jue-zhan-2-0ban-ben-xian-feng-ce-shi-zheng-shi-kai-qi.html
Protocol
H3
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s10-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 23:28:22 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 17 Nov 2023 23:28:22 GMT
Content-Type
text/html; charset=utf-8
Location
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmT2eckvmMRlWl2CfTCizcrbZeJnnAVGrvq-UXK9xXfvWkCO03QLTX5t80R7Imr7Mvyyg_M8hsaREhA66k-l6GTLh2BlCTta&google_hm=cGZ0ZHdjOVplbW1VNkl6ZndSZHY=
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
236
Expires
Thu, 01 Dec 1994 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame C283
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEM740JeQKVDqmg2I1AmrMy0&google_cver=1&google_push=AXcoOmSb4EhF1PM2GpQIHjdTsiuKFAgk4R3UOIm4a48DIAbwrowzgtq_EvAbt8A-YvjISTj-QrF2sw...
  • https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AXcoOmSb4EhF1PM2GpQIHjdTsiuKFAgk4R3UOIm4a48DIAbwrowzgtq_EvAbt8A-YvjISTj-QrF2swuDhpo81POsmjGLDXeOdwxY&google_hm=MTY2MzMzNj...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AXcoOmSb4EhF1PM2GpQIHjdTsiuKFAgk4R3UOIm4a48DIAbwrowzgtq_EvAbt8A-YvjISTj-QrF2swuDhpo81POsmjGLDXeOdwxY&google_hm=MTY2MzMzNjk2OTA2OTAzNTU0NA%3D%3D
Requested by
Host: e69be1acc319b7940667230e1b27285a.safeframe.googlesyndication.com
URL: https://e69be1acc319b7940667230e1b27285a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s10-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 23:28:22 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AXcoOmSb4EhF1PM2GpQIHjdTsiuKFAgk4R3UOIm4a48DIAbwrowzgtq_EvAbt8A-YvjISTj-QrF2swuDhpo81POsmjGLDXeOdwxY&google_hm=MTY2MzMzNjk2OTA2OTAzNTU0NA%3D%3D
date
Fri, 17 Nov 2023 23:28:21 GMT
content-length
0
attr
cm.g.doubleclick.net/pixel/ Frame C283 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LAcpfiGVZQVRlHWfxjsetLC1DleNGIFDCYalTCUFoOmk8TeUhkEBUn-3W0flTfow
Requested by
Host: e69be1acc319b7940667230e1b27285a.safeframe.googlesyndication.com
URL: https://e69be1acc319b7940667230e1b27285a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s10-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 23:28:22 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
view
googleads4.g.doubleclick.net/pcs/ Frame F8BC 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvR3tp9PdAaB30s-VXtIoaXJ_Reu5q5WSolgoQpmoicvUth-AChUv42mMDBN8aOaBnoNJd5eWkhd2V_UJ3nV8Zv5SwEZDgf1QmdnFbYgP2goAskYCRtmyit2_7QQmvIq_ouS2fEm6-M4dBGmCsEL-KYAHW11GywcFtg24PjudPC94V7SgyfK4aciHeSySgAF2HsqNGsrOdSFkbYWLvsLYKr2J8MRB6KSeWiNc9lgRfAGVgMfZM8GNAlqqVCFBzh7FEHh4zBeLIw7R_1PQ3VyDB1zzyt5GVLOaU8u60NxNPmESpXH2rpH-5Ln0QsVCUabATg9NBaKOrc0vFp7CPyV5qZ_MMBB6ffATEFTB3S7n52ULSPWLIet9o5IpZftBw_WvfNvM24UiFP8Rt3AQdRE-YvatJRcnXdxceBO8upxZQ1VefgcGbvosb7O2xJZDF1B3SRTQ1jDQ_LR7Do6OK8_xVUH77HMSSljYMjjVfC0TUlL_-1ZaurQv8SMggMYgJahmHbsCREJJJnSXqXuj9cAV_WOaP5nNnHumc5HBaf3D5WYpZjGSyyQZDhs-WglTLcQ1shfek2kOEGjpVGG5KPc6x6czf3VpexQIcTkNUywkcqnPM1m6wl9cN_TAGign2WlOjVlLMRoBbGv7SdbzZbitWiCe7B2rOdUeTriufNDwDu2VT1qEHOXvIEFCUy56tSxGNNq0n9UWpSNRaePZBJUjp4_3hQaXc95miewOVQm_YMeckPRA5s1_tM5uQHFXak6PnoOIu0_H2zTEpzDN8JbF8N4vRsYhEUA-5r3ydsTcufRH0sLA_ekntYaUkGNONS8QB55NrpmQan1R0E2U_3ZsqQvc3lKDd9yG-BgKvY5lYVagBueLFyFbPec5Z2RfT1YYp5Yc3T1Zl3EiYFLmTelc37jdNQe04hMLHhJxqQSmt771mS8tCrNQuPR6ZGj-tAcroIg1cLr5XSeYB9aUNMjHJv0jbDnn2nli1vJrgIisci6L6pKC-K6x6HAuDs6Y6B3BDNFCSUbSikX0eAF7MrZW-gUL99KvcZfhj6QBXd2O0uokqHCGouLKtIE04aQormDZExvr_obwQ_G1DzIUX_h-F1holYKYG0AQI0q2guvDKeHGYhppewJrGMXhMTREy540beZ0VsjzvcMeW-ZPw8QQK4yMo38b0kzZI71UM9jvWWl0q-wUOVeJ0pt_oSwY9IoGZsAwZMsuTt7nc9E203WaSLq54CndeYtxOnZMNQCwoO5QrWmbmgSo3S0_HQVRCT0Ru9WcgUuNS1sPd6OxF7XDWYNggwEHmDXrbQV5AAkTGNoj_3sxhBU2oufjjrJNkjyqWWsMmgVw1ves87-F2-SNLu2xLO0HVPYEYO8ox0JmUOGIfkrpoExP_BQ2xzMRfG3Hv4lZ24mZrswhTW_fmJfUHDN8kaReMrc18Afi5HpVrRvTFoo8eAZIrrYIc8M1qxB5zSMH1FjdwNgCjfGZepRWloSPNWlXBE-C0bjkCQtac3CuorKwwY4YL0X43UfoadDnLtL4ufvYD15wF5tPcMQRFDrf4YMsaMQt8MOfoEOw&sai=AMfl-YSg5pTwBhKlTpDCQTTIR2NyTx-o082AhKjmCBrt7ab2YI9I1pqYeD4l9t1AnOQ1TblS-orj_ER7hAgKshNpMOt3LNs0p1Xhpl-8QYZmfJAZvGrYsWZKrU-fd2XiqWodCN04VEUhYRW0zZ6DTH97p9JLBRLcpJc3kOcbXTc6MUmQzNI3jomllDnHO0pl06ZK5MCztgzQ1V7iemSywL9jwxnI-L_VPHq9NbWAILNRqD8_t7c2pj0OGqj9EUgzItmyWMNamHMqc-rvjC9IiPOoIGT1jsZs2tY&sig=Cg0ArKJSzFiGB8dNyGGlEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=220&cbvp=1&cisv=r20231109.95024&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/gan-da-jue-zhan-2-0ban-ben-xian-feng-ce-shi-zheng-shi-kai-qi.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://e69be1acc319b7940667230e1b27285a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Fri, 17 Nov 2023 23:28:22 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
13418204214378222500
s0.2mdn.net/simgad/ Frame F8BC 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/13418204214378222500
Requested by
Host: e69be1acc319b7940667230e1b27285a.safeframe.googlesyndication.com
URL: https://e69be1acc319b7940667230e1b27285a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b585b5dfd5686ec81f8ce1e1b59feef59e251978b28fd3be530f019f7a91425f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://e69be1acc319b7940667230e1b27285a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 23:19:55 GMT
x-content-type-options
nosniff
age
507
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11616
x-xss-protection
0
last-modified
Mon, 16 Oct 2023 09:15:27 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 16 Nov 2024 23:19:55 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 571C 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
3549
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 17 Nov 2023 22:29:13 GMT
expires
Sat, 16 Nov 2024 22:29:13 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 472E 		829 B
557 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
d99b79c54758d04b7c1dd4c83aadde00f29e71073b666814bc32dfa9a8efe38f
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-7BBwszvitYHdpg1yYmAyhw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-7BBwszvitYHdpg1yYmAyhw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 17 Nov 2023 23:28:22 GMT
expires
Fri, 17 Nov 2023 23:28:22 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
pixel.gif
ad.vidverto.io/vidverto/test/ Frame 2344 		42 B
174 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/vidverto/test/pixel.gif
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.180.223.221 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-180-223-221.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 23:28:22 GMT
last-modified
Mon, 26 Oct 2020 16:14:05 GMT
server
nginx/1.14.0 (Ubuntu)
accept-ranges
bytes
etag
"5f96f5cd-2a"
content-length
42
content-type
image/gif
pixel.gif
ad.vidverto.io/vidverto/test/ Frame 2344 		42 B
174 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/vidverto/test/pixel.gif
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.180.223.221 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-180-223-221.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 23:28:22 GMT
last-modified
Mon, 26 Oct 2020 16:14:05 GMT
server
nginx/1.14.0 (Ubuntu)
accept-ranges
bytes
etag
"5f96f5cd-2a"
content-length
42
content-type
image/gif
request_content.php
hal900026.redintelligence.net/ Frame EA49 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hal900026.redintelligence.net/request_content.php?s=21765500001811404438446012512026&a=aa555b58
Requested by
Host: hal900026.redintelligence.net
URL: https://hal900026.redintelligence.net/request.php?zone=so0m3m0ljrhx&nw=20&renderingType=javascript&namespace=84a024f24a&subid=&uid=c7a972e3b0e02511&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x75&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC6pZEFPdXZa_XIsqwjuwPh4KTwAuRwdCbadvvg5LcD_AuEAEguoTAM2D1lc6B4ATIAQmpAgB3GZzURLI-qAMByAObBKoElQJP0MuAmbni0qRdAl2GQ15mfJqI8jBT1EXLmBaN8QGTUSyxI2DIL1LWDQlRV3ErfFUQN2xZhcZcYjfHpd02WbYpYVcgxVa_h3w9SzfyL5M-jaer2oq7oE4trf7asYFUPk2cylZiVItmQl-50fmEMzQCfc_KeY6ZkT0MYqDWMVjGDLnhUTl_UskokwgmgjiVCGJiya8Y7YsC7x_tznb6L_IMT7liQArEj7nLjzgQAodvL-ez8eSZ6BOubOUQryLo4rG2VX5RxTxrCxgoYilh5v9iF5TfVwPvQ8HJADU9BGw2hW3HmjOxpzL-yoqZHv3xYcMeQ2i2fjdoUdGMsigM7326qt8ogxzdcIgMoah1TwNF_nBjkP_2wAT6xouO_APgBAOIBcHeovg9kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgGEQARgdMgKKAjoCgEBIvf3BOvIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MIAKA5gLAcgLAYAMAaIMECoOCgzktLEC7rWxArW4sQKqDQJDSOINEwjSmpXvl8yCAxVKmIMHHQfBBLiwE5W10Q7QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSOwDICaaNonCv42U-V00sIxS6ShBUvzNkB12a227OL6ZaMDUVKNa-ovkijV3RNzk-BLoQTtbI6QvbZ5_UGAE%26sig%3DAOD64_3xDkeHHdnKrkP34zL7BjtLu2G2pw%26client%3Dca-pub-8933329999391104%26dbm_c%3DAKAmf-CdRn7msXOEYnftea3QbCUVnoG3r-rQc2EDLIbEfzrNWh9FW93SCO7y_M-9TZQoXl6kiyPsHiHLGx_0wTXvLuNxNmZV3ckUXPRwffhLq49Qw9sRXxzSgu1t_WbKYlENTu5AlpldCPsZf--1L7-7XHqj3E_DtXCB_i03u_8EIYlvip9f7gI%26cry%3D1%26dbm_d%3DAKAmf-B8_CuodcRBauxTE69TYKyNvCJmF4Eq6_zinXqVVdmO9XEpu2KCO9bgga3KZmrhlNus8j0iwaOy88htQ6F1H0ERMIbaW46ZqaCn61mI6SmDiTFCiYfiwA9Sls60SL-MTAsDtw4CP9ymZbhcKNakahRHgr8a9E0wgzby-qS5fif0lyHWBS61bWogaN6XXCKm3tz2HHSulzU1Ltcxzb3NJyDfI-nByTKDBBCgkxklffCK1TiSg2zoSeaKmcQL9LzCK2ck5lz8wZJXwXpqunIN8CYWCK_w8cBuJsKt4MpYYQE44VEsG6NN6xuX2nghb3WV1UfUcEJZLaE7AUE35o06PvT7PZl_PfRgVQrqqAcsDtdjvNDdNT3r-Kw4BkERKzatsVuLN83hdOmTp6KeIRRVoiTo3rYg2PTxZjCeJVpWwmF42oH0grM32tvnuTSxeaJTcxsvz4XKPnusBocjPDd9Pq5ZqXtVoCmVegdflj4nhoRPSbRYZrZMqfX59OfejAEVW-5Wcir3LoWHsK8SqlZOEPrTq0dyhhiUTkKCMUSv200XjH5KV9PJ9qYQlgdo9X3emWShRzuBjnQ5Zo8pRFy64nCbLs9mL0ZYMOcrowfvFRCfKr1ckfbytQxiMQpdKfOJWBHa_rdB%26adurl%3D&documentReferer=https%3A%2F%2Fwww.bg3.co%2F&ancestorOrigins=https%3A%2F%2Fwww.bg3.co&random=7219934115838&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.84.244 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.244.84.201.138.clients.your-server.de
Software
Apache /
Resource Hash
1772b73f6bf7998adb754d7ad4fa81fe16b4fa10b849d0ef7f3c8b6e5e700bec

Request headers

Referer
https://e69be1acc319b7940667230e1b27285a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Encoding
gzip
Content-Length
1412
Content-Type
text/html; charset=utf-8
Date
Fri, 17 Nov 2023 23:28:22 GMT
Expires
Fri, 17 Nov 2023 23:28:22 +0100
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma
no-cache
Server
Apache
Vary
Accept-Encoding
generate_204
tpc.googlesyndication.com/ Frame EAF4 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?jA6G6A
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/gan-da-jue-zhan-2-0ban-ben-xian-feng-ce-shi-zheng-shi-kai-qi.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 23:28:22 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
bridge3.605.0_en.html
imasdk.googleapis.com/js/core/ Frame A479 		752 KB
241 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a2eacbd0a55e794d92e79a03b68c07f613a0ab710ffaffe5f1d12d67aac843a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
246820
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
246766
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Wed, 15 Nov 2023 02:54:42 GMT
expires
Thu, 14 Nov 2024 02:54:42 GMT
last-modified
Wed, 15 Nov 2023 02:49:47 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 5615 		40 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 22:55:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1972
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13893
x-xss-protection
0
last-modified
Wed, 09 Aug 2023 15:57:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Fri, 17 Nov 2023 23:55:30 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?fm=t&rt=xfp&lid=187&sdkv=h.3.605.0&e=44772139%2C44777649%2C44781409%2C44802074%2C44802463%2C44804291%2C44808026&id=ima_html5&c=2859973612055859&domain=www.bg3.co
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 23:28:22 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame F8BC 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvR3tp9PdAaB30s-VXtIoaXJ_Reu5q5WSolgoQpmoicvUth-AChUv42mMDBN8aOaBnoNJd5eWkhd2V_UJ3nV8Zv5SwEZDgf1QmdnFbYgP2goAskYCRtmyit2_7QQmvIq_ouS2fEm6-M4dBGmCsEL-KYAHW11GywcFtg24PjudPC94V7SgyfK4aciHeSySgAF2HsqNGsrOdSFkbYWLvsLYKr2J8MRB6KSeWiNc9lgRfAGVgMfZM8GNAlqqVCFBzh7FEHh4zBeLIw7R_1PQ3VyDB1zzyt5GVLOaU8u60NxNPmESpXH2rpH-5Ln0QsVCUabATg9NBaKOrc0vFp7CPyV5qZ_MMBB6ffATEFTB3S7n52ULSPWLIet9o5IpZftBw_WvfNvM24UiFP8Rt3AQdRE-YvatJRcnXdxceBO8upxZQ1VefgcGbvosb7O2xJZDF1B3SRTQ1jDQ_LR7Do6OK8_xVUH77HMSSljYMjjVfC0TUlL_-1ZaurQv8SMggMYgJahmHbsCREJJJnSXqXuj9cAV_WOaP5nNnHumc5HBaf3D5WYpZjGSyyQZDhs-WglTLcQ1shfek2kOEGjpVGG5KPc6x6czf3VpexQIcTkNUywkcqnPM1m6wl9cN_TAGign2WlOjVlLMRoBbGv7SdbzZbitWiCe7B2rOdUeTriufNDwDu2VT1qEHOXvIEFCUy56tSxGNNq0n9UWpSNRaePZBJUjp4_3hQaXc95miewOVQm_YMeckPRA5s1_tM5uQHFXak6PnoOIu0_H2zTEpzDN8JbF8N4vRsYhEUA-5r3ydsTcufRH0sLA_ekntYaUkGNONS8QB55NrpmQan1R0E2U_3ZsqQvc3lKDd9yG-BgKvY5lYVagBueLFyFbPec5Z2RfT1YYp5Yc3T1Zl3EiYFLmTelc37jdNQe04hMLHhJxqQSmt771mS8tCrNQuPR6ZGj-tAcroIg1cLr5XSeYB9aUNMjHJv0jbDnn2nli1vJrgIisci6L6pKC-K6x6HAuDs6Y6B3BDNFCSUbSikX0eAF7MrZW-gUL99KvcZfhj6QBXd2O0uokqHCGouLKtIE04aQormDZExvr_obwQ_G1DzIUX_h-F1holYKYG0AQI0q2guvDKeHGYhppewJrGMXhMTREy540beZ0VsjzvcMeW-ZPw8QQK4yMo38b0kzZI71UM9jvWWl0q-wUOVeJ0pt_oSwY9IoGZsAwZMsuTt7nc9E203WaSLq54CndeYtxOnZMNQCwoO5QrWmbmgSo3S0_HQVRCT0Ru9WcgUuNS1sPd6OxF7XDWYNggwEHmDXrbQV5AAkTGNoj_3sxhBU2oufjjrJNkjyqWWsMmgVw1ves87-F2-SNLu2xLO0HVPYEYO8ox0JmUOGIfkrpoExP_BQ2xzMRfG3Hv4lZ24mZrswhTW_fmJfUHDN8kaReMrc18Afi5HpVrRvTFoo8eAZIrrYIc8M1qxB5zSMH1FjdwNgCjfGZepRWloSPNWlXBE-C0bjkCQtac3CuorKwwY4YL0X43UfoadDnLtL4ufvYD15wF5tPcMQRFDrf4YMsaMQt8MOfoEOw&sai=AMfl-YSg5pTwBhKlTpDCQTTIR2NyTx-o082AhKjmCBrt7ab2YI9I1pqYeD4l9t1AnOQ1TblS-orj_ER7hAgKshNpMOt3LNs0p1Xhpl-8QYZmfJAZvGrYsWZKrU-fd2XiqWodCN04VEUhYRW0zZ6DTH97p9JLBRLcpJc3kOcbXTc6MUmQzNI3jomllDnHO0pl06ZK5MCztgzQ1V7iemSywL9jwxnI-L_VPHq9NbWAILNRqD8_t7c2pj0OGqj9EUgzItmyWMNamHMqc-rvjC9IiPOoIGT1jsZs2tY&sig=Cg0ArKJSzFiGB8dNyGGlEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=327&vt=11&dtpt=107&dett=3&cstd=322&cisv=r20231109.95024&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/gan-da-jue-zhan-2-0ban-ben-xian-feng-ce-shi-zheng-shi-kai-qi.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://e69be1acc319b7940667230e1b27285a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 23:28:22 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
CH-DE_interest_rate-1-DECH-728x90-638330445206768758-a8731108-9fa3-40c3-89dc-1ceef44a5f3f.html
s0.2mdn.net/sadbundle/2424957407877660672/ Frame 9206 		4 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/2424957407877660672/CH-DE_interest_rate-1-DECH-728x90-638330445206768758-a8731108-9fa3-40c3-89dc-1ceef44a5f3f.html?ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
16451b410da7e2e5795bc39384f40bb5da9c5049519689afeb4b936a4ec7f6b0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://e69be1acc319b7940667230e1b27285a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
507
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
1418
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Fri, 17 Nov 2023 23:19:55 GMT
expires
Sat, 16 Nov 2024 23:19:55 GMT
last-modified
Mon, 16 Oct 2023 09:15:27 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 327D 		1 KB
646 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: e69be1acc319b7940667230e1b27285a.safeframe.googlesyndication.com
URL: https://e69be1acc319b7940667230e1b27285a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://e69be1acc319b7940667230e1b27285a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
50587
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 17 Nov 2023 09:25:15 GMT
etag
48472445140208031
expires
Sat, 18 Nov 2023 09:25:15 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame AA7E 		220 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
99eee0a47216d1e462693a13f59bc8f75550b3542ef1dd19dad6979eae44facc

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
480_650.mp4
cdn.vidverto.io/secured2/B2F_unTG1wMPI6PDUqtOfw:1700267299/1327/video/1812/ 		72 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.vidverto.io/secured2/B2F_unTG1wMPI6PDUqtOfw:1700267299/1327/video/1812/480_650.mp4
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/gan-da-jue-zhan-2-0ban-ben-xian-feng-ce-shi-zheng-shi-kai-qi.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
175.110.113.214 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
175-110-113-214.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash

Request headers

Referer
https://www.bg3.co/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

Date
Fri, 17 Nov 2023 23:28:22 GMT
Last-Modified
Thu, 02 Sep 2021 16:35:01 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"6130fd35-101b90c"
Content-Type
video/mp4
Access-Control-Allow-Origin
*
Content-Range
bytes 0-16890123/16890124
Connection
keep-alive
Content-Length
16890124
GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
pagead2.googlesyndication.com/bg/ Frame 77E2 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 09:24:52 GMT
content-encoding
br
x-content-type-options
nosniff
age
50610
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15296
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 16:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 16 Nov 2024 09:24:52 GMT
S-300x75.gif
cdn.contentspread.net/24i/content/soberfb/DE/ Frame EA49 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.contentspread.net/24i/content/soberfb/DE/S-300x75.gif
Requested by
Host: hal900026.redintelligence.net
URL: https://hal900026.redintelligence.net/request_content.php?s=21765500001811404438446012512026&a=aa555b58
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
145.239.2.103 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns3082036.ip-145-239-2.eu
Software
nginx /
Resource Hash
9104212df7bb18cd2e0697773c91e0387ee338dfd3c3cf44c29e75744e5b464e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://hal900026.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 17 Nov 2023 23:28:22 GMT
Last-Modified
Mon, 23 Jul 2018 15:19:52 GMT
Server
nginx
ETag
"5b55f218-2f74"
Content-Type
image/gif
Connection
close
Accept-Ranges
bytes
Content-Length
12148
viewability
hal900026.redintelligence.net/ Frame EA49 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900026.redintelligence.net/viewability?s=21765500001811404438446012512026&a=0b7afbc2&vb=m
Requested by
Host: hal900026.redintelligence.net
URL: https://hal900026.redintelligence.net/request_content.php?s=21765500001811404438446012512026&a=aa555b58
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.84.244 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.244.84.201.138.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://hal900026.redintelligence.net/request_content.php?s=21765500001811404438446012512026&a=aa555b58
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 17 Nov 2023 23:28:22 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
truncated
/ Frame EA49 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
publishertag.prebid.135.js
static.criteo.net/js/ld/ 		89 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.135.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
20678c305b50c0988193d64cb34f41e2dcb6f2fa48353106436ea301e07ce70a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 23:28:22 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 24 Feb 2023 07:57:32 GMT
server
nginx
etag
W/"63f86dec-16386"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 18 Nov 2023 23:28:22 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 472E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231109&jk=223067076498789&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/gan-da-jue-zhan-2-0ban-ben-xian-feng-ce-shi-zheng-shi-kai-qi.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
pixel
cm.g.doubleclick.net/ Frame 327D
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEHenlYn4jYXHtikWzTxgS40&google_cve...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=UDRQNWU2SVoxUjQ4ZzU1&google_gid=CAESEHenlYn4jYXHtikWzTxgS40&google_cver=1&google_push=AXcoOmTZLGJKi7YaQdXRx1saejLSkEchDcx24altKqH7NUb...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=UDRQNWU2SVoxUjQ4ZzU1&google_gid=CAESEHenlYn4jYXHtikWzTxgS40&google_cver=1&google_push=AXcoOmTZLGJKi7YaQdXRx1saejLSkEchDcx24altKqH7NUb-nxLYla8iZIomrrGA790b4KjnZYHlYzusT__z6PSi4dqPHO8EbnU
Requested by
Host: e69be1acc319b7940667230e1b27285a.safeframe.googlesyndication.com
URL: https://e69be1acc319b7940667230e1b27285a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s10-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 23:28:22 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 17 Nov 2023 23:28:21 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-795-gb641a57#rel-ec2-master i-0f7f5cc7c951f6e61@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=UDRQNWU2SVoxUjQ4ZzU1&google_gid=CAESEHenlYn4jYXHtikWzTxgS40&google_cver=1&google_push=AXcoOmTZLGJKi7YaQdXRx1saejLSkEchDcx24altKqH7NUb-nxLYla8iZIomrrGA790b4KjnZYHlYzusT__z6PSi4dqPHO8EbnU
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 327D
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEGnHlKRRpC7LShq6n2wU4gI&google_cver=1&google_push=AXcoOmTTYsgse7HKi1TY30RSNU-wR3ewiXx-bliNDrPHsT-tuy59hgv5qQxVRxyRO1TbR_c2s2wFotJJ53llmxEXYX1sred9YRQo
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=8137914E08E64EA796299417CD1DED1B&google_push=AXcoOmTTYsgse7HKi1TY30RSNU-wR3ewiXx-bliNDrPHsT-tuy59hgv5qQxVRxyRO1TbR_c2s2wFotJJ53llmxE...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=8137914E08E64EA796299417CD1DED1B&google_push=AXcoOmTTYsgse7HKi1TY30RSNU-wR3ewiXx-bliNDrPHsT-tuy59hgv5qQxVRxyRO1TbR_c2s2wFotJJ53llmxEXYX1sred9YRQo
Requested by
Host: e69be1acc319b7940667230e1b27285a.safeframe.googlesyndication.com
URL: https://e69be1acc319b7940667230e1b27285a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s10-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 23:28:22 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Fri, 17 Nov 2023 23:28:22 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=8137914E08E64EA796299417CD1DED1B&google_push=AXcoOmTTYsgse7HKi1TY30RSNU-wR3ewiXx-bliNDrPHsT-tuy59hgv5qQxVRxyRO1TbR_c2s2wFotJJ53llmxEXYX1sred9YRQo
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Thu, 16 Nov 2023 23:28:22 GMT
pixel
cm.g.doubleclick.net/ Frame 327D
Redirect Chain
  • https://ums.acuityplatform.com/tum?umid=4&uid=CAESEJt4QpbQi1cou9jyE_L_KxM&google_cver=1&google_push=AXcoOmQUqynapSwQAPiZLvIb2uWRktfd8PDagW1koxRwDvVMyfdJGmHe-udyczjK9D5jY_zEXCiWVoLm5rMzASvfGfSUGzjQrW-n
  • https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=853567152842&us_privacy=1---
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=853567152842&us_privacy=1---
Requested by
Host: e69be1acc319b7940667230e1b27285a.safeframe.googlesyndication.com
URL: https://e69be1acc319b7940667230e1b27285a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s10-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 23:28:22 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

access-control-allow-origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=853567152842&us_privacy=1---
content-length
0
pixel
cm.g.doubleclick.net/ Frame 327D
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEJy3a7e3CyWb-R4wpB5JP64&google_cver=1&google_push=AXcoOmQp5uDZC5UE1lpik9Z5YnoXRB3kDHkouZKq6r3EHuVaflCF6L5jE02ZVZu5IQKWpXxDzgpRnRJB...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Mjc4NTQwMzE2MTExNzE0MzY4&google_push=AXcoOmQp5uDZC5UE1lpik9Z5YnoXRB3kDHkouZKq6r3EHuVaflCF6L5jE02ZVZu5IQKWpXxDzgpRnRJB...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Mjc4NTQwMzE2MTExNzE0MzY4&google_push=AXcoOmQp5uDZC5UE1lpik9Z5YnoXRB3kDHkouZKq6r3EHuVaflCF6L5jE02ZVZu5IQKWpXxDzgpRnRJBLL6Y8TCvAFkw4Opn9dFl
Requested by
Host: e69be1acc319b7940667230e1b27285a.safeframe.googlesyndication.com
URL: https://e69be1acc319b7940667230e1b27285a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s10-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 23:28:22 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 17 Nov 2023 23:28:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Mjc4NTQwMzE2MTExNzE0MzY4&google_push=AXcoOmQp5uDZC5UE1lpik9Z5YnoXRB3kDHkouZKq6r3EHuVaflCF6L5jE02ZVZu5IQKWpXxDzgpRnRJBLL6Y8TCvAFkw4Opn9dFl
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame 327D
Redirect Chain
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEDdKdWUhedOaMRn-oXZmGQc&google_cver=1&google_push=AXcoOmR-cnpRw9YxZPgyRg5DUM7AiNBi0MzhG1qSI4BrkmMolKTKfdIPnBHEi2EXMdggwguGZL5VkkV5UsTcZ...
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmR-cnpRw9YxZPgyRg5DUM7AiNBi0MzhG1qSI4BrkmMolKTKfdIPnBHEi2EXMdggwguGZL5VkkV5UsTcZhATcCjwqGMASu7C&google_hm=WWxFWUlhZ3RBNEVzN2tS...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmR-cnpRw9YxZPgyRg5DUM7AiNBi0MzhG1qSI4BrkmMolKTKfdIPnBHEi2EXMdggwguGZL5VkkV5UsTcZhATcCjwqGMASu7C&google_hm=WWxFWUlhZ3RBNEVzN2tScC14QjI=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/gan-da-jue-zhan-2-0ban-ben-xian-feng-ce-shi-zheng-shi-kai-qi.html
Protocol
H3
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s10-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 23:28:22 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 17 Nov 2023 23:28:22 GMT
Content-Type
text/html; charset=utf-8
Location
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmR-cnpRw9YxZPgyRg5DUM7AiNBi0MzhG1qSI4BrkmMolKTKfdIPnBHEi2EXMdggwguGZL5VkkV5UsTcZhATcCjwqGMASu7C&google_hm=WWxFWUlhZ3RBNEVzN2tScC14QjI=
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
236
Expires
Thu, 01 Dec 1994 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 327D
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEM740JeQKVDqmg2I1AmrMy0&google_cver=1&google_push=AXcoOmR_m1nKnSSVsHpmjAnIr7scx309UYToj2VCfAvuhhVkN2X3MwiY8r-MPQBb1eb8_6C1lvDx97...
  • https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AXcoOmR_m1nKnSSVsHpmjAnIr7scx309UYToj2VCfAvuhhVkN2X3MwiY8r-MPQBb1eb8_6C1lvDx978ri4LHmVzi5aybuh8giAEr&google_hm=MTY2MzMzNj...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AXcoOmR_m1nKnSSVsHpmjAnIr7scx309UYToj2VCfAvuhhVkN2X3MwiY8r-MPQBb1eb8_6C1lvDx978ri4LHmVzi5aybuh8giAEr&google_hm=MTY2MzMzNjk2OTA2OTAzNTU0NA%3D%3D
Requested by
Host: e69be1acc319b7940667230e1b27285a.safeframe.googlesyndication.com
URL: https://e69be1acc319b7940667230e1b27285a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s10-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 23:28:22 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AXcoOmR_m1nKnSSVsHpmjAnIr7scx309UYToj2VCfAvuhhVkN2X3MwiY8r-MPQBb1eb8_6C1lvDx978ri4LHmVzi5aybuh8giAEr&google_hm=MTY2MzMzNjk2OTA2OTAzNTU0NA%3D%3D
date
Fri, 17 Nov 2023 23:28:22 GMT
content-length
0
attr
cm.g.doubleclick.net/pixel/ Frame 327D 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KASmygW3TfERZMiDEyDbMXfQceAy1xi8TQnU3vICeoDuGk1GymoozAmGi3DJAbBA
Requested by
Host: e69be1acc319b7940667230e1b27285a.safeframe.googlesyndication.com
URL: https://e69be1acc319b7940667230e1b27285a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s10-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 23:28:22 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
pagead2.googlesyndication.com/bg/ Frame 571C 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 09:24:52 GMT
content-encoding
br
x-content-type-options
nosniff
age
50610
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15296
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 16:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 16 Nov 2024 09:24:52 GMT
652cf45a843eb9eeda7667d0
c.bannerflow.net/a/ Frame 9206 		71 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.bannerflow.net/a/652cf45a843eb9eeda7667d0?did=5ced17d285b1c200019c3fe1&&redirecturl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsuGzXaAm5iiFfXf8KjMavMCCpaRa2OT_7rquPV1Ua9o-nN_7KUIbDIcwpNsGOWATgaG-zSW7-ReCKTO19hHZN13mLaSqWAvyt7Z0TLw3SklXL6x-imrdPfgaD6GUDotWZ2UXBffSHUp-8Mt5GHWV724Lq7G7t7cCDAVTdVfE7oBQyNrqVUpwbwhAmC8QmMBomUQ4TGo2wFl57LGaFDjDqCIlbx0nhR8LyjY_rwBUqzi0XWtrGFJG_m-TgJtXILYHvxKKzVD6CNQVjtYo-GYHVELu-jRQZgAv3G3so-9-9Mp35D1dZ2sYFTwQNJQgFcZ8XmcDh6kgW5Whh_hyjr2FErDiKaB4JcwG7RPMBDcDFfPpLKeYO1I_0DOPJF9sTqaeh5gBwDh_ukWgbNJIPnSz1s_oa10vKO_2hcMtZwcRp0GGUAbBrBtdycOrClK3RmF2J5PdA26Lfhm-Henu0_nedxXDXK83_EdIZP-iOm_EtNwiwJL9oDfoyTooIrWR0YS-Qd4-EUyPMUy9x2R1rPvxSDMKOFtF2jCAIC7iGOlv4fQwgwLoaG3SDk_yIB3B2XhL2PwspriHIj9aT3QhauqAC8jEzm5lH98vhN3rUAr_dyYHAyxWtDOxk4ubQlYHdSGozOu--64NrAaZ0T_te4ckuSzUE2k9K4YZsa0b7rFmB09vrIx7oGVx83gDqucAX3olAHwDkd1-qk5NyAyy3ALCdOrDrel9zHYXndeqIGuMdqR-WaqUWT4bB6_NGrI5M-2SYsXuH3_b8Ni12QgAUO492Farj7KQ3MrgB70fdbHrj309ETCN3iCQjRq5tEm1jWjeHUYvSNP4yESythBeIufyABookXpaKU4XI9HhrBTEtiFc30AL3u5jUVuXc6guC3NuBKPn8P8438Zbm1Tvfdo9McV3DmSG3tvbqXvV7lGTacqnLM7VYz5_F-nP9TnQf_KylOJyLVyhABkLX4O_ND3sH4fs27HBYbIUvHBB2khWkXaxK-HvtLTOfKjaMuG9bqs5So1lm1CGC35R9yAFRcs_tfYm1mRg0qCqw5y4DXF5gk73YK5iBuxmW7qiK4r0juk_EXqb70W8uAZZAUFNiV9qOlWnDDWY7-XWWrTnUK5KxdsPOCIDc8DwZBMTIwctzlPKuF9JdNHWS1_VV2pBhzZjh7YdntN2dxDWjE5n05EiqMZaHxgrRonUKgdhdjN85fBSEVEGB1IH3sF-yqt7iO_KXYNaVPrhnoBERnPjJrMPk7lJ6T4cFkq7jLDFn8WytrFwFARkpjv3M_oJWelKBL14sIerY-B46YoAWQseRV-ZhRKD6BeWRFw0TMvxstOWCmVLcU8lb_bJrQzHOb64wygyO2CDpJYDzdqcLWQRQf6YAxCLo9v0fWpTADskAu-2v5J56VCg49Uoij-T3oukl3B2TBcjaiYsl_oHKoDW7G2jyWWuF8BxXqDGgjV2QId01v3kk87Adk1cc_ieuX8S0MWPdXUD0EtFpmyFocdKl65Y6hFUCiqWCWCptKQwjqrM5v-f6YgRQClwbkwT_VVgq85q05EOw7JEEiGoaHqaB54%26sai%3DAMfl-YSedwVIxfrtceO_oHNgrG5liERJYJsljBLIUP1GAZh--vnfjMe00KYbdGJ68WWCr_gbP1EX9MMV9uPxq52CD0cPfcU-0Tu0RxeNaeDx9wR-4yuMAKu91S1OzdoSfJSWGQscjsIsW09dz34tJsV2Ba5JeTj6GY4DHO3OnAgSjORIgFCqixcJMGw8J1DIG6w_e5BkKMK-06eTqZ9MaogvwqcpwHKYkqiVjP3XcwJAlm6lfhlzhjdD2uCNhBz-fpEv5PGWx_OAZsiSEh057RQiuAL7L0JuKuPUPrOQCInGvw%26sig%3DCg0ArKJSzIrfnjZME8ViEAE%26cry%3D1%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26rm_eid%3D5362262%26adurl%3Dhttps%253A%252F%252Fwww.home.saxo%252Fde-ch%252Fcampaigns%252Finterest-rates-cal%253Fdclid%253D%2525edclid!%2526cmpid%253Ddisp_cm_1014485535_20667285989_531078041
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2424957407877660672/CH-DE_interest_rate-1-DECH-728x90-638330445206768758-a8731108-9fa3-40c3-89dc-1ceef44a5f3f.html?ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:c96e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e690b007a72c30a72e0eb7618678874d0b3fce48c83af10e6f974d4e9e6a0754

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 23:28:22 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 17 Nov 2023 23:28:22 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, s-maxage=10
cf-ray
827bbfeddf7e9b77-FRA
request-context
appId=cid-v1:1a5f66bd-0229-467a-a946-b3753e659ecb
ads
pubads.g.doubleclick.net/gampad/live/ Frame A479 		117 KB
23 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/live/ads?iu=%2F21986089839%2C22574853003%2Fivm_video%2Fivm_bg3.co_video&description_url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fgan-da-jue-zhan-2-0ban-ben-xian-feng-ce-shi-zheng-shi-kai-qi.html&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fgan-da-jue-zhan-2-0ban-ben-xian-feng-ce-shi-zheng-shi-kai-qi.html&tfcd=0&npa=0&sz=1x1%7C300x250%7C320x480%7C400x300%7C480x320%7C480x360%7C600x338%7C640x480%7C720x405&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=2549678177343997&sdkv=h.3.605.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&u_so=l&ctv=0&mpt=vidvertoplayer&mpv=1.0.0&sdki=445&ptt=20&adk=3132361577&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.605.0&media_url=https%3A%2F%2Fcdn.vidverto.io%2Fsecured2%2FB2F_unTG1wMPI6PDUqtOfw%3A1700267299%2F1327%2Fvideo%2F1812%2F480_650.mp4&sid=057FADCF-9995-4CD7-A4DB-5F8C20B83B9E&nel=0&eid=44772139%2C44777649%2C44781409%2C44802074%2C44802463%2C44804291%2C44808026&top=https%3A%2F%2Fwww.bg3.co%2Fa%2Fgan-da-jue-zhan-2-0ban-ben-xian-feng-ce-shi-zheng-shi-kai-qi.html&loc=https%3A%2F%2Fwww.bg3.co%2Fa%2Fgan-da-jue-zhan-2-0ban-ben-xian-feng-ce-shi-zheng-shi-kai-qi.html&dt=1700263702603&cookie=ID%3D67ba635910e4b7f5%3AT%3D1700263698%3ART%3D1700263698%3AS%3DALNI_MYfdLeeGEUs_u4xhLyM1aaGhlYZ8A&gpic=UID%3D00000ccb78c79d18%3AT%3D1700263698%3ART%3D1700263698%3AS%3DALNI_Ma9K7e3u3n3MVNni0SLNgfeVAFKew&scor=97078930659110&ged=ve4_td5_tt2_pd5_la5000_er698.400.699.800_vi0.0.1200.1600_vp100_eb24171
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ltt /
Resource Hash
6a67d282c25c974e4f811f9f491a72a43f6f0dda804c07fb7d649168a58c49f3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 23:28:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23533
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
ltt
google-creative-id
-1
x-frame-options
SAMEORIGIN
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 986B 		0
22 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BXgGKFfdXZdHRHODZx_APsrC_8A0AAAAAOAHgBAI&bg=!IiGlIW7NAAZxrfrxUa07ADQBe5WfOHLOQSdQUA32SlIy2moUPnpRUJyw1L_f8WEcvKOwKjOEj0fUw_F_Rfds4Xv5EtwIAgAAAe9SAAAAAmgBB5kC_C2kmqJrwPr-Q6aB_pg-4hKKR0r3k-reUuEuuG6lhGxjksY-yITJWGAcnyNMAVo1oI7S7uP5cy1lTVPgi-NZ19SikammzpvPTrG9qFwV4fvwqs2n-vcUxYMbsuEbbfACqWja4YjVIL-APVfGcsUE1JRatsYQh8rTSbKeIrVphHyq7bbSOU98cPh3mVj2nSliLbKbGkkRoQoMcKsx-7xzlaZT89cvoh5-gsbAOMgUahH2R6jcOjmfLbOH_mpWA3aHthJiGhbvEeHjuy_pkxgYyfjJVbyRDqt0okoZPOxmFsjR6Vb7fhfshWIbiXqxB8VOqLXqJoaq868CT8XpwL0IZCDZbKxM48gooFvoeC2npphWvGGfpJVcXZvosx93zxohrYzybrZdzSNk_b-_A5MdFeWaSzjIeCGZofx0VFstJ6RyNcnQl_YL_UuNo45fnZ6esJnmuffTXqmuS9Wu3v24AdLiW9F7_DxU0ABpx0B85phT2hnt-lo4smARd63Ld1ZOhs5PM1XsxzHTOIBePR1s-TbndK5DvjFbtRbLKs0f3EuGxjm9aO7xrMP46Gyhy7oQDBvfbUiChuPvn2PC1-tSorw9yVJpYruSsWTVw4ascnmw9Yjy8kRzEeKkoKSV_b5E1R7sVgF-iWfZvCJemCd5HdhWICj0dsDJYkLrEe0vhpjGmH0Qq6mmCn0A3--WwD6L9TFd33WhohuWz-L-5TGpmYfe8JPAmBTfLu8kw1X_r_KmDsFbZ52ehRGP-CXTSAWBItoneAaCO-BJIYRq8FUfqn4LVWYSyQVop7JKxxMzsY2CVrfbrM44861glrNH29sbQUxtCySPfHo6HedCCQ1VzuZtz5SuGzZ81UZyUQcRZXXR2tgojSE2jN9dJTzt-evEmKpdBXOoizO8GJj_118aD16h090sFQ_UeyFGWcFsk6T0IiaLjf_V4AOI2wb-RCtFUNd4uqfC-GxbUi5jJIWvr8qXSX4zViYHfQLAMf6S8HxNw-Zk5VY57HwNgJ6l
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/gan-da-jue-zhan-2-0ban-ben-xian-feng-ce-shi-zheng-shi-kai-qi.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 23:28:22 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
publishertag.prebid.js
static.criteo.net/js/ld/ 		96 KB
31 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.135.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
66776998b10e583a72f8fd29391a50e2c80eb3bc9a65b0dafe97e576d7d88507
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 23:28:22 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 27 Oct 2023 06:43:26 GMT
server
nginx
etag
W/"653b5c0e-1811e"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 18 Nov 2023 23:28:22 GMT
generate_204
tpc.googlesyndication.com/ Frame 571C 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?-yrogQ
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/gan-da-jue-zhan-2-0ban-ben-xian-feng-ce-shi-zheng-shi-kai-qi.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 23:28:22 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
widget.73803a8d9d4f3ba312b4.js
c.bannerflow.net/scripts/ Frame 9206 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.bannerflow.net/scripts/widget.73803a8d9d4f3ba312b4.js
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/652cf45a843eb9eeda7667d0?did=5ced17d285b1c200019c3fe1&&redirecturl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsuGzXaAm5iiFfXf8KjMavMCCpaRa2OT_7rquPV1Ua9o-nN_7KUIbDIcwpNsGOWATgaG-zSW7-ReCKTO19hHZN13mLaSqWAvyt7Z0TLw3SklXL6x-imrdPfgaD6GUDotWZ2UXBffSHUp-8Mt5GHWV724Lq7G7t7cCDAVTdVfE7oBQyNrqVUpwbwhAmC8QmMBomUQ4TGo2wFl57LGaFDjDqCIlbx0nhR8LyjY_rwBUqzi0XWtrGFJG_m-TgJtXILYHvxKKzVD6CNQVjtYo-GYHVELu-jRQZgAv3G3so-9-9Mp35D1dZ2sYFTwQNJQgFcZ8XmcDh6kgW5Whh_hyjr2FErDiKaB4JcwG7RPMBDcDFfPpLKeYO1I_0DOPJF9sTqaeh5gBwDh_ukWgbNJIPnSz1s_oa10vKO_2hcMtZwcRp0GGUAbBrBtdycOrClK3RmF2J5PdA26Lfhm-Henu0_nedxXDXK83_EdIZP-iOm_EtNwiwJL9oDfoyTooIrWR0YS-Qd4-EUyPMUy9x2R1rPvxSDMKOFtF2jCAIC7iGOlv4fQwgwLoaG3SDk_yIB3B2XhL2PwspriHIj9aT3QhauqAC8jEzm5lH98vhN3rUAr_dyYHAyxWtDOxk4ubQlYHdSGozOu--64NrAaZ0T_te4ckuSzUE2k9K4YZsa0b7rFmB09vrIx7oGVx83gDqucAX3olAHwDkd1-qk5NyAyy3ALCdOrDrel9zHYXndeqIGuMdqR-WaqUWT4bB6_NGrI5M-2SYsXuH3_b8Ni12QgAUO492Farj7KQ3MrgB70fdbHrj309ETCN3iCQjRq5tEm1jWjeHUYvSNP4yESythBeIufyABookXpaKU4XI9HhrBTEtiFc30AL3u5jUVuXc6guC3NuBKPn8P8438Zbm1Tvfdo9McV3DmSG3tvbqXvV7lGTacqnLM7VYz5_F-nP9TnQf_KylOJyLVyhABkLX4O_ND3sH4fs27HBYbIUvHBB2khWkXaxK-HvtLTOfKjaMuG9bqs5So1lm1CGC35R9yAFRcs_tfYm1mRg0qCqw5y4DXF5gk73YK5iBuxmW7qiK4r0juk_EXqb70W8uAZZAUFNiV9qOlWnDDWY7-XWWrTnUK5KxdsPOCIDc8DwZBMTIwctzlPKuF9JdNHWS1_VV2pBhzZjh7YdntN2dxDWjE5n05EiqMZaHxgrRonUKgdhdjN85fBSEVEGB1IH3sF-yqt7iO_KXYNaVPrhnoBERnPjJrMPk7lJ6T4cFkq7jLDFn8WytrFwFARkpjv3M_oJWelKBL14sIerY-B46YoAWQseRV-ZhRKD6BeWRFw0TMvxstOWCmVLcU8lb_bJrQzHOb64wygyO2CDpJYDzdqcLWQRQf6YAxCLo9v0fWpTADskAu-2v5J56VCg49Uoij-T3oukl3B2TBcjaiYsl_oHKoDW7G2jyWWuF8BxXqDGgjV2QId01v3kk87Adk1cc_ieuX8S0MWPdXUD0EtFpmyFocdKl65Y6hFUCiqWCWCptKQwjqrM5v-f6YgRQClwbkwT_VVgq85q05EOw7JEEiGoaHqaB54%26sai%3DAMfl-YSedwVIxfrtceO_oHNgrG5liERJYJsljBLIUP1GAZh--vnfjMe00KYbdGJ68WWCr_gbP1EX9MMV9uPxq52CD0cPfcU-0Tu0RxeNaeDx9wR-4yuMAKu91S1OzdoSfJSWGQscjsIsW09dz34tJsV2Ba5JeTj6GY4DHO3OnAgSjORIgFCqixcJMGw8J1DIG6w_e5BkKMK-06eTqZ9MaogvwqcpwHKYkqiVjP3XcwJAlm6lfhlzhjdD2uCNhBz-fpEv5PGWx_OAZsiSEh057RQiuAL7L0JuKuPUPrOQCInGvw%26sig%3DCg0ArKJSzIrfnjZME8ViEAE%26cry%3D1%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26rm_eid%3D5362262%26adurl%3Dhttps%253A%252F%252Fwww.home.saxo%252Fde-ch%252Fcampaigns%252Finterest-rates-cal%253Fdclid%253D%2525edclid!%2526cmpid%253Ddisp_cm_1014485535_20667285989_531078041
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:c96e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8bdb773cc106f613774d2d67d669a1328d3a2eccee2ebae9d548b9dbe2b925ff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 17 Nov 2023 23:28:22 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
kV2TaSme3zjoMC7eKEPqvg==
age
1442016
cf-polished
origSize=20123
x-ms-lease-status
unlocked
cf-bgj
minify
last-modified
Wed, 05 Apr 2023 08:06:09 GMT
server
cloudflare
etag
W/"0x8DB35AC9D3707B1"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
9f892b23-901e-0060-2090-0c91b9000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control
public,max-age=31536000,immutable
x-ms-version
2011-08-18
cf-ray
827bbfee5fdf9b77-FRA
document.000000113A6B2E.js
c.bannerflow.net/accounts/saxo-bank/5a0d3b1088665f7354f5da6c/published/4195010/5405215/ Frame 9206 		59 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.bannerflow.net/accounts/saxo-bank/5a0d3b1088665f7354f5da6c/published/4195010/5405215/document.000000113A6B2E.js
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/652cf45a843eb9eeda7667d0?did=5ced17d285b1c200019c3fe1&&redirecturl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsuGzXaAm5iiFfXf8KjMavMCCpaRa2OT_7rquPV1Ua9o-nN_7KUIbDIcwpNsGOWATgaG-zSW7-ReCKTO19hHZN13mLaSqWAvyt7Z0TLw3SklXL6x-imrdPfgaD6GUDotWZ2UXBffSHUp-8Mt5GHWV724Lq7G7t7cCDAVTdVfE7oBQyNrqVUpwbwhAmC8QmMBomUQ4TGo2wFl57LGaFDjDqCIlbx0nhR8LyjY_rwBUqzi0XWtrGFJG_m-TgJtXILYHvxKKzVD6CNQVjtYo-GYHVELu-jRQZgAv3G3so-9-9Mp35D1dZ2sYFTwQNJQgFcZ8XmcDh6kgW5Whh_hyjr2FErDiKaB4JcwG7RPMBDcDFfPpLKeYO1I_0DOPJF9sTqaeh5gBwDh_ukWgbNJIPnSz1s_oa10vKO_2hcMtZwcRp0GGUAbBrBtdycOrClK3RmF2J5PdA26Lfhm-Henu0_nedxXDXK83_EdIZP-iOm_EtNwiwJL9oDfoyTooIrWR0YS-Qd4-EUyPMUy9x2R1rPvxSDMKOFtF2jCAIC7iGOlv4fQwgwLoaG3SDk_yIB3B2XhL2PwspriHIj9aT3QhauqAC8jEzm5lH98vhN3rUAr_dyYHAyxWtDOxk4ubQlYHdSGozOu--64NrAaZ0T_te4ckuSzUE2k9K4YZsa0b7rFmB09vrIx7oGVx83gDqucAX3olAHwDkd1-qk5NyAyy3ALCdOrDrel9zHYXndeqIGuMdqR-WaqUWT4bB6_NGrI5M-2SYsXuH3_b8Ni12QgAUO492Farj7KQ3MrgB70fdbHrj309ETCN3iCQjRq5tEm1jWjeHUYvSNP4yESythBeIufyABookXpaKU4XI9HhrBTEtiFc30AL3u5jUVuXc6guC3NuBKPn8P8438Zbm1Tvfdo9McV3DmSG3tvbqXvV7lGTacqnLM7VYz5_F-nP9TnQf_KylOJyLVyhABkLX4O_ND3sH4fs27HBYbIUvHBB2khWkXaxK-HvtLTOfKjaMuG9bqs5So1lm1CGC35R9yAFRcs_tfYm1mRg0qCqw5y4DXF5gk73YK5iBuxmW7qiK4r0juk_EXqb70W8uAZZAUFNiV9qOlWnDDWY7-XWWrTnUK5KxdsPOCIDc8DwZBMTIwctzlPKuF9JdNHWS1_VV2pBhzZjh7YdntN2dxDWjE5n05EiqMZaHxgrRonUKgdhdjN85fBSEVEGB1IH3sF-yqt7iO_KXYNaVPrhnoBERnPjJrMPk7lJ6T4cFkq7jLDFn8WytrFwFARkpjv3M_oJWelKBL14sIerY-B46YoAWQseRV-ZhRKD6BeWRFw0TMvxstOWCmVLcU8lb_bJrQzHOb64wygyO2CDpJYDzdqcLWQRQf6YAxCLo9v0fWpTADskAu-2v5J56VCg49Uoij-T3oukl3B2TBcjaiYsl_oHKoDW7G2jyWWuF8BxXqDGgjV2QId01v3kk87Adk1cc_ieuX8S0MWPdXUD0EtFpmyFocdKl65Y6hFUCiqWCWCptKQwjqrM5v-f6YgRQClwbkwT_VVgq85q05EOw7JEEiGoaHqaB54%26sai%3DAMfl-YSedwVIxfrtceO_oHNgrG5liERJYJsljBLIUP1GAZh--vnfjMe00KYbdGJ68WWCr_gbP1EX9MMV9uPxq52CD0cPfcU-0Tu0RxeNaeDx9wR-4yuMAKu91S1OzdoSfJSWGQscjsIsW09dz34tJsV2Ba5JeTj6GY4DHO3OnAgSjORIgFCqixcJMGw8J1DIG6w_e5BkKMK-06eTqZ9MaogvwqcpwHKYkqiVjP3XcwJAlm6lfhlzhjdD2uCNhBz-fpEv5PGWx_OAZsiSEh057RQiuAL7L0JuKuPUPrOQCInGvw%26sig%3DCg0ArKJSzIrfnjZME8ViEAE%26cry%3D1%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26rm_eid%3D5362262%26adurl%3Dhttps%253A%252F%252Fwww.home.saxo%252Fde-ch%252Fcampaigns%252Finterest-rates-cal%253Fdclid%253D%2525edclid!%2526cmpid%253Ddisp_cm_1014485535_20667285989_531078041
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:c96e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
954b3fda838a7666e6e9df9d3f856f317e0ac130bf5e8778b12ba575fdebf729

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 17 Nov 2023 23:28:22 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
fj9TKMb8k2zUCJKOQvRd2Q==
age
148371
cf-polished
origSize=64303
x-ms-lease-status
unlocked
cf-bgj
minify
last-modified
Mon, 17 Apr 2023 10:52:51 GMT
server
cloudflare
etag
W/"0x8DB3F31E413B058"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
3c5d085c-001e-0000-3d54-18d5d3000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control
public,max-age=31536000,immutable
x-ms-version
2011-08-18
cf-ray
827bbfee5fe09b77-FRA
animated-creative.a3eb65849827099c4ed2.js
c.bannerflow.net/scripts/ Frame 9206 		156 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.bannerflow.net/scripts/animated-creative.a3eb65849827099c4ed2.js
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/652cf45a843eb9eeda7667d0?did=5ced17d285b1c200019c3fe1&&redirecturl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsuGzXaAm5iiFfXf8KjMavMCCpaRa2OT_7rquPV1Ua9o-nN_7KUIbDIcwpNsGOWATgaG-zSW7-ReCKTO19hHZN13mLaSqWAvyt7Z0TLw3SklXL6x-imrdPfgaD6GUDotWZ2UXBffSHUp-8Mt5GHWV724Lq7G7t7cCDAVTdVfE7oBQyNrqVUpwbwhAmC8QmMBomUQ4TGo2wFl57LGaFDjDqCIlbx0nhR8LyjY_rwBUqzi0XWtrGFJG_m-TgJtXILYHvxKKzVD6CNQVjtYo-GYHVELu-jRQZgAv3G3so-9-9Mp35D1dZ2sYFTwQNJQgFcZ8XmcDh6kgW5Whh_hyjr2FErDiKaB4JcwG7RPMBDcDFfPpLKeYO1I_0DOPJF9sTqaeh5gBwDh_ukWgbNJIPnSz1s_oa10vKO_2hcMtZwcRp0GGUAbBrBtdycOrClK3RmF2J5PdA26Lfhm-Henu0_nedxXDXK83_EdIZP-iOm_EtNwiwJL9oDfoyTooIrWR0YS-Qd4-EUyPMUy9x2R1rPvxSDMKOFtF2jCAIC7iGOlv4fQwgwLoaG3SDk_yIB3B2XhL2PwspriHIj9aT3QhauqAC8jEzm5lH98vhN3rUAr_dyYHAyxWtDOxk4ubQlYHdSGozOu--64NrAaZ0T_te4ckuSzUE2k9K4YZsa0b7rFmB09vrIx7oGVx83gDqucAX3olAHwDkd1-qk5NyAyy3ALCdOrDrel9zHYXndeqIGuMdqR-WaqUWT4bB6_NGrI5M-2SYsXuH3_b8Ni12QgAUO492Farj7KQ3MrgB70fdbHrj309ETCN3iCQjRq5tEm1jWjeHUYvSNP4yESythBeIufyABookXpaKU4XI9HhrBTEtiFc30AL3u5jUVuXc6guC3NuBKPn8P8438Zbm1Tvfdo9McV3DmSG3tvbqXvV7lGTacqnLM7VYz5_F-nP9TnQf_KylOJyLVyhABkLX4O_ND3sH4fs27HBYbIUvHBB2khWkXaxK-HvtLTOfKjaMuG9bqs5So1lm1CGC35R9yAFRcs_tfYm1mRg0qCqw5y4DXF5gk73YK5iBuxmW7qiK4r0juk_EXqb70W8uAZZAUFNiV9qOlWnDDWY7-XWWrTnUK5KxdsPOCIDc8DwZBMTIwctzlPKuF9JdNHWS1_VV2pBhzZjh7YdntN2dxDWjE5n05EiqMZaHxgrRonUKgdhdjN85fBSEVEGB1IH3sF-yqt7iO_KXYNaVPrhnoBERnPjJrMPk7lJ6T4cFkq7jLDFn8WytrFwFARkpjv3M_oJWelKBL14sIerY-B46YoAWQseRV-ZhRKD6BeWRFw0TMvxstOWCmVLcU8lb_bJrQzHOb64wygyO2CDpJYDzdqcLWQRQf6YAxCLo9v0fWpTADskAu-2v5J56VCg49Uoij-T3oukl3B2TBcjaiYsl_oHKoDW7G2jyWWuF8BxXqDGgjV2QId01v3kk87Adk1cc_ieuX8S0MWPdXUD0EtFpmyFocdKl65Y6hFUCiqWCWCptKQwjqrM5v-f6YgRQClwbkwT_VVgq85q05EOw7JEEiGoaHqaB54%26sai%3DAMfl-YSedwVIxfrtceO_oHNgrG5liERJYJsljBLIUP1GAZh--vnfjMe00KYbdGJ68WWCr_gbP1EX9MMV9uPxq52CD0cPfcU-0Tu0RxeNaeDx9wR-4yuMAKu91S1OzdoSfJSWGQscjsIsW09dz34tJsV2Ba5JeTj6GY4DHO3OnAgSjORIgFCqixcJMGw8J1DIG6w_e5BkKMK-06eTqZ9MaogvwqcpwHKYkqiVjP3XcwJAlm6lfhlzhjdD2uCNhBz-fpEv5PGWx_OAZsiSEh057RQiuAL7L0JuKuPUPrOQCInGvw%26sig%3DCg0ArKJSzIrfnjZME8ViEAE%26cry%3D1%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26rm_eid%3D5362262%26adurl%3Dhttps%253A%252F%252Fwww.home.saxo%252Fde-ch%252Fcampaigns%252Finterest-rates-cal%253Fdclid%253D%2525edclid!%2526cmpid%253Ddisp_cm_1014485535_20667285989_531078041
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:c96e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9145a1b5941a698cff3ad558184cd813710a61ea765201ee9465fd2cd8cae663

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 17 Nov 2023 23:28:22 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
Js5dw7R7Itopo9K+HMhbDQ==
age
1439802
cf-polished
origSize=159709
x-ms-lease-status
unlocked
cf-bgj
minify
last-modified
Thu, 13 Apr 2023 09:04:44 GMT
server
cloudflare
etag
W/"0x8DB3BFE201FAE72"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
02a73093-501e-0032-0995-0ced51000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control
public,max-age=31536000,immutable
x-ms-version
2011-08-18
cf-ray
827bbfee5fe19b77-FRA
gen_204
pagead2.googlesyndication.com/pagead/ Frame 77E2 		0
22 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BdT-uFfdXZezsM_Dbx_APxcKSqA8AAAAAOAHgBAI&bg=!uLulu_TNAAZxrfrxUa07ADQBe5WfOAsVxcGwcW7Ymet6qXYPRDdXMZfcqysikviSHnIlJWkq7GCdOf0wAqiejzUXM_nPAgAAALBSAAAABGgBB5kDC0VfZx1WsMW8gat55-Yd6yJq3D-t6VaVlRKfLJcEXlQ6K6VzAqhroL3ivhci6DsjIf4MReB4Zsg_LeEV2U4LH-OWeozZ5dIfqIJrMsrM-NyDsQ-TqvWWam5FfpBgPG4nsst53QkYi52kIBetZc25igPG9qX8Azq1K65uNQ3y46TfcvDCrTTWMnpyGJVzkzPA27ejT7KqhXdB0KeGjipY-2IlyhjYmGhWGfNKc9aUQBNZ1o61ShEEoc9G-9u-VGP301sx9lqy3Sb_6Om5kLZ03snzQF2qnZULepWxLYma7BtLxqmOiA28PY0M-EzFr_wA5uAJdDwFvIZy0pOmPKDCSMAZitZZvZRCwTxcmK6gmxow6djTkfVXDZxpVcaRrV7L52BJqTrnoUNigmwjuJDeygVh_atRJD7VOs1xo4cFnC-nt845o99apwHdqD6zyhMk1ErqiZZUkHJoFRyFaJ7w_4kjqJszSWwhk4S76pkuEOcCnUA-e4jaqARqOUwF3kNpDnKmuF8OR__LzET0aXdUcLCtjNJcww-D4WViD97MRqy6CkQ7eRNFTXZnDR0b9bcLVFfsTEChicGzgp6j-CNV7NzqAas5VwN4_WlIjei7lf8R4z_LC6KfTca6nd0__araQYRoKgFF7qmndXoo331VtNGjuttViX7Z-EUg9F5dEqO0MumiD2pm0yQVnuYTwPf-KQrUebPh70t4vka9yF70avMDHUvIJzq-YWNeTmJAMmXl6hOvZb99l0uHRzdXBmO9-MjFhnS92NsHUM9ygJ9Ii898IkI5BdgPLXZ3cPOowJfW2SYpjfn0qQ1JNYphx-O_cNWo6c48RO4QFbkPqyR0JZvoEtxwHiH2tNAh1Sldjpfwbsm6OtsjeLdOSOBNiiGb9brj00nHHqmFVmLulDaLCOZzexNtBSeRI1-CTFUjE5RXs19y62ZZzO7ynjLx2l_BOl_m3jysKfnCjmbsCBoPl5x4rqcW-ZSOa5vd0RQhLiIF_md8iPXof0UlHkO_EtWlkysvvpdT8UW_ah5V
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/gan-da-jue-zhan-2-0ban-ben-xian-feng-ce-shi-zheng-shi-kai-qi.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 23:28:22 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
VideoBidRequestHandlerServlet
wf.taboola.com/ 		2 KB
825 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=6926735&noaop=3&sortOrderType=0&cb=1700263702943&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=2&pv=1573&pt=-87615671&tz=60&viewable=true&ddast=V8vJwCLAbUW0BpuoeoshOot4DSdA9RZS8AAABgYID-AEnObL6RYWNxi3YL31q0mM3WwplnspaZJiPPaLAbLWabISDBlW1hMbmGa5VptVmLBpvBWjlYWNyqjc23nM0cw9lgMwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZWaDodPte9Xvf73SU-z1zj9yv8OofdLXK4pa6XW3p02N2StWDisLslLrtb-HTY3TKX3efWuNyao9MtPbrsPrfm6HRrHU634mkXmt5mOwAAAAB4AJAW-wjhBxAAIAIAAACABAAAAAAKARX-LQhcAAAAAMAAsHC7qgHgmUMDOwxil8fosrxMp5c_AAA8FIAAABDAIAGAgH5YAiDGeO8EAAAAAAAAAACL_____xgD-JV9MggG1mt6ADz4AHggUiBahBEAAACAYee0wSOTdIKKRRUAAIJ0KwBXAAACFr87R07CAAAACIxZoIfF7zc77Bq_22UAAAAAAAAAAMz8n_lHI5TjSpEGaLzwQ80vIADAml9AAAA26gYA4I0AnKBD0IrBYHUCYnYAAAAA7vz____rAbGVbeYabUa-1Wi3m61cE49j5bHZVpPVaDkaOSfbg18qIW6DoS7cZ0NYZr_voKCcnh6zyyBjuUwG8UHDsJwMgvmZsMVoNZlslsPZcjEZDEfD0Wh_BHA5QBMxWC4nk8VktxqtRpvhbjQbLJBADCaIokWDyWo0miwmw9VospotF7vdBlG0ajUbbQbD1Wwy2-1Ww8FwORqhCVuMVpPJZjmcLReTwXA0HI2GCKZmM9dsNdqsZb7RZi2a2WxriXEyWissvt1iuXC5LMvhWvT6mD6uxW7jnGyRYADXXgQX6UTwMLsdppdb4vNs_BaxRHOySCeyy762ss1co83ItxrtdrOVa-JxrDw222qyGi1HI-dk35rNXLPVaLOW-UabtWhms60lxslorbD4dovlwuWyLIdr0etj-rgWu41zsm_sBoPJbDNbDveN3WAwmW1my-G-Q2f4rj5no7Ksknx8foc5aD7XnAaFy2DxvtSn87BgLKjPnqPTpp1eCzqj3-_3-_1-v9_v9xu0noPZoPA9D3_h9LE8l8PZ6EFsMChiieB0kU5EL-PpIpZInhbpRDRcWBaL0cI5WdicC9tmORzNRg6PyeYaDQeblWsilihNF-lEr_DrHHa3yOGWul5u6dFhd0vWgonD7pa47G7h02F3y1x2n1vjcmuOTrf06LL73Jqj0611ON2Kp11oepst6j96iOVqLhnM5orBaq7YLFYJAAAAAAAAAMASTDPdBAAAAMDJoIab4WK1XAAXQVm6gE0AAAAAAACKNfZYAzzMbofp5Zb4PBu_lQFIMOcx28wzglir1bIGAAAggA0AACCAm268CViJ5OwDwnrgQqkXfuRXEJvlZLN_ACrEWq2WzxdrtVoC_____wE!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=1&dtagid=3262075&dpubid=583815&abtst=adxsub-out_vA!adxsub-out_vB!ufm_vG&mPre=0.033&cirf=https%3A%2F%2Fwww.bg3.co&en=1&subu=3
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.5.7/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
456bc95a3265f859c7d2857f46596c29a18cb6c592c73734f1cc673bb45123a8

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
text/plain

Response headers

x-cache-hits
0
date
Fri, 17 Nov 2023 23:28:23 GMT
content-encoding
gzip
via
1.1 varnish
machineid
1453
x-cache
MISS
x-served-by
cache-fra-eddf8230122-FRA
pragma
no-cache
server
nginx
x-timer
S1700263703.957189,VS0,VE46
vary
Accept-Encoding
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
accept-ranges
bytes
expires
Sat, 26 Jul 1997 05:00:00 GMT
csi
csi.gstatic.com/ Frame A479 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~lp393x6e&c=4811963659438&slotId=2405981829719&eee=missing-element&bi=missing-id&vast_v=4.0&icc=1&icrh=0&icri=0&icrs=1&icru=0&icp=GoogleWhyThisAd&icdi=18x18&vmfc=3&vhc=0&wta=1&ytext_viu=0&ytext_hd=1&hghme=1&lima_p_ich=0&lima_p_icu=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2800:3f0:4001:82a::2003 São Paulo, Brazil, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 23:28:23 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f94611f7a8ded4e97166e42539e2559b0ed5b4454f6dc1a0f0ef29410e54c20c

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
csi
csi.gstatic.com/ Frame A479 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~lp393xk6&c=4811963659438&slotId=2405981829719&qqid=CKWSlvCXzIIDFcI6BgAdvxwE5g&gqid=FvdXZebYJpeEhcIPq6iTiAk&fb=ima_html5-lima&sdkv=h.3.605.0&ppt=vidvertoplayer&ppv=1.0.0&mrd=4&aab=1&itv=1&ghmsh_eids=44772139%2C44777649%2C44781409%2C44802074%2C44802463%2C44804291%2C44808026&met.4=ghmsh_s.lp393xk9~ghmsh_s.lp393xka&ghmsh_hd=1&ghmsh_mi=22%2C18%2C&ghmsh_vi=134%2C136%2C243%2C247%2C&ghmsh_ai=139%2C140%2C250%2C&ghmsh_gvt=0&ams=1&vs=1280x720&vc=avc1.64001F&mt=video%2Fmp4&vsrc=youtube&bit=22&cpn=pqU3DTAHoSKJDIhG
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2800:3f0:4001:82a::2003 São Paulo, Brazil, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 23:28:23 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
help_outline_white_24dp_with_3px_trbl_padding.png
imasdk.googleapis.com/formats/wta/ Frame A479 		453 B
478 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imasdk.googleapis.com/formats/wta/help_outline_white_24dp_with_3px_trbl_padding.png?wp=ca-video-pub-1290995901905588
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/gan-da-jue-zhan-2-0ban-ben-xian-feng-ce-shi-zheng-shi-kai-qi.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e519cc4b7b8fdc64a7aaafc1b808cde266a234205aac0d6c55589c12446d565e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 22:44:05 GMT
x-content-type-options
nosniff
age
2657
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
453
x-xss-protection
0
last-modified
Wed, 13 Oct 2021 14:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
image/png
cache-control
public, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 17 Nov 2023 23:34:05 GMT
APkrFKZIpOhEBpufzHk3Pip4thK8OdwgZlSwtvZqa04BFpA=s48-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame A479 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yt3.ggpht.com/ytc/APkrFKZIpOhEBpufzHk3Pip4thK8OdwgZlSwtvZqa04BFpA=s48-c-k-c0x00ffffff-no-rj
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/gan-da-jue-zhan-2-0ban-ben-xian-feng-ce-shi-zheng-shi-kai-qi.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
6fe1b5bd483c75cafe748e183c27438200d8d19f50fbc6498c57b51830add138
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 20:38:07 GMT
x-content-type-options
nosniff
age
10216
content-disposition
inline;filename="unnamed.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1351
x-xss-protection
0
server
fife
etag
"v4bdd6"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Sat, 18 Nov 2023 20:38:07 GMT
/
googleads.g.doubleclick.net/pagead/live/interaction/ Frame A479 		42 B
65 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/live/interaction/?ai=CSbhVFvdXZaWvKML1mLAPv7mQsA6vlaOidM-f9ouiEqyTxti0CRABIIDP1Hxg9ZXOgeAEoAHPmY3MAcgBBakCuIrAXBbKST7gAgCoAwGYBACqBM0DT9CypngpIiAzo3oqWstXBeeP4Ofw2BXhh-lugZmq2ax8g9pjXYLp52ush9pGKMlxxrqtQ-oWS9OT-SR77-u2hLL8asPMoWmioqq5S2ij0qgolPFEufB75bklcbGRbPSz2U1HEaw5gPTggOo-ypvTgL_HhpDFRyJdmcXqn4MyvrS8q4DzBo_GVL2zAh9HAMYLZkzR1op2X6h7zgChxhTgCcTw2SRaBjEBOIvVP61EFfO0WmFl2qYzPG12LX1JesFdcoMixjiK1xsqGJQTgP3QxAQNCYkJKpNOJmES2JUmMygCDIoUvKbwVGyHUoCAfL_0Th9Hxnluvug5pxcwDM-wAP9jTq5alMDO-pD6oWpp1TJrN2i-sUY6qmEBpyJ1PlbPr0weyUQJpktacoQlYMrlSbuKnrlOpMm_z2xStxGXejL-vjgf5KmVZLNzDHh9W7E_mV32ecJyFJDb-dN6Oq9yMEMkgwo1DsH8n2lJ8BQRH_30oVasJBjICqIkU9LcJNpb7E_5XiyUhnGnshUfT0o8szDXGgAvUBeBLMD9sjBDG0MNbovsd12pIVTB13NchDW3b96NB5RX9jvKQLM4M5q-FzjT0yKoikapQ59NO5fABNKG_r6yBOAEAYgFyfm9uE2gBlSAB5nm8rMCqAfZtrECqAeOzhuoB5PYG6gHnNwbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcBqAgB0ggUCIBhEAEYHTICigI6AoBASL39wTqxCe1X6RmtUVJCgAoDmAsByAsB0AsPogwQKg4KDOS0sQLutbECtbixApoNAQ-qDQJDSMgNAeINEwi2lZXwl8yCAxXCOgYAHb8cBObYEwLQFQGYFgH4FgGAFwE&sigh=HXYcJ_2Xoyw&label=show_ad
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/gan-da-jue-zhan-2-0ban-ben-xian-feng-ce-shi-zheng-shi-kai-qi.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ltt /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 23:28:23 GMT
x-content-type-options
nosniff
server
ltt
x-frame-options
SAMEORIGIN
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
pubads.g.doubleclick.net/gampad/live/ Frame A479 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubads.g.doubleclick.net/gampad/live/adview?ai=CB2OyFvdXZaWvKML1mLAPv7mQsA6vlaOidM-f9ouiEqyTxti0CRABIIDP1Hxg9ZXOgeAEoAHPmY3MAcgBBakCuIrAXBbKST7gAgCoAwGYBACqBMoDT9CypngpIiAzo3oqWstXBeeP4Ofw2BXhh-lugZmq2ax8g9pjXYLp52ush9pGKMlxxrqtQ-oWS9OT-SR77-u2hLL8asPMoWmioqq5S2ij0qgolPFEufB75bklcbGRbPSz2U1HEaw5gPTggOo-ypvTgL_HhpDFRyJdmcXqn4MyvrS8q4DzBo_GVL2zAh9HAMYLZkzR1op2X6h7zgChxhTgCcTw2SRaBjEBOIvVP61EFfO0WmFl2qYzPG12LX1JesFdcoMixjiK1xsqGJQTgP3QxAQNCYkJKpNOJmES2JUmMygCDIoUvKbwVGyHUoCAfL_0Th9Hxnluvug5pxcwDM-wAP9jTq5alMDO-pD6oWpp1TJrN2i-sUY6qmEBpyJ1PlbPr0weyUQJpktacoQlYMrlSbuKnrlOpMm_z2xStxGXejL-vjgf5KmVZLNzDHh9W7E_mV32ecJyFJDb-dN6Oq9yMEMkgwo1DsH8n2lJ8BQRH_30oVasJBjICqIkU9LcJNpb7E_5XiyUhnGnshUfT0o86zE9FS5d1QMT4XQpwK6XNsuwTDxREYMGNopG0VRWQTycd04dorbgaYnkbqvszy2pybUQ_Q6wRcdlMQHABNKG_r6yBOAEAYgFyfm9uE2SBRAIEhAFGA8wnZKziKGavYtboAZUgAeZ5vKzAqgH2baxAqgHjs4bqAeT2BuoB5zcG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwHyBwQQjNACqAgB0ggUCIBhEAEYHTICigI6AoBASL39wTqaCTdodHRwczovL3lvdXR1YmUuY29tL3dhdGNoP3Y9V3hiMDBoRU15UjAmYWJfY2hhbm5lbD1ORFRWgAoDyAsBogwQKg4KDOS0sQLutbECtbixAtoMEQoLENDvioeG5tH8gwESAgED4g0TCLaVlfCXzIIDFcI6BgAdvxwE5sITBhjPmY3MAdgTAtAVAZgWAYAXAbIXHgocCAASFHB1Yi01ODU1MTQ5OTk4OTAzOTc2GLuJdg&sigh=r7GtCSOjIPY&cmd=Ch1jYS12aWRlby1wdWItMTI5MDk5NTkwMTkwNTU4OBAAGAI&uach_m=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&ase=2&nis=4&cid=CAQSOwDICaaNX1IeyxRfD8kNm6Hap837uKxViGkT8KgmDG9MJYBsUi6V5-sZcoOtxtJaAss2er1ZnUvaX3dyGAE&vt=10
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/gan-da-jue-zhan-2-0ban-ben-xian-feng-ce-shi-zheng-shi-kai-qi.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
truncated
/ Frame 9206 		66 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b71c20271d9c80d1a71aa0ab9935281c4fa8ac404533f1a0747d7fb03fc68e79

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/webp
e5653024-f932-472b-b3cf-cde8bf356bca
https://s0.2mdn.net/ Frame 982F 		668 B
0 		Script
General
Check archive.org
Download Go to
Full URL
blob:https://s0.2mdn.net/e5653024-f932-472b-b3cf-cde8bf356bca
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/scripts/animated-creative.a3eb65849827099c4ed2.js
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cda3c421b62828768ee2741a35bef36bcfdb1199ee3eb987269f7d1ce2dd8876

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length
668
Content-Type
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202311090101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
78f2008d0e30ad67420881cefbb6a51423caf6bf3e06b8c42e24cb5ab4c66115
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 23:28:23 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12363
x-xss-protection
0
syncframe
gum.criteo.com/ Frame 3E68 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.bg3.co
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.135.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 17 Nov 2023 23:28:22 GMT
server
Kestrel
server-processing-duration-in-ticks
326062
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
csi
csi.gstatic.com/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&top=1&puid=1~lp393vzn&c=4811963659438&slotId=2405981829719&eee=missing-element&bi=missing-id&faa=1&fas=1
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2800:3f0:4001:82a::2003 São Paulo, Brazil, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 23:28:23 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame F8BC 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss74R0LEk8S6lG2RGP8D2FvljWmhDwApobOz3kFfvt6ZeoTFLsG3LFjtJhyEAZNeOvo96hwjHaf1idfcFc75aHohtrH_Q6vyOg-X-9p8fs6CrJZ99WJg91RufvzVYWqJL1aNvMLvXuYdA&sai=AMfl-YTbTCkR_EvOq3FxXzN8KlRoe6-0Rj2qDKwOmbptXBkSuiuo5uZ-B79FEmw7NpyjuBwN7HxEgYnetfSkyH7FDz9lsiEtks8Swp3vE3cepqPgbqs8CxDoCsJrnvs&sig=Cg0ArKJSzIeqTd8p76Y9EAE&cid=CAQSOwDICaaNenLNWjULoOSx9ZfWg57BNHcFaVU6RfXQUVw_cEdSNFn428AXA_X80h1ORO5JjaOTY9mcZmLxGAE&id=lidar2&mcvt=1067&p=1110,436,1200,1164&mtos=1067,1067,1067,1067,1067&tos=1067,0,0,0,0&v=20231116&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3374688892&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1700263701464&rpt=531&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://e69be1acc319b7940667230e1b27285a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 23:28:23 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
videoplayback
rr4---sn-1gi7znek.googlevideo.com/ 		6 MB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://rr4---sn-1gi7znek.googlevideo.com/videoplayback?expire=1700292502&ei=FvdXZbbeM4O-mLAPpr2FgAo&ip=2001:ac8:28:5e:2f7::1&id=5b16f4d2110cc91d&itag=22&source=youtube&requiressl=yes&xpc=Eghovf3BOnoBAQ==&mh=NM&mm=31&mn=sn-1gi7znek&ms=au&mv=m&mvi=4&pl=48&susc=gvp&acao=yes&ctier=L&mime=video/mp4&vprv=1&dur=641.311&lmt=1700135917962025&mt=1700263279&cpn=pqU3DTAHoSKJDIhG&txp=5318224&sparams=expire,ei,ip,id,itag,source,requiressl,xpc,susc,acao,ctier,mime,vprv,dur,lmt&sig=ANLwegAwRQIgX6CGuakqzmKkPyWMlfEkw7-elduf9BxwLmYvsRY055oCIQCh2qNVUatef9kBednISKlSgdjNvbw5XSuyrj4tPDbfLA==&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AM8Gb2swRQIhAJUy556Q7cuK780WTlKdEJlUSugfkj-MpmVF8k-FeuHBAiAsn6pAqqS6dM5Yf2OC4sfvmadvqaEpaWUhtxp8mruu8w==
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400a::9 Zurich, Switzerland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

Date
Fri, 17 Nov 2023 23:28:23 GMT
X-Content-Type-Options
nosniff
Last-Modified
Thu, 16 Nov 2023 11:58:37 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
video/mp4
Content-Range
bytes 0-106307956/106307957
Cache-Control
private, max-age=28499
Cross-Origin-Resource-Policy
cross-origin
Connection
close
Accept-Ranges
bytes
Alt-Svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length
106307957
Expires
Fri, 17 Nov 2023 23:28:23 GMT
font
c.bannerflow.net/fs/api/v2/ Frame 9206 		28 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://c.bannerflow.net/fs/api/v2/font?u=https%3A%2F%2Ffontmanagerstorage.blob.core.windows.net%2Ffontmanagerfonts%2F5a0d39df4b0d911948f0e725%2F80e96a5f-eddf-4121-a75c-0206e164272c.woff&t=%20%21%25.089ACDEFHIMSVZabcdefghiklmnorstuwxz%C3%B6%C3%BC
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2424957407877660672/CH-DE_interest_rate-1-DECH-728x90-638330445206768758-a8731108-9fa3-40c3-89dc-1ceef44a5f3f.html?ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:c96e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
98e8c7d3073323999fe53c569dfafda5e3692fea3052b74f7c99a3113e9511ab

Request headers

Referer
https://s0.2mdn.net/
Origin
https://s0.2mdn.net
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 23:28:23 GMT
cf-cache-status
HIT
last-modified
Sun, 12 Nov 2023 05:48:19 GMT
server
cloudflare
age
495604
vary
Accept-Encoding
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=31536000, stale-if-error=86400, stale-while-revalidate=86400
content-disposition
attachment; filename=80e96a5f-eddf-4121-a75c-0206e164272c-subset.woff
cf-ray
827bbff0e80d3829-FRA
expires
Mon, 11 Nov 2024 05:48:19 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 23:28:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 17 Nov 2023 23:28:23 GMT
sid
mug.criteo.com/ Frame 3E68
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=bg3.co&sn=ChromeSyncframe&so=0&topUrl=www.bg3.co&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=7Pyi2Xw3WkJ5ME9HUDBvYllHRk55RFpQU1dMVmRlVWdiUkp1d3FGQVVlcllJRHRTUTZYdVZGSkFQY0sxZzZwZWM3WXRoV2w3RmVxVEk3VmIzSlZrWVhJYmNwRWhTVlhTL2dua204OHQ5RVBncVlXemRzUUlVeHVEQW9Hbn...
443 B
655 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=7Pyi2Xw3WkJ5ME9HUDBvYllHRk55RFpQU1dMVmRlVWdiUkp1d3FGQVVlcllJRHRTUTZYdVZGSkFQY0sxZzZwZWM3WXRoV2w3RmVxVEk3VmIzSlZrWVhJYmNwRWhTVlhTL2dua204OHQ5RVBncVlXemRzUUlVeHVEQW9HbnNxMFRqNWwvZmtYUjZ2VVhsMmJ6cFFjQ2kvbWNSM3o5d1dZL0FBT1FLbUpUMWxVaVV0QTZDRzZSeThCMDJNU3kxR3c5bTlGZ2VmRzJjZ1ptOXRPRFlxaFFsK2c2WGlZTUNGWFIxekpOYlR4RjFvanRnQ3EyRkZRYk0vUnJGRGFFaGYyTXJCZm9KcS9MT1VaNXBURjRFdFJmcUZwckpnZz09fA&cppv=2
Protocol
H2
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
b1614c6b4dbe59afe8f9f517b05f66426492ca6cf75e8fa416774aa1fae83d35
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 23:28:22 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2102120
expires
0

Redirect headers

pragma
no-cache
date
Fri, 17 Nov 2023 23:28:23 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=7Pyi2Xw3WkJ5ME9HUDBvYllHRk55RFpQU1dMVmRlVWdiUkp1d3FGQVVlcllJRHRTUTZYdVZGSkFQY0sxZzZwZWM3WXRoV2w3RmVxVEk3VmIzSlZrWVhJYmNwRWhTVlhTL2dua204OHQ5RVBncVlXemRzUUlVeHVEQW9HbnNxMFRqNWwvZmtYUjZ2VVhsMmJ6cFFjQ2kvbWNSM3o5d1dZL0FBT1FLbUpUMWxVaVV0QTZDRzZSeThCMDJNU3kxR3c5bTlGZ2VmRzJjZ1ptOXRPRFlxaFFsK2c2WGlZTUNGWFIxekpOYlR4RjFvanRnQ3EyRkZRYk0vUnJGRGFFaGYyTXJCZm9KcS9MT1VaNXBURjRFdFJmcUZwckpnZz09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
252273
content-length
0
expires
0
sodar
pagead2.googlesyndication.com/pagead/ Frame D9DB 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202311090101&jk=3634275245084312&bg=!r6ylrOPNAAZxrfrxUa07ADQBe5WfOF9JQMn0RpomA9g_5wlUpkWn-NBaqFLGpwqDw1FHHBCEfTLCCVhxHtPNTX1t0oyFAgAAApJSAAAAA2gBB5kCyBIgXp9Ag3fqgfNSZoFIsNC0Tkvk4HSsEUc1wVHyPqqnmDZ_JJ02cx-qsDvpj8rN5jKzUWfjrt7ewDcCge-gU5qrSwdyWXUayuTZlVJGauWSSb0DVf2gxH8-AWJ0AgLAOkZOOhuOSCOYi4gREZu7zBJPVAaJmEmzgixUQ1Ihnrscw8gjDqti3K_zJ6dvtGwnujvp2iEZ7dzr1p2VULZGaC_q9C_x2n32IddhhDjNS6rrqxkZeSKwzY0eRlB7O3plw2IODVZmQzEWD8LCVuQCTE7M8IE7VdAOJW7Y13Ks2M859_ZaTCAuWo0inUjooPdRlnHN1AZ9mT3Ol_KhlZmWzq9FDJhx1rqOIHBEGgkcsfdyzBOnvGDuxU95hNWPpAt_j9mDn_1RwgvGUd7h6kra2cRMGe1IKFOouEw4zBsZsMHElMmuPpP7gPnGKgJBpNuFae0DI7Wnlw0BSyjzEFFGu9ZJtscbA5T9mQzVYegRk-DTKH8ZIGTyoraqof9Ii3B9f_AYNDug94Kyv94u-EKIId8BXW2pQCSorArG8VmY1enKJEZn31OtAnpFkjMHtZNpUhGo3rQveIfu6Pi2QD630voLOH_ZNT0FwgZoa_ZLbLD1FmejVE28pgthQ6CORQL3QoV0DEf6bkCjebC6B0W1v3bmKbS2UCS1VM6A_lPaN2B0_xBw9p-1CW2AxnyIjfslPw93kXTw_ubz1EgfoDBN1fV_8F8EI3oNE7WBQD5WuDq851rIbyb-1dtbpWrwB_YpTqjB2ECUvMLIirONN6pvejpygV88GmMqr5AVQhToFTzb7ySTgbV6-jls8kPgokHmf70lYLFUzDviL27Oos2-Y6ZaqHeujJcFsCohWUni8nNzHkS4Aq-VN6WAuwrNizi8dP1pygyoJ3LPJdWqf7Sm23rTAT3KlI_lyZIWO_61ZgnFc7ddY2Av60Q
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 0111 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
3550
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 17 Nov 2023 22:29:13 GMT
expires
Sat, 16 Nov 2024 22:29:13 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame BB88 		829 B
559 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
5bd8235d6430a736f712a6af5757906fe3b11aad0e565d914b4c25ad8204b0a0
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-ZSefmINkoWjM1PxX2_ljag' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-ZSefmINkoWjM1PxX2_ljag' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 17 Nov 2023 23:28:23 GMT
expires
Fri, 17 Nov 2023 23:28:23 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
pagead2.googlesyndication.com/bg/ Frame 0111 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 09:24:52 GMT
content-encoding
br
x-content-type-options
nosniff
age
50611
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15296
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 16:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 16 Nov 2024 09:24:52 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame BB88 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202311090101&jk=2268578495133496&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
9385cbed-00ad-4793-94f1-014c2e89e9b8.svg
c.bannerflow.net/accounts/saxo-bank/5a0d3b1088665f7354f5da6c/images/ Frame B374 		217 B
471 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bannerflow.net/accounts/saxo-bank/5a0d3b1088665f7354f5da6c/images/9385cbed-00ad-4793-94f1-014c2e89e9b8.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:c96e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
58550bfbd57abaa8f64bf8a14889e10a3726eaea36bf0c08a9f613fc29916c17

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 17 Nov 2023 23:28:23 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
jWK2YKDGtOC5ylmcMWhtkw==
age
6073
x-ms-lease-status
unlocked
last-modified
Thu, 22 Sep 2022 09:21:09 GMT
server
cloudflare
etag
W/"0x8DA9C7BC8F9699C"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
b985c3b5-201e-0007-79ab-12b9b0000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
x-ms-version
2011-08-18
cf-ray
827bbff159fb9b77-FRA
064f98af-9ba7-4244-940f-43207ce3a2fb.svg
c.bannerflow.net/accounts/saxo-bank/5a0d3b1088665f7354f5da6c/images/ Frame B374 		272 B
325 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bannerflow.net/accounts/saxo-bank/5a0d3b1088665f7354f5da6c/images/064f98af-9ba7-4244-940f-43207ce3a2fb.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:c96e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e93769d2227f72b6ff0536b3f5ecfe10874f386201eade7c6753fb2ad5cd1041

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 17 Nov 2023 23:28:23 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
C50rliIMDPE8SiFZGvsxQQ==
age
696
x-ms-lease-status
unlocked
last-modified
Wed, 14 Dec 2022 14:52:58 GMT
server
cloudflare
etag
W/"0x8DADDE2E4532F74"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
0ed997b7-701e-0057-073b-157be0000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
x-ms-version
2011-08-18
cf-ray
827bbff159fc9b77-FRA
d6a4e0be-dff8-41be-ba0e-a1e6185b7d2e.svg
c.bannerflow.net/accounts/saxo-bank/5a0d3b1088665f7354f5da6c/images/ Frame B374 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bannerflow.net/accounts/saxo-bank/5a0d3b1088665f7354f5da6c/images/d6a4e0be-dff8-41be-ba0e-a1e6185b7d2e.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:c96e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
55cf3f05f0e211dd54b171882d3ec539b9e4ceb35757e6d24b453d34de6647d6

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 17 Nov 2023 23:28:23 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
o8BlfxpL6pDvDJmSY4p8ew==
age
3097
x-ms-lease-status
unlocked
last-modified
Wed, 05 Oct 2022 10:56:08 GMT
server
cloudflare
etag
W/"0x8DAA6C03538AA86"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
6be6b51a-001e-002f-73ae-16d818000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
x-ms-version
2011-08-18
cf-ray
827bbff159fd9b77-FRA
c2f6d710-3a0d-40d3-a375-4220db4191bd.svg
c.bannerflow.net/accounts/saxo-bank/5a0d3b1088665f7354f5da6c/images/ Frame B374 		151 B
282 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bannerflow.net/accounts/saxo-bank/5a0d3b1088665f7354f5da6c/images/c2f6d710-3a0d-40d3-a375-4220db4191bd.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:c96e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
42f3bf00b98db3a1546c6738ebebcc11ce41bffa2e1f24c022c2f9392938d597

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 17 Nov 2023 23:28:23 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
w+egTtB742SWTpq1qkS5Mw==
age
1721
x-ms-lease-status
unlocked
last-modified
Tue, 13 Dec 2022 11:43:57 GMT
server
cloudflare
etag
W/"0x8DADCFF51C6E2BD"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
93532f44-a01e-006b-29e5-155227000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
x-ms-version
2011-08-18
cf-ray
827bbff15a039b77-FRA
lottie.min.js
shared.bannerflow.com/libs/lottie/ Frame 3BAD 		245 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://shared.bannerflow.com/libs/lottie/lottie.min.js
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/scripts/widget.73803a8d9d4f3ba312b4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:507e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
67a3b833bb6acc2b54e00118653dfe9a87b1caa15d7b9bd93646bf81c6a2c5ad

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 17 Nov 2023 23:28:23 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
3jN+4HvsftV/jNd4P/RFbA==
age
461
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Tue, 03 Dec 2019 09:22:06 GMT
server
cloudflare
etag
W/"0x8D777D243C9FCFD"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
277b6c06-a01e-0055-567a-0c0289000000
x-ms-version
2014-02-14
cf-ray
827bbff2cbad65d0-FRA
gen_204
pagead2.googlesyndication.com/pagead/ Frame F8BC 		0
22 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=671176202785&version=m202309260101&ct=76&x=1&cor=4735922097654297000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://e69be1acc319b7940667230e1b27285a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 23:28:23 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame AC3D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231109&jk=223067076498789&bg=!enmleTbNAAZxrfrxUa07ADQBe5WfOLsCHuQ-Upr-kVej5WxQXPyG1G2c0IYoNQGFDkgwk7M1GZuyecXJBJXz1AH4RraUAgAAAIBSAAAAA2gBB5kCzAINWi04o9oYB2qOOQNrm7L1aGTAslsqJyR5_9zTnwjVFDvbVory_tDOVb6YcihStYOH6QHNdTQt3qCuinHMUOlJKwebEPoV54xuN45DJAc--6-o7J06tft8n3E5KgHpEwcf83GoP78H8x72pdV-J4tNRNY1uQBvCN7H_3NNl-PzpAc2MdbfyhXPwBoe-nu04X6ukiacMVnzT0ueLw4oiEqenRCxR6BLqaszTyXUBEF-WDA_CsmN2jTXUjs2ntd0YhDuy2ds6A2ML4kwW4y-mD5UrWQcVZbnNuqBHDcY0FTpYAk9ukZB5b0mUjD5_oZ9LU670e1pASXdW4T8ysH4PU17Z08KbJuRMOk7AQ6Vln0cPrj49Hrp2QHVX7cA_0DunrviueE3VJWAqsd8YFaOxB4m1w76uvWwfZlNOuAOpM8YrpY51WPtjkJ6gtYjhg3Z74w8M1qsf1Du9tf1O4o4t64WTWnS7owa0YjuIf0Oz5COfXcib2eRIJmWEtI1pDnHZvvVvbqU24JHmkT5NFoRuOezHgqdOJqBaPno6-hlxdXvem6PaqKPU_c1J20Y-xL4fVK3lOjyjZt_TKkmZkN_paBVnVhgzC1ZPQESIDqJMWy_QlW4xC0lb4siOtKkZWmU5nUSyrPUYYKZahNAMKAxtcOe9NcDCXQ7Bj3TXhFrBT9M2flk9F9UUSlWJOAGotdxHEwhGaHzkTPv0_4oqa1WjiVIqIaNznCc-FqNjt83fZLmlqVhang0zT2hgSKPH4cyb0d1lPALCMpiwcdOUNY5ZFyxBWs1OLAID1KAE-5TqpnGMW_uWunxI1BzoJD5rnAcFToCuI_T5dA9N5DeSoCZcYT3fEClRtjEfy3ufAmSGXfB9-OOMoz0-vpMFoRgL1Gl7silHqON50CM4WhUsjwdLH_dMLINCv63vRYzxT0dlUCL2lSIIxwhnXpasFJ3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
/
onetag-sys.com/usync/ Frame 6814 		2 KB
863 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1700263700273
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/js/achernar/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
/
rtb-csync.smartadserver.com/redir/
Redirect Chain
  • https://sync.1rx.io/usersync2/smartadserver?gdpr=0&gdpr_consent=
  • https://sync.1rx.io/usersync2/smartadserver?zcc=1&cb=1700263703447
  • https://ad.turn.com/r/cs?pid=45&rndcb=1611320593
  • https://sync.1rx.io/usersync/turn/2929884510537599797?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-606259ae-6f51-4f37-813b-009fea21eac2-003?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fpartnerid%3D113%26partneruserid%3DRX-606259ae-6...
  • https://rtb-csync.smartadserver.com/redir/?partnerid=113&partneruserid=RX-606259ae-6f51-4f37-813b-009fea21eac2-003
43 B
388 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=113&partneruserid=RX-606259ae-6f51-4f37-813b-009fea21eac2-003
Protocol
H2
Server
185.86.139.94 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 17 Nov 2023 23:28:23 GMT
cache-control
no-cache,no-store
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

location
https://rtb-csync.smartadserver.com/redir/?partnerid=113&partneruserid=RX-606259ae-6f51-4f37-813b-009fea21eac2-003
date
Fri, 17 Nov 2023 23:28:23 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX606259ae6f514f37813b009fea21eac2003
content-type
text/html
/
rtb-csync.smartadserver.com/redir/
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=5&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?partnerid=49&partneruserid=7302576998970161295&gdpr=0&gdpr_consent=
43 B
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=49&partneruserid=7302576998970161295&gdpr=0&gdpr_consent=
Protocol
H2
Server
185.86.139.94 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 17 Nov 2023 23:28:22 GMT
cache-control
no-cache,no-store
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

Location
https://rtb-csync.smartadserver.com/redir/?partnerid=49&partneruserid=7302576998970161295&gdpr=0&gdpr_consent=
Date
Fri, 17 Nov 2023 23:28:23 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
/
rtb-csync.smartadserver.com/redir/
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D86%26partneruserid%3D$UID&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=86&partneruserid=2555110911558640958&gdpr=0&gdpr_consent=
43 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=86&partneruserid=2555110911558640958&gdpr=0&gdpr_consent=
Protocol
H2
Server
185.86.139.94 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 17 Nov 2023 23:28:23 GMT
cache-control
no-cache,no-store
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma
no-cache
date
Fri, 17 Nov 2023 23:28:23 GMT
an-x-request-uuid
dda63a6a-4911-40e5-9fd4-bdfcf6300b14
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=86&partneruserid=2555110911558640958&gdpr=0&gdpr_consent=
x-proxy-origin
195.206.105.131; 195.206.105.131; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
9.gif
id5-sync.com/i/102/ 		43 B
921 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/i/102/9.gif?gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.33.120 , Germany, ASN16276 (OVH, FR),
Reverse DNS
ns3203256.ip-141-95-33.eu
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif;charset=UTF-8
date
Fri, 17 Nov 2023 23:28:22 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p
CP="CAO PSA OUR"
pixel
cm.g.doubleclick.net/
Redirect Chain
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=134&partneruserid=OB_OK&redirurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsmart_adserver_eb%26google_hm%3DSMART_USER_ID_...
  • https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_hm=MTY2MzMzNjk2OTA2OTAzNTU0NA==&gdpr=0&gdpr_consent=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_hm=MTY2MzMzNjk2OTA2OTAzNTU0NA==&gdpr=0&gdpr_consent=
Protocol
H3
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s10-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 23:28:23 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_hm=MTY2MzMzNjk2OTA2OTAzNTU0NA==&gdpr=0&gdpr_consent=
pragma
no-cache
date
Fri, 17 Nov 2023 23:28:23 GMT
cache-control
no-cache,no-store
content-length
0
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
/
googleads.g.doubleclick.net/pagead/live/interaction/ Frame A479 		42 B
65 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/live/interaction/?ai=CSbhVFvdXZaWvKML1mLAPv7mQsA6vlaOidM-f9ouiEqyTxti0CRABIIDP1Hxg9ZXOgeAEoAHPmY3MAcgBBakCuIrAXBbKST7gAgCoAwGYBACqBM0DT9CypngpIiAzo3oqWstXBeeP4Ofw2BXhh-lugZmq2ax8g9pjXYLp52ush9pGKMlxxrqtQ-oWS9OT-SR77-u2hLL8asPMoWmioqq5S2ij0qgolPFEufB75bklcbGRbPSz2U1HEaw5gPTggOo-ypvTgL_HhpDFRyJdmcXqn4MyvrS8q4DzBo_GVL2zAh9HAMYLZkzR1op2X6h7zgChxhTgCcTw2SRaBjEBOIvVP61EFfO0WmFl2qYzPG12LX1JesFdcoMixjiK1xsqGJQTgP3QxAQNCYkJKpNOJmES2JUmMygCDIoUvKbwVGyHUoCAfL_0Th9Hxnluvug5pxcwDM-wAP9jTq5alMDO-pD6oWpp1TJrN2i-sUY6qmEBpyJ1PlbPr0weyUQJpktacoQlYMrlSbuKnrlOpMm_z2xStxGXejL-vjgf5KmVZLNzDHh9W7E_mV32ecJyFJDb-dN6Oq9yMEMkgwo1DsH8n2lJ8BQRH_30oVasJBjICqIkU9LcJNpb7E_5XiyUhnGnshUfT0o8szDXGgAvUBeBLMD9sjBDG0MNbovsd12pIVTB13NchDW3b96NB5RX9jvKQLM4M5q-FzjT0yKoikapQ59NO5fABNKG_r6yBOAEAYgFyfm9uE2gBlSAB5nm8rMCqAfZtrECqAeOzhuoB5PYG6gHnNwbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcBqAgB0ggUCIBhEAEYHTICigI6AoBASL39wTqxCe1X6RmtUVJCgAoDmAsByAsB0AsPogwQKg4KDOS0sQLutbECtbixApoNAQ-qDQJDSMgNAeINEwi2lZXwl8yCAxXCOgYAHb8cBObYEwLQFQGYFgH4FgGAFwE&sigh=HXYcJ_2Xoyw&label=video_ad_loaded
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ltt /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 23:28:23 GMT
x-content-type-options
nosniff
server
ltt
x-frame-options
SAMEORIGIN
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
generate_204
tpc.googlesyndication.com/ Frame 0111 		0
11 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?iC7ilw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 23:28:23 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
adview
pubads.g.doubleclick.net/gampad/live/ Frame A479 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/live/adview?ai=CB2OyFvdXZaWvKML1mLAPv7mQsA6vlaOidM-f9ouiEqyTxti0CRABIIDP1Hxg9ZXOgeAEoAHPmY3MAcgBBakCuIrAXBbKST7gAgCoAwGYBACqBMoDT9CypngpIiAzo3oqWstXBeeP4Ofw2BXhh-lugZmq2ax8g9pjXYLp52ush9pGKMlxxrqtQ-oWS9OT-SR77-u2hLL8asPMoWmioqq5S2ij0qgolPFEufB75bklcbGRbPSz2U1HEaw5gPTggOo-ypvTgL_HhpDFRyJdmcXqn4MyvrS8q4DzBo_GVL2zAh9HAMYLZkzR1op2X6h7zgChxhTgCcTw2SRaBjEBOIvVP61EFfO0WmFl2qYzPG12LX1JesFdcoMixjiK1xsqGJQTgP3QxAQNCYkJKpNOJmES2JUmMygCDIoUvKbwVGyHUoCAfL_0Th9Hxnluvug5pxcwDM-wAP9jTq5alMDO-pD6oWpp1TJrN2i-sUY6qmEBpyJ1PlbPr0weyUQJpktacoQlYMrlSbuKnrlOpMm_z2xStxGXejL-vjgf5KmVZLNzDHh9W7E_mV32ecJyFJDb-dN6Oq9yMEMkgwo1DsH8n2lJ8BQRH_30oVasJBjICqIkU9LcJNpb7E_5XiyUhnGnshUfT0o86zE9FS5d1QMT4XQpwK6XNsuwTDxREYMGNopG0VRWQTycd04dorbgaYnkbqvszy2pybUQ_Q6wRcdlMQHABNKG_r6yBOAEAYgFyfm9uE2SBRAIEhAFGA8wnZKziKGavYtboAZUgAeZ5vKzAqgH2baxAqgHjs4bqAeT2BuoB5zcG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwHyBwQQjNACqAgB0ggUCIBhEAEYHTICigI6AoBASL39wTqaCTdodHRwczovL3lvdXR1YmUuY29tL3dhdGNoP3Y9V3hiMDBoRU15UjAmYWJfY2hhbm5lbD1ORFRWgAoDyAsBogwQKg4KDOS0sQLutbECtbixAtoMEQoLENDvioeG5tH8gwESAgED4g0TCLaVlfCXzIIDFcI6BgAdvxwE5sITBhjPmY3MAdgTAtAVAZgWAYAXAbIXHgocCAASFHB1Yi01ODU1MTQ5OTk4OTAzOTc2GLuJdg&sigh=r7GtCSOjIPY&cmd=Ch1jYS12aWRlby1wdWItMTI5MDk5NTkwMTkwNTU4OBAAGAI&uach_m=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&ase=2&nis=4&cid=CAQSOwDICaaNX1IeyxRfD8kNm6Hap837uKxViGkT8KgmDG9MJYBsUi6V5-sZcoOtxtJaAss2er1ZnUvaX3dyGAE
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
Oy6hyfNY.js
tpc.googlesyndication.com/sodar/ Frame A479 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Oy6hyfNY.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3b2ea1c9f3587781b58285cf64279e67f6329a3924fb93f81529f1826e2f4d16
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 13 Nov 2023 04:33:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
413708
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15406
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 12 Nov 2024 04:33:15 GMT
/
googleads.g.doubleclick.net/pagead/live/interaction/ Frame A479 		42 B
65 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/live/interaction/?ai=CuYnbFvdXZaWvKML1mLAPv7mQsA6vlaOidM-f9ouiEqyTxti0CRABIIDP1Hxg9ZXOgeAEoAHPmY3MAcgBBakCuIrAXBbKST7gAgCoAwGYBACqBMoDT9CypngpIiAzo3oqWstXBeeP4Ofw2BXhh-lugZmq2ax8g9pjXYLp52ush9pGKMlxxrqtQ-oWS9OT-SR77-u2hLL8asPMoWmioqq5S2ij0qgolPFEufB75bklcbGRbPSz2U1HEaw5gPTggOo-ypvTgL_HhpDFRyJdmcXqn4MyvrS8q4DzBo_GVL2zAh9HAMYLZkzR1op2X6h7zgChxhTgCcTw2SRaBjEBOIvVP61EFfO0WmFl2qYzPG12LX1JesFdcoMixjiK1xsqGJQTgP3QxAQNCYkJKpNOJmES2JUmMygCDIoUvKbwVGyHUoCAfL_0Th9Hxnluvug5pxcwDM-wAP9jTq5alMDO-pD6oWpp1TJrN2i-sUY6qmEBpyJ1PlbPr0weyUQJpktacoQlYMrlSbuKnrlOpMm_z2xStxGXejL-vjgf5KmVZLNzDHh9W7E_mV32ecJyFJDb-dN6Oq9yMEMkgwo1DsH8n2lJ8BQRH_30oVasJBjICqIkU9LcJNpb7E_5XiyUhnGnshUfT0o86zE9FS5d1QMT4XQpwK6XNsuwTDxREYMGNopG0VRWQTycd04dorbgaYnkbqvszy2pybUQ_Q6wRcdlMQHABNKG_r6yBOAEAYgFyfm9uE2gBlSAB5nm8rMCqAfZtrECqAeOzhuoB5PYG6gHnNwbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcBqAgB0ggUCIBhEAEYHTICigI6AoBASL39wTqACgPICwGiDBAqDgoM5LSxAu61sQK1uLECqg0CQ0jiDRMItpWV8JfMggMVwjoGAB2_HATm2BMC0BUBmBYB-BYBgBcB&sigh=64IbZrFhrhQ&cmd=Ch1jYS12aWRlby1wdWItMTI5MDk5NTkwMTkwNTU4OBAAGAI&label=vast_creativeview&ad_mt=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ltt /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 23:28:23 GMT
x-content-type-options
nosniff
server
ltt
x-frame-options
SAMEORIGIN
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/live/interaction/ Frame A479 		42 B
65 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/live/interaction/?ai=CuYnbFvdXZaWvKML1mLAPv7mQsA6vlaOidM-f9ouiEqyTxti0CRABIIDP1Hxg9ZXOgeAEoAHPmY3MAcgBBakCuIrAXBbKST7gAgCoAwGYBACqBMoDT9CypngpIiAzo3oqWstXBeeP4Ofw2BXhh-lugZmq2ax8g9pjXYLp52ush9pGKMlxxrqtQ-oWS9OT-SR77-u2hLL8asPMoWmioqq5S2ij0qgolPFEufB75bklcbGRbPSz2U1HEaw5gPTggOo-ypvTgL_HhpDFRyJdmcXqn4MyvrS8q4DzBo_GVL2zAh9HAMYLZkzR1op2X6h7zgChxhTgCcTw2SRaBjEBOIvVP61EFfO0WmFl2qYzPG12LX1JesFdcoMixjiK1xsqGJQTgP3QxAQNCYkJKpNOJmES2JUmMygCDIoUvKbwVGyHUoCAfL_0Th9Hxnluvug5pxcwDM-wAP9jTq5alMDO-pD6oWpp1TJrN2i-sUY6qmEBpyJ1PlbPr0weyUQJpktacoQlYMrlSbuKnrlOpMm_z2xStxGXejL-vjgf5KmVZLNzDHh9W7E_mV32ecJyFJDb-dN6Oq9yMEMkgwo1DsH8n2lJ8BQRH_30oVasJBjICqIkU9LcJNpb7E_5XiyUhnGnshUfT0o86zE9FS5d1QMT4XQpwK6XNsuwTDxREYMGNopG0VRWQTycd04dorbgaYnkbqvszy2pybUQ_Q6wRcdlMQHABNKG_r6yBOAEAYgFyfm9uE2gBlSAB5nm8rMCqAfZtrECqAeOzhuoB5PYG6gHnNwbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcBqAgB0ggUCIBhEAEYHTICigI6AoBASL39wTqACgPICwGiDBAqDgoM5LSxAu61sQK1uLECqg0CQ0jiDRMItpWV8JfMggMVwjoGAB2_HATm2BMC0BUBmBYB-BYBgBcB&sigh=64IbZrFhrhQ&cmd=Ch1jYS12aWRlby1wdWItMTI5MDk5NTkwMTkwNTU4OBAAGAI&label=part2viewed&ad_mt=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ltt /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 23:28:23 GMT
x-content-type-options
nosniff
server
ltt
x-frame-options
SAMEORIGIN
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
playback
www.youtube.com/api/stats/ Frame A479 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.youtube.com/api/stats/playback?cmt=0&rt=0&rtn=10&delay=30&adformat=2_2_1&c=vast_gvp_ads&el=adunit&len=641&ns=yt&ver=2&vtype=gvp&cplatform=desktop&cpn=pqU3DTAHoSKJDIhG&docid=Wxb00hEMyR0&visitordata=CgtYdlcwWktVaDRVUQ%3D%3D&of=2e-IUYojme_tHuiri3VlyA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
/
googleads.g.doubleclick.net/pagead/live/interaction/ Frame A479 		42 B
65 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/live/interaction/?ai=CuYnbFvdXZaWvKML1mLAPv7mQsA6vlaOidM-f9ouiEqyTxti0CRABIIDP1Hxg9ZXOgeAEoAHPmY3MAcgBBakCuIrAXBbKST7gAgCoAwGYBACqBMoDT9CypngpIiAzo3oqWstXBeeP4Ofw2BXhh-lugZmq2ax8g9pjXYLp52ush9pGKMlxxrqtQ-oWS9OT-SR77-u2hLL8asPMoWmioqq5S2ij0qgolPFEufB75bklcbGRbPSz2U1HEaw5gPTggOo-ypvTgL_HhpDFRyJdmcXqn4MyvrS8q4DzBo_GVL2zAh9HAMYLZkzR1op2X6h7zgChxhTgCcTw2SRaBjEBOIvVP61EFfO0WmFl2qYzPG12LX1JesFdcoMixjiK1xsqGJQTgP3QxAQNCYkJKpNOJmES2JUmMygCDIoUvKbwVGyHUoCAfL_0Th9Hxnluvug5pxcwDM-wAP9jTq5alMDO-pD6oWpp1TJrN2i-sUY6qmEBpyJ1PlbPr0weyUQJpktacoQlYMrlSbuKnrlOpMm_z2xStxGXejL-vjgf5KmVZLNzDHh9W7E_mV32ecJyFJDb-dN6Oq9yMEMkgwo1DsH8n2lJ8BQRH_30oVasJBjICqIkU9LcJNpb7E_5XiyUhnGnshUfT0o86zE9FS5d1QMT4XQpwK6XNsuwTDxREYMGNopG0VRWQTycd04dorbgaYnkbqvszy2pybUQ_Q6wRcdlMQHABNKG_r6yBOAEAYgFyfm9uE2gBlSAB5nm8rMCqAfZtrECqAeOzhuoB5PYG6gHnNwbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcBqAgB0ggUCIBhEAEYHTICigI6AoBASL39wTqACgPICwGiDBAqDgoM5LSxAu61sQK1uLECqg0CQ0jiDRMItpWV8JfMggMVwjoGAB2_HATm2BMC0BUBmBYB-BYBgBcB&sigh=64IbZrFhrhQ&cmd=Ch1jYS12aWRlby1wdWItMTI5MDk5NTkwMTkwNTU4OBAAGAI&label=admute&ad_mt=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ltt /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 23:28:23 GMT
x-content-type-options
nosniff
server
ltt
x-frame-options
SAMEORIGIN
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ 		427 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b7d818c698d26d9d34c00c94853c93b34abb2fd53e97c415fafb9e84df993f31

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		415 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9c51b3bb0c5188de2571ed94d9432b85693241de3e05e5e82247dd8a45d4d03f

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		414 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8d5d4d2769bdb28802f4309747ef6a358007eeb37daadc66a78ba0ca81cd4bce

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
activeview
pagead2.googlesyndication.com/pcs/ Frame AA7E 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv6Tl3qOzUGREo4i4vKDj1KaehK6gWmWMGGahW4DAE1eaYaP_b8lEDGdJhX_sdtxpXBmlpbXqWpNy8a53BRZn5GIwIGWhBGmml5bOb6O83QKfOxuoU7rqo4VhufmVm-&sai=AMfl-YRmsVfymdSthvhrY7SIxtG9w01i1Ylbb6Wv2iRC59K9e64FbVNgr18XCM7_sDi5mxGisZVWWZUYiDIPm9Nj20Nb_0uLn93SegbQIv7ekWOIZl1X7rmqSaztvKI&sig=Cg0ArKJSzFqznX0dlRzmEAE&cid=CAQSOwDICaaNonCv42U-V00sIxS6ShBUvzNkB12a227OL6ZaMDUVKNa-ovkijV3RNzk-BLoQTtbI6QvbZ5_UGAE&id=lidar2&mcvt=1036&p=60,450,135,750&mtos=1036,1036,1036,1036,1036&tos=1036,0,0,0,0&v=20231116&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=2102018513&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1700263700973&rpt=1343&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://e69be1acc319b7940667230e1b27285a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 23:28:23 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.bg3.co%2F&domain=www.bg3.co&cw=1&pbt=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.bg3.co
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Fri, 17 Nov 2023 23:28:23 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
205176
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
json
gum.criteo.com/sid/ 		2 B
368 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.bg3.co%2F&domain=www.bg3.co&cw=1&pbt=1&lsw=1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 23:28:23 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
222076
expires
0
rid
match.adsrvr.org/track/ 		63 B
418 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
58f9e59e59ed4539797a90553c00867b8ff0a1f2ddb9b3cef8c5420f45201d06

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 17 Nov 2023 23:28:23 GMT
content-encoding
gzip
server
Kestrel
vary
Origin, Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
expires
Sun, 17 Dec 2023 23:28:23 GMT
/
onetag-sys.com/usync/ Frame 60F0 		2 KB
863 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1700263700202
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
usync.html
eus.rubiconproject.com/ Frame 2A6E 		281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-22-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 17 Nov 2023 23:28:23 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
isyn
prebid.a-mo.net/ Frame 6A0E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=&gpp=&gpp_sid=
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.97.67 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
max-age=0, private, must-revalidate
date
Fri, 17 Nov 2023 23:28:23 GMT
server
envoy
vary
Accept-Encoding
x-envoy-upstream-service-time
0
sync.html
public.servenobid.com/ Frame 6C7B 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://public.servenobid.com/sync.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.156.39.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-39-59.lhr50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1c20d54555b098aef8269b6fa89b316fa731aac67e6926c1203c27edf8cf9dbd

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
38869
cache-control
max-age=86400
content-encoding
gzip
content-type
text/html
date
Fri, 17 Nov 2023 12:40:35 GMT
etag
W/"ea81456e0a6e1fca0e7a864b1d3121aa"
last-modified
Mon, 02 Oct 2023 23:54:30 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 329cb27be8d7871661ed5a94ecaacb28.cloudfront.net (CloudFront)
x-amz-cf-id
KHRIG0zzWl4w2P36LmR4qtLJAXQQea7ClAT9gOMkmfbfVNjZbw2VUQ==
x-amz-cf-pop
LHR50-P1
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:us-east-1:559734745816:build/adserver-public-prod:58584356-ee8f-4de0-abcc-b50f847fba2c
x-amz-meta-codebuild-content-md5
d3f9c0952d74faa30fada14e06b377b0
x-amz-meta-codebuild-content-sha256
8aa4841af9e8588faa6f0e126d94acab1f39eb0115dfa16eac2daccf149690d0
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
/
csync.smilewanted.com/ Frame EE85 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a2b996fdc66d9abf1696965fbb8afdcb5b7b9aea5219da13e11d11512f3a101c

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
827bbff2c9975d5b-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 17 Nov 2023 23:28:23 GMT
server
cloudflare
vary
Accept-Encoding
pd
adpushup-d.openx.net/w/1.0/ Frame 4BD5 		653 B
720 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adpushup-d.openx.net/w/1.0/pd
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
69c73c3e4c15b4d41736526ca13fc8876f34d539fdfcccfeda247b4d14a3ee3c

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
410
content-type
text/html
date
Fri, 17 Nov 2023 23:28:23 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
checksync.php
contextual.media.net/ Frame 3736 		24 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C2045%2C3012%2C2043%2C2040%2C244%2C2039%2C3007%2C246%2C4%2C203%2C446%2C9%2C2055%2C2099%2C173%2C294%2C251%2C175%2C450%2C132%2C374%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C459%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C461%2C222%2C345%2C468%2C10000%2C80%2C108%2C229%2C307%2C508&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.20.22 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-22.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
75dafddaabed947a4a53a65c28ed47eacc0776d8cc15772bb253bc01962d97c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
8529
content-type
text/html; charset=UTF-8
date
Fri, 17 Nov 2023 23:28:23 GMT
expires
Sun, 19 Nov 2023 23:28:23 GMT
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
ixmatch.html
js-sec.indexww.com/um/ Frame ABEF 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.38.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
343
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
827bbff33dbb2c65-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 17 Nov 2023 23:28:23 GMT
expires
Sat, 18 Nov 2023 03:28:23 GMT
last-modified
Mon, 25 Jul 2022 19:18:19 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
sync
eb2.3lift.com/ Frame 96AF 		37 B
140 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
date
Fri, 17 Nov 2023 23:28:23 GMT
async_usersync.html
acdn.adnxs.com/dmp/ Frame 25AC 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
53447
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Fri, 17 Nov 2023 23:28:23 GMT
ETag
W/"623de86a-cf34"
Expires
Thu, 16 Nov 2023 08:37:34 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
453, 364703
X-Served-By
cache-lga13626-LGA, cache-fra-eddf8230137-FRA
X-Timer
S1700263704.564760,VS0,VE0
hhrtBw21.html
tpc.googlesyndication.com/sodar/ Frame F952 		23 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/hhrtBw21.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Oy6hyfNY.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
861aed070db50ce0da9928455deff784c115b44540b09450f225ff7cff0c7429
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
26815
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8727
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 17 Nov 2023 16:01:28 GMT
expires
Sat, 16 Nov 2024 16:01:28 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
usync.js
eus.rubiconproject.com/ Frame 2A6E 		46 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-22-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
e92610c8ef333bcc5802150887076cfd1a1b6590432185f2bc0a0abff06d906d

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 17 Nov 2023 23:28:23 GMT
Content-Encoding
gzip
Last-Modified
Fri, 17 Nov 2023 11:35:45 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=43601
Connection
keep-alive
Content-Length
13230
Expires
Sat, 18 Nov 2023 11:35:04 GMT
GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
pagead2.googlesyndication.com/bg/ Frame F952 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/hhrtBw21.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 09:24:52 GMT
content-encoding
br
x-content-type-options
nosniff
age
50611
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15296
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 16:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 16 Nov 2024 09:24:52 GMT
sd
us-u.openx.net/w/1.0/ Frame 4BD5
Redirect Chain
  • https://cms.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=zHJuE5xwahDXJT4QwyF2E890PR3Xc2sRnibiPvlA
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=zHJuE5xwahDXJT4QwyF2E890PR3Xc2sRnibiPvlA
Requested by
Host: adpushup-d.openx.net
URL: https://adpushup-d.openx.net/w/1.0/pd
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://adpushup-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 23:28:23 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 17 Nov 2023 23:28:23 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=zHJuE5xwahDXJT4QwyF2E890PR3Xc2sRnibiPvlA
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame 4BD5
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=22
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=278540316111714368
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=278540316111714368
Requested by
Host: adpushup-d.openx.net
URL: https://adpushup-d.openx.net/w/1.0/pd
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://adpushup-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 23:28:23 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 17 Nov 2023 23:28:23 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=278540316111714368
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
dcm
aax-eu.amazon-adsystem.com/s/ Frame 4BD5 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=dbe54add-29c9-c764-23d5-8c4d7d7ed229
Requested by
Host: adpushup-d.openx.net
URL: https://adpushup-d.openx.net/w/1.0/pd
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.126.160 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://adpushup-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 17 Nov 2023 23:28:23 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
4T4T5H0FS5GMT2NGGGZY
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
openx
match.adsrvr.org/track/cmf/ Frame 4BD5 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/openx?oxid=833336a0-3563-7c9e-e3db-0eda154d19c9&gdpr=0
Requested by
Host: adpushup-d.openx.net
URL: https://adpushup-d.openx.net/w/1.0/pd
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://adpushup-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 23:28:23 GMT
server
Kestrel
content-length
70
content-type
image/gif
pixel
cm.g.doubleclick.net/ Frame 4BD5 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YWY1Y2U1NmEtZmMxNC0yMjNhLWY2M2ItNTQ2M2RmYWZkN2E5
Requested by
Host: adpushup-d.openx.net
URL: https://adpushup-d.openx.net/w/1.0/pd
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s10-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://adpushup-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 23:28:23 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 4BD5
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEPbO6BoYRSY-2skzJzKDhAs&google_cver=1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEPbO6BoYRSY-2skzJzKDhAs&google_cver=1
Requested by
Host: adpushup-d.openx.net
URL: https://adpushup-d.openx.net/w/1.0/pd
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://adpushup-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 23:28:23 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 17 Nov 2023 23:28:23 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEPbO6BoYRSY-2skzJzKDhAs&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
viewability
hal900026.redintelligence.net/ Frame EA49 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900026.redintelligence.net/viewability?s=21765500001811404438446012512026&a=0b7afbc2&vb=v
Requested by
Host: hal900026.redintelligence.net
URL: https://hal900026.redintelligence.net/request_content.php?s=21765500001811404438446012512026&a=aa555b58
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.84.244 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.244.84.201.138.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://hal900026.redintelligence.net/request_content.php?s=21765500001811404438446012512026&a=aa555b58
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 17 Nov 2023 23:28:23 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
/
c.bannerflow.net/tr/v2/pixel/ Frame 9206 		0
100 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://c.bannerflow.net/tr/v2/pixel/
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/652cf45a843eb9eeda7667d0?did=5ced17d285b1c200019c3fe1&&redirecturl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsuGzXaAm5iiFfXf8KjMavMCCpaRa2OT_7rquPV1Ua9o-nN_7KUIbDIcwpNsGOWATgaG-zSW7-ReCKTO19hHZN13mLaSqWAvyt7Z0TLw3SklXL6x-imrdPfgaD6GUDotWZ2UXBffSHUp-8Mt5GHWV724Lq7G7t7cCDAVTdVfE7oBQyNrqVUpwbwhAmC8QmMBomUQ4TGo2wFl57LGaFDjDqCIlbx0nhR8LyjY_rwBUqzi0XWtrGFJG_m-TgJtXILYHvxKKzVD6CNQVjtYo-GYHVELu-jRQZgAv3G3so-9-9Mp35D1dZ2sYFTwQNJQgFcZ8XmcDh6kgW5Whh_hyjr2FErDiKaB4JcwG7RPMBDcDFfPpLKeYO1I_0DOPJF9sTqaeh5gBwDh_ukWgbNJIPnSz1s_oa10vKO_2hcMtZwcRp0GGUAbBrBtdycOrClK3RmF2J5PdA26Lfhm-Henu0_nedxXDXK83_EdIZP-iOm_EtNwiwJL9oDfoyTooIrWR0YS-Qd4-EUyPMUy9x2R1rPvxSDMKOFtF2jCAIC7iGOlv4fQwgwLoaG3SDk_yIB3B2XhL2PwspriHIj9aT3QhauqAC8jEzm5lH98vhN3rUAr_dyYHAyxWtDOxk4ubQlYHdSGozOu--64NrAaZ0T_te4ckuSzUE2k9K4YZsa0b7rFmB09vrIx7oGVx83gDqucAX3olAHwDkd1-qk5NyAyy3ALCdOrDrel9zHYXndeqIGuMdqR-WaqUWT4bB6_NGrI5M-2SYsXuH3_b8Ni12QgAUO492Farj7KQ3MrgB70fdbHrj309ETCN3iCQjRq5tEm1jWjeHUYvSNP4yESythBeIufyABookXpaKU4XI9HhrBTEtiFc30AL3u5jUVuXc6guC3NuBKPn8P8438Zbm1Tvfdo9McV3DmSG3tvbqXvV7lGTacqnLM7VYz5_F-nP9TnQf_KylOJyLVyhABkLX4O_ND3sH4fs27HBYbIUvHBB2khWkXaxK-HvtLTOfKjaMuG9bqs5So1lm1CGC35R9yAFRcs_tfYm1mRg0qCqw5y4DXF5gk73YK5iBuxmW7qiK4r0juk_EXqb70W8uAZZAUFNiV9qOlWnDDWY7-XWWrTnUK5KxdsPOCIDc8DwZBMTIwctzlPKuF9JdNHWS1_VV2pBhzZjh7YdntN2dxDWjE5n05EiqMZaHxgrRonUKgdhdjN85fBSEVEGB1IH3sF-yqt7iO_KXYNaVPrhnoBERnPjJrMPk7lJ6T4cFkq7jLDFn8WytrFwFARkpjv3M_oJWelKBL14sIerY-B46YoAWQseRV-ZhRKD6BeWRFw0TMvxstOWCmVLcU8lb_bJrQzHOb64wygyO2CDpJYDzdqcLWQRQf6YAxCLo9v0fWpTADskAu-2v5J56VCg49Uoij-T3oukl3B2TBcjaiYsl_oHKoDW7G2jyWWuF8BxXqDGgjV2QId01v3kk87Adk1cc_ieuX8S0MWPdXUD0EtFpmyFocdKl65Y6hFUCiqWCWCptKQwjqrM5v-f6YgRQClwbkwT_VVgq85q05EOw7JEEiGoaHqaB54%26sai%3DAMfl-YSedwVIxfrtceO_oHNgrG5liERJYJsljBLIUP1GAZh--vnfjMe00KYbdGJ68WWCr_gbP1EX9MMV9uPxq52CD0cPfcU-0Tu0RxeNaeDx9wR-4yuMAKu91S1OzdoSfJSWGQscjsIsW09dz34tJsV2Ba5JeTj6GY4DHO3OnAgSjORIgFCqixcJMGw8J1DIG6w_e5BkKMK-06eTqZ9MaogvwqcpwHKYkqiVjP3XcwJAlm6lfhlzhjdD2uCNhBz-fpEv5PGWx_OAZsiSEh057RQiuAL7L0JuKuPUPrOQCInGvw%26sig%3DCg0ArKJSzIrfnjZME8ViEAE%26cry%3D1%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26rm_eid%3D5362262%26adurl%3Dhttps%253A%252F%252Fwww.home.saxo%252Fde-ch%252Fcampaigns%252Finterest-rates-cal%253Fdclid%253D%2525edclid!%2526cmpid%253Ddisp_cm_1014485535_20667285989_531078041
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:c96e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://s0.2mdn.net/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 17 Nov 2023 23:28:23 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
827bbff3bba29b77-FRA
content-length
0
request-context
appId=cid-v1:1d9bcaa3-5ddc-4e5d-973c-949d7ceab63e
async_usersync
ib.adnxs.com/ Frame 25AC 		0
596 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 23:28:23 GMT
an-x-request-uuid
ee293e69-d282-4cc5-8084-ca3c23c7c530
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
195.206.105.131; 195.206.105.131; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
usermatch
ssum-sec.casalemedia.com/ Frame ED03 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d67afa8d88e748d1aced43262b1ba7837a1ea6a4a9ad3b47e86ac72ea8a0368e

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
827bbff41f1b1d9a-FRA
content-encoding
br
content-type
text/html
date
Fri, 17 Nov 2023 23:28:23 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7Q%2FZoQywF128ePvg7Mz3TjmnvuYgDFmuELTfMf3Q06z6ZSrnupBofN%2BB7tCHnqOQptcQf2EtjosDUKQJJNSFvfjLo8%2B5VbKuf3kjL1sx98g4qCrE0VCOvuhFNJeuwzQbEJekUiCWMdqa2A%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
csi
csi.gstatic.com/ Frame A479 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=3~lp393xkj&c=4811963659438&slotId=2405981829719&qqid=CKWSlvCXzIIDFcI6BgAdvxwE5g&gqid=FvdXZebYJpeEhcIPq6iTiAk&fb=ima_html5-lima&sdkv=h.3.605.0&ppt=vidvertoplayer&ppv=1.0.0&mrd=4&aab=1&itv=1&ua_e=1&met.4=ghmsh_s.lp393xkl~ff.lp393xw4&faa=1
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2800:3f0:4001:82a::2003 São Paulo, Brazil, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 23:28:23 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
decode_consent.js
static.smilewanted.com/js/decode_consent/ Frame EE85 		48 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.smilewanted.com/js/decode_consent/decode_consent.js
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://csync.smilewanted.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 23:28:23 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
age
1544223
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Thu, 15 Apr 2021 17:11:55 GMT
server
cloudflare
etag
W/"607873db-c1ce"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
cf-ray
827bbff42a275d5b-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame AA7E 		0
22 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=7805821863162&version=m202309260101&ct=77&x=1&cor=4499885098868246500
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://e69be1acc319b7940667230e1b27285a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 23:28:23 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
13926
g2.gumgum.com/usync/ Frame 7EDC 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.74.229.145 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-74-229-145.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e23a9a4ebec8cf196ca464a82659e65878eed5580206c691fc909a4166730caa

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Fri, 17 Nov 2023 23:28:23 GMT
etag
W/"0b9d6a11e074654d85c5c606b80f813d9"
server
nginx
timing-allow-origin
*
/
onetag-sys.com/usync/ Frame FF7D 		2 KB
863 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
sync
ssbsync.smartadserver.com/api/ Frame 7DA8 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.94 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
48e9c07badaf8924e35adf17d4f5615a203332a8a31cb552091831b0594b5965

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

content-length
1050
content-type
text/html
date
Fri, 17 Nov 2023 23:28:23 GMT
usermatch
ssum-sec.casalemedia.com/ Frame C6EC 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a3d541f2c703ef021fc304e0b3322135dfa5821bd83c93ed5271b7b8175db457

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
827bbff48b2a5b8c-FRA
content-encoding
br
content-type
text/html
date
Fri, 17 Nov 2023 23:28:23 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u6fBH0oHCxGSf%2BBmJbCPJctmSQYzAp6zmHHXt4BqHZlB7wcYzhJMcdvtGxPVaX23ULSVZUXZrBNIeUTGguFqeT0lEawjEXBGVVO2BC65sB78HkFcqkgLGlN6IyKBi58BFLfbZ19ZUEZCGg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 9BDD
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-22-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 17 Nov 2023 23:28:23 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Fri, 17 Nov 2023 23:28:23 GMT
location
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
server
AkamaiGHost
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 9804 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.19.244.232 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-244-232.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=35454
content-encoding
gzip
content-length
5622
content-type
text/html
date
Fri, 17 Nov 2023 23:28:23 GMT
expires
Sat, 18 Nov 2023 09:19:17 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
sync-iframe
cs-rtb.minutemedia-prebid.com/ Frame 5B8C 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2449:ba00:1f:4c18:bd40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
57d091da92eab1bf3d6bf903666645666aa4b8981e536b4afd014373664f4cad

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://public.servenobid.com/
content-encoding
gzip
content-type
text/html
date
Fri, 17 Nov 2023 23:28:23 GMT
server
istio-envoy
vary
Accept-Encoding
via
1.1 9c7ba0aaf8652834e3f6b51b901da726.cloudfront.net (CloudFront)
x-amz-cf-id
6td4vyyOiJL1YjJaw3bdgaG8aJAYtQZc0vVSyUT5l12wP4I8e2J-SA==
x-amz-cf-pop
AMS58-P6
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
2
user-sync
sync.adkernel.com/ Frame C0D3 		0
160 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adkernel.com/user-sync?zone=181225&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D152%26uid%3D%7BUID%7D&gdpr=0&gdpr_consent=&us_privacy=1YN-&
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.245.57.72 , United States, ASN36057 (WEBAIR-INTERNET-MTL, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Age
0
Cache-Control
no-store
Connection
close
Content-Length
0
Date
Fri, 17 Nov 2023 23:28:23 GMT
Pragma
no-cache
Server
nginx
sync-iframe
cs-server-s2s.yellowblue.io/ Frame 484A 		557 B
1011 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
3.221.116.77 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-221-116-77.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
9ce23c8b16df4cd7140e799005329ca3329c74daca240528f187f1cf5fed5053

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://public.servenobid.com/
content-length
557
content-type
text/html
date
Fri, 17 Nov 2023 23:28:24 GMT
server
istio-envoy
x-envoy-upstream-service-time
4
sync
ads.servenobid.com/ Frame 6C7B
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID
  • https://ads.servenobid.com/sync?pid=312&uid=2555110911558640958
0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=312&uid=2555110911558640958
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.31.140.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-31-140-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 23:28:23 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

pragma
no-cache
date
Fri, 17 Nov 2023 23:28:23 GMT
an-x-request-uuid
8a2deebd-4c10-4830-a8ee-24830c236081
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://ads.servenobid.com/sync?pid=312&uid=2555110911558640958
x-proxy-origin
195.206.105.131; 195.206.105.131; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
ads.servenobid.com/ Frame 6C7B
Redirect Chain
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1
  • https://ads.servenobid.com/sync?pid=310&uid=HrIApRZHJOrA5u9dQAW1vBrf
0
350 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=310&uid=HrIApRZHJOrA5u9dQAW1vBrf
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.31.140.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-31-140-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 23:28:23 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Pragma
no-cache
Date
Fri, 17 Nov 2023 23:28:23 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Location
https://ads.servenobid.com/sync?pid=310&uid=HrIApRZHJOrA5u9dQAW1vBrf
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap1ams1
Content-Length
0
Expires
Fri, 20 Mar 2009 00:00:00 GMT
pixel
ap.lijit.com/ Frame 6C7B 		0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.48 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 17 Nov 2023 23:28:23 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap5ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
generic
match.adsrvr.org/track/cmf/ Frame 6C7B
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8549681619
70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8549681619
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 23:28:23 GMT
server
Kestrel
content-length
70
content-type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 17 Nov 2023 23:28:23 GMT
etag
RX606259ae6f514f37813b009fea21eac2003
content-type
text/html
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8549681619
cache-control
no-store, no-cache, must-revalidate
expires
0
sync
ads.servenobid.com/ Frame 6C7B
Redirect Chain
  • https://p.rfihub.com/cm?pub=44007&in=1
  • https://ads.servenobid.com/sync?pid=324&uid=5133329528853638736
0
345 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=324&uid=5133329528853638736
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.31.140.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-31-140-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 23:28:24 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Location
https://ads.servenobid.com/sync?pid=324&uid=5133329528853638736
Date
Fri, 17 Nov 2023 23:28:24 GMT
Server
Jetty(9.4.51.v20230217)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
sync
ads.servenobid.com/ Frame 6C7B
Redirect Chain
  • https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D332%26uid%3D
  • https://ads.servenobid.com/sync?pid=332&uid=09d493bf-dc1b-4b5f-b2d6-7b1a767cd2fa
0
357 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=332&uid=09d493bf-dc1b-4b5f-b2d6-7b1a767cd2fa
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.31.140.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-31-140-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 23:28:24 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

pragma
no-cache
date
Fri, 17 Nov 2023 23:28:24 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-105
content-type
text/plain; charset=utf8
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://ads.servenobid.com/sync?pid=332&uid=09d493bf-dc1b-4b5f-b2d6-7b1a767cd2fa
cache-control
no-cache, no-store, private
tcn
Choice
content-length
0
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
sync
ads.servenobid.com/ Frame 6C7B
Redirect Chain
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D
  • https://ads.servenobid.com/sync?pid=327&uid=&us_privacy=1YN-&gdpr=0
0
252 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=327&uid=&us_privacy=1YN-&gdpr=0
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.31.140.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-31-140-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 23:28:23 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=327&uid=&us_privacy=1YN-&gdpr=0
date
Fri, 17 Nov 2023 23:28:22 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
0
server
envoy
content-length
0
sync
ads.servenobid.com/ Frame 6C7B
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58559/occ
  • https://ads.servenobid.com/sync?pid=337&uid=y-ZrLaNLlE2uEGpRTh6iAXn9ettaBtDZFFqljuYF0-~A
0
367 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=337&uid=y-ZrLaNLlE2uEGpRTh6iAXn9ettaBtDZFFqljuYF0-~A
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.31.140.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-31-140-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 23:28:23 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=337&uid=y-ZrLaNLlE2uEGpRTh6iAXn9ettaBtDZFFqljuYF0-~A
date
Fri, 17 Nov 2023 23:28:23 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
409e9d20-7266-4e54-9c40-4c5c2374fcfe.gif
us.shb-sync.com/ Frame 6C7B
Redirect Chain
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID
  • https://prebid.a-mo.net/cchain/0?gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D6%26r%3DCid1YS0xZGNjMDk4YS1jYjFhLTMyMTctOTAyYi1jZDVlYmIyNTY3MDYQ____________ASpTa...
  • https://ssp.disqus.com/match?bidder=6&r=Cid1YS0xZGNjMDk4YS1jYjFhLTMyMTctOTAyYi1jZDVlYmIyNTY3MDYQ____________ASpTaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzQ2JnVpZD11YS0xZGNjMDk4YS1jYjFhLTMyM...
  • https://us.shb-sync.com/409e9d20-7266-4e54-9c40-4c5c2374fcfe.gif?puid=ua-1dcc098a-cb1a-3217-902b-cd5ebb256706&redir=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D31%26buyeruid%3D%5BUID%5D%26r%3DC...
0
0
sync
ads.servenobid.com/ Frame 6C7B
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58632/occ
  • https://ads.servenobid.com/sync?pid=339&uid=y-ZrLaNLlE2uEGpRTh6iAXn9ettaBtDZFFqljuYF0-~A
0
367 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=339&uid=y-ZrLaNLlE2uEGpRTh6iAXn9ettaBtDZFFqljuYF0-~A
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.31.140.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-31-140-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 23:28:23 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=339&uid=y-ZrLaNLlE2uEGpRTh6iAXn9ettaBtDZFFqljuYF0-~A
date
Fri, 17 Nov 2023 23:28:23 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
v1
match.sharethrough.com/universal/ Frame 6C7B 		0
34 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/universal/v1?supply_id=KW3eSFMR&gdpr=0&gdpr_consent=&us_privacy=1YN-&
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.59.59.191 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-59-59-191.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 23:28:23 GMT
sync
ads.servenobid.com/ Frame 6C7B
Redirect Chain
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D353%26uid%3D%3Cvsid%3E
  • https://ads.servenobid.com/sync?pid=353&uid=0000EEA
0
336 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=353&uid=0000EEA
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.31.140.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-31-140-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 23:28:23 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

pragma
no-cache
strict-transport-security
max-age=86400 ; includeSubDomains, max-age=604800
date
Fri, 17 Nov 2023 23:28:23 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
location
https://ads.servenobid.com/sync?pid=353&uid=0000EEA
content-type
text/html
cache-control
max-age=0, no-cache, no-store
content-length
154
x-mnet-hl2
E
expires
Fri, 17 Nov 2023 23:28:23 GMT
casale
match.adsrvr.org/track/cmf/ Frame ED03 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 23:28:23 GMT
server
Kestrel
content-length
70
content-type
image/gif
dcm
s.amazon-adsystem.com/ Frame ED03 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZVf3FXv2-3cGhZO_l_xfEwAADMwAAAIB&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 17 Nov 2023 23:28:23 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
ZHVSAFD1MKMDSV8VEPFN
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame ED03
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZVf3FXv2-3cGhZO_l_xfEwAADMwAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEBz-QmTDOCwCY0F4_zI8xmo&google_cver=1
43 B
736 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEBz-QmTDOCwCY0F4_zI8xmo&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 23:28:23 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zTAXSgtMoFmf%2FHbf%2BLUyuBo8O%2B1AdyfHhPp9SyiiP%2F6dxzkvHKEKlb9rRfeLFrz%2F6k2UrfSXMdxKzEtM0fjYouzhR7lBikXsciKJUrQXND5mhvo4tml8y6WGYGe9svNvGJ6JySNMpWIsPw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
827bbff4fb5e5b8c-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 17 Nov 2023 23:28:23 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEBz-QmTDOCwCY0F4_zI8xmo&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
28292
i6.liadm.com/s/ Frame ED03
Redirect Chain
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZVf3FXv2.3cGhZO-l-xfEwAA%263276&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
  • https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZVf3FXv2.3cGhZO-l-xfEwAA%263276&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=7ff4a4fdb7b04edb950805117b2b743d
  • https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@
  • https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-4SjFZfBbwE49FD2FAlq5YYUuk3wDeSRJjaEAXA
  • https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-4SjFZfBbwE49FD2FAlq5YYUuk3wDeSRJjaEAXA
43 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-4SjFZfBbwE49FD2FAlq5YYUuk3wDeSRJjaEAXA
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
2600:1f18:ed:550e:3d2:ba14:2ca3:82d8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 17 Nov 2023 23:28:25 GMT
Cache-Control
no-store
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
43
Request-Time
2
Content-Type
image/gif

Redirect headers

Location
https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-4SjFZfBbwE49FD2FAlq5YYUuk3wDeSRJjaEAXA
Date
Fri, 17 Nov 2023 23:28:24 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
0
Request-Time
2
crum
dsum-sec.casalemedia.com/ Frame ED03
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=82&gdpr=$%7bGDPR%7d&gdpr_consent=$%7bGDPR_CONSENT%7d
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=1663336969069035544&gdpr=0&gdpr_consent=
43 B
739 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=1663336969069035544&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 23:28:23 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Yj38FGGpjpSwv%2FBRgIQ5DyybXntAAHFLVDt5%2Fv9wAPsigO1xQ50jPGeModKGlxsrxtmzHSsAY%2BaW4%2FoO%2Blm7kvEME1B23Jt8OF4vuVt1DvsRvIzlSTH7SqyA%2FWy7%2BRHvAjNF8KH6fhgBsA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
827bbff50b605b8c-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=1663336969069035544&gdpr=0&gdpr_consent=
date
Fri, 17 Nov 2023 23:28:23 GMT
content-length
0
rum
dsum-sec.casalemedia.com/ Frame ED03
Redirect Chain
  • https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=V5BRCgeSVQlMxwEJWMNJClSWAgRMkVQIBcSpBEbf
43 B
733 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=V5BRCgeSVQlMxwEJWMNJClSWAgRMkVQIBcSpBEbf
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 23:28:23 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q%2FzAlmyxXGHcaTh7SjGkw5NwKwndWvxmUHEHdh%2BgBzbTPq7AireIXet7Lnl9G9DzYAVLH3NVkLsV7nsA8ad9JTbDDrcefir8Y6QSFtN24Rk6%2FJ8%2FNH0K83gQAscNZs64CMKv09s18pH2dA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
827bbff4fb595b8c-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 17 Nov 2023 23:28:23 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=V5BRCgeSVQlMxwEJWMNJClSWAgRMkVQIBcSpBEbf
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame ED03
Redirect Chain
  • https://csync.loopme.me/?pubid=11466&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=6d467b04-b55a-46f5-96ca-b771ab0d01ab&gpp_sid=null&gpp=null&us_privacy=null&gdpr_consent=null&gdpr=null
43 B
741 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=6d467b04-b55a-46f5-96ca-b771ab0d01ab&gpp_sid=null&gpp=null&us_privacy=null&gdpr_consent=null&gdpr=null
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 23:28:23 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=69t2wxhVy%2FJ24j67YRp%2BAk52bKLyXWVbcznOVjJzeD6L1huvB3CRDLTOsUz8Td%2B%2BgPtFp9du8%2F%2BSKwfZLRTCXYLvVDoFZ%2BOo3RRkMxFUcrPsJvOO4jmUsoXrcBrihPlkn6%2FwQSvqK7aNnw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
827bbff5bb9a5b8c-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=6d467b04-b55a-46f5-96ca-b771ab0d01ab&gpp_sid=null&gpp=null&us_privacy=null&gdpr_consent=null&gdpr=null
date
Fri, 17 Nov 2023 23:28:23 GMT
server
_
content-length
0
ix
ad4m.at/ad/sim/ Frame ED03 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad4m.at/ad/sim/ix
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
htw-pixel.gif
cdn.indexww.com/ht/ Frame ED03 		43 B
252 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?ZVf3FXv2.3cGhZO-l-xfEwAA%263276
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.38.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 23:28:24 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
70441
etag
"902a3d-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
827bbff66fea2c65-FRA
content-length
43
expires
Sat, 18 Nov 2023 23:28:24 GMT
sync
ads.servenobid.com/ Frame 7DA8 		0
345 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=317&uid=1663336969069035544&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.31.140.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-31-140-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 23:28:23 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
/
rtb-csync.smartadserver.com/redir/ Frame 7DA8
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=10&sspurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D22%26partneruserid%3DYOUR_USER_ID&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=22&partneruserid=278540316111714368&gdpr=0&gdpr_consent=
43 B
382 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=22&partneruserid=278540316111714368&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Server
185.86.139.94 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 17 Nov 2023 23:28:23 GMT
cache-control
no-cache,no-store
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma
no-cache
date
Fri, 17 Nov 2023 23:28:23 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=22&partneruserid=278540316111714368&gdpr=0&gdpr_consent=
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
/
wt.rqtrk.eu/ Frame 7DA8
Redirect Chain
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=150&partneruserid=0&redirurl=https%3A%2F%2Fwt.rqtrk.eu%3Fpid%3D58a76248-f101-4e52-b8f7-c4de9362ea12%26src%3Dwww%26type%3D100%26sid%3D0%26...
  • https://wt.rqtrk.eu/?pid=58a76248-f101-4e52-b8f7-c4de9362ea12&src=www&type=100&sid=0&uid=1663336969069035544&gdpr_pd=0&gdpr=0&gdpr_consent=
43 B
350 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wt.rqtrk.eu/?pid=58a76248-f101-4e52-b8f7-c4de9362ea12&src=www&type=100&sid=0&uid=1663336969069035544&gdpr_pd=0&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Server
141.95.32.69 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
haproxy-eu-004.roqad.pl
Software
istio-envoy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 23:28:24 GMT
server
istio-envoy
p3p
CP="NOI DSP COR DEVa PSAa PSDa OUR BUS UNI COM NAV STA"
content-type
image/gif
cache-control
no-cache,private
x-envoy-upstream-service-time
4
content-length
43
expires
Fri, 17 Nov 2023 23:28:23 GMT

Redirect headers

location
https://wt.rqtrk.eu?pid=58a76248-f101-4e52-b8f7-c4de9362ea12&src=www&type=100&sid=0&uid=1663336969069035544&gdpr_pd=0&gdpr=0&gdpr_consent=
pragma
no-cache
date
Fri, 17 Nov 2023 23:28:23 GMT
cache-control
no-cache,no-store
content-length
0
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
/
rtb-csync.smartadserver.com/redir/ Frame 7DA8
Redirect Chain
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=76&partneruserid=GOOGLE_HOSTED_SI&redirurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsmartrtb_dbm%26google_cm%26google_sc...
  • https://cm.g.doubleclick.net/pixel?google_nid=smartrtb_dbm&google_cm&google_sc&google_hm=MTY2MzMzNjk2OTA2OTAzNTU0NA==&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEGn5MHN08UdJwGoMHGMDihE&gdpr=0&gdpr_consent=&google_cver=1
43 B
393 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEGn5MHN08UdJwGoMHGMDihE&gdpr=0&gdpr_consent=&google_cver=1
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Server
185.86.139.94 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 17 Nov 2023 23:28:23 GMT
cache-control
no-cache,no-store
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma
no-cache
date
Fri, 17 Nov 2023 23:28:23 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEGn5MHN08UdJwGoMHGMDihE&gdpr=0&gdpr_consent=&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
345
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
p
a.audrte.com/ Frame 7DA8
Redirect Chain
  • https://a.audrte.com/get?p=M501991648&r=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D141%26partneruserid%3D$UID&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=bDM4MU9neU9vdlRROXl5MzhwaVgtT0JTQQ==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9ydGItY3N5bmMuc21hcnRhZ...
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9ydGItY3N5bmMuc21hcnRhZHNlcnZlci5jb20vcmVkaXIvP2lzc2lcdTAwM2QxXHUwMDI2cGFydG5lcmlkXHUwMDNkMTQxXHUwMDI2cGFydG5lcnVzZXJpZFx1MDAzZGwzODFPZ3lPb3ZUUTl5eTM4...
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9ydGItY3N5bmMuc21hcnRhZHNlcnZlci5jb20vcmVkaXIvP2lzc2lcdTAwM2QxXHUwMDI2cGFydG5lcmlkXHUwMDNkMTQxXHUwMDI2cGFydG5lcnVzZXJpZFx...
  • https://a.audrte.com/a?adform_uid=278540316111714368&r=eyJ1IjoiaHR0cHM6Ly9ydGItY3N5bmMuc21hcnRhZHNlcnZlci5jb20vcmVkaXIvP2lzc2lcdTAwM2QxXHUwMDI2cGFydG5lcmlkXHUwMDNkMTQxXHUwMDI2cGFydG5lcnVzZXJpZFx1MD...
  • https://rtb-csync.smartadserver.com/redir/?partnerid=141&partneruserid=l381OgyOovTQ9yy38piX-OBSA&gdpr=0&gdpr_consent=&redirurl=https%3A%2F%2Fa.audrte.com%2Fmatch%3Fuid%3DSMART_USER_ID%26p%3DM501991...
  • https://a.audrte.com/match?uid=1663336969069035544&p=M501991648&r=https%3A%2F%2Fa.audrte.com%2Fp%3F&gdpr=0&gdpr_consent=
  • https://a.audrte.com/p?
68 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p?
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Server
34.246.239.231 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-246-239-231.eu-west-1.compute.amazonaws.com
Software
nginx/1.22.1 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 17 Nov 2023 23:28:24 GMT
Server
nginx/1.22.1
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Fri, 17 Nov 2023 23:28:24 GMT
Server
nginx/1.22.1
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Access-Control-Allow-Origin
*
Location
https://a.audrte.com/p?
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
28292
i6.liadm.com/s/ Frame C6EC
Redirect Chain
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZVf3FXv2.3cGhZO-l-xfEwAA%263276&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
  • https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZVf3FXv2.3cGhZO-l-xfEwAA%263276&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=db469af76509401aa31d23df13b30040
  • https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@
  • https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-4SjFZfBbwE49FD2FAlq5YYUuk3wDeSRJjaEAXA
  • https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-4SjFZfBbwE49FD2FAlq5YYUuk3wDeSRJjaEAXA
43 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-4SjFZfBbwE49FD2FAlq5YYUuk3wDeSRJjaEAXA
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
2600:1f18:ed:550e:3d2:ba14:2ca3:82d8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 17 Nov 2023 23:28:25 GMT
Cache-Control
no-store
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
43
Request-Time
1
Content-Type
image/gif

Redirect headers

Location
https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-4SjFZfBbwE49FD2FAlq5YYUuk3wDeSRJjaEAXA
Date
Fri, 17 Nov 2023 23:28:24 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
0
Request-Time
2
crum
dsum-sec.casalemedia.com/ Frame C6EC
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=2555110911558640958
43 B
734 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=2555110911558640958
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 23:28:23 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VzHePnWwofII5rKOBobYleTqY4bKxIpG%2BnilaW5%2BxSiVK0jUfeXXH0PqyoDXBmBS1h1I18YmaiNrKBQROBEGG%2FRahQpPBp1hlrwzNTG5OvM0YJe0vYEqBTBuZIpCKf%2Fre10IlrpifIDdiw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
827bbff56b865b8c-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 17 Nov 2023 23:28:23 GMT
an-x-request-uuid
9ebfbf6b-2b3f-4404-9cbc-d363d352f20e
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=2555110911558640958
x-proxy-origin
195.206.105.131; 195.206.105.131; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
ZVf3FXv2-3cGhZO_l_xfEwAADMwAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame C6EC 		43 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/ZVf3FXv2-3cGhZO_l_xfEwAADMwAAAIB?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3605:4684:36f0:2036:f07d Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 23:28:23 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
crum
dsum-sec.casalemedia.com/ Frame C6EC
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ie
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AADJOU7Kr-4AABUq5wrxPg&expiration=1701473303
43 B
731 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AADJOU7Kr-4AABUq5wrxPg&expiration=1701473303
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 23:28:23 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zr5qCI0WurRE26w7LjhUg%2BCkwEOnLHXiypzIJqM4oGmBTS60GCjTjzjEdrykcw3usT9gvhmozdXjMq%2FdSS7g1PTkQ1jnjFTfVeUiw8q65Pw59HnAJ6oLbXhH70o90blb908oXBP5vouaFw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
827bbff57b8e5b8c-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AADJOU7Kr-4AABUq5wrxPg&expiration=1701473303
Date
Fri, 17 Nov 2023 23:28:23 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
dcm
s.amazon-adsystem.com/ Frame C6EC 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZVf3FXv2-3cGhZO_l_xfEwAADMwAAAIB&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 17 Nov 2023 23:28:23 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
5QK8ZDFGWQNKCEQV77W0
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame C6EC
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZVf3FXv2.3cGhZO-l-xfEwAA%263276
  • https://creativecdn.com/cm-notify?pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZVf3FXv2.3cGhZO-l-xfEwAA%263276&tc=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=133&external_user_id=NsMRezb_IAl1QO1xqjwZKBnkDFpY9ciBvWAHMUJgAcE&pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZVf3FXv2.3cGhZO-l-xfEwAA%263276&tc=1
43 B
731 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=133&external_user_id=NsMRezb_IAl1QO1xqjwZKBnkDFpY9ciBvWAHMUJgAcE&pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZVf3FXv2.3cGhZO-l-xfEwAA%263276&tc=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 23:28:24 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NMA9qKsBUT3mxK7usTCJDE5rt%2Fm6Iza0dJqcQCAnNvcdGFPlJjbeO1Q73rLYrsPNVP7hzGWAual8D2hGkrtFFFvx9uKNSSKrzbObmZUwC2nb5Xtf3mu6N21ROHfDLFDIVMbc%2FH3aFFYCrA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
827bbff65bf65b8c-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=133&external_user_id=NsMRezb_IAl1QO1xqjwZKBnkDFpY9ciBvWAHMUJgAcE&pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZVf3FXv2.3cGhZO-l-xfEwAA%263276&tc=1
pragma
no-cache
date
Fri, 17 Nov 2023 23:28:24 GMT, Fri, 17 Nov 2023 23:28:24 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
rum
dsum.casalemedia.com/ Frame C6EC
Redirect Chain
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1
  • https://casale-match.dotomi.com/match/bounce/current?DotomiTest=1849801caeaf1601&is_secure=true&networkId=19998&version=1
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAAI8nXiysNkDAMSKZPiAAAAAAA&expiration=1700350104&is_secure=true
43 B
545 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAAI8nXiysNkDAMSKZPiAAAAAAA&expiration=1700350104&is_secure=true
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 23:28:24 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MRyN3PaMTU42linrd7slPCpWQ9zrF21twoaG72R3mFj4lZiNqbu3Dn3IxHS3lZGyxErve8KbCrUTUPB32Oe6j8mJlgNt6Q%2FKiCAla5sCMVWsFV6IRfCCafkjIfFy1109Tdgmt2D8"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
827bbff678ff1d9a-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 17 Nov 2023 23:28:24 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAAI8nXiysNkDAMSKZPiAAAAAAA&expiration=1700350104&is_secure=true
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
crum
dsum-sec.casalemedia.com/ Frame C6EC
Redirect Chain
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1715988503&external_user_id=80205082-33a9-499d-9ef8-0cdb4853a0b9
43 B
733 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1715988503&external_user_id=80205082-33a9-499d-9ef8-0cdb4853a0b9
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 23:28:24 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gidgQxc7QImjY1fcEIn2nI7cvSkNtLaOc90UvJvuapiiJArTaC%2FM6mu2u98slxIAYY3QVRqsL7y376t15%2BG7RcY2WGnKrkmSaayy5ScFoLyLqHDYkbU3%2FAn%2BkQGlDib2F9vLoQWghK%2FcmA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
827bbff65bf35b8c-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

date
Fri, 17 Nov 2023 23:28:23 GMT
via
1.1 google
access-control-allow-methods
GET,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
*.casalemedia.com
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1715988503&external_user_id=80205082-33a9-499d-9ef8-0cdb4853a0b9
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
157
sync
ads.servenobid.com/ Frame C6EC 		0
357 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=333&uid=ZVf3FXv2-3cGhZO_l_xfEwAADMwAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.31.140.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-31-140-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 23:28:23 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
drop_cookie_sw.php
csync.smilewanted.com/ Frame C18A 		0
330 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/drop_cookie_sw.php
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
827bbff50a965d5b-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 17 Nov 2023 23:28:23 GMT
server
cloudflare
vary
Accept-Encoding
1663336969069035544
csync.smilewanted.com/set_partner_userid_get/smart/ Frame E49B
Redirect Chain
  • https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]
  • https://csync.smilewanted.com/set_partner_userid_get/smart/1663336969069035544
0
376 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/smart/1663336969069035544
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
827bbff59acd5d5b-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 17 Nov 2023 23:28:23 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

content-length
0
date
Fri, 17 Nov 2023 23:28:23 GMT
location
https://csync.smilewanted.com/set_partner_userid_get/smart/1663336969069035544
usync.js
eus.rubiconproject.com/ Frame 9BDD 		46 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-22-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
e92610c8ef333bcc5802150887076cfd1a1b6590432185f2bc0a0abff06d906d

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 17 Nov 2023 23:28:23 GMT
Content-Encoding
gzip
Last-Modified
Fri, 17 Nov 2023 11:35:45 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=43601
Connection
keep-alive
Content-Length
13230
Expires
Sat, 18 Nov 2023 11:35:04 GMT
2555110911558640958
csync.smilewanted.com/set_partner_userid_get/appnexus/ Frame 07ED
Redirect Chain
  • https://secure.adnxs.com/getuid?https://csync.smilewanted.com/set_partner_userid_get/appnexus/$UID
  • https://csync.smilewanted.com/set_partner_userid_get/appnexus/2555110911558640958
0
374 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/appnexus/2555110911558640958
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
827bbff5cada5d5b-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 17 Nov 2023 23:28:23 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
access-control-allow-origin
*
an-x-request-uuid
580e9d83-b75d-4889-8758-b42a8d5d1960
cache-control
no-store, no-cache, private
content-length
0
content-type
text/html; charset=utf-8
date
Fri, 17 Nov 2023 23:28:23 GMT
expires
Sat, 15 Nov 2008 16:00:00 GMT
location
https://csync.smilewanted.com/set_partner_userid_get/appnexus/2555110911558640958
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma
no-cache
server
nginx/1.21.3
x-proxy-origin
195.206.105.131; 195.206.105.131; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
x-xss-protection
0
PugMaster
image6.pubmatic.com/AdServer/ Frame 9804 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=25372856&p=162412&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1YN-
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
b70c18e8a1eb6de14c2ba38eae2dc4ad3f4a20e93cc755dff7e3cb729a6b0e3a

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Fri, 17 Nov 2023 23:28:24 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
usersync
usersync.gumgum.com/ Frame 7EDC
Redirect Chain
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID
  • https://usersync.gumgum.com/usersync?b=apn&i=2555110911558640958
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=apn&i=2555110911558640958
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Fri, 17 Nov 2023 23:28:24 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

pragma
no-cache
date
Fri, 17 Nov 2023 23:28:23 GMT
an-x-request-uuid
bd1d0d2c-5f64-4ed7-91ef-af8eafd2c6f4
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://usersync.gumgum.com/usersync?b=apn&i=2555110911558640958
x-proxy-origin
195.206.105.131; 195.206.105.131; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame 7EDC
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_9993c7e3-4203-4b7e-96a3-b0af52773368&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://dsp.nrich.ai/bidswitch/sync?bidswitch_ssp_id=gumgum2&bsw_custom_parameter=32b3944a-ca0f-4e78-b1df-783499744432&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=1---
  • https://x.bidswitch.net/sync?dsp_id=283&user_id=180ee2e2-52f1-4e64-ba7a-077a439fceed&expires=1&user_group=2&ssp=gumgum2&bsw_param=32b3944a-ca0f-4e78-b1df-783499744432&gdpr=0&gdpr_consent=&gdpr_pd=
  • https://usersync.gumgum.com/usersync?b=bsw&i=32b3944a-ca0f-4e78-b1df-783499744432&gdpr=0&gdpr_consent=&us_privacy=
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=bsw&i=32b3944a-ca0f-4e78-b1df-783499744432&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Fri, 17 Nov 2023 23:28:24 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
//usersync.gumgum.com/usersync?b=bsw&i=32b3944a-ca0f-4e78-b1df-783499744432&gdpr=0&gdpr_consent=&us_privacy=
date
Fri, 17 Nov 2023 23:28:24 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
usersync
usersync.gumgum.com/ Frame 7EDC
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://usersync.gumgum.com/usersync?b=opx&i=740e92d0-1d76-44c8-84a0-1e37dd1d188f
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=opx&i=740e92d0-1d76-44c8-84a0-1e37dd1d188f
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Fri, 17 Nov 2023 23:28:24 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Fri, 17 Nov 2023 23:28:23 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://usersync.gumgum.com/usersync?b=opx&i=740e92d0-1d76-44c8-84a0-1e37dd1d188f
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
usersync
usersync.gumgum.com/ Frame 7EDC
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sta&i=0-d52e9d16-d4d2-5779-4656-76ce448f9be7$ip$195.206.105.131
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sta&i=0-d52e9d16-d4d2-5779-4656-76ce448f9be7$ip$195.206.105.131
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Fri, 17 Nov 2023 23:28:24 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=sta&i=0-d52e9d16-d4d2-5779-4656-76ce448f9be7$ip$195.206.105.131
Date
Fri, 17 Nov 2023 23:28:24 GMT
Connection
keep-alive
Content-Length
129
Content-Type
text/html; charset=utf-8
usersync
usersync.gumgum.com/ Frame 7EDC
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=oth&i=y-LLXAjiFE2pfSrvLtphSFqL.fsSnWdgbjAIqd~A
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=oth&i=y-LLXAjiFE2pfSrvLtphSFqL.fsSnWdgbjAIqd~A
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Fri, 17 Nov 2023 23:28:24 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Fri, 17 Nov 2023 23:28:24 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://usersync.gumgum.com/usersync?b=oth&i=y-LLXAjiFE2pfSrvLtphSFqL.fsSnWdgbjAIqd~A
content-length
0
usersync
usersync.gumgum.com/ Frame 7EDC
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fuser...
  • https://usersync.gumgum.com/usersync?b=vnt&i=520b46d2-95a0-492a-b34a-5b2340d16ae6
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=vnt&i=520b46d2-95a0-492a-b34a-5b2340d16ae6
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Fri, 17 Nov 2023 23:28:24 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=vnt&i=520b46d2-95a0-492a-b34a-5b2340d16ae6
Date
Fri, 17 Nov 2023 23:28:24 GMT
Connection
keep-alive
X-CI-RTID
783ff707-73a1-4e58-91bd-0ae473c22d50
Content-Length
108
Content-Type
text/html; charset=utf-8
142
match.deepintent.com/usersync/ Frame 7EDC 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
a /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 23:28:23 GMT
content-length
0
server
a
usersync
usersync.gumgum.com/ Frame 7EDC
Redirect Chain
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_9993c7e3-4203-4b7e-96a3-b0af52773368&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__
  • https://usersync.gumgum.com/usersync?b=zem&i=pftdwc9ZemmU6IzfwRdv&gdpr=0&us_privacy=1---
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=zem&i=pftdwc9ZemmU6IzfwRdv&gdpr=0&us_privacy=1---
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Fri, 17 Nov 2023 23:28:24 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
Date
Fri, 17 Nov 2023 23:28:24 GMT
Content-Type
text/html; charset=utf-8
Location
https://usersync.gumgum.com/usersync?b=zem&i=pftdwc9ZemmU6IzfwRdv&gdpr=0&us_privacy=1---
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
123
Expires
Thu, 01 Dec 1994 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame 7EDC
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
  • https://usersync.gumgum.com/usersync?b=pln&i=mbziMJI6UouZ&ev=1&pid=558355
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=pln&i=mbziMJI6UouZ&ev=1&pid=558355
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Fri, 17 Nov 2023 23:28:24 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
de-CH
location
https://usersync.gumgum.com/usersync?b=pln&i=mbziMJI6UouZ&ev=1&pid=558355
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-6b57df6cd5-8s4wd
expires
-1
usersync
usersync.gumgum.com/ Frame 7EDC
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sad&i=1663336969069035544
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sad&i=1663336969069035544
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Fri, 17 Nov 2023 23:28:24 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=sad&i=1663336969069035544
date
Fri, 17 Nov 2023 23:28:23 GMT
content-length
0
sync
ads.servenobid.com/ Frame 7EDC 		0
358 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=309&uid=e_9993c7e3-4203-4b7e-96a3-b0af52773368
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.31.140.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-31-140-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 23:28:24 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
LP393VEY-13-34K2
csync.smilewanted.com/set_partner_userid_get/rubicon/ Frame 5B1E
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-smilewanted&gdpr=0&gdpr_consent=
  • https://csync.smilewanted.com/set_partner_userid_get/rubicon/LP393VEY-13-34K2?gdpr=0
0
428 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/rubicon/LP393VEY-13-34K2?gdpr=0
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
827bbff60b065d5b-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 17 Nov 2023 23:28:24 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
Expires
0
Location
https://csync.smilewanted.com/set_partner_userid_get/rubicon/LP393VEY-13-34K2?gdpr=0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma
no-cache
X-RPHost
28e1e7d28d06b07ec669bc9e43057b8e
content-length
0
khaos.json
token.rubiconproject.com/ Frame 9BDD 		7 B
778 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?khaos=LP393VEY-13-34K2
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
e06182bf224d96e6550f4595601cdb0b
Expires
0
usersync
rtb.gumgum.com/ Frame 0E7C
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=1301&gdpr=0&gdpr_consent=
  • https://rtb.gumgum.com/usersync?b=adf&i=278540316111714368&gdpr=0&gdpr_consent=
35 B
209 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=adf&i=278540316111714368&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.76.65.157 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-65-157.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
private, no-store, must-revalidate, max-age=0
content-length
35
content-type
image/gif;charset=UTF-8
date
Fri, 17 Nov 2023 23:28:24 GMT
expires
0
pragma
no-cache
server
nginx
timing-allow-origin
*

Redirect headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
0
date
Fri, 17 Nov 2023 23:28:24 GMT
expires
-1
location
https://rtb.gumgum.com/usersync?b=adf&i=278540316111714368&gdpr=0&gdpr_consent=
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
pixel
cm.g.doubleclick.net/ Frame DB67 		170 B
188 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV85OTkzYzdlMy00MjAzLTRiN2UtOTZhMy1iMGFmNTI3NzMzNjg=&gdpr=0&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s10-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
170
content-type
image/png
cross-origin-resource-policy
cross-origin
date
Fri, 17 Nov 2023 23:28:24 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 05FB 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.19.244.232 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-244-232.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=35453
content-encoding
gzip
content-length
5622
content-type
text/html
date
Fri, 17 Nov 2023 23:28:24 GMT
expires
Sat, 18 Nov 2023 09:19:17 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
gen_204
pagead2.googlesyndication.com/pagead/ Frame F952 		0
22 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=36&t=2&li=v_h.3.605.0&bgai=B4kt6FvdXZaWvKML1mLAPv7mQsA4AAAAAOAG6BRMI5ruU8JfMggMVF0JBAh0r1ASR&bg=!urmlufbNAAZxrfrxUa07ADQBe5WfOEA7_D_4BsaizCdeWXGF92zf611gXvX-ZcUOoOw6XkgQDeIK6Aicpr-FJvHjC5BeAgAAAUtSAAAAA2gBBwoBR70tAESIUu4lr-hYRHOSOULDGijPilZYydhXHQkC-Q5mlTkmgcHuROJ8Dmk-bIHLl9zim2w2KKMv6qGUkM-Z2sEtVjVCq7uZvfpj6yXZPhha6y97mkMuG-D481pb0q0YTKCKsx-WWUHaRqA_Lm5cMyWNDvH3DWnWxC-Arfllk8P2MT1UoWg4W512OkKUHja2ildPq2JvKlM7qyfZzJ7sts8AvkRxhVJIrDLccs3R7djG42ya5T-ThXR1JFw33iPvblkWZvnJ91dTRh0O2tdYtMTR5BqALjFWLXSO1697_l88KfmOfnlCkfsVf-PNuRVjj247jGBtaWFPVRaLacfDV0n6bAKGaFrllWtkz-m1qmbcGzkmqvUr6qp6tGSTjUPE9zfeWBt5A_ki_D51T2zPk_zitGhys1-RoJPQD_WYhbAUiOCgdkSb8JkCOdftVec0y2u4BRMA85fCroq0KF6G6B08T4sHyr6qZRhhlXkMJRrZ9T41VHUd5LJ8Jb33cRXkwtemWV9lUqMi0R66m1MVpr75EVl7vdfVdHvMprBEwBtm0FtgLdcsmRfTo5zTjioUw16rbC9nFTrfFOg8axCzLhlwR_MGJJZmSk5o_N1R0BKtE5fsBdptCjXHZmdSYRYZtEHZZ9l0ZTgpY7Zd8sdyn6K31NxCB42J2zLvEWr0F7_-dkG40x6y-AmezddEVu9YGbeaxOiXXOW1JSlBKtR3NG6K2mpSAJJ2TdvuVhQlgkYTkhv8UDpm-yb09I1PJgyLUz6nqlCMtE_WQ1_y0kdyC6JD2nHa_jeJx3LnMbxul22wwz6BDga-K8QaQL-2Jgo2bL8w6h57UjJdrBcnX7MYQ55jMArUJwPDJiuaV33af3dZ_SDQ8Y9eWCq1lGzz5Ejy6uisrcOvjTtsv8AIVnpLrSVE2qu-NLJV8IdhRSx3T8fI0Lb76SuoM3UKnH3YrysMw8hPhgkCXlrWNB34-IJyEmX9TovHrjc7PjhhhZmZBLeryRSoi-uyeOAuIOBHzxVt3LkECOLuTT2KKz74aK5z7C_A3DXAfYy14nQ3Ms4yCTX2WrYXHW9IwjixhJ_d0-iKZZPRuzQu4DhiX04-2fyTBi_eKmUxD4efvRIb0k__ufOyjH7OR3VHQtExLnvuo07TevcGPDbTwhRkYQwsa8YSo_tC8IOr9hco4h_FbHEtmyd_xaQT
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 23:28:24 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
generic
match.adsrvr.org/track/cmf/ Frame 8797 		70 B
148 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

content-length
70
content-type
image/gif
date
Fri, 17 Nov 2023 23:28:24 GMT
server
Kestrel
usersync
usersync.gumgum.com/ Frame 4424
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=gumgum
  • https://usersync.gumgum.com/usersync?b=sus&i=ZVf3GMCo8YMAANWxhqEAAAAA
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=sus&i=ZVf3GMCo8YMAANWxhqEAAAAA
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Fri, 17 Nov 2023 23:28:24 GMT
Expires
0
Pragma
no-cache

Redirect headers

Cache-Control
private
Connection
keep-alive
Content-Length
0
Date
Fri, 17 Nov 2023 23:28:24 GMT
Location
https://usersync.gumgum.com/usersync?b=sus&i=ZVf3GMCo8YMAANWxhqEAAAAA
P3P
CP="See also http://www.scaleout.jp/privacy/"
Server
nginx
X-SO-Ads-Time
1
X-SO-Cluster-ID
0
X-SO-HostName
m-ad437.dc4p.scaleout.jp
X-SO-IP
195.206.105.131
X-SO-Key
ZVf3GMCo8YMAANWxhqEAAAAA
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":0,"gdpr":false,"ipv4":"195.206.105.131","key":"ZVf3GMCo8YMAANWxhqEAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"m-ad437"}
X-SO-LB-Hostname
m-tgng31.dc4p.scaleout.jp
X-SO-Upstream-ID
m-ad437
usersync
usersync.gumgum.com/ Frame F619
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://usersync.gumgum.com/usersync?b=rth&i=NsMRezb_IAl1QO1xqjwZKBnkDFpY9ciBvWAHMUJgAcE&pi=gumgum
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=rth&i=NsMRezb_IAl1QO1xqjwZKBnkDFpY9ciBvWAHMUJgAcE&pi=gumgum
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Fri, 17 Nov 2023 23:28:24 GMT
Expires
0
Pragma
no-cache

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Fri, 17 Nov 2023 23:28:24 GMT Fri, 17 Nov 2023 23:28:24 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://usersync.gumgum.com/usersync?b=rth&i=NsMRezb_IAl1QO1xqjwZKBnkDFpY9ciBvWAHMUJgAcE&pi=gumgum
pragma
no-cache
usync.html
eus.rubiconproject.com/ Frame 7CD3
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
  • https://eus.rubiconproject.com/usync.html?p=gumgum
281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-22-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 17 Nov 2023 23:28:24 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Fri, 17 Nov 2023 23:28:24 GMT
location
https://eus.rubiconproject.com/usync.html?p=gumgum
server
AkamaiGHost
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame BC54 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.19.244.232 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-244-232.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=35453
content-encoding
gzip
content-length
5622
content-type
text/html
date
Fri, 17 Nov 2023 23:28:24 GMT
expires
Sat, 18 Nov 2023 09:19:17 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
sync
ads.servenobid.com/ Frame 9BDD
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=duration_media&khaos=LP393VEY-13-34K2
  • https://ads.servenobid.com/sync?pid=323&uid=LP393VEY-13-34K2
0
343 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=323&uid=LP393VEY-13-34K2
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.31.140.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-31-140-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 23:28:24 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ads.servenobid.com/sync?pid=323&uid=LP393VEY-13-34K2
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
6734403d2cb3625dc1fef1bbd4a17cf3
Expires
0
apn
ads.playground.xyz/usersync/ Frame 5B8C
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&ismms2s=1&p=161683&pu=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21482%26id%3D%23PMUID
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&ismms2s=1&p=161683&pu=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21482%26id%3D%23PMUID&rdf=1
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
43 B
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
34.102.253.54 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
54.253.102.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 23:28:24 GMT
via
1.1 google
x-powered-by
Express
vary
Origin
content-type
image/gif
cache-control
no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-request-id
634dd48d-5629-440f-a8b4-3d55059dcb20

Redirect headers

location
https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
date
Fri, 17 Nov 2023 23:28:23 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
176
content-type
text/html; charset=utf-8
cs
cs-rtb.minutemedia-prebid.com/ Frame 5B8C
Redirect Chain
  • https://eb2.3lift.com/getuid?cmp_cs=&gdpr=0&ismms2s=1&redir=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21480%26id%3D%24UID
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21480%26id%3D%24UID
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21480&id=3909430889404006262820
0
487 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-rtb.minutemedia-prebid.com/cs?aid=21480&id=3909430889404006262820
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
2600:9000:2449:ba00:1f:4c18:bd40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 23:28:24 GMT
via
1.1 9c7ba0aaf8652834e3f6b51b901da726.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
AMS58-P6
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
x-cache
Miss from cloudfront
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0
x-amz-cf-id
V7srZFczF9WGnzreVNBJhQUR1Iq5dqPmpcr9jGpMDUh7AIFABGNuug==

Redirect headers

location
https://cs-rtb.minutemedia-prebid.com/cs?aid=21480&id=3909430889404006262820
date
Fri, 17 Nov 2023 23:28:24 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
cs
cs-rtb.minutemedia-prebid.com/ Frame 5B8C
Redirect Chain
  • https://visitor.omnitagjs.com/visitor/bsync?gdpr=0&gdpr_consent=&ismms2s=1&name=MinuteMedia&uid=a1aca1d7a7acd80e26595e82223f1e6f&url=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21502%2...
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21502&id=d4b8c92f0e499d543086eb32635e6a2a
0
487 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-rtb.minutemedia-prebid.com/cs?aid=21502&id=d4b8c92f0e499d543086eb32635e6a2a
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
2600:9000:2449:ba00:1f:4c18:bd40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 23:28:24 GMT
via
1.1 9c7ba0aaf8652834e3f6b51b901da726.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
AMS58-P6
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
x-cache
Miss from cloudfront
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0
x-amz-cf-id
qNjJhGvMiPCK8bJ-bx0HQwgBZ9fSv3y8R1KlX9GB1TtUpKC9jLHuAw==

Redirect headers

pragma
no-cache
date
Fri, 17 Nov 2023 23:28:24 GMT
via
kong/2.8.4
x-content-type-options
nosniff
x-kong-proxy-latency
0
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
location
https://cs-rtb.minutemedia-prebid.com/cs?aid=21502&id=d4b8c92f0e499d543086eb32635e6a2a
x-kong-upstream-latency
2
content-type
text/html; charset=UTF-8
cache-control
no-cache, no-store, must-revalidate
content-length
0
expires
0
pixel
ap.lijit.com/ Frame 5B8C 		0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&ismms2s=1&redir=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21488%26id%3D%24UID
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.48 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 17 Nov 2023 23:28:24 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap5ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
cs
cs-rtb.minutemedia-prebid.com/ Frame 5B8C
Redirect Chain
  • https://prebid.a-mo.net/cchain/0?cb=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21492%26uid%3D&gdpr=0&gdpr_consent=&ismms2s=1
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21492&uid=&gdpr=0
0
534 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-rtb.minutemedia-prebid.com/cs?aid=21492&uid=&gdpr=0
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
2600:9000:2449:ba00:1f:4c18:bd40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 23:28:24 GMT
via
1.1 9c7ba0aaf8652834e3f6b51b901da726.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
AMS58-P6
x-reason
missing buyer cookie sync value, buyer id: '21492'
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
x-cache
Miss from cloudfront
content-type
application/javascript
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0
x-amz-cf-id
2L8D-mplS1IXpwNSdCP93mXRZVAVux27CMXf5HNrqpjhpdCsncdqUw==

Redirect headers

location
https://cs-rtb.minutemedia-prebid.com/cs?aid=21492&uid=&gdpr=0
date
Fri, 17 Nov 2023 23:28:23 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
0
server
envoy
content-length
0
cs
cs-rtb.minutemedia-prebid.com/ Frame 5B8C
Redirect Chain
  • https://u.openx.net/w/1.0/cm?gdpr=0&gdpr_consent=&id=29975467-6f1b-4e06-b545-920b22ea49b2&ismms2s=1&r=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21477%26id%3D
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21477&id=1a6ad4a4-4af1-43ca-9b43-172d554e932c
0
487 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-rtb.minutemedia-prebid.com/cs?aid=21477&id=1a6ad4a4-4af1-43ca-9b43-172d554e932c
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
2600:9000:2449:ba00:1f:4c18:bd40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 23:28:24 GMT
via
1.1 9c7ba0aaf8652834e3f6b51b901da726.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
AMS58-P6
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
x-cache
Miss from cloudfront
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0
x-amz-cf-id
lt3nLjMsxvC-eXdXfyOTTEWwNgCQ1myDZOniDN7-krXIT0HOF1uwZQ==

Redirect headers

date
Fri, 17 Nov 2023 23:28:24 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://cs-rtb.minutemedia-prebid.com/cs?aid=21477&id=1a6ad4a4-4af1-43ca-9b43-172d554e932c
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
cs
cs-rtb.minutemedia-prebid.com/ Frame 5B8C
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21476%26id%3D&ismms2s=1&s=196326
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21476&id=ZVf3FXv2.3cGhZO-l-xfEwAA%263276
0
487 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-rtb.minutemedia-prebid.com/cs?aid=21476&id=ZVf3FXv2.3cGhZO-l-xfEwAA%263276
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
2600:9000:2449:ba00:1f:4c18:bd40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 23:28:24 GMT
via
1.1 9c7ba0aaf8652834e3f6b51b901da726.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
AMS58-P6
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
x-cache
Miss from cloudfront
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0
x-amz-cf-id
JpVewo8yAFwLyLngqGMpBymEnNyYZ4TfG-nXy7S8ACPG8H1yTCk4Qg==

Redirect headers

pragma
no-cache
date
Fri, 17 Nov 2023 23:28:24 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8BG4CXJ6ysmJLE0GdbE17Edew9PmZx4aTXmUQMNt2TRuwQWfAah05wtMPTfWWdU%2FDaw4LcDrLvDK0sxO7%2FFT86HD4RrCjPgli2XVrLAm524ryWPTS9bbOxfuHOVZpiQ277%2BCvRkQSJ6Zsw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://cs-rtb.minutemedia-prebid.com/cs?aid=21476&id=ZVf3FXv2.3cGhZO-l-xfEwAA%263276
cache-control
no-cache
cf-ray
827bbff65bf15b8c-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
sync
ads.servenobid.com/ Frame 5B8C 		0
341 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=348&uid=pxdH85--kp_mm
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.31.140.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-31-140-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 23:28:24 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202311090101&jk=2268578495133496&bg=!SkmlSQbNAAZxrfrxUa07ADQBe5WfOBoMjKuNmjcpiNppryOClhL1HUe-UvG6SJ3IF1-yQNu6pm_DPyNVztEGcfhL6qEWAgAAAKNSAAAAB2gBBwoAud2WcOisL9pxZjE-EUOG0N38ymzma8_7odGR4whswN6V7JzaH2adzvV1CaFZumjHej4HPcmnoGD3YwzBAj4ld6x6RZeeN1_kcS9NJWT4bzOkcEw4f9LK9pWhcn7q3BS6Vw87v9hLtbqsp3bbJx3CSo_ILPUBoxkBn9jpyKiVUIsqKt8PS67Irvn5SzuW7Tj1YCkI4H40jI0BWp9SA1Zbl4BOlp701h3eW-jXDqG29Jdy1UoI0u0BT-UpmQK6EbYHpYlW8iyBDEI4Zl-jhYqD2_iwDOVrSpB3oj3-48rbvUW6YjMNWaFFpJn2EPz0uXH4wymLIaaUzwGKglpuEeP4Y5BVvFVCT5GSDj5H4th7cXrwzBSn5SCcfyphrYFq-yaxc60tDDYibXHJ3QFYnGscyTWVj7CstwYu88eMYE8jhkVaewa8YMuM9wMdboKZrloIarXvTuo1UoVRCmpqjYLO3CUzfeKlQNrwBMksjwzdWWWZL9tWXE57cwrtfMojVYSX8QS-5-aC7NrDzym0CLd2JjP6w7wVJLW1kd0JCPldfG3LW6RxrN7ZPgJ5QercbDIkbic6r5fiQk7wHmKFQn75MILlQrwXAv8WD2_aHgIQs5wOaFY-RXmTAo7Y2C-MUNsuOFuqCAIcXDV7S1nQTo_5Mk4PD-qv3lK1DsJ0q2fuN5_M4EUXzvaqVkIxF5FyeQrX8Xw-YpSq0neY-zAGgcqHDPOBZHABmw1UDG1PzJIYyP0gAxPvgl4KegiF-VW5xkTtpnCAXSKabzJp-DrICFOiOo8x6L3NPkyy4xqSWpBPK29dldEvGtXUptKjXvJxalQrIPFgLU8XYGwI6rxV-M_VeWbNrs4SNuifiJzMxYQlXqHs0MDUGOXi6jndtoudGZ4tWjjrkvZGsumC_kwvqiXJsiQA0UkJ9akKIm-fIOJn6QVxE1JGqRcAYLJ7wfY8U1hh2JgEAXZAg9-8cnRiYjsGZj0d-TwuKhn5G0NqIag5oy0YjtiImZbs3nYo_0WlTB6Ad79K2TU7S0MrIxgbzvRF-j8q1pJ2O3ANuV3HGuPaNaeFLagDbdz-Qrrupsiq3Tx7FkSkqKJKCqzNmY1DEXJ3F9DPphTU-qUlv4eQziTVqkNHT7nt9mj8V9saqrBJ62hhltetzMibOjuyF9GoGxZms8A2spxHryM
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
6c6cefa7-471d-4687-925e-86eeb9775ac0&partner_id=1010
csync.smilewanted.com/set_partner_userid_get/improve/ Frame 5BA7
Redirect Chain
  • https://ice.360yield.com/server_match?r=https://csync.smilewanted.com/set_partner_userid_get/improve/{PUB_USER_ID}&partner_id=1010
  • https://ice.360yield.com/ul_cb/server_match?r=https://csync.smilewanted.com/set_partner_userid_get/improve/%7BPUB_USER_ID%7D&partner_id=1010
  • https://csync.smilewanted.com/set_partner_userid_get/improve/6c6cefa7-471d-4687-925e-86eeb9775ac0&partner_id=1010
0
521 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/improve/6c6cefa7-471d-4687-925e-86eeb9775ac0&partner_id=1010
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
827bbff82c205d5b-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 17 Nov 2023 23:28:24 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

access-control-allow-origin
*
content-length
0
content-type
text/plain
date
Fri, 17 Nov 2023 23:28:24 GMT
location
https://csync.smilewanted.com/set_partner_userid_get/improve/6c6cefa7-471d-4687-925e-86eeb9775ac0&partner_id=1010
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
usync.js
eus.rubiconproject.com/ Frame 7CD3 		46 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-22-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
e92610c8ef333bcc5802150887076cfd1a1b6590432185f2bc0a0abff06d906d

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 17 Nov 2023 23:28:24 GMT
Content-Encoding
gzip
Last-Modified
Fri, 17 Nov 2023 11:35:45 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=43600
Connection
keep-alive
Content-Length
13230
Expires
Sat, 18 Nov 2023 11:35:04 GMT
2679f436-0506-4200-a5ae-c9366bf1b1bb
csync.smilewanted.com/set_partner_userid_get/openx/ Frame 8B4D
Redirect Chain
  • https://u.openx.net/w/1.0/cm?id=158474f5-20ec-4fcc-8ba8-4c101c556b25&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fopenx%2F
  • https://csync.smilewanted.com/set_partner_userid_get/openx/2679f436-0506-4200-a5ae-c9366bf1b1bb
0
657 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/openx/2679f436-0506-4200-a5ae-c9366bf1b1bb
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
827bbff72ba25d5b-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 17 Nov 2023 23:28:24 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
0
content-type
text/html
date
Fri, 17 Nov 2023 23:28:24 GMT
location
https://csync.smilewanted.com/set_partner_userid_get/openx/2679f436-0506-4200-a5ae-c9366bf1b1bb
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
csi
csi.gstatic.com/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&top=1&puid=2~lp393xn8&c=4811963659438&slotId=2405981829719&met.4=hvd_lc.lp393xn7~hvd_ad.lp393xn7~hvd_mad.lp393xn7~hvd_admu.lp393xn7~hvd_src.lp393xn7
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2800:3f0:4001:82a::2003 São Paulo, Brazil, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 23:28:24 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
ap.lijit.com/ Frame A27C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fsovrn%2F%24UID
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.48 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Date
Fri, 17 Nov 2023 23:28:24 GMT
X-Sovrn-Pod
ad_ap5ams1
v1
match.sharethrough.com/universal/ Frame 484A 		0
34 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/universal/v1?supply_id=5926d422&gdpr=0&gdpr_consent=
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.59.59.191 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-59-59-191.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 23:28:24 GMT
cs
cs.yellowblue.io/ Frame 484A
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=3663&gdpr=0&gdpr_consent=
  • https://cs.yellowblue.io/cs?aid=11601&id=1d1dd33f8844fbe76c1295526242d9&gdpr_consent=&gdpr=0
0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.yellowblue.io/cs?aid=11601&id=1d1dd33f8844fbe76c1295526242d9&gdpr_consent=&gdpr=0
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
52.210.50.120 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-50-120.eu-west-1.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 23:28:24 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

Pragma
no-cache
Date
Fri, 17 Nov 2023 23:28:24 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://cs.yellowblue.io/cs?aid=11601&id=1d1dd33f8844fbe76c1295526242d9&gdpr_consent=&gdpr=0
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1700263704365012-421
apn
ads.playground.xyz/usersync/ Frame 484A
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160295&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11576%26id%3D%23PMUID
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
43 B
251 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
34.102.253.54 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
54.253.102.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 23:28:24 GMT
via
1.1 google
x-powered-by
Express
vary
Origin
content-type
image/gif
cache-control
no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-request-id
6fd1a800-b6f1-4376-bd4c-ca2f536f4b98

Redirect headers

location
https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
date
Fri, 17 Nov 2023 23:28:22 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
176
content-type
text/html; charset=utf-8
sync
ads.servenobid.com/ Frame 484A 		0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=352&uid=ysdT58-zCp_s
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.31.140.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-31-140-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 23:28:24 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
img
sync.mathtag.com/sync/ Frame 3521 		43 B
443 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.134.248 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MT3 1075 283b7e3 master cdg cdg-pixel-x11 config_version:"3168" /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Fri, 17 Nov 2023 23:28:24 GMT
Expires
Fri, 17 Nov 2023 23:28:23 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 1075 283b7e3 master cdg cdg-pixel-x11 config_version:"3168"
cs
cs-server-s2s.yellowblue.io/ Frame 336F
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=2BA9B6BA-0B56-417F-8D7A-FE7045BC1D99
0
321 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=2BA9B6BA-0B56-417F-8D7A-FE7045BC1D99
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
3.221.116.77 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-221-116-77.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://ads.pubmatic.com/
content-length
0
content-type
application/javascript
date
Fri, 17 Nov 2023 23:28:24 GMT
server
istio-envoy
x-envoy-upstream-service-time
1

Redirect headers

cache-control
private,max-age=86400
content-length
115
content-type
text/html; charset=utf-8
date
Fri, 17 Nov 2023 23:28:24 GMT
location
https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=2BA9B6BA-0B56-417F-8D7A-FE7045BC1D99
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
dcm
aax-eu.amazon-adsystem.com/s/ Frame 2554 		43 B
855 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=2BA9B6BA-0B56-417F-8D7A-FE7045BC1D99&redir=true&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.126.160 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Fri, 17 Nov 2023 23:28:24 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
SNM3TZ1C23FGVPZBD3HE
cs
cs-server-s2s.yellowblue.io/ Frame 10F0
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=sbDS0uGy1tGq54LRvuPK0rK2gdyqsdfQ4-RP1JaP
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=2BA9B6BA-0B56-417F-8D7A-FE7045BC1D99
0
321 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=2BA9B6BA-0B56-417F-8D7A-FE7045BC1D99
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
3.221.116.77 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-221-116-77.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://ads.pubmatic.com/
content-length
0
content-type
application/javascript
date
Fri, 17 Nov 2023 23:28:24 GMT
server
istio-envoy
x-envoy-upstream-service-time
1

Redirect headers

cache-control
private,max-age=86400
content-length
115
content-type
text/html; charset=utf-8
date
Fri, 17 Nov 2023 23:28:23 GMT
location
https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=2BA9B6BA-0B56-417F-8D7A-FE7045BC1D99
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cs
cs-server-s2s.yellowblue.io/ Frame 55B2
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2555110911558640958&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=2BA9B6BA-0B56-417F-8D7A-FE7045BC1D99
0
321 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=2BA9B6BA-0B56-417F-8D7A-FE7045BC1D99
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
3.221.116.77 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-221-116-77.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://ads.pubmatic.com/
content-length
0
content-type
application/javascript
date
Fri, 17 Nov 2023 23:28:24 GMT
server
istio-envoy
x-envoy-upstream-service-time
0

Redirect headers

cache-control
private,max-age=86400
content-length
115
content-type
text/html; charset=utf-8
date
Fri, 17 Nov 2023 23:28:24 GMT
location
https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=2BA9B6BA-0B56-417F-8D7A-FE7045BC1D99
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cs
cs-server-s2s.yellowblue.io/ Frame 34E2
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7302576998970161295&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=2BA9B6BA-0B56-417F-8D7A-FE7045BC1D99
0
321 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=2BA9B6BA-0B56-417F-8D7A-FE7045BC1D99
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
3.221.116.77 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-221-116-77.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://ads.pubmatic.com/
content-length
0
content-type
application/javascript
date
Fri, 17 Nov 2023 23:28:24 GMT
server
istio-envoy
x-envoy-upstream-service-time
0

Redirect headers

cache-control
private,max-age=86400
content-length
115
content-type
text/html; charset=utf-8
date
Fri, 17 Nov 2023 23:28:24 GMT
location
https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=2BA9B6BA-0B56-417F-8D7A-FE7045BC1D99
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
ImgSync
image8.pubmatic.com/AdServer/ Frame 43AA
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=1S6dFtTSV3lGVnbORI-b58POaYM&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.18 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
private,max-age=86400
date
Fri, 17 Nov 2023 23:28:23 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

cache-control
no-store, no-cache, private
date
Fri, 17 Nov 2023 23:28:23 GMT
location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
ImgSync
image8.pubmatic.com/AdServer/ Frame 3B47
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy=
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=cf43bc52-dcf0-4efe-82a4-8f5ea5795863&ssp=pubmatic
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=32b3944a-ca0f-4e78-b1df-783499744432&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.18 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
private,max-age=86400
date
Fri, 17 Nov 2023 23:28:23 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

cache-control
no-store, no-cache, private
date
Fri, 17 Nov 2023 23:28:24 GMT
location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
ImgSync
image8.pubmatic.com/AdServer/ Frame C3C9
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFESk9VN0tyLTRBQUJVcTV3cnhQZw&gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_syn...
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://rtb-csync.smartadserver.com/redir?partneruserid=AADJOU7Kr-4AABUq5wrxPg&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dpp%252Cpm%26bee...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=pp%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=2&userid=1663336969069035544&gdpr=0&gdpr_consent=
  • https://bh.contextweb.com/bh/rtset?ev=AADJOU7Kr-4AABUq5wrxPg&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D1663336969069035544%26gdpr%3D0%26gdpr_consen...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=1663336969069035544&gdpr=0&gdpr_consent=&bee_sync_partners=pm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AADJOU7...
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AADJOU7Kr-4AABUq5wrxPg&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.18 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
private,max-age=86400
date
Fri, 17 Nov 2023 23:28:24 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

cache-control
no-store, no-cache, private
date
Fri, 17 Nov 2023 23:28:24 GMT
location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
Pug
image2.pubmatic.com/AdServer/ Frame 95FD
Redirect Chain
  • https://t.adx.opera.com/pub/sync?pubid=pub8730968190912
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU5c5f19e9c1f04c399048777a127ea838
42 B
296 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU5c5f19e9c1f04c399048777a127ea838
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 17 Nov 2023 23:28:24 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
access-control-allow-methods
POST, GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
content-length
166
content-type
text/html; charset=utf-8
date
Fri, 17 Nov 2023 23:28:24 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU5c5f19e9c1f04c399048777a127ea838
pragma
no-cache
server
nginx
Pug
simage2.pubmatic.com/AdServer/ Frame 38E6
Redirect Chain
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
0
225 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Fri, 17 Nov 2023 23:28:23 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
date
Fri, 17 Nov 2023 23:28:24 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
server
_
b9pj45k4
sync-tm.everesttech.net/ct/upi/pid/ Frame 0D9B
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_con...
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_...
85 B
236 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZVf3GAAAbXMyrQBU
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
85
content-type
image/png
date
Fri, 17 Nov 2023 23:28:24 GMT
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-fra-eddf8230045-FRA
x-timer
S1700263704.428835,VS0,VE94

Redirect headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
0
date
Fri, 17 Nov 2023 23:28:24 GMT
location
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZVf3GAAAbXMyrQBU
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-fra-eddf8230045-FRA
x-timer
S1700263704.310884,VS0,VE92
bridge
cm.adgrx.com/ Frame 546E 		43 B
283 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.251.245.179 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
content-length
43
content-type
image/gif
date
Fri, 17 Nov 2023 23:28:24 GMT
expires
Thu, 23 Sep 2004 17:42:04 GMT
p3p
CP="NOI OTC OTP OUR NOR"
pragma
no-cache
server
Cowboy
x-realserver-nx
ams-delivery-7
cs
cs-server-s2s.yellowblue.io/ Frame 5F68
Redirect Chain
  • https://b1sync.zemanta.com/usersync/pubmatic/?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:&gdpr=0&gdpr_consent=&gdpr=0
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=2BA9B6BA-0B56-417F-8D7A-FE7045BC1D99
0
321 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=2BA9B6BA-0B56-417F-8D7A-FE7045BC1D99
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
3.221.116.77 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-221-116-77.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://ads.pubmatic.com/
content-length
0
content-type
application/javascript
date
Fri, 17 Nov 2023 23:28:24 GMT
server
istio-envoy
x-envoy-upstream-service-time
3

Redirect headers

cache-control
private,max-age=86400
content-length
115
content-type
text/html; charset=utf-8
date
Fri, 17 Nov 2023 23:28:24 GMT
location
https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=2BA9B6BA-0B56-417F-8D7A-FE7045BC1D99
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cm
ipac.ctnsnet.com/int/ Frame A5D9 		43 B
360 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.193.173 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
173.193.186.35.bc.googleusercontent.com
Software
Apache-Coyote/1.1 /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
43
content-type
image/gif
date
Fri, 17 Nov 2023 23:28:23 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
CP="NOI DSP COR NID CUR OUR NOR"
pragma
no-cache
server
Apache-Coyote/1.1
via
1.1 google
Pug
image2.pubmatic.com/AdServer/ Frame B5F1
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=4180569872145925036
42 B
195 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=4180569872145925036
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 17 Nov 2023 23:28:24 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=4180569872145925036
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
cs
cs-server-s2s.yellowblue.io/ Frame AE60
Redirect Chain
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5133329528853638736
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=2BA9B6BA-0B56-417F-8D7A-FE7045BC1D99
0
321 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=2BA9B6BA-0B56-417F-8D7A-FE7045BC1D99
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
3.221.116.77 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-221-116-77.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://ads.pubmatic.com/
content-length
0
content-type
application/javascript
date
Fri, 17 Nov 2023 23:28:24 GMT
server
istio-envoy
x-envoy-upstream-service-time
0

Redirect headers

cache-control
private,max-age=86400
content-length
115
content-type
text/html; charset=utf-8
date
Fri, 17 Nov 2023 23:28:23 GMT
location
https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=2BA9B6BA-0B56-417F-8D7A-FE7045BC1D99
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cookiesync
core.iprom.net/ Frame 1301 		43 B
276 B 		Document
General
Check archive.org
Download Go to
Full URL
https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Connection
close
Content-Length
43
Content-Type
image/gif
Date
Fri, 17 Nov 2023 23:28:24 GMT
Vary
Accept-Encoding
X-adserver-worker
molok-a1ea68c74fe9@version_1.576
X-core-time
1ms
X-server-arch
v2
pubmatic
ad.mrtnsvr.com/sync/ Frame A9C0 		0
0
sync
ads.servenobid.com/ Frame 7717 		0
358 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/sync?pid=316&uid=2BA9B6BA-0B56-417F-8D7A-FE7045BC1D99
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.31.140.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-31-140-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
amp-access-control-allow-source-origin
*
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
content-length
0
content-type
text/html;charset=ISO-8859-1
date
Fri, 17 Nov 2023 23:28:24 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 9804
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=K6m2ugtWQX-Nev5wRbwdmQ%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
2.19.244.232 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-244-232.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 23:28:24 GMT
content-encoding
gzip
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=35453
accept-ranges
bytes
content-length
5622
expires
Sat, 18 Nov 2023 09:19:17 GMT

Redirect headers

pragma
no-cache
date
Fri, 17 Nov 2023 23:28:24 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
qmap
sync.crwdcntrl.net/ Frame 9804
Redirect Chain
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=2BA9B6BA-0B56-417F-8D7A-FE7045BC1D99&gdpr=0&gdpr_consent=
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=2BA9B6BA-0B56-417F-8D7A-FE7045BC1D99&gdpr=0&gdpr_consent=&ct=y
49 B
544 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=2BA9B6BA-0B56-417F-8D7A-FE7045BC1D99&gdpr=0&gdpr_consent=&ct=y
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
52.215.24.0 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-215-24-0.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 23:28:24 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.30.64
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Fri, 17 Nov 2023 23:28:24 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=2BA9B6BA-0B56-417F-8D7A-FE7045BC1D99&gdpr=0&gdpr_consent=&ct=y
cache-control
no-cache
x-server
10.45.13.44
content-length
0
expires
0
cr
cr.frontend.weborama.fr/ Frame 9804
Redirect Chain
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=374908773
0
45 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=374908773
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
34.111.129.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.129.111.34.bc.googleusercontent.com
Software
Weborama Collect Frontend /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 23:28:24 GMT
via
1.1 google
last-modified
Fri, 17 Nov 2023 23:28:24 GMT
server
Weborama Collect Frontend
vary
Origin
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 17 Nov 2023 23:28:24 GMT
via
1.1 google
last-modified
Fri, 17 Nov 2023 23:28:24 GMT
server
Weborama Collect Frontend
vary
Origin
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
location
https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=374908773
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Tue, 03 Jul 2001 06:00:00 GMT
p
a.audrte.com/ Frame 9804
Redirect Chain
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=2BA9B6BA-0B56-417F-8D7A-FE7045BC1D99
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent=
  • https://a.audrte.com/a?adform_uid=278540316111714368&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D
  • https://a.audrte.com/p
68 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
HTTP/1.1
Server
34.246.239.231 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-246-239-231.eu-west-1.compute.amazonaws.com
Software
nginx/1.22.1 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 17 Nov 2023 23:28:24 GMT
Server
nginx/1.22.1
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Fri, 17 Nov 2023 23:28:24 GMT
Server
nginx/1.22.1
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Access-Control-Allow-Origin
*
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
cs
cs-server-s2s.yellowblue.io/ Frame 9804
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MkJBOUI2QkEtMEI1Ni00MTdGLThEN0EtRkU3MDQ1QkMxRDk5&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=2BA9B6BA-0B56-417F-8D7A-FE7045BC1D99
0
321 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=2BA9B6BA-0B56-417F-8D7A-FE7045BC1D99
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
3.221.116.77 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-221-116-77.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 23:28:24 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://ads.pubmatic.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

location
https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=2BA9B6BA-0B56-417F-8D7A-FE7045BC1D99
date
Fri, 17 Nov 2023 23:28:22 GMT
cache-control
private,max-age=86400
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
115
content-type
text/html; charset=utf-8
cs
cs-server-s2s.yellowblue.io/ Frame 9804
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEJ3DhzoPqLzMm-1bvI5zdtc&google_cver=1
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=2BA9B6BA-0B56-417F-8D7A-FE7045BC1D99
0
321 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=2BA9B6BA-0B56-417F-8D7A-FE7045BC1D99
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
3.221.116.77 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-221-116-77.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 23:28:24 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://ads.pubmatic.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

location
https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=2BA9B6BA-0B56-417F-8D7A-FE7045BC1D99
date
Fri, 17 Nov 2023 23:28:23 GMT
cache-control
private,max-age=86400
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
115
content-type
text/html; charset=utf-8
pubmatic
um.simpli.fi/ Frame 9804 		43 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.204.74.118 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
118.74.204.35.bc.googleusercontent.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 23:28:24 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Thu, 16 Nov 2023 23:28:24 GMT
cs
cs-server-s2s.yellowblue.io/ Frame 9804
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=278540316111714368
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=2BA9B6BA-0B56-417F-8D7A-FE7045BC1D99
0
321 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=2BA9B6BA-0B56-417F-8D7A-FE7045BC1D99
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
3.221.116.77 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-221-116-77.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 23:28:24 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://ads.pubmatic.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

location
https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=2BA9B6BA-0B56-417F-8D7A-FE7045BC1D99
date
Fri, 17 Nov 2023 23:28:24 GMT
cache-control
private,max-age=86400
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
115
content-type
text/html; charset=utf-8
generic
match.adsrvr.org/track/cmf/ Frame 9804 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 23:28:24 GMT
server
Kestrel
content-length
70
content-type
image/gif
SPug
image4.pubmatic.com/AdServer/ Frame 9804
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=2BA9B6BA-0B56-417F-8D7A-FE7045BC1D99&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-20RtAmVE2uXiUuaxlKIO9vKad4aURXs-~A&gdpr=0
0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-20RtAmVE2uXiUuaxlKIO9vKad4aURXs-~A&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
198.47.127.20 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 23:28:23 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-20RtAmVE2uXiUuaxlKIO9vKad4aURXs-~A&gdpr=0
date
Fri, 17 Nov 2023 23:28:24 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
2BA9B6BA-0B56-417F-8D7A-FE7045BC1D99
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 9804 		43 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/2BA9B6BA-0B56-417F-8D7A-FE7045BC1D99?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3605:4684:36f0:2036:f07d Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 23:28:24 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
ImgSync
image8.pubmatic.com/AdServer/ Frame 9804
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=4e4df382-450d-4665-bb20-69a5144f6041-6557f718-4348&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
0
314 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
198.47.127.18 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 23:28:24 GMT
cache-control
private,max-age=86400
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
date
Fri, 17 Nov 2023 23:28:24 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cs
cs-server-s2s.yellowblue.io/ Frame 9804
Redirect Chain
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=2BA9B6BA-0B56-417F-8D7A-FE7045BC1D99&gdpr=0&gdpr_consent=
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=3ff94fd1cb4b192f&is_secure=true&networkId=17100&version=1&nuid=2BA9B6BA-0B56-417F-8D7A-FE7045BC1D99&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAIEe3SDt8pmwN5mCDEAAAAAAA&expiration=1700350104&nuid=2BA9B6BA-0B56-417F-8D7A-FE7045BC1D99&...
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=2BA9B6BA-0B56-417F-8D7A-FE7045BC1D99
0
321 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=2BA9B6BA-0B56-417F-8D7A-FE7045BC1D99
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
3.221.116.77 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-221-116-77.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 23:28:24 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://ads.pubmatic.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

location
https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=2BA9B6BA-0B56-417F-8D7A-FE7045BC1D99
date
Fri, 17 Nov 2023 23:28:24 GMT
cache-control
private,max-age=86400
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
115
content-type
text/html; charset=utf-8
cs
cs-server-s2s.yellowblue.io/ Frame 9804
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2929884510537599797&gdpr=0&gdpr_consent=&us_privacy=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=2BA9B6BA-0B56-417F-8D7A-FE7045BC1D99
0
321 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=2BA9B6BA-0B56-417F-8D7A-FE7045BC1D99
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
3.221.116.77 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-221-116-77.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 23:28:24 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://ads.pubmatic.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
3
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

location
https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=2BA9B6BA-0B56-417F-8D7A-FE7045BC1D99
date
Fri, 17 Nov 2023 23:28:24 GMT
cache-control
private,max-age=86400
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
115
content-type
text/html; charset=utf-8
cs
cs-server-s2s.yellowblue.io/ Frame 9804
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:c9bda919-a080-4efb-b4db-b3c9a9196e15&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=2BA9B6BA-0B56-417F-8D7A-FE7045BC1D99
0
321 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=2BA9B6BA-0B56-417F-8D7A-FE7045BC1D99
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
3.221.116.77 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-221-116-77.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 23:28:24 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://ads.pubmatic.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
2
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

location
https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=2BA9B6BA-0B56-417F-8D7A-FE7045BC1D99
date
Fri, 17 Nov 2023 23:28:23 GMT
cache-control
private,max-age=86400
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
115
content-type
text/html; charset=utf-8
khaos.json
token.rubiconproject.com/ Frame 7CD3 		7 B
778 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?khaos=LP393VEY-13-34K2
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
e06182bf224d96e6550f4595601cdb0b
Expires
0
278540316111714368
csync.smilewanted.com/set_partner_userid_get/adform/ Frame CD17
Redirect Chain
  • https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fadform%2F%24UID
  • https://csync.smilewanted.com/set_partner_userid_get/adform/278540316111714368
0
558 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/adform/278540316111714368
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
827bbff8dca65d5b-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 17 Nov 2023 23:28:24 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

content-length
0
content-type
text/plain
date
Fri, 17 Nov 2023 23:28:24 GMT
location
https://csync.smilewanted.com/set_partner_userid_get/adform/278540316111714368
server
nginx
/
csync.smilewanted.com/set_partner_userid_get/outbrain/ Frame 8619
Redirect Chain
  • https://b1sync.zemanta.com/usersync/smilewanted?gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Foutbrain%2F__ZUID__
  • https://csync.smilewanted.com/set_partner_userid_get/outbrain/?gdpr=0
0
80 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/outbrain/?gdpr=0
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
827bbff8ac855d5b-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 17 Nov 2023 23:28:24 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

Cache-Control
no-cache, no-store, must-revalidate
Content-Length
92
Content-Type
text/html; charset=utf-8
Date
Fri, 17 Nov 2023 23:28:24 GMT
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Location
https://csync.smilewanted.com/set_partner_userid_get/outbrain/?gdpr=0
Pragma
no-cache
usersync
usersync.gumgum.com/ Frame 7CD3
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&khaos=LP393VEY-13-34K2
  • https://usersync.gumgum.com/usersync?b=mag&i=LP393VEY-13-34K2
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=mag&i=LP393VEY-13-34K2
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Fri, 17 Nov 2023 23:28:24 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://usersync.gumgum.com/usersync?b=mag&i=LP393VEY-13-34K2
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
28e1e7d28d06b07ec669bc9e43057b8e
Expires
0
NsMRezb_IAl1QO1xqjwZKBnkDFpY9ciBvWAHMUJgAcE
csync.smilewanted.com/set_partner_userid_get/rtbhouse/ Frame 21F8
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=smilewanted
  • https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/NsMRezb_IAl1QO1xqjwZKBnkDFpY9ciBvWAHMUJgAcE?pi=smilewanted
0
566 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/NsMRezb_IAl1QO1xqjwZKBnkDFpY9ciBvWAHMUJgAcE?pi=smilewanted
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
827bbff83c2d5d5b-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 17 Nov 2023 23:28:24 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Fri, 17 Nov 2023 23:28:24 GMT Fri, 17 Nov 2023 23:28:24 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/NsMRezb_IAl1QO1xqjwZKBnkDFpY9ciBvWAHMUJgAcE?pi=smilewanted
pragma
no-cache
async_usersync
ib.adnxs.com/ Frame 25AC 		0
597 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 23:28:24 GMT
an-x-request-uuid
8604db7d-81f4-4cca-bb36-08a36a052489
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
195.206.105.131; 195.206.105.131; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
VideoBidRequestHandlerServlet
am-wf.taboola.com/ 		2 KB
790 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://am-wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=6926735&noaop=3&sortOrderType=0&cb=1700263705959&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=3&pv=1573&pt=-87615671&tz=60&viewable=true&ddast=V8vJwCLAbUW0BpuoeoshOot4DSdA9RZS8AAABgYID-AEnObL6RYWNxi3YL31q0mM3WwplnspaZJiPPaLAbLWabISDBlW1hMbmGa5VptVmLBpvBWjlYWNyqjc23nM0cw9lgMwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZWaDodPte9Xvf73SU-z1zj9yv8OofdLXK4pa6XW3p02N2StWDisLslLrtb-HTY3TKX3efWuNyao9MtPbrsPrfm6HRrHU634mkXmt5mOwAAAAB4AJAW-wjhBxAAIAIAAACABAAAAAAKARX-LQhcAAAAAMAAsHC7qgHgmUMDOwxil8fosrxMp5c_AAA8FIAAABDAIAGAgH5YAiDGeO8EAAAAAAAAAACL_____xgD-JV9MggG1mt6ADz4AHggUiBahBEAAACAYee0wSOTdIKKRRUAAIJ0KwBXAAACFr87R07CAAAACIxZoIfF7zc77Bq_22UAAAAAAAAAAMz8n_lHI5TjSpEGaLzwQ80vIADAml9AAAA26gYA4I0AnKBD0IrBYHUCYnYAAAAA7vz____rAbGVbeYabUa-1Wi3m61cE49j5bHZVpPVaDkaOSfbg18qIW6DoS7cZ0NYZr_voKCcnh6zyyBjuUwG8UHDsJwMgvmZsMVoNZlslsPZcjEZDEfD0Wh_BHA5QBMxWC4nk8VktxqtRpvhbjQbLJBADCaIokWDyWo0miwmw9VospotF7vdBlG0ajUbbQbD1Wwy2-1Ww8FwORqhCVuMVpPJZjmcLReTwXA0HI2GCKZmM9dsNdqsZb7RZi2a2WxriXEyWissvt1iuXC5LMvhWvT6mD6uxW7jnGyRYADXXgQX6UTwMLsdppdb4vNs_BaxRHOySCeyy762ss1co83ItxrtdrOVa-JxrDw222qyGi1HI-dk35rNXLPVaLOW-UabtWhms60lxslorbD4dovlwuWyLIdr0etj-rgWu41zsm_sBoPJbDNbDveN3WAwmW1my-G-Q2f4rj5no7Ksknx8foc5aD7XnAaFy2DxvtSn87BgLKjPnqPTpp1eCzqj3-_3-_1-v9_v9xu0noPZoPA9D3_h9LE8l8PZ6EFsMChiieB0kU5EL-PpIpZInhbpRDRcWBaL0cI5WdicC9tmORzNRg6PyeYaDQeblWsilihNF-lEr_DrHHa3yOGWul5u6dFhd0vWgonD7pa47G7h02F3y1x2n1vjcmuOTrf06LL73Jqj0611ON2Kp11oepst6j96iOVqLhnM5orBaq7YLFYJAAAAAAAAAMASTDPdBAAAAMDJoIab4WK1XAAXQVm6gE0AAAAAAACKNfZYAzzMbofp5Zb4PBu_lQFIMOcx28wzglir1bIGAAAggA0AACCAm268CViJ5OwDwnrgQqkXfuRXEJvlZLN_ACrEWq2WzxdrtVoC_____wE!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=1&dtagid=3262075&dpubid=583815&abtst=adxsub-out_vA!adxsub-out_vB!ufm_vG&mPre=0.033&cirf=https%3A%2F%2Fwww.bg3.co&en=1&subu=3
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.5.7/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
24cfd91c2dbb9697d0a7e6c9dac0dcf093f1cf8dc33dc59c93d52057d639368f

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
text/plain

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 23:28:25 GMT
content-encoding
gzip
server
nginx
machineid
1464
vary
Accept-Encoding
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
expires
Sat, 26 Jul 1997 05:00:00 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame 9804 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=162412&gdpr=0&gdpr_consent=&us_privacy=1YN-
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.20 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 23:28:25 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
collect
region1.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-Z0TZ7TDHS1&gtm=45je3b81v886690812&_p=1700263698186&gcd=11l1l1l1l1&dma=0&cid=1983550272.1700263699&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1700263701&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fgan-da-jue-zhan-2-0ban-ben-xian-feng-ce-shi-zheng-shi-kai-qi.html&dt=%E3%80%8A%E6%95%A2%E9%81%94%E6%B1%BA%E6%88%B0%E3%80%8B2.0%E7%89%88%E6%9C%AC%E5%85%88%E9%8B%92%E6%B8%AC%E8%A9%A6%E6%AD%A3%E5%BC%8F%E9%96%8B%E5%95%93%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&en=link_preview&_ee=1&epn.value=1&epn.siteid=42753&ep.error_msg=no_mapping_failed&_et=6&tfd=10048
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 23:28:26 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
visible
trc.taboola.com/palmate-bg3co/log/3/ 		0
253 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/palmate-bg3co/log/3/visible?tvi2=13726&tvi48=-48&tvi50=13923&route=AM%3AIL%3AV&lti=deflated
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231116-8-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
74
date
Fri, 17 Nov 2023 23:28:26 GMT
via
1.1 varnish
x-fastly-to-nlb-rtt
69032
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-fra-eddf8230122-FRA
pragma
no-cache
server
nginx
x-timer
S1700263707.760050,VS0,VE74
content-type
image/gif
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
PugMaster
image6.pubmatic.com/AdServer/ Frame 9804 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=82969780&p=162412&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1YN-
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
1141e162fc30386672f3a11a2488bf3747c19d48fb6d4a92be2a68069b153b0f

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Fri, 17 Nov 2023 23:28:25 GMT
content-length
1582
content-type
text/html; charset=UTF-8
PugMaster
image6.pubmatic.com/AdServer/ Frame 05FB 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=80077821&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
1141e162fc30386672f3a11a2488bf3747c19d48fb6d4a92be2a68069b153b0f

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Fri, 17 Nov 2023 23:28:25 GMT
content-length
1582
content-type
text/html; charset=UTF-8
match
c1.adform.net/serving/cookie/ Frame E2DA 		35 B
599 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?party=14&cid=2BA9B6BA-0B56-417F-8D7A-FE7045BC1D99&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.132 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Fri, 17 Nov 2023 23:28:27 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
usersyncsupply
cm-supply-web.gammaplatform.com/adx/ Frame 4251 		0
0
i.match
s.tribalfusion.com/z/ Frame EE76
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...
43 B
422 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
827bc00b7c9203e0-FRA
content-length
43
content-type
image/gif; charset=utf-8
date
Fri, 17 Nov 2023 23:28:27 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
302

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
827bc00a2b1003e0-FRA
content-type
text/html
date
Fri, 17 Nov 2023 23:28:27 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
206
x-reuse-index
357
ImgSync
image8.pubmatic.com/AdServer/ Frame 2448
Redirect Chain
  • https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent=
  • https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25...
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=12651161410d7ddf/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%...
  • https://pixel-eu.onaudience.com/?partner=104&icm&cver&mapped=312159bcbe2c79d262bab24aefc73d7e&gdpr=0&redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4OD...
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=NOvcHvPGbXUVbbUbWbaQTQQM&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.18 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
private,max-age=86400
date
Fri, 17 Nov 2023 23:28:27 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

cache-control
no-store, no-cache, private
date
Fri, 17 Nov 2023 23:28:27 GMT
location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
pub
matching.truffle.bid/sync/ Frame C0E5 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.55.120.196 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.196.120.55.162.clients.your-server.de
Software
nginx/1.23.3 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Connection
keep-alive
Date
Fri, 17 Nov 2023 23:28:27 GMT
Server
nginx/1.23.3
Strict-Transport-Security
max-age=15768000
ImgSync
image8.pubmatic.com/AdServer/ Frame 3422
Redirect Chain
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:8137914E08E64EA796299417CD1DED1B&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.18 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
private,max-age=86400
date
Fri, 17 Nov 2023 23:28:27 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

cache-control
no-store, no-cache, private
date
Fri, 17 Nov 2023 23:28:26 GMT
location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
generic
match.adsrvr.org/track/cmf/ Frame 079E
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=7307421453
70 B
148 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=7307421453
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

content-length
70
content-type
image/gif
date
Fri, 17 Nov 2023 23:28:27 GMT
server
Kestrel

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-type
text/html
date
Fri, 17 Nov 2023 23:28:27 GMT
etag
RX606259ae6f514f37813b009fea21eac2003
expires
0
location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=7307421453
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
pragma
no-cache
sync
ads.servenobid.com/ Frame F5FE 		0
358 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/sync?pid=316&uid=2BA9B6BA-0B56-417F-8D7A-FE7045BC1D99
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.31.140.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-31-140-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
amp-access-control-allow-source-origin
*
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
content-length
0
content-type
text/html;charset=ISO-8859-1
date
Fri, 17 Nov 2023 23:28:27 GMT
mw
mwzeom.zeotap.com/ Frame 9804 		95 B
233 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=2BA9B6BA-0B56-417F-8D7A-FE7045BC1D99
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 23:28:27 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
827bc00a0fe01c44-FRA
access-control-allow-headers
*
content-length
95
info2
uipglob.semasio.net/pubmatic/1/ Frame 9804
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=2BA9B6BA-0B56-417F-8D7A-FE7045BC1D99&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=2BA9B6BA-0B56-417F-8D7A-FE7045BC1D99&sInitiator=external&gdpr=0&gdpr_consent=
42 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=2BA9B6BA-0B56-417F-8D7A-FE7045BC1D99&sInitiator=external&gdpr=0&gdpr_consent=
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Server
77.243.51.121 , Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 23:28:30 GMT
frontend-id
4
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
content-type
image/gif
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin
*
content-length
42
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 17 Nov 2023 23:28:30 GMT
frontend-id
4
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
location
/pubmatic/1/info2?sType=sync&sExtCookieId=2BA9B6BA-0B56-417F-8D7A-FE7045BC1D99&sInitiator=external&gdpr=0&gdpr_consent=
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin
*
content-length
0
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT
generic
match.adsrvr.org/track/cmf/ Frame 9804
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=2BA9B6BA-0B56-417F-8D7A-FE7045BC1D99&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 23:28:27 GMT
server
Kestrel
content-length
70
content-type
image/gif

Redirect headers

location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
content-length
0
PugMaster
image6.pubmatic.com/AdServer/ Frame BC54 		47 B
320 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=3866728&p=158810&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
09343d3b3473e1c994b2d603c99feb8a0f63fbd3ff20be7432ff18b973dbe651

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Fri, 17 Nov 2023 23:28:26 GMT
content-length
47
content-type
text/html; charset=UTF-8
mw
mwzeom.zeotap.com/ Frame 05FB 		95 B
438 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=2BA9B6BA-0B56-417F-8D7A-FE7045BC1D99
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 23:28:27 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
827bc00a0fe21c44-FRA
access-control-allow-headers
*
content-length
95
info2
uipglob.semasio.net/pubmatic/1/ Frame 05FB
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=2BA9B6BA-0B56-417F-8D7A-FE7045BC1D99&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=2BA9B6BA-0B56-417F-8D7A-FE7045BC1D99&sInitiator=external&gdpr=0&gdpr_consent=
42 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=2BA9B6BA-0B56-417F-8D7A-FE7045BC1D99&sInitiator=external&gdpr=0&gdpr_consent=
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Server
77.243.51.121 , Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 23:28:30 GMT
frontend-id
0
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
content-type
image/gif
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin
*
content-length
42
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 17 Nov 2023 23:28:30 GMT
frontend-id
1
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
location
/pubmatic/1/info2?sType=sync&sExtCookieId=2BA9B6BA-0B56-417F-8D7A-FE7045BC1D99&sInitiator=external&gdpr=0&gdpr_consent=
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin
*
content-length
0
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT
52799
stags.bluekai.com/site/ Frame 05FB
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=2BA9B6BA-0B56-417F-8D7A-FE7045BC1D99&gdpr=0&gdpr_consent=
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=9dcb3bec47f4b368/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%...
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=312159bcbe2c79d262bab24aefc73d7e&gdpr=0
  • https://pixel.onaudience.com/?partner=282&icm&cver&gdpr=0&smartmap=1&redirect=stags.bluekai.com%2Fsite%2F52799%3Fid%3D%25m
  • https://stags.bluekai.com/site/52799?id=fae89c839ea76a6b
62 B
218 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stags.bluekai.com/site/52799?id=fae89c839ea76a6b
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
2.23.197.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-23-197-190.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date
Fri, 17 Nov 2023 23:28:27 GMT
content-length
62
content-type
image/gif

Redirect headers

location
https://stags.bluekai.com/site/52799?id=fae89c839ea76a6b
content-length
0
match
c1.adform.net/serving/cookie/ Frame 691E 		35 B
590 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?party=14&cid=2BA9B6BA-0B56-417F-8D7A-FE7045BC1D99&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.132 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Fri, 17 Nov 2023 23:28:27 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
usersyncsupply
cm-supply-web.gammaplatform.com/adx/ Frame 5B49 		0
0
i.match
s.tribalfusion.com/z/ Frame 4652
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...
43 B
399 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
827bc00b7c9503e0-FRA
content-length
43
content-type
image/gif; charset=utf-8
date
Fri, 17 Nov 2023 23:28:27 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
302

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
827bc00a2b1103e0-FRA
content-type
text/html
date
Fri, 17 Nov 2023 23:28:27 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
206
x-reuse-index
533
ImgSync
image8.pubmatic.com/AdServer/ Frame 4B3F
Redirect Chain
  • https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent=
  • https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25...
  • https://sync.crwdcntrl.net/map/c=14544/tp=BIDB/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26red...
  • https://pixel-eu.onaudience.com/?partner=104&icm&cver&mapped=312159bcbe2c79d262bab24aefc73d7e&gdpr=0&redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4OD...
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=tk2EoAPtRQjhYhnjWTMWhYUS&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.18 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
private,max-age=86400
date
Fri, 17 Nov 2023 23:28:25 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

cache-control
no-store, no-cache, private
date
Fri, 17 Nov 2023 23:28:27 GMT
location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
pub
matching.truffle.bid/sync/ Frame 3CF3 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.55.120.196 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.196.120.55.162.clients.your-server.de
Software
nginx/1.23.3 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Connection
keep-alive
Date
Fri, 17 Nov 2023 23:28:27 GMT
Server
nginx/1.23.3
Strict-Transport-Security
max-age=15768000
ImgSync
image8.pubmatic.com/AdServer/ Frame 4385
Redirect Chain
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:8137914E08E64EA796299417CD1DED1B&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.18 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
private,max-age=86400
date
Fri, 17 Nov 2023 23:28:26 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

cache-control
no-store, no-cache, private
date
Fri, 17 Nov 2023 23:28:26 GMT
location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
generic
match.adsrvr.org/track/cmf/ Frame CB27
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=3840952888
70 B
148 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=3840952888
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

content-length
70
content-type
image/gif
date
Fri, 17 Nov 2023 23:28:27 GMT
server
Kestrel

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-type
text/html
date
Fri, 17 Nov 2023 23:28:27 GMT
etag
RX606259ae6f514f37813b009fea21eac2003
expires
0
location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=3840952888
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
pragma
no-cache
usersync
usersync.gumgum.com/ Frame D85D 		35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=pbm&i=2BA9B6BA-0B56-417F-8D7A-FE7045BC1D99
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Fri, 17 Nov 2023 23:28:27 GMT
Expires
0
Pragma
no-cache
8e53dab68811d23b93d9b8ac7da4efa8.jpg
static.bg3.co/imgs/202107/ 		0
0
2BA9B6BA-0B56-417F-8D7A-FE7045BC1D99
csync.smilewanted.com/set_partner_userid_get/pubmatic/ Frame 7D97 		0
636 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/pubmatic/2BA9B6BA-0B56-417F-8D7A-FE7045BC1D99
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
827bc009fe6f5d5b-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 17 Nov 2023 23:28:27 GMT
server
cloudflare
vary
Accept-Encoding
usersync
usersync.gumgum.com/ Frame 9409 		35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=pbm&i=2BA9B6BA-0B56-417F-8D7A-FE7045BC1D99
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Fri, 17 Nov 2023 23:28:27 GMT
Expires
0
Pragma
no-cache
2BA9B6BA-0B56-417F-8D7A-FE7045BC1D99
csync.smilewanted.com/set_partner_userid_get/pubmatic/ Frame 7FDE 		0
90 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/pubmatic/2BA9B6BA-0B56-417F-8D7A-FE7045BC1D99
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
827bc00a8efc5d5b-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 17 Nov 2023 23:28:27 GMT
server
cloudflare
vary
Accept-Encoding
/
googleads.g.doubleclick.net/pagead/live/interaction/ Frame A479 		42 B
65 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/live/interaction/?ai=CuYnbFvdXZaWvKML1mLAPv7mQsA6vlaOidM-f9ouiEqyTxti0CRABIIDP1Hxg9ZXOgeAEoAHPmY3MAcgBBakCuIrAXBbKST7gAgCoAwGYBACqBMoDT9CypngpIiAzo3oqWstXBeeP4Ofw2BXhh-lugZmq2ax8g9pjXYLp52ush9pGKMlxxrqtQ-oWS9OT-SR77-u2hLL8asPMoWmioqq5S2ij0qgolPFEufB75bklcbGRbPSz2U1HEaw5gPTggOo-ypvTgL_HhpDFRyJdmcXqn4MyvrS8q4DzBo_GVL2zAh9HAMYLZkzR1op2X6h7zgChxhTgCcTw2SRaBjEBOIvVP61EFfO0WmFl2qYzPG12LX1JesFdcoMixjiK1xsqGJQTgP3QxAQNCYkJKpNOJmES2JUmMygCDIoUvKbwVGyHUoCAfL_0Th9Hxnluvug5pxcwDM-wAP9jTq5alMDO-pD6oWpp1TJrN2i-sUY6qmEBpyJ1PlbPr0weyUQJpktacoQlYMrlSbuKnrlOpMm_z2xStxGXejL-vjgf5KmVZLNzDHh9W7E_mV32ecJyFJDb-dN6Oq9yMEMkgwo1DsH8n2lJ8BQRH_30oVasJBjICqIkU9LcJNpb7E_5XiyUhnGnshUfT0o86zE9FS5d1QMT4XQpwK6XNsuwTDxREYMGNopG0VRWQTycd04dorbgaYnkbqvszy2pybUQ_Q6wRcdlMQHABNKG_r6yBOAEAYgFyfm9uE2gBlSAB5nm8rMCqAfZtrECqAeOzhuoB5PYG6gHnNwbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcBqAgB0ggUCIBhEAEYHTICigI6AoBASL39wTqACgPICwGiDBAqDgoM5LSxAu61sQK1uLECqg0CQ0jiDRMItpWV8JfMggMVwjoGAB2_HATm2BMC0BUBmBYB-BYBgBcB&sigh=64IbZrFhrhQ&cmd=Ch1jYS12aWRlby1wdWItMTI5MDk5NTkwMTkwNTU4OBAAGAI&label=video_skip_shown&ad_mt=5098
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ltt /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 23:28:28 GMT
x-content-type-options
nosniff
server
ltt
x-frame-options
SAMEORIGIN
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
VideoBidRequestHandlerServlet
am-wf.taboola.com/ 		2 KB
797 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://am-wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=6926735&noaop=3&sortOrderType=0&cb=1700263708952&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=4&pv=1573&pt=-87615671&tz=60&viewable=true&ddast=V8vJwCLAbUW0BpuoeoshOot4DSdA9RZS8AAABgYID-AEnObL6RYWNxi3YL31q0mM3WwplnspaZJiPPaLAbLWabISDBlW1hMbmGa5VptVmLBpvBWjlYWNyqjc23nM0cw9lgMwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZWaDodPte9Xvf73SU-z1zj9yv8OofdLXK4pa6XW3p02N2StWDisLslLrtb-HTY3TKX3efWuNyao9MtPbrsPrfm6HRrHU634mkXmt5mOwAAAAB4AJAW-wjhBxAAIAIAAACABAAAAAAKARX-LQhcAAAAAMAAsHC7qgHgmUMDOwxil8fosrxMp5c_AAA8FIAAABDAIAGAgH5YAiDGeO8EAAAAAAAAAACL_____xgD-JV9MggG1mt6ADz4AHggUiBahBEAAACAYee0wSOTdIKKRRUAAIJ0KwBXAAACFr87R07CAAAACIxZoIfF7zc77Bq_22UAAAAAAAAAAMz8n_lHI5TjSpEGaLzwQ80vIADAml9AAAA26gYA4I0AnKBD0IrBYHUCYnYAAAAA7vz____rAbGVbeYabUa-1Wi3m61cE49j5bHZVpPVaDkaOSfbg18qIW6DoS7cZ0NYZr_voKCcnh6zyyBjuUwG8UHDsJwMgvmZsMVoNZlslsPZcjEZDEfD0Wh_BHA5QBMxWC4nk8VktxqtRpvhbjQbLJBADCaIokWDyWo0miwmw9VospotF7vdBlG0ajUbbQbD1Wwy2-1Ww8FwORqhCVuMVpPJZjmcLReTwXA0HI2GCKZmM9dsNdqsZb7RZi2a2WxriXEyWissvt1iuXC5LMvhWvT6mD6uxW7jnGyRYADXXgQX6UTwMLsdppdb4vNs_BaxRHOySCeyy762ss1co83ItxrtdrOVa-JxrDw222qyGi1HI-dk35rNXLPVaLOW-UabtWhms60lxslorbD4dovlwuWyLIdr0etj-rgWu41zsm_sBoPJbDNbDveN3WAwmW1my-G-Q2f4rj5no7Ksknx8foc5aD7XnAaFy2DxvtSn87BgLKjPnqPTpp1eCzqj3-_3-_1-v9_v9xu0noPZoPA9D3_h9LE8l8PZ6EFsMChiieB0kU5EL-PpIpZInhbpRDRcWBaL0cI5WdicC9tmORzNRg6PyeYaDQeblWsilihNF-lEr_DrHHa3yOGWul5u6dFhd0vWgonD7pa47G7h02F3y1x2n1vjcmuOTrf06LL73Jqj0611ON2Kp11oepst6j96iOVqLhnM5orBaq7YLFYJAAAAAAAAAMASTDPdBAAAAMDJoIab4WK1XAAXQVm6gE0AAAAAAACKNfZYAzzMbofp5Zb4PBu_lQFIMOcx28wzglir1bIGAAAggA0AACCAm268CViJ5OwDwnrgQqkXfuRXEJvlZLN_ACrEWq2WzxdrtVoC_____wE!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=1&dtagid=3262075&dpubid=583815&abtst=adxsub-out_vA!adxsub-out_vB!ufm_vG&mPre=0.033&cirf=https%3A%2F%2Fwww.bg3.co&en=1&subu=3
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.5.7/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
5caee3aaa1a04aac55e465614f4329486f5f2a3626706f000b61cc434ad92838

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
text/plain

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 23:28:28 GMT
content-encoding
gzip
server
nginx
machineid
1452
vary
Accept-Encoding
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
expires
Sat, 26 Jul 1997 05:00:00 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame 9804 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=162412&gdpr=0&gdpr_consent=&us_privacy=1YN-
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.20 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 23:28:28 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
SPug
simage4.pubmatic.com/AdServer/ Frame 05FB 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.20 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 23:28:27 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202107/48c0807d9a2e6bef716655ccace4d7eb.jpg
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/16bba131d6e149e27697afb2d421b4dc.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/e0895f7cdaa1a66e40fd964869890c9d.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/fd22dbe7c94fc7e1c2d06a15ef4d2072.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/ba69c029a6049e821a45da5e8aee1274.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202106/d0e89ce3120427c749974a15bbe8deca.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/c719679c3270cad9f27bc5a5e729ca28.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202010/3d71ad34ba56dfd6127c32d1e71c51bf.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202010/74c977c2f3de92985dec876b8398ca81.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202011/c13ad7e7af494ab6c7e1bc5d3e412ea0.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202107/04bd565cee9337d9c1d8c24f8fe1ee08.jpg
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202107/58304054c4a68c51f4e77cf1379af18a.jpg
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202106/12983d323b5fdfee60dc54bf292bf00a.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/d7ac9772fb683093975f986a6c80eb69.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202110/8f0b39b49857a64a25a86eeec97cbd90.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202107/ba19093f6b9cb2df1acd994d7848294a.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202106/039e313ead082743e918ac3b4f632158.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/713f2629c280e8f3218e262daf8f006e.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/2d4cb66182285ee99885dffade890deb.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202107/54366f32bf3073534ad0992501c6934d.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/a4e8b02f879e3ab653f7c04b2925c661.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202107/2ca597252fe04185cbfc71f7c9ed0e49.jpg
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202107/327d96457ddbcc3cd92f314514f7b658.jpg
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202106/ad3a03ec27396fe5e8da35faffd4020b.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202107/ea0cb1da103638eb9640da79b81bd0f5.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202107/c9123cdb9f8a818bb34490dc415536e8.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/9e76db7a3f418121d8300d55c7e94356.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202107/9f07ebc1381536e6833290e0b43de2b5.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202107/752caee10314d093df6d6fb8d14816b4.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/5a5b759da5b3c06744405a920d82672a.jpg?w=150&h=100&q=100
Domain
securepubads.g.doubleclick.net
URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=https%3A%2F%2Fwww.bg3.co%2Fa%2Fgan-da-jue-zhan-2-0ban-ben-xian-feng-ce-shi-zheng-shi-kai-qi.html
Domain
us.shb-sync.com
URL
https://us.shb-sync.com/409e9d20-7266-4e54-9c40-4c5c2374fcfe.gif?puid=ua-1dcc098a-cb1a-3217-902b-cd5ebb256706&redir=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D31%26buyeruid%3D%5BUID%5D%26r%3DCid1YS0xZGNjMDk4YS1jYjFhLTMyMTctOTAyYi1jZDVlYmIyNTY3MDYQ____________ASpTaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzQ2JnVpZD11YS0xZGNjMDk4YS1jYjFhLTMyMTctOTAyYi1jZDVlYmIyNTY3MDYyAgYfOAI=%26gdpr%3D%26gdpr_consent%3D&gdpr=&gdpr_consent=
Domain
ad.mrtnsvr.com
URL
https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent=
Domain
cm-supply-web.gammaplatform.com
URL
https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel
Domain
cm-supply-web.gammaplatform.com
URL
https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202107/8e53dab68811d23b93d9b8ac7da4efa8.jpg

Verdicts & Comments Add Verdict or Comment

178 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| 25 object| 26 object| 27 object| 28 object| 29 object| 30 object| 31 object| 32 object| documentPictureInPicture function| gtag object| dataLayer object| _taboola number| sc_project number| sc_invisible string| sc_security object| adpushup object| ucfad_async object| googletag object| AMP function| _statcounter object| AMP_CONFIG object| AMP_EXP object| __AMP_LOG function| HTMLElementOrig object| __AMP_ERRORS object| __AMP_MODE function| __AMP_REPORT_ERROR object| __AMP_TOP object| __AMP_SERVICES object| __AMP__EXPERIMENT_TOGGLES object| __AMP_URL_CACHE boolean| __AMP_TAG object| __AMP_EXTENDED_ELEMENTS function| __AMP_BASE_CE_CLASS object| ggeac object| google_tag_data object| google_js_reporting_queue object| google_tag_manager function| onYouTubeIframeAPIReady object| gaGlobal object| adRecover function| _typeof object| TRC object| _tblConsole undefined| msg undefined| google_measure_js_timing number| google_unique_id function| $ undefined| jQuery function| jqAlias function| __trcCopyProps function| __trcFromError function| __trcClientTimestamp function| __trcLog function| __trcError function| __trcDebug function| __trcInfo function| __trcWarn function| __trcWarnUsingBeacon function| __trcDOMWalker function| __trcJSONify function| __trcUnJSONify function| __trcTrim function| __trcGetElementsByClass function| __trcToArray function| __trcObjectCreate function| PageManager function| addHashParam number| trc_debug_level string| trc_article_id object| TRCImpl number| taboola_view_id object| aries object| ucf object| request string| paramsString function| setImmediate function| clearImmediate number| vidverto object| regeneratorRuntime object| aries_registry string| nam object| placementData string| currentState object| adpGlobals object| _apPbJs object| hbAnalytics object| adpTags object| google_reactive_ads_global_state function| inView object| _qevents function| IMA function| VASTClient object| ap_link_preview_states object| apLinkPreviewUtils object| apEuCountries function| VidvertoPlayer object| vpbjsChunk object| vpbjs object| _apPbJsChunk object| mnet string| nobidVersion object| nobid object| _google_rum_ns_ object| google_persistent_state_async number| google_global_correlator function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList number| google_srt object| google object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$companion_ad_selection_settings object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ads_rendering_settings object| ima object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error_event object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_event object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ads_manager_loaded_event object| goog object| _aries object| inViewWindow object| Criteo object| cmTag function| quantserve function| __qc object| ezt object| _qoptions object| vidvertoPromiseCache object| closure_lm_242153 object| _cm_wfCounters string| lastWfUrl object| google_ad_modifications object| google_prev_clients function| VidvertoPlayerVideoPlaylistUI boolean| noPreviewPage object| closure_lm_575819 object| closure_lm_434818 function| Zepto object| Backbone function| startCMTagMain string| category function| shuffle object| entertainment object| arrToUse object| playlist function| OvaMediaPlayer object| criteo_syncframe_state object| criteo_pubtag object| criteo_pubtag_prebid_135 object| Criteo_prebid_135 object| GoogleGcLKhOms object| google_image_requests

204 Cookies

Domain/Path Name / Value
i.liadm.com/s Name: _li_ss
Value: ChMKBgjdARDCFgoJCP____8HEMwW
i6.liadm.com/s Name: _li_ss
Value: CgA
.bg3.co/ Name: sc_is_visitor_unique
Value: rx12918656.1700263698.2482108486E24F3DFEB922664C45DF59.1.1.1.1.1.1.1.1.1
.statcounter.com/ Name: is_unique
Value: sc12918656.1700263698.0
.statcounter.com/ Name: is_visitor_unique
Value: 1700263698378261901
.bg3.co/ Name: _ga_JLX4K2W8JS
Value: GS1.1.1700263698.1.0.1700263698.0.0.0
.bg3.co/ Name: _ga
Value: GA1.1.1983550272.1700263699
.bg3.co/ Name: __gads
Value: ID=67ba635910e4b7f5:T=1700263698:RT=1700263698:S=ALNI_MYfdLeeGEUs_u4xhLyM1aaGhlYZ8A
.bg3.co/ Name: __gpi
Value: UID=00000ccb78c79d18:T=1700263698:RT=1700263698:S=ALNI_Ma9K7e3u3n3MVNni0SLNgfeVAFKew
.doubleclick.net/ Name: IDE
Value: AHWqTUnQasw7iVV1Fm_JQIZPtrHkKNbyUDD6x6uCpYmnHyrdS1ptR0Jwj7JYIeg99Xs
www.bg3.co/ Name: trc_cookie_storage
Value: taboola%2520global%253Auser-id%3D56f56543-f743-4ff6-b824-ab7719aee298-tuctc517c92
ad.vidverto.io/ Name: moxuuid
Value: 3e6dc184-c3ac-42f1-802e-bca5e8773876
ad.vidverto.io/ Name: _mwayss_zone_imp[9799][count]
Value: 0
ad.vidverto.io/ Name: _mwayss_zone_imp[9799][frequencyPeriodEnd]
Value: 1700350099
ad.vidverto.io/ Name: _mwayss_imp[24632][count]
Value: 0
ad.vidverto.io/ Name: _mwayss_imp[24632][frequencyPeriodEnd]
Value: 1700350099
ad.vidverto.io/ Name: _mwayss_camp_imp[11177][count]
Value: 0
ad.vidverto.io/ Name: _mwayss_camp_imp[11177][frequencyPeriodEnd]
Value: 1700350099
ad.vidverto.io/ Name: _mwayss_imp[23133][count]
Value: 0
ad.vidverto.io/ Name: _mwayss_imp[23133][frequencyPeriodEnd]
Value: 1700350099
ad.vidverto.io/ Name: _mwayss_camp_imp[10351][count]
Value: 0
ad.vidverto.io/ Name: _mwayss_camp_imp[10351][frequencyPeriodEnd]
Value: 1700350099
ad.vidverto.io/ Name: _mwayss_imp[23239][count]
Value: 0
ad.vidverto.io/ Name: _mwayss_imp[23239][frequencyPeriodEnd]
Value: 1700350099
ad.vidverto.io/ Name: _mwayss_camp_imp[10384][count]
Value: 0
ad.vidverto.io/ Name: _mwayss_camp_imp[10384][frequencyPeriodEnd]
Value: 1700350099
.aralego.com/ Name: sspid
Value: 445288e1-466d-32e1-9eb0-39836b99d2f4
www.bg3.co/ Name: __AP_SESSION__
Value: 3a7ecf9f-0e9d-45e5-bcce-3703cd3045e2
a4p.adpartner.pro/ Name: apuid
Value: 8409e5b5-cc54-4059-b7b1-b1c4a5d37885
.bidswitch.net/ Name: tuuid
Value: 32b3944a-ca0f-4e78-b1df-783499744432
.bidswitch.net/ Name: c
Value: 1700263699
.bidswitch.net/ Name: tuuid_lu
Value: 1700263699
ad.vidverto.io/ Name: adpartner
Value: 8409e5b5-cc54-4059-b7b1-b1c4a5d37885
www.bg3.co/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.bg3.co/ Name: _pubcid
Value: 394f553e-024d-41f2-b55e-d68bc3933ee8
.aralego.com/ Name: euconsent-v2
Value:
.admixer.net/ Name: am-uid
Value: bc2473bf4ea441ce82d13f35d461d5b2
.openx.net/ Name: receive-cookie-deprecation
Value: 1
.omnitagjs.com/ Name: ayl_visitor
Value: d4b8c92f0e499d543086eb32635e6a2a
.smartadserver.com/ Name: pbw
Value: %24b%3d16890%3b%24o%3d11100
.smartadserver.com/ Name: vs
Value: 615553=5721088
.smartadserver.com/ Name: TestIfCookie
Value: ok
.smartadserver.com/ Name: TestIfCookieP
Value: ok
.smartadserver.com/ Name: pid
Value: 1663336969069035544
.smartadserver.com/ Name: sasd2
Value: q=%24qc%3D1500031714%3B%24ql%3DUnknown%3B%24qt%3D73_0_0t%3B%24dma%3D0&c=1&l=635210033&lo=90626159&lt=638358605001587548&o=1
.smartadserver.com/ Name: sasd
Value: %24qc%3D1500031714%3B%24ql%3DUnknown%3B%24qt%3D73_0_0t%3B%24dma%3D0
.prebid.a-mo.net/ Name: __amc
Value: 2_1700263700_1700263700
.betweendigital.com/ Name: dc
Value: lux1
.betweendigital.com/ Name: tuuid
Value: a0df3644-2173-5242-8391-f687e6c60193
.betweendigital.com/ Name: ss
Value: 1
.betweendigital.com/ Name: ut
Value: ZVf3FAAEp2gbkt7eI1ZTaRObOnGN6ZYpqaDPPQ==
.teads.tv/ Name: receive-cookie-deprecation
Value: 1
.teads.tv/ Name: tt_viewer
Value: 560c146e-b98d-47ee-bf56-346e73ac47c7
.rubiconproject.com/ Name: khaos
Value: LP393VEY-13-34K2
.quantserve.com/ Name: mc
Value: 6557f714-be49f-753f9-405da
.bg3.co/ Name: __qca
Value: P0-1240432547-1700263700180
.yahoo.com/ Name: A3
Value: d=AQABBBX3V2UCEIincDBHz3STFq5WkJpc-g0FEgEBAQFIWWVhZQAAAAAA_eMAAA&S=AQAAArQbgDcZHoOnctsOiX_e00g
.bidr.io/ Name: bito
Value: AADJOU7Kr-4AABUq5wrxPg
.bidr.io/ Name: bitoIsSecure
Value: ok
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.casalemedia.com/ Name: CMID
Value: ZVf3FXv2.3cGhZO-l-xfEwAA
.casalemedia.com/ Name: CMPS
Value: 3276
.casalemedia.com/ Name: CMPRO
Value: 3276
.connatix.com/ Name: cnx_userId
Value: 471a3c1572e54036b291ec0cddff6587
.linkedin.com/ Name: bcookie
Value: "v=2&c04a1832-e445-4e4f-89f9-e3b1d6a100ab"
.linkedin.com/ Name: li_gc
Value: MTswOzE3MDAyNjM3MDE7MjswMjH52N9Z0bSIFx/e8d2fnhh1yl2Nqu9QNjubqtqWuH5tLA==
.linkedin.com/ Name: lidc
Value: "b=TGST05:s=T:r=T:a=T:p=T:g=2880:u=1:x=1:i=1700263701:t=1700350101:v=2:sig=AQH1MMI3V-o6at96DajXn6IbhWAR5ElS"
.tapad.com/ Name: TapAd_TS
Value: 1700263701540
.tapad.com/ Name: TapAd_DID
Value: 75071158-6d63-4a09-abb1-a080db3a01ba
.adnxs.com/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJydWJpY29uIjp7InVpZCI6IkxQMzkzVkVZLTEzLTM0SzIiLCJleHBpcmVzIjoiMjAyNC0wMi0xNVQyMzoyODoyMVoifX0sImJpcnRoZGF5IjoiMjAyMy0xMS0xN1QyMzoyODoyMVoifQ==
.primis.tech/ Name: csuuid
Value: 6557f7158bff0
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value:
.amazon-adsystem.com/ Name: ad-id
Value: A0rDOGbmNEofnEVjO8iL2es
.bg3.co/ Name: _ga_Z0TZ7TDHS1
Value: GS1.1.1700263701.1.0.1700263701.0.0.0
.doubleclick.net/ Name: ar_debug
Value: 1
.openx.net/ Name: i
Value: 509f09f9-9ce4-4369-b90d-c632716a2a34|1700263701
.adnxs.com/ Name: anj
Value: dTM7k!M40]D>6NRF']wIg2GVQhQop/!]tbPl1M>e)ZlrFUfJ+tGXxoDIi6NTZ/Q/W@/TezD:CWhDXaNJ^NE^6uO.Yp3If)y3M7g`[!h4>%5A[CB<n>0:i>r4qTh:?+t>$@3nXm/!7]S%+ztxA
.adnxs.com/ Name: uuid2
Value: 2555110911558640958
.simpli.fi/ Name: suid
Value: 8137914E08E64EA796299417CD1DED1B
.acuityplatform.com/ Name: auid
Value: 853567152842
.adform.net/ Name: C
Value: 1
.redintelligence.net/ Name: 8lcfmzhxc8d6_uid
Value: 6ff2b03ff30448c0
.w55c.net/ Name: wfivefivec
Value: P4P5e6IZ1R48g55
.www.bg3.co/ Name: _im_vid
Value: 01HFFSTBG91G3Q4BEM73RZDKHT
.w55c.net/ Name: matchgoogle
Value: 5
.adform.net/ Name: uid
Value: 278540316111714368
.acuityplatform.com/ Name: aum
Value: "OikKAfqbdXNlck1hdGNoQnlVc2VyTWF0Y2hpbmdJZE1hcPqANPqNdXNlck1hdGNoaW5nSWTIkWxhc3REcm9wVGltZU1pbGxpcyUBRXdzUwCwmGxhc3RTdWNjZXNzZnVsTWF0Y2hNaWxsaXMlAUV3c1MAsI90aGlyZFBhcnR5VXNlcklkWkNBRVNFSnQ0UXBiUWkxY291OWp5RV9MX0t4Tfv7hnZlcnNpb27C+w=="
.zemanta.com/ Name: zuid
Value: pftdwc9ZemmU6IzfwRdv
.criteo.com/ Name: uid
Value: bfb39b45-6ef5-443b-8699-7e4fbe63cd10
.bg3.co/ Name: cto_bundle
Value: G5RAMV9Hbzl5MVhpbWYwUWEzZkVhemtUOEg1cSUyRmJIVmx0cXhwaSUyQnVxVXZHMVlqaTA4Qm1FSGxlYSUyQkolMkZGMlZTUjNYQ01EbHg0N0xlNHJRZXQ4WWYlMkI4Rk9kakxvd1phbUVvdUhJSkMwZno2RzRiaiUyRjhwdTFxZEJ3YmtWM1M4SDRzRndHQVNrayUyQlklMkJOUWI2YlJ1dVBQRENFT3NBJTNEJTNE
.openx.net/ Name: pd
Value: v2|1700263703|gen0vNvQiygu
www.bg3.co/ Name: pbjs-unifiedid
Value: %7B%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222023-11-17T23%3A28%3A23%22%7D
.adfarm1.adition.com/ Name: UserID1
Value: 7302576998970161295
.turn.com/ Name: uid
Value: 2929884510537599797
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-606259ae-6f51-4f37-813b-009fea21eac2-003%22%7D
.servenobid.com/ Name: pid_339
Value: y-ZrLaNLlE2uEGpRTh6iAXn9ettaBtDZFFqljuYF0-~A
.servenobid.com/ Name: pid_337
Value: y-ZrLaNLlE2uEGpRTh6iAXn9ettaBtDZFFqljuYF0-~A
.servenobid.com/ Name: pid_312
Value: 2555110911558640958
.servenobid.com/ Name: pid_317
Value: 1663336969069035544
.lijit.com/ Name: ljt_reader
Value: HrIApRZHJOrA5u9dQAW1vBrf
.servenobid.com/ Name: pid_333
Value: ZVf3FXv2-3cGhZO_l_xfEwAADMwAAAIB
.gumgum.com/ Name: vst
Value: e_9993c7e3-4203-4b7e-96a3-b0af52773368
.csync.loopme.me/ Name: viewer_token
Value: 6d467b04-b55a-46f5-96ca-b771ab0d01ab
.lijit.com/ Name: _ljtrtb_273657
Value: 273657
.minutemedia-prebid.com/ Name: wrvUserID
Value: pxdH85--kp_mm
.creativecdn.com/ Name: u
Value: BRf94Ok11oF383Tjyrih
.creativecdn.com/ Name: g
Value: BRf94Ok11oF383Tjyrih_1700263703979
.creativecdn.com/ Name: ts
Value: 1700263703
.servenobid.com/ Name: pid_353
Value: 0000EEA
.servenobid.com/ Name: pid_310
Value: HrIApRZHJOrA5u9dQAW1vBrf
.rqtrk.eu/ Name: browser_id
Value: 1:c5087ea1-2e62-4ecc-9e79-104c18203849
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNjU0NjY2sjQ1srAwNTYztjA3NhPiM9TNNLFwMvNycjGyyMgHAK41WAIlAAAA
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNjU0NjY2sjQ1srAwNTYztjA3NhPiM9TNNLFwMvNycjGyyMgHAK41WAIlAAAA
.company-target.com/ Name: tuuid
Value: 80205082-33a9-499d-9ef8-0cdb4853a0b9
.company-target.com/ Name: tuuid_lu
Value: 1700263703|ix:0
.servenobid.com/ Name: pid_309
Value: e_9993c7e3-4203-4b7e-96a3-b0af52773368
.3lift.com/ Name: tluid
Value: 3909430889404006262820
.servenobid.com/ Name: pid_324
Value: 5133329528853638736
.servenobid.com/ Name: pid_348
Value: pxdH85--kp_mm
.audrte.com/ Name: arcki2
Value: l381OgyOovTQ9yy38piX-OBSA!20220908!1700263704073!ip#195.206.105.131
.nrich.ai/ Name: _nauid
Value: 180ee2e2-52f1-4e64-ba7a-077a439fceed
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 2BA9B6BA-0B56-417F-8D7A-FE7045BC1D99
.go.sonobi.com/ Name: __uis
Value: 09d493bf-dc1b-4b5f-b2d6-7b1a767cd2fa
.go.sonobi.com/ Name: HAPLB8G
Value: s85105|ZVf3G
.contextweb.com/ Name: V
Value: mbziMJI6UouZ
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: 87c2c2aa5eb619c6
.yellowblue.io/ Name: wrvUserID
Value: ysdT58-zCp_s
.disqus.com/ Name: zeta-ssp-user-id
Value: ua-1dcc098a-cb1a-3217-902b-cd5ebb256706
.servenobid.com/ Name: pid_332
Value: 09d493bf-dc1b-4b5f-b2d6-7b1a767cd2fa
.audrte.com/ Name: arcki2_ddp2
Value: l381OgyOovTQ9yy38piX-OBSA!20220908!1700263704188
.quantserve.com/ Name: d
Value: EIoBGAG5KvijCJiTCuu4EA
.servenobid.com/ Name: pid_352
Value: ysdT58-zCp_s
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_9vEyGtobmBgZGZsbmBiZGxxShyJb2BoDAB5rySJIAAAAA
.analytics.yahoo.com/ Name: IDSYNC
Value: "18vk~2f3z:19e0~2f3z:198o~2f3z:18z8~2f3z"
.audrte.com/ Name: arcki2_pubmatic
Value: 2BA9B6BA-0B56-417F-8D7A-FE7045BC1D99!20220908!1700263704253
.dotomi.com/ Name: DotomiTest
Value: 3ff94fd1cb4b192f
.360yield.com/ Name: tuuid
Value: 6c6cefa7-471d-4687-925e-86eeb9775ac0
.360yield.com/ Name: tuuid_lu
Value: 1700263704
.servenobid.com/ Name: pid_316
Value: 2BA9B6BA-0B56-417F-8D7A-FE7045BC1D99
.ctnsnet.com/ Name: cid_358cc81f9b1247bb8187c590331d3af2
Value: 1
.weborama.fr/ Name: AFFICHE_W
Value: Y15aCkywA5Nj94
.sitescout.com/ Name: ssi
Value: 4e4df382-450d-4665-bb20-69a5144f6041#1700263704342
.adsby.bidtheatre.com/ Name: __kuid
Value: c9bda919-a080-4efb-b4db-b3c9a9196e15.469477704
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-278540316111714368&KRTB&23263-278540316111714368&KRTB&23481-278540316111714368
.pubmatic.com/ Name: KRTBCOOKIE_1101
Value: 23040-7302576998970161295&KRTB&23369-7302576998970161295
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-2555110911558640958&KRTB&23339-2555110911558640958
.pubmatic.com/ Name: KRTBCOOKIE_32
Value: 11175-AAAIEe3SDt8pmwN5mCDEAAAAAAA&KRTB&22713-AAAIEe3SDt8pmwN5mCDEAAAAAAA&KRTB&22715-AAAIEe3SDt8pmwN5mCDEAAAAAAA&KRTB&23519-AAAIEe3SDt8pmwN5mCDEAAAAAAA
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-2929884510537599797&KRTB&23150-2929884510537599797&KRTB&23527-2929884510537599797
.pubmatic.com/ Name: KRTBCOOKIE_945
Value: 19558-uid:&KRTB&23513-uid:&KRTB&23537-uid:
.de17a.com/ Name: guid
Value: 1.4180569872145925036
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESEJ3DhzoPqLzMm-1bvI5zdtc&KRTB&23025-CAESEJ3DhzoPqLzMm-1bvI5zdtc&KRTB&23386-CAESEJ3DhzoPqLzMm-1bvI5zdtc
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-sbDS0uGy1tGq54LRvuPK0rK2gdyqsdfQ4-RP1JaP&KRTB&19420-sbDS0uGy1tGq54LRvuPK0rK2gdyqsdfQ4-RP1JaP&KRTB&22979-sbDS0uGy1tGq54LRvuPK0rK2gdyqsdfQ4-RP1JaP&KRTB&23462-sbDS0uGy1tGq54LRvuPK0rK2gdyqsdfQ4-RP1JaP
.pubmatic.com/ Name: KRTBCOOKIE_18
Value: 22947-5133329528853638736
.smartadserver.com/ Name: csync
Value: 22:278540316111714368|49:7302576998970161295|76:CAESEGn5MHN08UdJwGoMHGMDihE|127:AADJOU7Kr-4AABUq5wrxPg|134:OB_OK
.audrte.com/ Name: arcki2_adform
Value: 278540316111714368!20220908!1700263704364
.sitescout.com/ Name: _ssuma
Value: eyI0NSI6MTcwMDI2MzcwNDM3NX0
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZVf3GAAAbXMyrQBU
.ads.stickyadstv.com/ Name: UID
Value: 1d1dd33f8844fbe76c1295526242d9
.adx.opera.com/ Name: UID
Value: OPU5c5f19e9c1f04c399048777a127ea838
.pubmatic.com/ Name: KRTBCOOKIE_188
Value: 3189-4e4df382-450d-4665-bb20-69a5144f6041-6557f718-4348&KRTB&23418-4e4df382-450d-4665-bb20-69a5144f6041-6557f718-4348
.liadm.com/ Name: lidid
Value: db469af7-6509-401a-a31d-23df13b30040
.audrte.com/ Name: arcki2_smart
Value: 1663336969069035544!20220908!1700263704424
.crwdcntrl.net/ Name: _cc_dc
Value: 1
.crwdcntrl.net/ Name: _cc_id
Value: 312159bcbe2c79d262bab24aefc73d7e
.contextweb.com/ Name: pb_rtb_ev
Value: 3-1o1u|7dN.0.AADJOU7Kr-4AABUq5wrxPg|7bq.0.1
.pubmatic.com/ Name: KRTBCOOKIE_1323
Value: 23480-OPU5c5f19e9c1f04c399048777a127ea838&KRTB&23485-OPU5c5f19e9c1f04c399048777a127ea838&KRTB&23524-OPU5c5f19e9c1f04c399048777a127ea838
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-d52e9d16-d4d2-5779-4656-76ce448f9be7.Qbv%2Fxsns17MJFnWkF8VelS1IZTiWDIV4F9eI7NbqT1Q
.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-d52e9d16-d4d2-5779-4656-76ce448f9be7.Qbv%2Fxsns17MJFnWkF8VelS1IZTiWDIV4F9eI7NbqT1Q
sync.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3A1S6dFtTSV3lGVnbORI-b58POaYM.wr1dwdUzyKayaNjnayaNJG0TaKuz3IEFJGppMgWz0G4
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3A1S6dFtTSV3lGVnbORI-b58POaYM.wr1dwdUzyKayaNjnayaNJG0TaKuz3IEFJGppMgWz0G4
.ipredictive.com/ Name: cu
Value: 520b46d2-95a0-492a-b34a-5b2340d16ae6|1700263704430
.pubmatic.com/ Name: KRTBCOOKIE_336
Value: 5844-4180569872145925036
.sportradarserving.com/ Name: zuuid
Value: cf43bc52-dcf0-4efe-82a4-8f5ea5795863
.sportradarserving.com/ Name: c
Value: 1700263704
.sportradarserving.com/ Name: zuuid_lu
Value: 1700263704
.sportradarserving.com/ Name: zuuid_k
Value: 1
.sportradarserving.com/ Name: zuuid_k_lu
Value: 1700263704
.pubmatic.com/ Name: KRTBCOOKIE_860
Value: 16335-1S6dFtTSV3lGVnbORI-b58POaYM&KRTB&23334-1S6dFtTSV3lGVnbORI-b58POaYM&KRTB&23417-1S6dFtTSV3lGVnbORI-b58POaYM&KRTB&23426-1S6dFtTSV3lGVnbORI-b58POaYM
.rubiconproject.com/ Name: audit
Value: 1|naVuGyos1qpNfQczNQ7fqlqbBgMWySGKnddJL2ro2586sr7aMhMzQaC9YqZ+mIcAswClNKwy9UIhVzfZLSZD/uoyBNGqA3hL1WoBSYwPI/Y=
.pubmatic.com/ Name: KRTBCOOKIE_699
Value: 22727-AADJOU7Kr-4AABUq5wrxPg
.pubmatic.com/ Name: KRTBCOOKIE_466
Value: 16530-32b3944a-ca0f-4e78-b1df-783499744432
.servenobid.com/ Name: pid_323
Value: LP393VEY-13-34K2
sync.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIFw81Y6zjAHx1IMXgvkq8n88n2qC4xUNfUPhpLpgFrVhEHwYBCCY7t-qBjABOgTwi70wQgRKLXRJ.vRKQKSe0Feo2dCRSO3kRBWXA84evplKUQbydh91zjm8
.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIFw81Y6zjAHx1IMXgvkq8n88n2qC4xUNfUPhpLpgFrVhEHwYBCCY7t-qBjABOgTwi70wQgRKLXRJ.vRKQKSe0Feo2dCRSO3kRBWXA84evplKUQbydh91zjm8
.socdm.com/ Name: SOC
Value: ZVf3GMCo8YMAANWxhqEAAAAA
.pubmatic.com/ Name: SPugT
Value: 1700263705
.ads.pubmatic.com/ Name: KCCH
Value: YES
.pubmatic.com/ Name: DPSync3
Value: 1701388800%3A219_197_245_241_235_201_227_226
.pubmatic.com/ Name: SyncRTB3
Value: 1700784000%3A15_223_2%7C1701475200%3A35%7C1701043200%3A63%7C1702771200%3A203%7C1705363200%3A69%7C1701388800%3A204_243_251_214_220_238_13_22_8_264_166_71_7_56_3_254_99_161_234_21_196_233_55_249_88_54_81_165_176_46
.ads.pubmatic.com/ Name: pubsyncexp
Value: 1700285307183
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-606259ae-6f51-4f37-813b-009fea21eac2-003%22%2C%22nxtrdr%22%3Afalse%2C%22zdxidn%22%3A%221508%22%7D
.smilewanted.com/ Name: sw_user_params_infos
Value: ym6WWK9cA5I%2B9xu1Mcb3c4br%2FkiG737evP9xBng%2BAYx23oWZV9JTj1Yqc9INWLHiXNY87cgloXgMJBtzpuLp5SnWLxiIqWdrz2OV1ifJO3N29FHqmbigmqlcavM4JrrlyZku9hRSTI8csFTNesOrirJUblAJsBAt6Wi%2Fxw117mjPMqdx9fOHJIkI5yFyeVg6uVHWXDd%2BAEgevoMOQlooFr3gzURs2fUiXCODtuODsbuaOBDuOP3blylvJT1Zgg7yWvOQcOttyAkcwdMppGtcnCpZg8UzFvXkYQoIA6ALYSBHCuGKL0dyDpdpU6M0fwYUxF%2BvFMQdSJ%2FieWHwywj8E7VfEG7rGEk47f7ARiMmsGgZXHdeClKlSrsmmNlTdZG1DXHKg1J5nsFafARXeXek5oI9s4TT2aiB0SKgXK68A13wnd%2FIpYHw5cHV0gW6an2tfoaVZYc1G4nFt634nQDCpKkWaUEBvd5FCN9C8%2FKu%2FQg%2F42yVQOOwA5MMkczg6H8n
.pubmatic.com/ Name: pi
Value: 0:3
.onaudience.com/ Name: done_redirects147
Value: 1
.zeotap.com/ Name: zc
Value: 26bc34bd-e092-4ddf-78b9-0680615388c2
.onaudience.com/ Name: done_redirects104
Value: 1
.onaudience.com/ Name: done_redirects282
Value: 1
.onaudience.com/ Name: done_redirects200
Value: 1
.onaudience.com/ Name: cookie
Value: 9dcb3bec47f4b368
.semasio.net/ Name: SEUNCY
Value: C9AE629DC2C7D44
.pubmatic.com/ Name: PugT
Value: 1700263707
.pubmatic.com/ Name: KRTBCOOKIE_409
Value: 22966-NOvcHvPGbXUVbbUbWbaQTQQM
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 11
.tribalfusion.com/ Name: ANON_ID
Value: aIntuJqkaHaBykt9ZahqAc87bHvfMv6HgZdQUoQHQ5qKnEQo27FVSSnTu6cF8cNMt7u1LjZb9l3b54VWndcZbZcDvwiZbA

37 Console Messages

Source Level URL
Text
network error URL: https://static.bg3.co/imgs/202105/c719679c3270cad9f27bc5a5e729ca28.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/ba69c029a6049e821a45da5e8aee1274.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202106/d0e89ce3120427c749974a15bbe8deca.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202011/c13ad7e7af494ab6c7e1bc5d3e412ea0.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202010/3d71ad34ba56dfd6127c32d1e71c51bf.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/16bba131d6e149e27697afb2d421b4dc.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202107/48c0807d9a2e6bef716655ccace4d7eb.jpg
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/e0895f7cdaa1a66e40fd964869890c9d.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/fd22dbe7c94fc7e1c2d06a15ef4d2072.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202010/74c977c2f3de92985dec876b8398ca81.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202107/ba19093f6b9cb2df1acd994d7848294a.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202110/8f0b39b49857a64a25a86eeec97cbd90.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202107/04bd565cee9337d9c1d8c24f8fe1ee08.jpg
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/713f2629c280e8f3218e262daf8f006e.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202106/039e313ead082743e918ac3b4f632158.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202107/54366f32bf3073534ad0992501c6934d.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202106/12983d323b5fdfee60dc54bf292bf00a.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/2d4cb66182285ee99885dffade890deb.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/d7ac9772fb683093975f986a6c80eb69.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202107/58304054c4a68c51f4e77cf1379af18a.jpg
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202107/2ca597252fe04185cbfc71f7c9ed0e49.jpg
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202106/ad3a03ec27396fe5e8da35faffd4020b.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/a4e8b02f879e3ab653f7c04b2925c661.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202107/c9123cdb9f8a818bb34490dc415536e8.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/9e76db7a3f418121d8300d55c7e94356.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202107/ea0cb1da103638eb9640da79b81bd0f5.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202107/752caee10314d093df6d6fb8d14816b4.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202107/327d96457ddbcc3cd92f314514f7b658.jpg
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202107/9f07ebc1381536e6833290e0b43de2b5.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/5a5b759da5b3c06744405a920d82672a.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
security warning URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 500)
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security warning URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 500)
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
javascript error URL: https://www.bg3.co/a/gan-da-jue-zhan-2-0ban-ben-xian-feng-ce-shi-zheng-shi-kai-qi.html
Message:
Access to XMLHttpRequest at 'https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=https%3A%2F%2Fwww.bg3.co%2Fa%2Fgan-da-jue-zhan-2-0ban-ben-xian-feng-ce-shi-zheng-shi-kai-qi.html' from origin 'https://www.bg3.co' has been blocked by CORS policy: The value of the 'Access-Control-Allow-Origin' header in the response must not be the wildcard '*' when the request's credentials mode is 'include'. The credentials mode of requests initiated by the XMLHttpRequest is controlled by the withCredentials attribute.
network error URL: https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=https%3A%2F%2Fwww.bg3.co%2Fa%2Fgan-da-jue-zhan-2-0ban-ben-xian-feng-ce-shi-zheng-shi-kai-qi.html
Message:
Failed to load resource: net::ERR_FAILED
network error URL: https://cdn.adpushup.com/42753/L2EvZ2FuLWRhLWp1ZS16aGFuLTItMGJhbi1iZW4teGlhbi1mZW5nLWNlLXNoaS16aGVuZy1zaGkta2FpLXFpLmh0bWw=.json
Message:
Failed to load resource: the server responded with a status of 404 ()
security warning URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 500)
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
network error URL: https://static.bg3.co/imgs/202107/8e53dab68811d23b93d9b8ac7da4efa8.jpg
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

15.taboola.com
a.audrte.com
a.sportradarserving.com
a.teads.tv
a.tribalfusion.com
a4p.adpartner.pro
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad.doubleclick.net
ad.mrtnsvr.com
ad.turn.com
ad.vidverto.io
ad4m.at
adpushup-d.openx.net
ads.aralego.com
ads.betweendigital.com
ads.playground.xyz
ads.pubmatic.com
ads.servenobid.com
ads.stickyadstv.com
adx3.adform.net
am-match.taboola.com
am-vid-events.taboola.com
am-wf.taboola.com
ap.lijit.com
audiencedata.im-apps.net
b1sync.zemanta.com
bh.contextweb.com
bidder.criteo.com
c.bannerflow.net
c.statcounter.com
c1.adform.net
capi.connatix.com
casale-match.dotomi.com
cdn.adpushup.com
cdn.ampproject.org
cdn.aralego.net
cdn.contentspread.net
cdn.indexww.com
cdn.jsdelivr.net
cdn.taboola.com
cdn.vidverto.io
ce.lijit.com
cm-supply-web.gammaplatform.com
cm.adform.net
cm.adgrx.com
cm.g.doubleclick.net
cms.quantserve.com
code.jquery.com
contextual.media.net
core.iprom.net
cr.frontend.weborama.fr
creativecdn.com
cs-rtb.minutemedia-prebid.com
cs-server-s2s.yellowblue.io
cs.yellowblue.io
csi.gstatic.com
csync.loopme.me
csync.smilewanted.com
d5p.de17a.com
delivery.adrecover.com
dis.criteo.com
dmp.adform.net
dmp.im-apps.net
dsp.adfarm1.adition.com
dsp.nrich.ai
dsum-sec.casalemedia.com
dsum.casalemedia.com
e3.adpushup.com
e69be1acc319b7940667230e1b27285a.safeframe.googlesyndication.com
eb2.3lift.com
eu-u.openx.net
eus.rubiconproject.com
f28f00025ef74e8a36f5965b6cd3361f.safeframe.googlesyndication.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
g2.gumgum.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
green.erne.co
grid.bidswitch.net
gum.criteo.com
hal9000.redintelligence.net
hal900026.redintelligence.net
hb-api.omnitagjs.com
hb.yahoo.net
hbx.media.net
htlb.casalemedia.com
http-intake.logs.datadoghq.com
i.liadm.com
i6.liadm.com
ialaddin.genieesspv.jp
ib.adnxs.com
ice.360yield.com
id5-sync.com
il-trc-events.taboola.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
image8.pubmatic.com
images.taboola.com
imasdk.googleapis.com
imprammp.taboola.com
inv-nets.admixer.net
ipac.ctnsnet.com
js-sec.indexww.com
js.genieessp.com
live.primis.tech
match.adsby.bidtheatre.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
match.sharethrough.com
matching.truffle.bid
mug.criteo.com
mwzeom.zeotap.com
onetag-sys.com
p.rfihub.com
pagead2.googlesyndication.com
pixel-eu.onaudience.com
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pixel.onaudience.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.tapad.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prebid-server.rubiconproject.com
prebid.a-mo.net
prebid.media.net
prebid.smilewanted.com
prg.smartadserver.com
pubads.g.doubleclick.net
public.servenobid.com
pubmatic-match.dotomi.com
px.ads.linkedin.com
region1.google-analytics.com
rr4---sn-1gi7znek.googlevideo.com
rtb-csync.smartadserver.com
rtb.gumgum.com
rtb.openx.net
rules.quantcount.com
s.amazon-adsystem.com
s.company-target.com
s.tribalfusion.com
s0.2mdn.net
secure-assets.rubiconproject.com
secure.adnxs.com
secure.quantserve.com
securepubads.g.doubleclick.net
shared.bannerflow.com
simage2.pubmatic.com
simage4.pubmatic.com
ssbsync.smartadserver.com
ssum-sec.casalemedia.com
stags.bluekai.com
static.bg3.co
static.criteo.net
static.smilewanted.com
sync-tm.everesttech.net
sync.1rx.io
sync.adkernel.com
sync.aralego.com
sync.crwdcntrl.net
sync.go.sonobi.com
sync.ipredictive.com
sync.mathtag.com
sync.smartadserver.com
sync.srv.stackadapt.com
sync.taboola.com
sync.targeting.unrulymedia.com
t.adx.opera.com
tg.socdm.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
trc.taboola.com
u.openx.net
uipglob.semasio.net
um.simpli.fi
ums.acuityplatform.com
ups.analytics.yahoo.com
us-u.openx.net
us.shb-sync.com
usersync.gumgum.com
vidstat.taboola.com
vidstatb.taboola.com
visitor.omnitagjs.com
wf.taboola.com
wt.rqtrk.eu
www.bg3.co
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.statcounter.com
www.youtube.com
x.bidswitch.net
yt3.ggpht.com
ad.mrtnsvr.com
cm-supply-web.gammaplatform.com
securepubads.g.doubleclick.net
static.bg3.co
us.shb-sync.com
103.231.174.251
104.18.36.155
104.18.38.76
104.18.41.104
104.20.219.77
104.22.68.131
108.156.39.59
124.146.153.162
133.186.12.11
138.201.84.244
141.226.228.48
141.94.171.212
141.94.171.216
141.95.171.141
141.95.32.69
141.95.33.120
142.250.185.198
145.239.2.103
145.40.97.67
151.101.129.108
151.101.129.44
151.101.66.49
152.199.21.70
154.59.122.79
162.210.196.208
162.55.120.196
167.235.184.171
169.197.150.7
172.217.18.2
175.110.113.214
178.250.1.9
18.185.187.133
184.30.20.22
184.30.22.30
185.106.33.48
185.180.223.221
185.184.8.90
185.29.134.248
185.64.190.78
185.64.191.210
185.84.60.23
185.86.139.94
185.86.139.95
185.89.210.82
188.166.17.21
188.42.34.64
192.96.203.13
193.0.160.131
195.5.165.20
198.47.127.18
198.47.127.20
198.47.127.205
2.19.244.232
2.21.20.146
2.23.197.190
2001:4860:4802:32::36
2001:678:cb4:bbbb::11
208.93.169.131
213.155.156.181
216.52.2.48
216.52.2.91
216.58.206.34
222.230.178.132
23.212.88.20
23.56.202.187
23.97.225.52
2600:1901:0:e207::
2600:1f18:24e6:b901:c5b4:8cba:7a26:df2a
2600:1f18:ed:550e:3d2:ba14:2ca3:82d8
2600:9000:223c:9200:6:44e3:f8c0:93a1
2600:9000:2251:9a00:1a:5235:f980:93a1
2600:9000:2449:ba00:1f:4c18:bd40:93a1
2602:803:c003:200::45
2606:4700:10::ac43:db6
2606:4700:20::681a:467
2606:4700:20::ac43:4a81
2606:4700::6810:507e
2606:4700::6810:5614
2606:4700::6811:c96e
2606:4700::6812:19ad
2607:ae80:192:1::172
2620:116:800d:21:7eb1:3826:be7e:d981
2620:1ec:21::14
2800:3f0:4001:82a::2003
2a00:1450:4001:800::2001
2a00:1450:4001:801::200a
2a00:1450:4001:806::2002
2a00:1450:4001:808::2001
2a00:1450:4001:80b::200e
2a00:1450:4001:80e::2008
2a00:1450:4001:80f::2003
2a00:1450:4001:811::2002
2a00:1450:4001:812::2001
2a00:1450:4001:812::2004
2a00:1450:4001:813::2003
2a00:1450:4001:828::2002
2a00:1450:4001:829::200a
2a00:1450:4001:82a::2001
2a00:1450:4001:82b::2002
2a00:1450:4001:831::2002
2a00:1450:4001:831::2006
2a00:1450:400a::9
2a02:2638:3::3
2a02:2638:3::7
2a02:2638:3::c
2a02:26f0:480:25::1726:6212
2a02:fa8:8806:13::1400
2a04:4e42:600::649
2a05:d018:d29:3605:4684:36f0:2036:f07d
3.121.101.248
3.221.116.77
3.251.41.54
3.69.152.80
3.75.62.37
34.102.253.54
34.111.113.62
34.111.129.221
34.120.63.153
34.246.239.231
34.247.233.198
34.96.71.22
35.158.43.241
35.186.193.173
35.186.253.211
35.204.74.118
35.214.230.141
35.244.159.8
37.157.5.132
37.157.5.133
46.228.174.117
50.31.142.191
51.255.68.171
51.89.9.252
52.18.217.211
52.19.228.53
52.210.50.120
52.215.24.0
52.223.40.198
52.31.140.196
52.46.143.56
52.59.116.26
52.59.59.191
52.95.126.160
54.146.239.191
54.165.115.205
54.38.197.123
54.74.229.145
54.76.65.157
54.81.236.103
69.166.1.66
69.173.144.137
69.173.144.139
69.173.144.165
72.251.245.179
76.223.111.18
77.243.51.121
77.245.57.72
8.43.72.98
82.145.213.8
85.114.159.93
94.130.102.164
95.101.149.35
98.98.134.243
00d49d1a214f5043a727abc1e12c4bf62c485a2db2eadec6e43310cd8d483523
0407dafc112212a135d1aa4dd9b40ba0208c6bb6b1959f5535af093254189d66
0414d0221112224b4c926de91a6e316f9d9aba685aa8b05fd0654848d8fcdf55
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121
087efe0b23d24ac5d92661cc04a7915a6fcc1b0c5fe6b8eab3ce4c8811eb8673
09343d3b3473e1c994b2d603c99feb8a0f63fbd3ff20be7432ff18b973dbe651
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0c21f21f7b1658ed6ab5c0461020a21d62f9e0a7cd7cf3d9e6ef61a2c481f31e
0ce745060b8cd1a52914309520fd2ab2ffe29bff83d0f40e3f49370100720dfe
0e78a33a9f4ba12a6cd939159c37f10e906f8e18d77f6e2661e4fff7fafe3af5
0eb9653dcf9e6f0a00d34e3edaa6613bd6dca5c74b05cd5670af3d963a97e528
1135bc706b0ebafd25df676990f7f650aa3d4d2a121039eae6008c0050aaf410
1141e162fc30386672f3a11a2488bf3747c19d48fb6d4a92be2a68069b153b0f
128161533312fa79a057e50dfaf61f7ab9b2d44c4be01fb22d125b1b2e3c23d9
12af7975664854ca36da674714083fa05297940fce71e42dabf688e2eb19a0f1
14fd36d51a0c92f76e85caf1daae9909998844a576daaddc0275f412128db111
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
16451b410da7e2e5795bc39384f40bb5da9c5049519689afeb4b936a4ec7f6b0
1772b73f6bf7998adb754d7ad4fa81fe16b4fa10b849d0ef7f3c8b6e5e700bec
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
1a1d718d37cfe41f443875b0e534554d59fc224d8ea838cfbfcb5d9d426a2a59
1a57984144989a153f4f287a4caaec489f70f161868601030f778e41aae3eb48
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced
1c20d54555b098aef8269b6fa89b316fa731aac67e6926c1203c27edf8cf9dbd
1da8a6807c18900493b5f6e572288493ef4e9285a43c79b1c5e2687e86377a67
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4
1f71f425ebf58edf402895f752e6816cb7fa556422d626a1ef419c62c01d8a8b
20678c305b50c0988193d64cb34f41e2dcb6f2fa48353106436ea301e07ce70a
21bd977042a76480805895c3bc4371d79fe7da93c8cf7af08687e0b58f4e39ad
22d9dc8a34bcbffe719050b949b9872f9af036a9bbfd3ca2e99165d604acaf24
23cc6027794cfafa2c79f4a6bac7df9543751b62d5c033749fbc713c57b9cab5
24cfd91c2dbb9697d0a7e6c9dac0dcf093f1cf8dc33dc59c93d52057d639368f
25b1b4e9934aa4cb8e8bdf5fd7911f6ec67acde6b6b39f1561aec2244f7826af
26914004d3a8d5ddde2202b642d7936eb61c9f195b5cd3c87e44ef8ad4d57c16
28a3320749440ee186044135d5f8df9d013ee44e3056ef87abc0edac2e80757d
29bfba349323f5c85b8297f26c721288df62ca5040a715807d8b78f8bb9ee92b
2a2ad9848dd90e24e3950119d31bb21f64c28e926ad1a3f06a9b4c0033ae5868
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2d4a4c81de094642a2a1d2ce6faee4b6aadd0e063b252cdba0e78ba55ea79622
2dd20c9f608f4732b5cd45798d8a80feff63851f59549bdc56a867089834051e
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2ebcdc45625d8bd6eb8cea62780c1128df28c86ef0e10a6369ec23c97d61d92c
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
37517e5f3dc66819f61f5a7bb8ace1921282415f10551d2defa5c3eb0985b570
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
39ad9a054662965f4a2dc4a0dae920718de6fb2bef9f31185c3bacd9685cfc82
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618
3a3790beb69a7947610ec1a3063b6df868d75c1da9aec99c0a28e1202f6adaf3
3b2ea1c9f3587781b58285cf64279e67f6329a3924fb93f81529f1826e2f4d16
3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3df19cbda74c943d3de0afd5990621355a70da8a743580d10be83fbe71dd500d
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3ed0da6755921704ecfb28f62737f989abc8b0358983ebbb764e2af0de4b99db
3ed2400cad64ef834f7c172072c549314d481a38414366db161c178b210d6592
3f0a33b868064f8db4272841e06389a7f03019ee2511f91395627f7d11043a69
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
42f3bf00b98db3a1546c6738ebebcc11ce41bffa2e1f24c022c2f9392938d597
42fe10d8382d3fb7f84308b95ae83c5959838f0aeff2cb1733bab9d394c5a2d7
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44c41505855cf99a43c8f8be8de705bd5800b802b7ecfda0f2d664fa8b1920ac
456bc95a3265f859c7d2857f46596c29a18cb6c592c73734f1cc673bb45123a8
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
47b193b0d3ac7fcb7bf22555b602c310145a0f6c1fd9acae397c121b22203f19
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48e9c07badaf8924e35adf17d4f5615a203332a8a31cb552091831b0594b5965
4ab7918478793ceb022d3f5449e401b44b78d87bc4429058ebb8b64163640da2
4b0086b13675452a1054d753bd2c0fad406632538d17323e7b8d6feaeb394f0d
4b11a3cb86b8e90ee13ac577dbb1a2398373c7d7777a18066cf50b991ecae129
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c6692d01d88f7c0690d2eb50f44f20dc74deca9c693cbd4545191281c5740b6
4d6ba5913127b81a76b25ab72bd7352876690efb0e42d1825f7618b5cbd52f85
4d7ee587b1b2fb177db15824d9de078179371e1068c7d71a7c3941dab2806eba
4df58cee20a9a69513c308801405c294e57e222ddfef71dedaf9a99da600ee43
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55b198b5ed1bd02e77f84c6971a69d5c2160c0c32fd770ce33405e194750f5fd
55cf3f05f0e211dd54b171882d3ec539b9e4ceb35757e6d24b453d34de6647d6
57d091da92eab1bf3d6bf903666645666aa4b8981e536b4afd014373664f4cad
58550bfbd57abaa8f64bf8a14889e10a3726eaea36bf0c08a9f613fc29916c17
58f9e59e59ed4539797a90553c00867b8ff0a1f2ddb9b3cef8c5420f45201d06
593470e06ee3cc3ff7eafa7771990b08d683d88ead09d99dd2575a9571228698
59c50c6bd34efe268453012b423d2f60933b261de950c7d0f26b79aff34a9b7d
5bd8235d6430a736f712a6af5757906fe3b11aad0e565d914b4c25ad8204b0a0
5caee3aaa1a04aac55e465614f4329486f5f2a3626706f000b61cc434ad92838
5f20338b9aab2f5f33562eb3b0b23d999896ce426cacd2231b4123510571df4e
60f74110267d386c033ca330fc5bbd7d2472c972b63b33fa8000e87c8f815de6
610d24f5996131b3ab98f18e05441cc246aa8674c3842df0df2b40b57ac9fd0c
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61fe41cde1b6df00f34e5a9795741e926e8861b8e80d396ff799d48bacda5300
623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
6356de0eb2efef06a8338e5779a7d4e0f35fb127823cf356c6e3d5495d96b230
6394c7ea90fc591b8ca6534e287bce09655c437e64f1d1b22e8f1e9d0c11c4d8
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
66776998b10e583a72f8fd29391a50e2c80eb3bc9a65b0dafe97e576d7d88507
67a3b833bb6acc2b54e00118653dfe9a87b1caa15d7b9bd93646bf81c6a2c5ad
68876eff57356f08becb6f5b6fffcfb9d3499f39079a8d679f3b1014c7e84eff
69c73c3e4c15b4d41736526ca13fc8876f34d539fdfcccfeda247b4d14a3ee3c
6a67d282c25c974e4f811f9f491a72a43f6f0dda804c07fb7d649168a58c49f3
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
6a8c9354bab03004b14c0629297e73f37a62307dc8bcfb3be3219a6b6d468196
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6afccbefc1ddca038bb870a10a6444a1fd529a0f8318d29bda771cf318ca8fe9
6b278e48df6b2e2f917803f532a9257fbb46bf576a8dfc07f1f8eb94468b54e8
6d83b77c3d8c5c0ccc7078540a1fb0bd9fa43eeb82b89f83264d469aa100c088
6d9fb720ceb219d82d918eb06145270d9609a934fdf3cca03ab546a540bb93fa
6f02440a5873adfe5e342a770c2f2b17479d8fad97eacd09ba09714df6548b51
6fe1b5bd483c75cafe748e183c27438200d8d19f50fbc6498c57b51830add138
71f4499efa56831796e734d4e39cbc3943f9cc94d43498ae41b4cf7a85c15583
727c182dc0608c81e14c2be476f743b79c9fd2822f72e6d8fd80b2d4652714dc
74335cb189c20907c1aed27f6210eaf255ac150e234cb3a547f12d49922a0a81
746589ecfb4406519933a6aea5f1149224afcba81e3c3ef0541e7ad6c8111b7e
75dafddaabed947a4a53a65c28ed47eacc0776d8cc15772bb253bc01962d97c7
76cfefaf3bf8a56c4681cd2a71288510956d2c0f4d59b7651d48bc6539af6582
77daa4388c965a3e23b5a6c800727d8025ab108f89cf5679e79136986d5b4561
786c7be1974ccce2bd33de1579abfd3bf4343ea99da16780ffa18c27b4cb6ee2
78f2008d0e30ad67420881cefbb6a51423caf6bf3e06b8c42e24cb5ab4c66115
79e5889c36479f99096a96a61cbfa92fc35ecf12d233635e0224b2c415859de1
7af59f6e1af5ff207fdf5079363a3660bf9139eb4c70e6e7cf7d8f4a2b2c9481
7e3eb2c03cf0ef62a868c317c96873227fe90f0e1e4d2ba3930a4639bdb1556e
7eddc7e40f583d7244a3f2235d6be162336c446b943ebcf7a4f4a0d02fa18030
82719adf5645098b9ba67c2ca6c471e029c486becc2c75998449b892a2b57941
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83ecdfb76c38605f0e3538a0a9de0f1e57a457a2dfebe0654ee2f9b13c49a2ec
861aed070db50ce0da9928455deff784c115b44540b09450f225ff7cff0c7429
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8bd4066e5a49c9fcd9b7c4d2f3be76ea64196b64a0a9ff3edbeb7c62036bee1b
8bdb773cc106f613774d2d67d669a1328d3a2eccee2ebae9d548b9dbe2b925ff
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
8d5d4d2769bdb28802f4309747ef6a358007eeb37daadc66a78ba0ca81cd4bce
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652
8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a
908a935e15d34ec51aa5d98fb7c9f11b814fac80cc7e1bc32aed903df3754558
90bfd79c2e8bfe91fa637503b34a2eab3e4b7b20d920b5f0e03d8bbd765e624e
9104212df7bb18cd2e0697773c91e0387ee338dfd3c3cf44c29e75744e5b464e
912a5d971a91fa00887fd85e3ef500b031f2f89c93ab9668c5e66d6cdf5a3f3d
9145a1b5941a698cff3ad558184cd813710a61ea765201ee9465fd2cd8cae663
9284d948e86d2e99f31483b5f4b3a4c3e65e0a6fbca9a8d2db8c6095f82ac3f5
954b3fda838a7666e6e9df9d3f856f317e0ac130bf5e8778b12ba575fdebf729
957135063edbb7272a9f5247b887095262f77644fa42419381bf7ca2b0622bb8
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
98e8c7d3073323999fe53c569dfafda5e3692fea3052b74f7c99a3113e9511ab
993a112fed28aebb10e2297da40f97e06e693040bebdfd6afcd6077e83b558c9
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
99eee0a47216d1e462693a13f59bc8f75550b3542ef1dd19dad6979eae44facc
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b6a7ca7428363767b92f9cf0ebc6dc31c5228022e2d2cb5016c0d9493021d1c
9c51b3bb0c5188de2571ed94d9432b85693241de3e05e5e82247dd8a45d4d03f
9ce23c8b16df4cd7140e799005329ca3329c74daca240528f187f1cf5fed5053
9cfee26fa04720149547f225f34a8574f3b996e80f24640b0a54cfee92e935f4
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e
a2b996fdc66d9abf1696965fbb8afdcb5b7b9aea5219da13e11d11512f3a101c
a2d12284979ed13a61550fbdceee3bed74af2a2b3ce6059faa1b702dfb6b0e48
a2eacbd0a55e794d92e79a03b68c07f613a0ab710ffaffe5f1d12d67aac843a1
a3d541f2c703ef021fc304e0b3322135dfa5821bd83c93ed5271b7b8175db457
a44f5d561cd3e602e092304c1356809a206492fa189be1c11d923e8e768b06b5
a4892c9c2afde9a0b57ecab9049dd4c625fc9bb7051941dd222eb8ba97b09b3f
a4d1ad5d1f7380bc07011ef78876519ca67b45de3d2495f2e7188a475d38fb2d
a61d8ed19b5bba32c11ba948036fe83489cc0a85662a9031e9db1707518ccd61
a79afc8be38c66a19e0dcfce66ec28d53571f8aec65320785f790910cd068141
aba4433c326a47ff70fbf9ec973e6aed78cac71047de9f3820406147d344698c
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
b04dfae5d49297b8b6a514bd8bf1c7bea7ebe622232401a5abed5a92809a2b66
b071ace54b58bc9051e327a188f87bea7c1f877539a4daf49b026e4b4fa0a3e1
b0ea816de0b904f0c986a08f68c1bafff71902d51c2463e9c7a3ff2b3ddbee77
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1614c6b4dbe59afe8f9f517b05f66426492ca6cf75e8fa416774aa1fae83d35
b2d20ef01157e938babf09976dc9371124204b5e7ffa9d9d9898cd99cdca0c5a
b47c015ef4aa39c3a3bd1c0e61b78a362027892650a3d892cfa9ae812fe40dce
b585b5dfd5686ec81f8ce1e1b59feef59e251978b28fd3be530f019f7a91425f
b64321fd8b690c2b58b4a8f3959e97720b3db0350445ec3947e2e8cc3409107c
b70c18e8a1eb6de14c2ba38eae2dc4ad3f4a20e93cc755dff7e3cb729a6b0e3a
b71c20271d9c80d1a71aa0ab9935281c4fa8ac404533f1a0747d7fb03fc68e79
b73f7b0585d2042850242622420ff3c996ff9a0a1fa5e37fc7d1842ee99611d9
b7d818c698d26d9d34c00c94853c93b34abb2fd53e97c415fafb9e84df993f31
b87f3aad27cbbca4f420872f410bde6254aa7235d6db390730f1d9f46511dd97
b98e49c162c8631d0e2798d2664e4d82671939ee4f231e644af185f5770195c9
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb54369234516c2f2469a9989fce0f73145879defec57a2b276b5b1e0bf92336
be03b5162280de94a716a0062a490774e611ad942f442e40e1aa859574733178
be602d06ca964737667a0318dc2f4efd248809e80060840e657afc46c218c680
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c45f53ddd444acc09ab379559072fe963dc73b8d17052df9802e92a75f01818a
c5cfca5db05ee1dd43e1d02aa73aa35416a62f9d00faadb64d4eb069c647f5f1
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cb293753a8c516478ac800166f478929daf928468b0cdc9c3f6c6403c89ae293
ccd7b25b5061d883c7bf728947fb876d6225f3d8cd4b23dd7a0fb575b6f08b3f
cda3c421b62828768ee2741a35bef36bcfdb1199ee3eb987269f7d1ce2dd8876
cecd140859fded0e3056368fb89485ec9b8a63ea24c6a8dfb3d18f6a5f407772
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68
d0443a7dade78700fd1f70e614b29fd8f7c6a80077204624d42e8c59b0ecfe1f
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d10860a476cfe68be0f72d4167cc293d81ed990ac9cdae2d4b1d3217e48ff88e
d67afa8d88e748d1aced43262b1ba7837a1ea6a4a9ad3b47e86ac72ea8a0368e
d94be7553ec43b2e10d2d684eb05da294e6380446d96b165caa62f22ae85feb8
d99b79c54758d04b7c1dd4c83aadde00f29e71073b666814bc32dfa9a8efe38f
dbf5bd3fcea97b51e516a53ffbb0c87a71692b14d6871e6ec2acefbe73a06028
dfa729d82a3effadab1000181cb99108f232721e3b0af74cfae4c12704b35a32
e00137611091f326d1c4a89aec3a7d6c44bd776d30f90fd1c0702b11c8980820
e223c9339b772da14e6fa034aca885cd46434691572fbe8ed8a3e1f3d2bd71ee
e23a9a4ebec8cf196ca464a82659e65878eed5580206c691fc909a4166730caa
e2504adf4a61804f414bb67079b74595eb0beaf474c7149dac76a9a3b060b6b2
e329117bbdc12ee0649ed6654138a9ba8e600eaddf9138752631a50d236d135a
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e519cc4b7b8fdc64a7aaafc1b808cde266a234205aac0d6c55589c12446d565e
e6446f24a6beff2d543e5993037fa1adf7fdb49f3ad0d2dbe968466f90e1cad4
e690b007a72c30a72e0eb7618678874d0b3fce48c83af10e6f974d4e9e6a0754
e92610c8ef333bcc5802150887076cfd1a1b6590432185f2bc0a0abff06d906d
e93769d2227f72b6ff0536b3f5ecfe10874f386201eade7c6753fb2ad5cd1041
e9400808ca642c98fa31fc4de1f92353db8562c93f2a22e45744796c160f760e
e9e1056a7349f3c99ea917ddf5c7f77f0c8b05556337273095120fc6af8eb52d
eb2697b60c526a1d4980e0874700e7c2b4f43bb9292770f71bb4bb972506e415
eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f
eb570121cd7cfaeac0419f8c4772d1a8caf06866d528bf0f3e13b83ea8655721
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
eb7942f135ce5b7b6bcb9becd335aac30ed761972e48d73197a287ae13b7565b
ec4456237fdc1281f78b8ec22dc0c1e775af4b173086f4534e31f5e3cc578fc3
edc30a0e05622f71d52d07a0b7b5e94e654ee06854f893be1954336730eb0db6
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f085978c529da4d9008c5c56ffb96aa9ca8f03026e32d78a67c533e3c3426d33
f173ffc3d40264f06e43fcda7beece82038701518b76317b5a3e94ccb6f1a19d
f32ec7a452af020a426f77bb326ece4e42276a194b650aedd1287ee054fda884
f37bbc7351a147c46e39abbc29083386e848eb80396410db8bf3257732926c5d
f3a5c0220cd47633052fafc7165b728d2fa3c0afcb4e6c093f60d430a6a9d5cd
f5d89a3a7cc4dd6c90d7f59cdfc0eada62720f9eae895feee3e675647eb6f7e4
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
f74a63a9271ef4e3636372bba5b8dfd7c24f4b1276f6d517550ba5f4794a5d41
f89fc3bf8b990e758dfac5c218ed9941fbb28369ccab34d9a0a80ef9c3186690
f94611f7a8ded4e97166e42539e2559b0ed5b4454f6dc1a0f0ef29410e54c20c
f9a31c51aefdaa704fb11e7c510ea28abcc7205cac08e6ca5c6fed4644ca718b
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
ff65d80be1d7ee6ad9620de618dc1bd3962d81fa505806c02038dd6acc3641b8
ffe8a12a76c3f3e490a9140c77642f82cf94d181a29a86371a964d8facf78507