urlscan.io logo urlscan.io
SecurityTrails logo

www.bg3.co Open in urlscan Pro
103.231.174.251  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.bg3.co/a/shi-ni-ma-bei-shi-xiong-hao-quan-ti-zao-fa-fang-11wei-xing-yun-er-zhong-5zhang-quan-shuang-na-...
Submission: On November 20 via manual from US — Scanned from CH
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 139 IPs in 16 countries across 126 domains to perform 608 HTTP transactions. The main IP is 103.231.174.251, located in New York, United States and belongs to XLC-AS-AP XLC GLOBAL, HK. The main domain is www.bg3.co.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G4 on May 22nd 2023. Valid for: a year.
This is the only time www.bg3.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 103.231.174.251 9744 (XLC-AS-AP...)
9 142.250.184.193 15169 (GOOGLE)
12 142.250.185.130 15169 (GOOGLE)
4 216.58.212.136 15169 (GOOGLE)
2 104.20.219.77 13335 (CLOUDFLAR...)
7 152.199.21.70 15133 (EDGECAST)
38 151.101.65.44 54113 (FASTLY)
1 2 162.210.196.208 30633 (LEASEWEB-...)
3 104.26.5.103 13335 (CLOUDFLAR...)
13 138.199.37.225 60068 (CDN77 ^_^)
2 151.101.194.137 54113 (FASTLY)
3 178.250.1.11 44788 (ASN-CRITE...)
4 216.239.32.36 15169 (GOOGLE)
1 139.144.5.218 63949 (AKAMAI-LI...)
4 3.233.145.170 14618 (AMAZON-AES)
9 23.97.225.52 8075 (MICROSOFT...)
4 151.101.193.44 54113 (FASTLY)
16 185.106.33.48 200478 (TABOOLA-AS)
3 172.217.16.193 15169 (GOOGLE)
1 4 192.96.203.13 30633 (LEASEWEB-...)
1 18.66.97.111 16509 (AMAZON-02)
2 4 91.228.74.168 16509 (AMAZON-02)
1 104.16.89.20 13335 (CLOUDFLAR...)
4 35.186.253.211 15169 (GOOGLE)
2 178.250.1.8 44788 (ASN-CRITE...)
2 34.120.63.153 396982 (GOOGLE-CL...)
11 15 185.89.210.153 29990 (ASN-APPNEX)
2 6 147.75.84.158 54825 (PACKET)
4 21 172.64.151.101 13335 (CLOUDFLAR...)
2 18.198.57.253 16509 (AMAZON-02)
2 69.173.144.137 26667 (RUBICONPR...)
2 69.173.144.140 26667 (RUBICONPR...)
2 3.69.18.37 16509 (AMAZON-02)
2 4 79.125.51.132 16509 (AMAZON-02)
14 104.22.68.131 13335 (CLOUDFLAR...)
4 18 51.89.9.252 16276 (OVH)
20 54.72.113.40 16509 (AMAZON-02)
5 184.30.21.51 16625 (AKAMAI-AS)
4 142.250.185.106 15169 (GOOGLE)
1 51.77.64.70 16276 (OVH)
1 4 37.157.6.232 198622 (ADFORM)
17 142.250.186.97 15169 (GOOGLE)
3 142.250.185.194 15169 (GOOGLE)
3 3 23.201.255.110 16625 (AKAMAI-AS)
12 184.30.22.30 16625 (AKAMAI-AS)
5 10 34.250.107.139 16509 (AMAZON-02)
1 18.66.97.31 16509 (AMAZON-02)
23 142.250.185.66 15169 (GOOGLE)
7 141.226.228.48 200478 (TABOOLA-AS)
2 142.250.185.202 15169 (GOOGLE)
17 3.33.220.150 16509 (AMAZON-02)
2 37.157.5.73 198622 (ADFORM)
6 8 3.121.8.101 16509 (AMAZON-02)
6 11 69.173.144.165 26667 (RUBICONPR...)
1 5.9.97.245 24940 (HETZNER-AS)
1 151.101.66.217 54113 (FASTLY)
12 17 69.173.144.139 26667 (RUBICONPR...)
4 142.250.186.130 15169 (GOOGLE)
2 5 67.220.226.234 16509 (AMAZON-02)
1 13.107.42.14 8068 (MICROSOFT...)
2 8 209.54.182.161 16509 (AMAZON-02)
15 30 142.250.74.194 15169 (GOOGLE)
6 6 52.16.22.123 16509 (AMAZON-02)
1 2 104.18.41.104 13335 (CLOUDFLAR...)
1 13.32.99.61 16509 (AMAZON-02)
2 3 216.52.2.39 32475 (SINGLEHOP...)
1 2 34.111.113.62 396982 (GOOGLE-CL...)
7 8 3.75.62.37 16509 (AMAZON-02)
1 2.19.126.72 20940 (AKAMAI-ASN1)
4 142.250.184.196 15169 (GOOGLE)
1 3 116.202.48.214 24940 (HETZNER-AS)
3 142.250.184.227 15169 (GOOGLE)
3 5 104.102.45.165 16625 (AKAMAI-AS)
1 149.126.4.39 47302 (CYON)
1 141.226.224.32 200478 (TABOOLA-AS)
1 54.36.108.3 16276 (OVH)
2 178.250.1.3 44788 (ASN-CRITE...)
7 23.212.89.35 16625 (AKAMAI-AS)
3 2.18.161.51 16625 (AKAMAI-AS)
1 185.59.220.198 60068 (CDN77 ^_^)
1 172.217.16.198 15169 (GOOGLE)
13 138.199.36.10 60068 (CDN77 ^_^)
1 3 142.250.186.102 15169 (GOOGLE)
3 7 23.32.185.35 16625 (AKAMAI-AS)
1 2.16.97.41 16625 (AKAMAI-AS)
2 2.16.238.14 20940 (AKAMAI-ASN1)
3 138.201.63.164 24940 (HETZNER-AS)
2 2 178.250.1.9 44788 (ASN-CRITE...)
1 54.78.254.47 16509 (AMAZON-02)
2 2.23.197.190 16625 (AKAMAI-AS)
3 7 35.244.174.68 15169 (GOOGLE)
1 18.184.223.197 16509 (AMAZON-02)
1 54.228.208.22 16509 (AMAZON-02)
1 34.246.188.97 16509 (AMAZON-02)
1 4 138.201.63.150 24940 (HETZNER-AS)
4 8 34.98.64.218 396982 (GOOGLE-CL...)
1 95.101.148.20 16625 (AKAMAI-AS)
3 4 76.223.111.18 16509 (AMAZON-02)
1 23.32.184.180 16625 (AKAMAI-AS)
2 104.18.38.76 13335 (CLOUDFLAR...)
1 13.32.27.10 16509 (AMAZON-02)
3 185.29.132.241 30419 (MEDIAMATH...)
1 2 69.173.144.138 26667 (RUBICONPR...)
3 3 154.54.250.151 26558 (FREEWHEEL)
1 2 185.86.139.102 201081 (SMARTADSE...)
5 6 198.47.127.18 62713 (AS-PUBMATIC)
4 6 37.157.4.29 198622 (ADFORM)
2 54.171.158.15 16509 (AMAZON-02)
1 2 185.86.138.150 201081 (SMARTADSE...)
4 23.35.236.201 16625 (AKAMAI-AS)
7 18.66.112.67 16509 (AMAZON-02)
1 77.245.57.72 36057 (WEBAIR-IN...)
2 3.221.116.77 14618 (AMAZON-AES)
1 4 216.52.2.16 32475 (SINGLEHOP...)
6 6 46.228.174.117 56396 (AMOBEE)
3 3 46.228.164.11 56396 (AMOBEE)
4 4 193.0.160.130 54312 (ROCKETFUEL)
3 3 18.209.71.169 14618 (AMAZON-AES)
1 1 193.122.128.135 31898 (ORACLE-BM...)
4 4 208.93.169.131 46244 (WEBMD-IDC...)
2 18.196.51.148 16509 (AMAZON-02)
2 2 2.18.160.23 16625 (AKAMAI-AS)
1 104.18.186.224 13335 (CLOUDFLAR...)
1 18.195.152.190 16509 (AMAZON-02)
1 24 185.64.191.210 62713 (AS-PUBMATIC)
4 4 34.233.55.153 14618 (AMAZON-AES)
2 2 13.32.27.99 16509 (AMAZON-02)
7 7 50.31.142.255 23352 (SERVERCEN...)
1 172.67.74.129 13335 (CLOUDFLAR...)
3 3 54.165.170.24 14618 (AMAZON-AES)
1 1 34.95.81.168 396982 (GOOGLE-CL...)
1 1 35.208.249.213 15169 (GOOGLE)
2 2 185.86.138.155 201081 (SMARTADSE...)
2 130.211.44.5 396982 (GOOGLE-CL...)
1 162.19.138.116 16276 (OVH)
2 2 35.214.180.70 15169 (GOOGLE)
1 4 185.86.138.153 201081 (SMARTADSE...)
1 104.19.240.24 13335 (CLOUDFLAR...)
14 34.247.205.196 16509 (AMAZON-02)
2 2 35.210.239.72 19527 (GOOGLE-2)
1 1 54.163.246.158 14618 (AMAZON-AES)
1 8.18.47.7 398989 (DEEPINTENT)
2 2 18.200.74.130 16509 (AMAZON-02)
1 1 52.30.73.115 16509 (AMAZON-02)
4 185.64.190.78 62713 (AS-PUBMATIC)
4 4 185.184.8.90 204995 (RTB-HOUSE...)
1 108.129.5.53 16509 (AMAZON-02)
1 1 124.146.153.170 2514 (INFOSPHER...)
1 1 8.43.72.97 26667 (RUBICONPR...)
1 1 85.114.159.93 24961 (MYLOC-AS ...)
2 2 18.197.198.113 16509 (AMAZON-02)
1 1 82.145.213.8 39832 (NO-OPERA)
1 2 151.101.2.49 54113 (FASTLY)
1 63.251.232.165 32475 (SINGLEHOP...)
1 35.186.193.173 15169 (GOOGLE)
2 2 213.155.156.185 1299 (TWELVE99 ...)
1 195.5.165.20 44968 (IPROM-AS)
4 5 52.215.24.0 16509 (AMAZON-02)
1 2 34.111.129.221 396982 (GOOGLE-CL...)
3 4 54.170.171.251 16509 (AMAZON-02)
3 3 35.236.220.17 396982 (GOOGLE-CL...)
4 198.47.127.20 3257 (GTT-BACKB...)
2 2 98.98.134.241 21859 (ZEN-ECN)
2 2 89.207.16.140 41041 (VCLK-EU-SE)
1 1 134.122.57.34 14061 (DIGITALOC...)
3 142.250.181.226 15169 (GOOGLE)
5 142.250.186.35 15169 (GOOGLE)
2 4 104.18.25.173 13335 (CLOUDFLAR...)
2 2 141.94.242.206 16276 (OVH)
4 4 146.59.148.16 16276 (OVH)
2 162.55.120.196 24940 (HETZNER-AS)
2 104.22.24.87 13335 (CLOUDFLAR...)
2 4 77.243.51.121 42697 (NETIC-AS)
4 4 141.94.171.215 16276 (OVH)
1 74.125.108.200 ()
608 139
1    103.231.174.251 (New York, United States)

ASN9744 (XLC-AS-AP XLC GLOBAL, HK)
www.bg3.co
9    142.250.184.193 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f1.1e100.net
cdn.ampproject.org
12    142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net
securepubads.g.doubleclick.net
4    216.58.212.136 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s46-in-f8.1e100.net
www.googletagmanager.com
2    104.20.219.77 (None, )

ASN13335 (CLOUDFLARENET, US)
www.statcounter.com
c.statcounter.com
7    152.199.21.70 (United States)

ASN15133 (EDGECAST, US)
delivery.adrecover.com
cdn.adpushup.com
38    151.101.65.44 (United States)

ASN54113 (FASTLY, US)
cdn.taboola.com
trc.taboola.com
images.taboola.com
imprammp.taboola.com
wf.taboola.com
vidstat.taboola.com
vidstatb.taboola.com
2    162.210.196.208 (Lanham, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
ads.aralego.com
3    104.26.5.103 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.aralego.net
13    138.199.37.225 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: 138-199-37-225.bunnyinfra.net
cdn.unibotscdn.com
2    151.101.194.137 (United States)

ASN54113 (FASTLY, US)
code.jquery.com
3    178.250.1.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
4    216.239.32.36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
1    139.144.5.218 (Mumbai, India)

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: 139-144-5-218.ip.linodeusercontent.com
socket.unibots.in
4    3.233.145.170 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-233-145-170.compute-1.amazonaws.com
http-intake.logs.datadoghq.com
9    23.97.225.52 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
e3.adpushup.com
4    151.101.193.44 (United States)

ASN54113 (FASTLY, US)
vidstat.taboola.com
pips.taboola.com
16    185.106.33.48 (Israel)

ASN200478 (TABOOLA-AS, IL)
il-trc-events.taboola.com
3    172.217.16.193 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f193.1e100.net
0cdb8e87210a0ca781607e22327923a6.safeframe.googlesyndication.com
28b80d983001049884fdc6317880bd6b.safeframe.googlesyndication.com
4    192.96.203.13 (Manassas, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
sync.aralego.com
1    18.66.97.111 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-111.fra56.r.cloudfront.net
cdn.socket.io
4    91.228.74.168 (United Kingdom)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
pixel.quantserve.com
cms.quantserve.com
1    104.16.89.20 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
4    35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com
rtb.openx.net
2    178.250.1.8 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
bidder.criteo.com
2    34.120.63.153 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 153.63.120.34.bc.googleusercontent.com
prebid.media.net
15    185.89.210.153 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com
secure.adnxs.com
6    147.75.84.158 (Amsterdam, Netherlands)

ASN54825 (PACKET, US)
prebid.a-mo.net
21    172.64.151.101 (United States)

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
dsum-sec.casalemedia.com
ssum-sec.casalemedia.com
2    18.198.57.253 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-57-253.eu-central-1.compute.amazonaws.com
grid.bidswitch.net
2    69.173.144.137 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
prebid-server.rubiconproject.com
2    69.173.144.140 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
2    3.69.18.37 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-69-18-37.eu-central-1.compute.amazonaws.com
tlx.3lift.com
4    79.125.51.132 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-79-125-51-132.eu-west-1.compute.amazonaws.com
hb-api.omnitagjs.com
visitor.omnitagjs.com
14    104.22.68.131 (None, )

ASN13335 (CLOUDFLARENET, US)
prebid.smilewanted.com
csync.smilewanted.com
static.smilewanted.com
18    51.89.9.252 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip252.ip-51-89-9.eu
onetag-sys.com
20    54.72.113.40 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-72-113-40.eu-west-1.compute.amazonaws.com
ads.servenobid.com
5    184.30.21.51 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-21-51.deploy.static.akamaitechnologies.com
a.teads.tv
4    142.250.185.106 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f10.1e100.net
fonts.googleapis.com
1    51.77.64.70 (Germany)

ASN16276 (OVH, FR)
PTR: de-fra-1.pro.ip-api.com
pro.ip-api.com
4    37.157.6.232 (Denmark)

ASN198622 (ADFORM, DK)
track.adform.net
cm.adform.net
17    142.250.186.97 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f1.1e100.net
tpc.googlesyndication.com
3    142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net
www.googletagservices.com
3    23.201.255.110 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-201-255-110.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
12    184.30.22.30 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-22-30.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
10    34.250.107.139 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-250-107-139.eu-west-1.compute.amazonaws.com
pr-bh.ybp.yahoo.com
1    18.66.97.31 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-31.fra56.r.cloudfront.net
rules.quantcount.com
23    142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net
pagead2.googlesyndication.com
7    141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)
am-match.taboola.com
am-vid-events.taboola.com
sync.taboola.com
am-wf.taboola.com
2    142.250.185.202 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f10.1e100.net
imasdk.googleapis.com
17    3.33.220.150 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
2    37.157.5.73 (Denmark)

ASN198622 (ADFORM, DK)
s1.adform.net
8    3.121.8.101 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-121-8-101.eu-central-1.compute.amazonaws.com
x.bidswitch.net
11    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
1    5.9.97.245 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.245.97.9.5.clients.your-server.de
tm.ad-srv.net
1    151.101.66.217 (United States)

ASN54113 (FASTLY, US)
vjs.zencdn.net
17    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
4    142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net
googleads.g.doubleclick.net
5    67.220.226.234 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
1    13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
8    209.54.182.161 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
30    142.250.74.194 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f2.1e100.net
cm.g.doubleclick.net
6    52.16.22.123 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-16-22-123.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
2    104.18.41.104 (None, )

ASN13335 (CLOUDFLARENET, US)
capi.connatix.com
1    13.32.99.61 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-61.fra60.r.cloudfront.net
live.primis.tech
3    216.52.2.39 (United States)

ASN32475 (SINGLEHOP-LLC, US)
ce.lijit.com
2    34.111.113.62 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com
pixel.tapad.com
8    3.75.62.37 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-75-62-37.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
1    2.19.126.72 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-19-126-72.deploy.static.akamaitechnologies.com
hb.yahoo.net
4    142.250.184.196 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f4.1e100.net
www.google.com
3    116.202.48.214 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.214.48.202.116.clients.your-server.de
ad.ad-srv.net
ad13.ad-srv.net
3    142.250.184.227 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f3.1e100.net
fonts.gstatic.com
5    104.102.45.165 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-102-45-165.deploy.static.akamaitechnologies.com
www.awin1.com
1    149.126.4.39 (Switzerland)

ASN47302 (CYON, CH)
PTR: s030.cyon.net
smartphoto-media.com
1    141.226.224.32 (United States)

ASN200478 (TABOOLA-AS, IL)
cds.taboola.com
1    54.36.108.3 (France)

ASN16276 (OVH, FR)
PTR: ns3112796.ip-54-36-108.eu
cdn.contentspread.net
2    178.250.1.3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
7    23.212.89.35 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-212-89-35.deploy.static.akamaitechnologies.com
t2.teads.tv
3    2.18.161.51 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-161-51.deploy.static.akamaitechnologies.com
t.teads.tv
1    185.59.220.198 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: 185-59-220-198.bunnyinfra.net
unibots.b-cdn.net
1    172.217.16.198 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f198.1e100.net
s0.2mdn.net
13    138.199.36.10 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: 138-199-36-10.bunnyinfra.net
stream.unibotscdn.com
3    142.250.186.102 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f6.1e100.net
ad.doubleclick.net
7    23.32.185.35 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-32-185-35.deploy.static.akamaitechnologies.com
sync.teads.tv
1    2.16.97.41 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-16-97-41.deploy.static.akamaitechnologies.com
s8t.teads.tv
2    2.16.238.14 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-238-14.deploy.static.akamaitechnologies.com
cdn.doubleverify.com
3    138.201.63.164 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.164.63.201.138.clients.your-server.de
hal9000.redintelligence.net
2    178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
1    54.78.254.47 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-78-254-47.eu-west-1.compute.amazonaws.com
loadm.exelator.com
2    2.23.197.190 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-23-197-190.deploy.static.akamaitechnologies.com
tags.bluekai.com
stags.bluekai.com
7    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
idsync.rlcdn.com
id.rlcdn.com
1    18.184.223.197 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-184-223-197.eu-central-1.compute.amazonaws.com
aa.agkn.com
1    54.228.208.22 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-228-208-22.eu-west-1.compute.amazonaws.com
beacon.krxd.net
1    34.246.188.97 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-246-188-97.eu-west-1.compute.amazonaws.com
sync.springserve.com
4    138.201.63.150 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.150.63.201.138.clients.your-server.de
hal90008.redintelligence.net
8    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
adpushup-d.openx.net
us-u.openx.net
eu-u.openx.net
u.openx.net
1    95.101.148.20 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-148-20.deploy.static.akamaitechnologies.com
contextual.media.net
4    76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
1    23.32.184.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-32-184-180.deploy.static.akamaitechnologies.com
acdn.adnxs.com
2    104.18.38.76 (None, )

ASN13335 (CLOUDFLARENET, US)
js-sec.indexww.com
cdn.indexww.com
1    13.32.27.10 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-10.fra56.r.cloudfront.net
public.servenobid.com
3    185.29.132.241 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
2    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel-eu.rubiconproject.com
3    154.54.250.151 (Saint-Denis, France)

ASN26558 (FREEWHEEL, US)
ads.stickyadstv.com
2    185.86.139.102 (France)

ASN201081 (SMARTADSERVER, FR)
ssbsync-global.smartadserver.com
6    198.47.127.18 (United States)

ASN62713 (AS-PUBMATIC, US)
image8.pubmatic.com
6    37.157.4.29 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
dmp.adform.net
2    54.171.158.15 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-171-158-15.eu-west-1.compute.amazonaws.com
g2.gumgum.com
rtb.gumgum.com
2    185.86.138.150 (France)

ASN201081 (SMARTADSERVER, FR)
ssbsync.smartadserver.com
4    23.35.236.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-201.deploy.static.akamaitechnologies.com
ads.pubmatic.com
7    18.66.112.67 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-67.fra56.r.cloudfront.net
cs-rtb.minutemedia-prebid.com
1    77.245.57.72 (United States)

ASN36057 (WEBAIR-INTERNET-MTL, US)
sync.adkernel.com
2    3.221.116.77 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-221-116-77.compute-1.amazonaws.com
cs-server-s2s.yellowblue.io
4    216.52.2.16 (United States)

ASN32475 (SINGLEHOP-LLC, US)
ap.lijit.com
6    46.228.174.117 (United Kingdom)

ASN56396 (AMOBEE, GB)
sync.1rx.io
sync.targeting.unrulymedia.com
3    46.228.164.11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
4    193.0.160.130 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
3    18.209.71.169 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-209-71-169.compute-1.amazonaws.com
ssp.disqus.com
1    193.122.128.135 (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)
sync.technoratimedia.com
4    208.93.169.131 (United States)

ASN46244 (WEBMD-IDC1-AS, US)
bh.contextweb.com
2    18.196.51.148 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-51-148.eu-central-1.compute.amazonaws.com
match.sharethrough.com
2    2.18.160.23 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-160-23.deploy.static.akamaitechnologies.com
hbx.media.net
cs.media.net
1    104.18.186.224 (None, )

ASN13335 (CLOUDFLARENET, US)
www.conrad.ch
1    18.195.152.190 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-152-190.eu-central-1.compute.amazonaws.com
t23.intelliad.de
24    185.64.191.210 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
simage2.pubmatic.com
4    34.233.55.153 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-233-55-153.compute-1.amazonaws.com
i.liadm.com
2    13.32.27.99 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-99.fra56.r.cloudfront.net
live.rezync.com
7    50.31.142.255 (Hickory Hills, United States)

ASN23352 (SERVERCENTRAL, US)
PTR: chi.outbrain.com
b1sync.zemanta.com
1    172.67.74.129 (United States)

ASN13335 (CLOUDFLARENET, US)
ad4m.at
3    54.165.170.24 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-165-170-24.compute-1.amazonaws.com
sync.srv.stackadapt.com
1    34.95.81.168 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 168.81.95.34.bc.googleusercontent.com
euexchangesync.digitaleast.mobi
1    35.208.249.213 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: 213.249.208.35.bc.googleusercontent.com
trace.mediago.io
2    185.86.138.155 (France)

ASN201081 (SMARTADSERVER, FR)
sync.smartadserver.com
2    130.211.44.5 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 5.44.211.130.bc.googleusercontent.com
tps.doubleverify.com
tpsc-ew1.doubleverify.com
1    162.19.138.116 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533567.ip-162-19-138.eu
id5-sync.com
2    35.214.180.70 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 70.180.214.35.bc.googleusercontent.com
csync.loopme.me
4    185.86.138.153 (France)

ASN201081 (SMARTADSERVER, FR)
rtb-csync.smartadserver.com
1    104.19.240.24 (None, )

ASN13335 (CLOUDFLARENET, US)
ct.conrad.ch
14    34.247.205.196 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
usersync.gumgum.com
2    35.210.239.72 (Brussels, Belgium)

ASN19527 (GOOGLE-2, US)
PTR: 72.239.210.35.bc.googleusercontent.com
u.ipw.metadsp.co.uk
1    54.163.246.158 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-163-246-158.compute-1.amazonaws.com
sync.ipredictive.com
1    8.18.47.7 (Miami, United States)

ASN398989 (DEEPINTENT, US)
match.deepintent.com
2    18.200.74.130 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-200-74-130.eu-west-1.compute.amazonaws.com
ice.360yield.com
1    52.30.73.115 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-73-115.eu-west-1.compute.amazonaws.com
ads.yieldmo.com
4    185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
4    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
creativecdn.com
1    108.129.5.53 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-108-129-5-53.eu-west-1.compute.amazonaws.com
cs.yellowblue.io
1    124.146.153.170 (Japan)

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)
tg.socdm.com
1    8.43.72.97 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel-us-east.rubiconproject.com
1    85.114.159.93 (Loerrach, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
2    18.197.198.113 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-197-198-113.eu-central-1.compute.amazonaws.com
ads.creative-serving.com
1    82.145.213.8 (Norway)

ASN39832 (NO-OPERA, NO)
PTR: n-sysadmin-jumpbox-03.feednews.opera.technology
t.adx.opera.com
2    151.101.2.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    63.251.232.165 (United States)

ASN32475 (SINGLEHOP-LLC, US)
cm.adgrx.com
1    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
ipac.ctnsnet.com
2    213.155.156.185 (Sweden)

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
d5p.de17a.com
1    195.5.165.20 (Slovenia)

ASN44968 (IPROM-AS, SI)
core.iprom.net
5    52.215.24.0 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-215-24-0.eu-west-1.compute.amazonaws.com
sync.crwdcntrl.net
2    34.111.129.221 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 221.129.111.34.bc.googleusercontent.com
cr.frontend.weborama.fr
4    54.170.171.251 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-170-171-251.eu-west-1.compute.amazonaws.com
a.audrte.com
3    35.236.220.17 (Washington, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 17.220.236.35.bc.googleusercontent.com
um.simpli.fi
4    198.47.127.20 (United States)

ASN3257 (GTT-BACKBONE GTT, US)
image4.pubmatic.com
simage4.pubmatic.com
2    98.98.134.241 (United States)

ASN21859 (ZEN-ECN, US)
pixel-sync.sitescout.com
2    89.207.16.140 (Amsterdam, Netherlands)

ASN41041 (VCLK-EU-SE, US)
PTR: ams03-nessy-float2.dotomi.com
pubmatic-match.dotomi.com
1    134.122.57.34 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
match.adsby.bidtheatre.com
3    142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net
pubads.g.doubleclick.net
5    142.250.186.35 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f3.1e100.net
csi.gstatic.com
4    104.18.25.173 (None, )

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
2    141.94.242.206 (France)

ASN16276 (OVH, FR)
PTR: bixel-11.cloudy.ovh
green.erne.co
4    146.59.148.16 (France)

ASN16276 (OVH, FR)
PTR: pikafka-eu-2.cloudy.ovh
pixel-eu.onaudience.com
2    162.55.120.196 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.196.120.55.162.clients.your-server.de
matching.truffle.bid
2    104.22.24.87 (None, )

ASN13335 (CLOUDFLARENET, US)
mwzeom.zeotap.com
4    77.243.51.121 (Denmark)

ASN42697 (NETIC-AS, DK)
uipglob.semasio.net
4    141.94.171.215 (France)

ASN16276 (OVH, FR)
PTR: pikafka-eu-9.cloudy.ovh
pixel.onaudience.com
1    74.125.108.200 (None, )

ASN- ()
rr3---sn-1gi7znek.googlevideo.com
Apex Domain
Subdomains		 Transfer
66 taboola.com
cdn.taboola.com — Cisco Umbrella Rank: 1136
trc.taboola.com — Cisco Umbrella Rank: 705
vidstat.taboola.com — Cisco Umbrella Rank: 3029
il-trc-events.taboola.com — Cisco Umbrella Rank: 20251
images.taboola.com — Cisco Umbrella Rank: 1923
imprammp.taboola.com — Cisco Umbrella Rank: 15442
am-match.taboola.com — Cisco Umbrella Rank: 15833
wf.taboola.com — Cisco Umbrella Rank: 3148
am-vid-events.taboola.com — Cisco Umbrella Rank: 15082
vidstatb.taboola.com — Cisco Umbrella Rank: 5039
sync.taboola.com — Cisco Umbrella Rank: 1322
pips.taboola.com — Cisco Umbrella Rank: 1694
cds.taboola.com — Cisco Umbrella Rank: 1933
am-wf.taboola.com — Cisco Umbrella Rank: 17326
986 KB
52 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196
googleads.g.doubleclick.net — Cisco Umbrella Rank: 33
cm.g.doubleclick.net — Cisco Umbrella Rank: 245
ad.doubleclick.net — Cisco Umbrella Rank: 154
pubads.g.doubleclick.net — Cisco Umbrella Rank: 401
448 KB
50 rubiconproject.com
prebid-server.rubiconproject.com — Cisco Umbrella Rank: 776
fastlane.rubiconproject.com — Cisco Umbrella Rank: 513
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 969
eus.rubiconproject.com — Cisco Umbrella Rank: 602
token.rubiconproject.com — Cisco Umbrella Rank: 458
pixel.rubiconproject.com — Cisco Umbrella Rank: 376
pixel-eu.rubiconproject.com — Cisco Umbrella Rank: 2394
pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 1156
105 KB
43 googlesyndication.com
0cdb8e87210a0ca781607e22327923a6.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 149
pagead2.googlesyndication.com — Cisco Umbrella Rank: 97
28b80d983001049884fdc6317880bd6b.safeframe.googlesyndication.com
432 KB
42 pubmatic.com
image8.pubmatic.com — Cisco Umbrella Rank: 662
ads.pubmatic.com — Cisco Umbrella Rank: 534
image2.pubmatic.com — Cisco Umbrella Rank: 924
image6.pubmatic.com — Cisco Umbrella Rank: 823
simage2.pubmatic.com — Cisco Umbrella Rank: 843
image4.pubmatic.com — Cisco Umbrella Rank: 1184
simage4.pubmatic.com — Cisco Umbrella Rank: 1289
51 KB
26 unibotscdn.com
cdn.unibotscdn.com — Cisco Umbrella Rank: 26964
stream.unibotscdn.com — Cisco Umbrella Rank: 34934
4 MB
23 teads.tv
a.teads.tv — Cisco Umbrella Rank: 1462
t2.teads.tv — Cisco Umbrella Rank: 25995
t.teads.tv — Cisco Umbrella Rank: 2845
sync.teads.tv — Cisco Umbrella Rank: 1403
s8t.teads.tv — Cisco Umbrella Rank: 5510
168 KB
21 servenobid.com
ads.servenobid.com — Cisco Umbrella Rank: 2437
public.servenobid.com — Cisco Umbrella Rank: 5174
12 KB
21 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 511
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 625
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 486
10 KB
18 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 492
ups.analytics.yahoo.com — Cisco Umbrella Rank: 327
8 KB
18 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 746
9 KB
17 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 353
3 KB
16 gumgum.com
g2.gumgum.com — Cisco Umbrella Rank: 1591
usersync.gumgum.com — Cisco Umbrella Rank: 2098
rtb.gumgum.com — Cisco Umbrella Rank: 1589
5 KB
16 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 246
acdn.adnxs.com — Cisco Umbrella Rank: 609
secure.adnxs.com — Cisco Umbrella Rank: 495
27 KB
14 smilewanted.com
prebid.smilewanted.com — Cisco Umbrella Rank: 5524
csync.smilewanted.com — Cisco Umbrella Rank: 2822
static.smilewanted.com — Cisco Umbrella Rank: 9244
19 KB
14 adpushup.com
cdn.adpushup.com — Cisco Umbrella Rank: 16569
e3.adpushup.com — Cisco Umbrella Rank: 19508
305 KB
13 amazon-adsystem.com
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 890
s.amazon-adsystem.com — Cisco Umbrella Rank: 310
9 KB
12 adform.net
track.adform.net — Cisco Umbrella Rank: 4256
s1.adform.net — Cisco Umbrella Rank: 9253
c1.adform.net — Cisco Umbrella Rank: 599
cm.adform.net — Cisco Umbrella Rank: 1267
dmp.adform.net — Cisco Umbrella Rank: 3509
43 KB
12 openx.net
rtb.openx.net — Cisco Umbrella Rank: 695
adpushup-d.openx.net — Cisco Umbrella Rank: 26550
us-u.openx.net — Cisco Umbrella Rank: 522
eu-u.openx.net — Cisco Umbrella Rank: 2753
u.openx.net — Cisco Umbrella Rank: 659
3 KB
10 smartadserver.com
ssbsync-global.smartadserver.com — Cisco Umbrella Rank: 1511
ssbsync.smartadserver.com — Cisco Umbrella Rank: 774
sync.smartadserver.com — Cisco Umbrella Rank: 1330
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 733
4 KB
10 bidswitch.net
grid.bidswitch.net — Cisco Umbrella Rank: 1165
x.bidswitch.net — Cisco Umbrella Rank: 351
3 KB
9 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 406
193 KB
8 onaudience.com
pixel-eu.onaudience.com — Cisco Umbrella Rank: 19303
pixel.onaudience.com — Cisco Umbrella Rank: 3239
4 KB
8 gstatic.com
fonts.gstatic.com
csi.gstatic.com
64 KB
7 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 580
3 KB
7 minutemedia-prebid.com
cs-rtb.minutemedia-prebid.com — Cisco Umbrella Rank: 5267
4 KB
7 rlcdn.com
idsync.rlcdn.com — Cisco Umbrella Rank: 415
id.rlcdn.com — Cisco Umbrella Rank: 728
2 KB
7 redintelligence.net
hal9000.redintelligence.net — Cisco Umbrella Rank: 38186
hal90008.redintelligence.net — Cisco Umbrella Rank: 263856
46 KB
7 lijit.com
ce.lijit.com — Cisco Umbrella Rank: 882
ap.lijit.com — Cisco Umbrella Rank: 683
3 KB
7 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 454
bidder.criteo.com — Cisco Umbrella Rank: 757
dis.criteo.com — Cisco Umbrella Rank: 597
2 KB
6 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 573
3 KB
6 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 31
imasdk.googleapis.com — Cisco Umbrella Rank: 447
371 KB
6 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 572
eb2.3lift.com — Cisco Umbrella Rank: 417
3 KB
6 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 751
717 B
6 aralego.com
ads.aralego.com — Cisco Umbrella Rank: 30610
sync.aralego.com — Cisco Umbrella Rank: 3112
2 KB
5 crwdcntrl.net
sync.crwdcntrl.net — Cisco Umbrella Rank: 865
2 KB
5 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 567
3 KB
5 awin1.com
www.awin1.com — Cisco Umbrella Rank: 18131
3 KB
5 media.net
prebid.media.net — Cisco Umbrella Rank: 1335
contextual.media.net — Cisco Umbrella Rank: 691
hbx.media.net — Cisco Umbrella Rank: 1337
cs.media.net — Cisco Umbrella Rank: 1513
13 KB
4 semasio.net
uipglob.semasio.net — Cisco Umbrella Rank: 1222
2 KB
4 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 860
s.tribalfusion.com — Cisco Umbrella Rank: 2311
2 KB
4 audrte.com
a.audrte.com — Cisco Umbrella Rank: 2810
3 KB
4 creativecdn.com
creativecdn.com — Cisco Umbrella Rank: 592
2 KB
4 liadm.com
i.liadm.com — Cisco Umbrella Rank: 539
2 KB
4 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 547
3 KB
4 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 868
3 KB
4 doubleverify.com
cdn.doubleverify.com — Cisco Umbrella Rank: 496
tps.doubleverify.com — Cisco Umbrella Rank: 515
tpsc-ew1.doubleverify.com — Cisco Umbrella Rank: 11101
105 KB
4 google.com
www.google.com — Cisco Umbrella Rank: 2
2 KB
4 ad-srv.net
tm.ad-srv.net — Cisco Umbrella Rank: 89525
ad.ad-srv.net — Cisco Umbrella Rank: 50659
ad13.ad-srv.net — Cisco Umbrella Rank: 465096
8 KB
4 omnitagjs.com
hb-api.omnitagjs.com — Cisco Umbrella Rank: 3481
visitor.omnitagjs.com — Cisco Umbrella Rank: 799
2 KB
4 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 1245
pixel.quantserve.com — Cisco Umbrella Rank: 964
cms.quantserve.com — Cisco Umbrella Rank: 764
10 KB
4 datadoghq.com
http-intake.logs.datadoghq.com — Cisco Umbrella Rank: 8487
1009 B
4 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2462
395 B
4 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 35
361 KB
3 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 795
2 KB
3 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 689
3 KB
3 disqus.com
ssp.disqus.com — Cisco Umbrella Rank: 1439
1 KB
3 turn.com
ad.turn.com — Cisco Umbrella Rank: 851
1 KB
3 yellowblue.io
cs-server-s2s.yellowblue.io — Cisco Umbrella Rank: 2460
cs.yellowblue.io — Cisco Umbrella Rank: 1590
2 KB
3 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 566
2 KB
3 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 1372
1 KB
3 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 212
192 KB
3 aralego.net
cdn.aralego.net — Cisco Umbrella Rank: 15951
41 KB
2 zeotap.com
mwzeom.zeotap.com — Cisco Umbrella Rank: 3222
674 B
2 truffle.bid
matching.truffle.bid — Cisco Umbrella Rank: 6588
2 erne.co
green.erne.co — Cisco Umbrella Rank: 31191
824 B
2 dotomi.com
pubmatic-match.dotomi.com — Cisco Umbrella Rank: 3483
746 B
2 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 726
938 B
2 weborama.fr
cr.frontend.weborama.fr — Cisco Umbrella Rank: 24983
498 B
2 de17a.com
d5p.de17a.com — Cisco Umbrella Rank: 4905
562 B
2 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 709
765 B
2 creative-serving.com
ads.creative-serving.com — Cisco Umbrella Rank: 4780
1 KB
2 360yield.com
ice.360yield.com — Cisco Umbrella Rank: 2116
669 B
2 metadsp.co.uk
u.ipw.metadsp.co.uk — Cisco Umbrella Rank: 5190
913 B
2 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 940
456 B
2 rezync.com
live.rezync.com — Cisco Umbrella Rank: 1922
1 KB
2 conrad.ch
www.conrad.ch
ct.conrad.ch
2 KB
2 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 559
69 B
2 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 674
cdn.indexww.com — Cisco Umbrella Rank: 1531
2 KB
2 bluekai.com
tags.bluekai.com — Cisco Umbrella Rank: 685
stags.bluekai.com — Cisco Umbrella Rank: 921
702 B
2 criteo.net
static.criteo.net — Cisco Umbrella Rank: 668
60 KB
2 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 487
1 KB
2 connatix.com
capi.connatix.com — Cisco Umbrella Rank: 1113
522 B
2 jquery.com
code.jquery.com — Cisco Umbrella Rank: 762
60 KB
2 adrecover.com
delivery.adrecover.com — Cisco Umbrella Rank: 27295
12 KB
2 statcounter.com
www.statcounter.com — Cisco Umbrella Rank: 15116
c.statcounter.com — Cisco Umbrella Rank: 9937
15 KB
1 googlevideo.com
rr3---sn-1gi7znek.googlevideo.com
1 bidtheatre.com
match.adsby.bidtheatre.com — Cisco Umbrella Rank: 2242
555 B
1 iprom.net
core.iprom.net — Cisco Umbrella Rank: 6074
277 B
1 ctnsnet.com
ipac.ctnsnet.com — Cisco Umbrella Rank: 5723
369 B
1 adgrx.com
cm.adgrx.com — Cisco Umbrella Rank: 1392
283 B
1 opera.com
t.adx.opera.com — Cisco Umbrella Rank: 1397
553 B
1 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1533
524 B
1 socdm.com
tg.socdm.com — Cisco Umbrella Rank: 1208
825 B
1 yieldmo.com
ads.yieldmo.com — Cisco Umbrella Rank: 657
642 B
1 deepintent.com
match.deepintent.com — Cisco Umbrella Rank: 1055
44 B
1 ipredictive.com
sync.ipredictive.com — Cisco Umbrella Rank: 909
465 B
1 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 440
921 B
1 mediago.io
trace.mediago.io — Cisco Umbrella Rank: 904
373 B
1 digitaleast.mobi
euexchangesync.digitaleast.mobi — Cisco Umbrella Rank: 17718
244 B
1 ad4m.at
ad4m.at — Cisco Umbrella Rank: 12394
1 intelliad.de
t23.intelliad.de — Cisco Umbrella Rank: 143572
556 B
1 technoratimedia.com
sync.technoratimedia.com — Cisco Umbrella Rank: 1617
523 B
1 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1268
465 B
1 adkernel.com
sync.adkernel.com — Cisco Umbrella Rank: 1545
160 B
1 springserve.com
sync.springserve.com — Cisco Umbrella Rank: 3340
206 B
1 krxd.net
beacon.krxd.net — Cisco Umbrella Rank: 758
337 B
1 agkn.com
aa.agkn.com — Cisco Umbrella Rank: 560
499 B
1 exelator.com
loadm.exelator.com — Cisco Umbrella Rank: 1743
324 B
1 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 300
17 KB
1 b-cdn.net
unibots.b-cdn.net — Cisco Umbrella Rank: 37738
1 KB
1 contentspread.net
cdn.contentspread.net — Cisco Umbrella Rank: 88526
1 KB
1 smartphoto-media.com
smartphoto-media.com
33 KB
1 yahoo.net
hb.yahoo.net — Cisco Umbrella Rank: 938
315 B
1 primis.tech
live.primis.tech — Cisco Umbrella Rank: 1458
524 B
1 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 377
651 B
1 zencdn.net
vjs.zencdn.net — Cisco Umbrella Rank: 5091
145 KB
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 1212
642 B
1 ip-api.com
pro.ip-api.com — Cisco Umbrella Rank: 6032
275 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 335
2 KB
1 socket.io
cdn.socket.io — Cisco Umbrella Rank: 40153
13 KB
1 unibots.in
socket.unibots.in — Cisco Umbrella Rank: 60152
4 KB
1 bg3.co
www.bg3.co
static.bg3.co Failed
15 KB
0 gammaplatform.com Failed
cm-supply-web.gammaplatform.com Failed
0 mrtnsvr.com Failed
ad.mrtnsvr.com Failed
0 sonobi.com Failed
sync.go.sonobi.com Failed
608 126
Domain Requested by
30 cm.g.doubleclick.net 15 redirects www.bg3.co
googleads.g.doubleclick.net
sync.teads.tv
onetag-sys.com
adpushup-d.openx.net
g2.gumgum.com
23 pagead2.googlesyndication.com ads.aralego.com
securepubads.g.doubleclick.net
pagead2.googlesyndication.com
googleads.g.doubleclick.net
www.bg3.co
imasdk.googleapis.com
tpc.googlesyndication.com
www.googletagservices.com
20 ads.servenobid.com cdn.adpushup.com
public.servenobid.com
onetag-sys.com
ssum-sec.casalemedia.com
ssbsync.smartadserver.com
g2.gumgum.com
cs-rtb.minutemedia-prebid.com
cs-server-s2s.yellowblue.io
eus.rubiconproject.com
ads.pubmatic.com
18 onetag-sys.com 4 redirects cdn.adpushup.com
onetag-sys.com
public.servenobid.com
17 pixel.rubiconproject.com 12 redirects www.bg3.co
onetag-sys.com
17 match.adsrvr.org imprammp.taboola.com
am-match.taboola.com
www.bg3.co
sync.teads.tv
cdn.adpushup.com
onetag-sys.com
adpushup-d.openx.net
ssum-sec.casalemedia.com
g2.gumgum.com
ads.pubmatic.com
17 tpc.googlesyndication.com www.bg3.co
0cdb8e87210a0ca781607e22327923a6.safeframe.googlesyndication.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
16 il-trc-events.taboola.com www.bg3.co
15 cdn.taboola.com www.bg3.co
cdn.taboola.com
14 usersync.gumgum.com g2.gumgum.com
ads.pubmatic.com
14 images.taboola.com www.bg3.co
13 simage2.pubmatic.com ads.pubmatic.com
13 stream.unibotscdn.com vjs.zencdn.net
13 cdn.unibotscdn.com www.bg3.co
cdn.unibotscdn.com
12 dsum-sec.casalemedia.com 3 redirects googleads.g.doubleclick.net
ssum-sec.casalemedia.com
12 eus.rubiconproject.com ads.aralego.com
imprammp.taboola.com
eus.rubiconproject.com
am-match.taboola.com
cdn.adpushup.com
public.servenobid.com
g2.gumgum.com
12 ib.adnxs.com 8 redirects cdn.adpushup.com
acdn.adnxs.com
12 securepubads.g.doubleclick.net www.bg3.co
securepubads.g.doubleclick.net
cdn.aralego.net
www.googletagservices.com
11 image2.pubmatic.com 1 redirects ads.pubmatic.com
11 csync.smilewanted.com cdn.adpushup.com
csync.smilewanted.com
ads.pubmatic.com
11 token.rubiconproject.com 6 redirects eus.rubiconproject.com
10 pr-bh.ybp.yahoo.com 5 redirects imprammp.taboola.com
am-match.taboola.com
ssum-sec.casalemedia.com
ads.pubmatic.com
9 e3.adpushup.com www.bg3.co
9 cdn.ampproject.org www.bg3.co
cdn.ampproject.org
securepubads.g.doubleclick.net
8 ups.analytics.yahoo.com 7 redirects onetag-sys.com
8 s.amazon-adsystem.com 2 redirects www.bg3.co
onetag-sys.com
ssum-sec.casalemedia.com
8 x.bidswitch.net 6 redirects am-match.taboola.com
onetag-sys.com
7 b1sync.zemanta.com 7 redirects
7 cs-rtb.minutemedia-prebid.com public.servenobid.com
cs-rtb.minutemedia-prebid.com
7 sync.teads.tv 3 redirects a.teads.tv
sync.teads.tv
7 t2.teads.tv www.bg3.co
6 image8.pubmatic.com 5 redirects onetag-sys.com
6 match.prod.bidr.io 6 redirects
6 prebid.a-mo.net 2 redirects cdn.adpushup.com
www.bg3.co
5 csi.gstatic.com imasdk.googleapis.com
5 sync.crwdcntrl.net 4 redirects ads.pubmatic.com
5 sync.1rx.io 5 redirects
5 c1.adform.net 3 redirects ads.pubmatic.com
5 idsync.rlcdn.com 3 redirects sync.teads.tv
ssum-sec.casalemedia.com
5 www.awin1.com 3 redirects ad.ad-srv.net
hal90008.redintelligence.net
5 aax-eu.amazon-adsystem.com 2 redirects www.bg3.co
adpushup-d.openx.net
ads.pubmatic.com
5 a.teads.tv cdn.adpushup.com
a.teads.tv
5 htlb.casalemedia.com cdn.adpushup.com
5 vidstat.taboola.com cdn.taboola.com
vidstat.taboola.com
5 cdn.adpushup.com www.bg3.co
cdn.adpushup.com
4 pixel.onaudience.com 4 redirects
4 uipglob.semasio.net 2 redirects www.bg3.co
ads.pubmatic.com
4 pixel-eu.onaudience.com 4 redirects
4 a.audrte.com 3 redirects ads.pubmatic.com
4 creativecdn.com 4 redirects
4 image6.pubmatic.com ads.pubmatic.com
4 rtb-csync.smartadserver.com 1 redirects ssbsync.smartadserver.com
4 i.liadm.com 4 redirects
4 bh.contextweb.com 4 redirects
4 p.rfihub.com 4 redirects
4 ap.lijit.com 1 redirects public.servenobid.com
csync.smilewanted.com
cs-rtb.minutemedia-prebid.com
4 ads.pubmatic.com public.servenobid.com
csync.smilewanted.com
g2.gumgum.com
ads.pubmatic.com
4 ssum-sec.casalemedia.com 1 redirects public.servenobid.com
js-sec.indexww.com
ssum-sec.casalemedia.com
4 eb2.3lift.com 3 redirects cdn.adpushup.com
4 hal90008.redintelligence.net 1 redirects googleads.g.doubleclick.net
hal90008.redintelligence.net
4 www.google.com www.bg3.co
tpc.googlesyndication.com
googleads.g.doubleclick.net
4 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
4 fonts.googleapis.com cdn.taboola.com
0cdb8e87210a0ca781607e22327923a6.safeframe.googlesyndication.com
securepubads.g.doubleclick.net
hal90008.redintelligence.net
4 rtb.openx.net cdn.adpushup.com
4 sync.aralego.com 1 redirects ads.aralego.com
www.bg3.co
4 http-intake.logs.datadoghq.com cdn.adpushup.com
4 region1.google-analytics.com www.googletagmanager.com
4 www.googletagmanager.com www.bg3.co
www.googletagmanager.com
cdn.unibotscdn.com
3 simage4.pubmatic.com ads.pubmatic.com
3 pubads.g.doubleclick.net imasdk.googleapis.com
3 um.simpli.fi 3 redirects
3 sync.srv.stackadapt.com 3 redirects
3 secure.adnxs.com 3 redirects
3 ssp.disqus.com 3 redirects
3 ad.turn.com 3 redirects
3 us-u.openx.net 1 redirects adpushup-d.openx.net
3 ads.stickyadstv.com 3 redirects
3 sync.mathtag.com onetag-sys.com
ads.pubmatic.com
3 hal9000.redintelligence.net googleads.g.doubleclick.net
hal90008.redintelligence.net
3 ad.doubleclick.net 1 redirects googleads.g.doubleclick.net
www.bg3.co
3 t.teads.tv www.bg3.co
3 fonts.gstatic.com fonts.googleapis.com
3 ce.lijit.com 2 redirects www.bg3.co
3 secure-assets.rubiconproject.com 3 redirects
3 www.googletagservices.com www.bg3.co
securepubads.g.doubleclick.net
googleads.g.doubleclick.net
3 track.adform.net www.bg3.co
s1.adform.net
3 trc.taboola.com cdn.taboola.com
3 gum.criteo.com cdn.taboola.com
cdn.adpushup.com
3 cdn.aralego.net www.bg3.co
ads.aralego.com
2 mwzeom.zeotap.com www.bg3.co
ads.pubmatic.com
2 matching.truffle.bid ads.pubmatic.com
2 green.erne.co 2 redirects
2 s.tribalfusion.com ads.pubmatic.com
2 a.tribalfusion.com 2 redirects
2 am-wf.taboola.com vidstat.taboola.com
2 pubmatic-match.dotomi.com 2 redirects
2 pixel-sync.sitescout.com 2 redirects
2 cr.frontend.weborama.fr 1 redirects ads.pubmatic.com
2 d5p.de17a.com 2 redirects
2 sync-tm.everesttech.net 1 redirects ads.pubmatic.com
2 ads.creative-serving.com 2 redirects
2 u.openx.net 2 redirects
2 ice.360yield.com 2 redirects
2 u.ipw.metadsp.co.uk 2 redirects
2 visitor.omnitagjs.com 2 redirects
2 csync.loopme.me 2 redirects
2 sync.smartadserver.com 2 redirects
2 live.rezync.com 2 redirects
2 match.sharethrough.com public.servenobid.com
cs-server-s2s.yellowblue.io
2 cs-server-s2s.yellowblue.io public.servenobid.com
cs-server-s2s.yellowblue.io
2 ssbsync.smartadserver.com 1 redirects public.servenobid.com
2 cms.quantserve.com 2 redirects
2 id.rlcdn.com onetag-sys.com
2 ssbsync-global.smartadserver.com 1 redirects onetag-sys.com
2 pixel-eu.rubiconproject.com 1 redirects onetag-sys.com
2 adpushup-d.openx.net 1 redirects cdn.adpushup.com
2 dis.criteo.com 2 redirects
2 cdn.doubleverify.com a.teads.tv
www.bg3.co
2 static.criteo.net cdn.adpushup.com
static.criteo.net
2 ad.ad-srv.net 1 redirects tm.ad-srv.net
2 pixel.tapad.com 1 redirects www.bg3.co
2 capi.connatix.com 1 redirects www.bg3.co
2 s1.adform.net track.adform.net
s1.adform.net
2 imasdk.googleapis.com cdn.unibotscdn.com
imasdk.googleapis.com
2 am-vid-events.taboola.com www.bg3.co
2 wf.taboola.com vidstat.taboola.com
2 am-match.taboola.com vidstat.taboola.com
2 prebid.smilewanted.com cdn.adpushup.com
2 hb-api.omnitagjs.com cdn.adpushup.com
2 tlx.3lift.com cdn.adpushup.com
2 fastlane.rubiconproject.com cdn.adpushup.com
2 prebid-server.rubiconproject.com cdn.adpushup.com
2 grid.bidswitch.net cdn.adpushup.com
2 prebid.media.net cdn.adpushup.com
2 bidder.criteo.com cdn.adpushup.com
2 0cdb8e87210a0ca781607e22327923a6.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 code.jquery.com delivery.adrecover.com
cdn.adpushup.com
2 ads.aralego.com 1 redirects ads.aralego.com
2 delivery.adrecover.com www.bg3.co
1 rr3---sn-1gi7znek.googlevideo.com www.bg3.co
1 stags.bluekai.com www.bg3.co
1 tpsc-ew1.doubleverify.com cdn.doubleverify.com
1 match.adsby.bidtheatre.com 1 redirects
1 image4.pubmatic.com ads.pubmatic.com
1 dmp.adform.net 1 redirects
1 core.iprom.net ads.pubmatic.com
1 ipac.ctnsnet.com ads.pubmatic.com
1 cm.adgrx.com ads.pubmatic.com
1 t.adx.opera.com 1 redirects
1 dsp.adfarm1.adition.com 1 redirects
1 pixel-us-east.rubiconproject.com 1 redirects
1 tg.socdm.com 1 redirects
1 cs.yellowblue.io cs-server-s2s.yellowblue.io
1 rtb.gumgum.com g2.gumgum.com
1 cm.adform.net 1 redirects
1 cs.media.net 1 redirects
1 ads.yieldmo.com 1 redirects
1 match.deepintent.com g2.gumgum.com
1 sync.ipredictive.com 1 redirects
1 ct.conrad.ch hal90008.redintelligence.net
1 id5-sync.com ssbsync.smartadserver.com
1 tps.doubleverify.com cdn.doubleverify.com
1 trace.mediago.io 1 redirects
1 euexchangesync.digitaleast.mobi 1 redirects
1 cdn.indexww.com ssum-sec.casalemedia.com
1 ad4m.at ssum-sec.casalemedia.com
1 t23.intelliad.de googleads.g.doubleclick.net
1 www.conrad.ch hal90008.redintelligence.net
1 hbx.media.net 1 redirects
1 sync.technoratimedia.com 1 redirects
1 sync.targeting.unrulymedia.com 1 redirects
1 sync.adkernel.com public.servenobid.com
1 g2.gumgum.com public.servenobid.com
1 eu-u.openx.net adpushup-d.openx.net
1 static.smilewanted.com csync.smilewanted.com
1 public.servenobid.com cdn.adpushup.com
1 js-sec.indexww.com cdn.adpushup.com
1 acdn.adnxs.com cdn.adpushup.com
1 contextual.media.net cdn.adpushup.com
1 sync.springserve.com sync.teads.tv
1 beacon.krxd.net sync.teads.tv
1 aa.agkn.com sync.teads.tv
1 tags.bluekai.com sync.teads.tv
1 loadm.exelator.com sync.teads.tv
1 s8t.teads.tv www.bg3.co
1 s0.2mdn.net imasdk.googleapis.com
1 unibots.b-cdn.net cdn.unibotscdn.com
1 cdn.contentspread.net ad.ad-srv.net
1 cds.taboola.com cdn.taboola.com
1 ad13.ad-srv.net ad.ad-srv.net
1 smartphoto-media.com ad.ad-srv.net
1 pips.taboola.com cdn.taboola.com
1 sync.taboola.com am-match.taboola.com
1 vidstatb.taboola.com www.bg3.co
1 hb.yahoo.net www.bg3.co
1 live.primis.tech www.bg3.co
1 px.ads.linkedin.com www.bg3.co
1 vjs.zencdn.net cdn.unibotscdn.com
1 tm.ad-srv.net www.bg3.co
1 pixel.quantserve.com www.bg3.co
1 28b80d983001049884fdc6317880bd6b.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 imprammp.taboola.com vidstat.taboola.com
1 rules.quantcount.com secure.quantserve.com
1 pro.ip-api.com cdn.unibotscdn.com
1 cdn.jsdelivr.net cdn.adpushup.com
1 secure.quantserve.com cdn.adpushup.com
1 cdn.socket.io cdn.unibotscdn.com
1 socket.unibots.in cdn.unibotscdn.com
1 c.statcounter.com www.statcounter.com
1 www.statcounter.com www.bg3.co
1 www.bg3.co
0 cm-supply-web.gammaplatform.com Failed ads.pubmatic.com
0 ad.mrtnsvr.com Failed ads.pubmatic.com
0 sync.go.sonobi.com Failed public.servenobid.com
googleads.g.doubleclick.net
0 static.bg3.co Failed www.bg3.co
608 215
Subject Issuer Validity Valid
*.bg3.co
AlphaSSL CA - SHA256 - G4		 2023-05-22 -
2024-06-22		 a year crt.sh
misc-sni.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
statcounter.com
Sectigo RSA Domain Validation Secure Server CA		 2022-11-24 -
2023-12-24		 a year crt.sh
*.adpushup.com
GeoTrust TLS RSA CA G1		 2023-08-11 -
2024-07-12		 a year crt.sh
*.taboola.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-23 -
2024-11-22		 a year crt.sh
cdn.unibotscdn.com
R3		 2023-10-14 -
2024-01-12		 3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2023-07-11 -
2024-07-14		 a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-26 -
2023-12-23		 3 months crt.sh
socket.unibots.in
R3		 2023-11-06 -
2024-02-04		 3 months crt.sh
*.logs.datadoghq.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-03-22 -
2024-03-22		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-04-18 -
2024-04-17		 a year crt.sh
*.aralego.com
Sectigo RSA Domain Validation Secure Server CA		 2023-11-09 -
2024-12-09		 a year crt.sh
cdn.socket.io
Amazon RSA 2048 M03		 2023-10-22 -
2024-11-17		 a year crt.sh
quantserve.com
R3		 2023-10-28 -
2024-01-26		 3 months crt.sh
*.openx.net
RapidSSL TLS RSA CA G1		 2023-08-18 -
2024-08-18		 a year crt.sh
prebid.media.net
GTS CA 1D4		 2023-10-28 -
2024-01-26		 3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
*.a-mo.net
R3		 2023-11-07 -
2024-02-05		 3 months crt.sh
casalemedia.com
Cloudflare Inc ECC CA-3		 2023-05-21 -
2024-05-20		 a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2023-03-23 -
2024-03-23		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-05 -
2024-04-03		 a year crt.sh
*.3lift.com
Amazon RSA 2048 M02		 2023-04-13 -
2024-05-11		 a year crt.sh
omnitagjs.com
Sectigo RSA Domain Validation Secure Server CA		 2023-06-23 -
2024-07-22		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-28 -
2024-01-28		 a year crt.sh
ads.servenobid.com
Amazon RSA 2048 M01		 2023-04-29 -
2024-05-27		 a year crt.sh
teads.tv
R3		 2023-11-03 -
2024-02-01		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.ip-api.com
Sectigo RSA Domain Validation Secure Server CA		 2022-11-25 -
2023-12-26		 a year crt.sh
track.adform.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-06 -
2024-09-19		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-08-29 -
2024-02-21		 6 months crt.sh
ad-srv.net
R3		 2023-10-20 -
2024-01-18		 3 months crt.sh
vjs.zencdn.net
GlobalSign Atlas R3 DV TLS CA 2023 Q2		 2023-06-03 -
2024-07-04		 a year crt.sh
www.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
www.awin1.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-10 -
2024-03-09		 a year crt.sh
contentspread.net
R3		 2023-10-23 -
2024-01-21		 3 months crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-09 -
2024-01-06		 3 months crt.sh
*.b-cdn.net
Sectigo RSA Domain Validation Secure Server CA		 2023-11-05 -
2024-11-11		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
stream.unibotscdn.com
R3		 2023-11-02 -
2024-01-31		 3 months crt.sh
*.doubleverify.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-05-07 -
2024-05-07		 a year crt.sh
redintelligence.net
R3		 2023-10-10 -
2024-01-08		 3 months crt.sh
*.exelator.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-05-29 -
2024-06-11		 a year crt.sh
odc-pixel-prod-01.oracle.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-07 -
2024-02-08		 a year crt.sh
*.agkn.com
RapidSSL Global TLS RSA4096 SHA256 2022 CA1		 2023-09-07 -
2024-09-29		 a year crt.sh
beacon.krxd.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-04-14 -
2024-04-12		 a year crt.sh
*.media.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-10 -
2024-02-18		 a year crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018		 2023-08-24 -
2024-08-24		 a year crt.sh
indexww.com
Cloudflare Inc ECC CA-3		 2023-09-05 -
2024-09-03		 a year crt.sh
*.servenobid.com
Amazon RSA 2048 M02		 2023-02-21 -
2024-02-05		 a year crt.sh
*.mathtag.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-03-30 -
2024-04-29		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-21 -
2024-01-23		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2023-02-02 -
2024-03-03		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2023-04-20 -
2024-05-20		 a year crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-08-03 -
2024-01-24		 6 months crt.sh
aax-eu.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-06-21 -
2024-03-02		 8 months crt.sh
ie-ad-exch-prd-one-eks.prd.eks.ie.adexchange.gumgum.com
Amazon RSA 2048 M01		 2023-07-17 -
2024-08-14		 a year crt.sh
*.minutemedia-prebid.com
Amazon RSA 2048 M01		 2023-05-01 -
2024-05-29		 a year crt.sh
*.adkernel.com
AlphaSSL CA - SHA256 - G4		 2023-01-03 -
2024-02-04		 a year crt.sh
*.yellowblue.io
Amazon ECDSA 256 M02		 2023-04-18 -
2024-05-16		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2023-05-06 -
2024-05-04		 a year crt.sh
*.sharethrough.com
Amazon RSA 2048 M01		 2023-06-14 -
2024-07-12		 a year crt.sh
www.conrad.ch
Cloudflare Inc ECC CA-3		 2023-03-17 -
2024-03-16		 a year crt.sh
*.intelliad.de
Thawte TLS RSA CA G1		 2023-07-31 -
2024-08-30		 a year crt.sh
s.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-03 -
2024-02-19		 a year crt.sh
*.tps.doubleverify.com
Go Daddy Secure Certificate Authority - G2		 2023-09-29 -
2024-09-28		 a year crt.sh
*.id5-sync.com
R3		 2023-11-01 -
2024-01-30		 3 months crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2022-11-30 -
2024-01-01		 a year crt.sh
*.ad-server.k8s.ie.ggops.com
Amazon RSA 2048 M02		 2023-02-08 -
2024-02-15		 a year crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-08-11 -
2024-09-11		 a year crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA		 2023-03-03 -
2024-03-31		 a year crt.sh
*.ctnsnet.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-13 -
2024-11-10		 a year crt.sh
*.iprom.net
R3		 2023-11-13 -
2024-02-11		 3 months crt.sh
truffle.bid
R3		 2023-10-24 -
2024-01-22		 3 months crt.sh
*.c.docs.google.com
GTS CA 1C3		 2023-10-10 -
2023-12-19		 2 months crt.sh

This page contains 109 frames:

Primary Page: https://www.bg3.co/a/shi-ni-ma-bei-shi-xiong-hao-quan-ti-zao-fa-fang-11wei-xing-yun-er-zhong-5zhang-quan-shuang-na-3000.html
Frame ID: D502CDB2F2DA7A955F967ED16278C535
Requests: 222 HTTP requests in this frame

Frame: https://0cdb8e87210a0ca781607e22327923a6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 50BB232D79F4BCACD52F5811292AE142
Requests: 1 HTTP requests in this frame

Frame: https://0cdb8e87210a0ca781607e22327923a6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 50016295B607B80716481BE125CE1E39
Requests: 3 HTTP requests in this frame

Frame: https://track.adform.net/adfscript/?bn=54110933;rtbwp=ZVtI6QAMW3oH_YRDAAbTM4u0qNerTunf4RWcLA;rtbdata=YuRdJOSHy5zI_PcTjfGRYKpHQjT3nfjq5kFGsrj9q6lBqx9Htn_7GTl7QWIkllmtB0Zv1VhWI64La16hzRAvlXD04MqW1HEyB7tZllmO0QvmJcZbf0ko94c4M2Qhdmv8owBELcNBe-ir3AVB4Xp0aWRxbg4Rm3WRhh51UAwxVFO-LOaajMikP-t1qzlwHdUHzTsJGp5DfTWeN8uThe2kIU7jQOZYXNLwQy91pGzS71x3kw8zAOxR8BqxL2e8QLHxN0emMd0A9203rUb4zBGTN06-QClL-MxkPalRKZDz3Pp0-Uv3UM-EOl6LBR_CirIRsdwWyPT5miNB4SKZKGrNxw2;nofp=1;click=https://adclick.g.doubleclick.net/aclk?sa=L&ai=Cboqr6UhbZfq2McOI9u8Ps6abYJGtxbxc3ebspu4CwI23ARABIABg9Y27gZgEggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDTIAQmpAhGdqMqfqIM-4AIAqAMByAMCqgT-Ak_QYZFomtiqJrUMhlSzJYpCo3dpJ6aMQ6NjStaYoz_VqQDnNoXQH045hcGtGzvGIM3EyKs3T14TGh_6Yr7smiNGAmM6tbJl_I3-80K_3wO3NrEF2MDfJJBSKMLBdCj55w6xy_7n1l_3XUKCx8nR-gGj23Defpk7NM3BUzkiFw-Wn7hqxRQxLGNu2b9kM65VbrhF3KKbWiLSsbyz1t8CpeK6fF5BaR32RmtfdZOsPxtjgAdOZIsH4SI-AOwIyrobZRDsH_RFe2Xvx7iKlXII1Ewrk9o9A6Sg64W1UJuklzaLWdw7U1urvAvJ31MmTr6WKC2EmOvD3hVR1yxB8AbtTKu0vxy_Bk9IPt0NFp6Ynd9IQjQG4WijQPMZKj_VZL7NQOI-lv4UJv_A9LEr9-uT5C_rgH9EDiodamYA7gLLHwiC0VrAd-1OEq2x6l95Lzj3Rg6YTAalCcPt4eTwode1gyBAUndFofHkLW2vH-VvtIDg94nL03Y6qimi05-5LdngBAGABseL9NrNoKyasgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE68ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgw-gsCCAGADAHiDRMIicTFqsLSggMVQ4T9Bx0z0wYM0BUBgBcB&num=1&sig=AOD64_2YWjfXYmAGCDegd-zUgj69ZfnlwQ&client=ca-pub-8933329999391104&adurl=
Frame ID: 413931DA052CB2981E30A0E01A8B459F
Requests: 10 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Frame ID: 36F05CD8FC293B7AB38AFF0AF27A07C9
Requests: 7 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=adiiix
Frame ID: 610A28BB48897F3AB74E39643FB015A9
Requests: 20 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: 2B4BBCFF757542F43D2B163E7FCFD41E
Requests: 6 HTTP requests in this frame

Frame: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8POUCLAZkVtFOZL_RtRHIrKKdyH6jaysAAABgYID-AElNTA7TxrZaiwarkVs0mNjcwsFm5FaOXCabYTWYjYwbIyCpiclh2thWa9FgNXKLBhObWzjYjNzKkctkM6wGs5FxYwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ8aDodPte9Xvf73SU-z1zj9yv8mqPTLXe61Q63xOV0a45Ot_Dpt_vcQoffrXg97G7R0y19-N0yh1vmsPvcisXu5XQLn3afW_m6u1WWt_Tot_vcqunRYfe5Fa-H3a05uh52n1vucGsGg8FcaHqb7QAAAADgwf___z8EAAAAgAgAAAAAEgAAAAAoBFT4tyBwAQAAAADD____vwaAZw4L7PIcFB6Hx-nw_AMAAAAACAAAAAASAAjohyUAYoz3Tvz_________xxigz7yR8f___3_DoAfAgw-AByEAAAAfQwTQPjbH58iwiRQUFmEEAAAAoGoYnuPIJJ2gYlHl__-_3wrAFQCAgEV2SmeQLLqDEm9hAAAABMYs0MPi95sddo3f7TL__________2b-z_yjEcIRfkwDRIxir-YXEABgzS8gAAAbdQMA8EYATtAhaMVgsDoBMTsAAAAAd_7____1gIjDNHMOVi7TYjNzOYcby8hjs3gmM99i4Rk5R6PtMRZgsGZMHSrssyEss993UFBOT4_ZZZCxXCaD-KBhWE4GwfxM2GK0mkw2y-FsuZgMhqPhaLQ_ArgcoIkYLJeTyWKyW41Wo81wN5oNFkggBhNE0aLBZDUaTRaT4Wo0Wc2Wi91ugyhatZqNNoPhajaZ7Xar4WC4HI3QhC1Gq8lksxzOlovJYDgajkZDBIODmWkwWQ3XopFt5BYNZ6O1cGTzuDWb2cg0Gy4Xi9FwLXp9TB_XaOOyDbdIMEBwL5KnRTpRmUaWkWUzWS1sholntRltHJ7dauYYLWariclkmoglmpNFOpFd9hWHaeYcrFymxWbmcg43lpHHZvFMZr7FwjNyjkb74mBmGkxWw7VoZBu5RcPZaC0c2TxuzWY2Ms2Gy8ViNFyLXh_TxzXauGzDfWM3GIyGi8lqtm_sBoPRcDFZzfYdOsN39TkblWWV5KNzGoa1pq3mNChcBov3pT6dhwVjQfv7HJ0mj-hZ1Bn9fr_f7_f7_X6_36D1HMwGhe95-Aunj-W5HM5GD2KDQRFLBBfpRPAwux2ml1vi82z8FrFEabpIJ3qFX3N0uuVOt9rhlricbs3R6RY-_XafW-jwuxWvh90terqlD79b5nDLHHafW7HYvZxu4dPucytfd7fK8pYe_XafWzU9Ouw-t-L1sLs1R9fD7nPLHW7NYDCYC01vs0UsEZwu0onoZTxd1H_UgKu5YrmaS0aDuWS4SgAAAAAAAAAAlmCa6SYAAAAATgY13AwXq3U6mMlsMtitlgvgIihLFzAIAAAAAABAscYea4CH2e0wvdwSn2fjtzIACeY8Zpt9RhBrtVrWAAAABLABAAAEcNONN4FjUdz_____OAAAADJy6AEAANDvA8I6cKXQC0fiVxCLxWC4fwAqxFqtVrcba7VaAQ1iN9pMJhP4____Dw!&cmcv=&pix=undefined&cb=1700481258413&uv=3358&tms=1700481258413&abt=adxsub-out_vA!adxsub-out_vB!lvlstst-in2_vC!lvlstst1_vC!pl148380-820_vA!t45!u2822_vA!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=5bda4c65-405d-40bf-803d-9dedf0506d8c&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Frame ID: 9C6DEDF8ED079D60A3640ECDE188F0C3
Requests: 3 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V8POUCLAZkVtFOZL_RtRHIrKKdyH6jaysAAABgYID-AElNTA7TxrZaiwarkVs0mNjcwsFm5FaOXCabYTWYjYwbIyCpiclh2thWa9FgNXKLBhObWzjYjNzKkctkM6wGs5FxYwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ8aDodPte9Xvf73SU-z1zj9yv8mqPTLXe61Q63xOV0a45Ot_Dpt_vcQoffrXg97G7R0y19-N0yh1vmsPvcisXu5XQLn3afW_m6u1WWt_Tot_vcqunRYfe5Fa-H3a05uh52n1vucGsGg8FcaHqb7QAAAADgwf___z8EAAAAgAgAAAAAEgAAAAAoBFT4tyBwAQAAAADD____vwaAZw4L7PIcFB6Hx-nw_AMAAAAACAAAAAASAAjohyUAYoz3Tvz_________xxigz7yR8f___3_DoAfAgw-AByEAAAAfQwTQPjbH58iwiRQUFmEEAAAAoGoYnuPIJJ2gYlHl__-_3wrAFQCAgEV2SmeQLLqDEm9hAAAABMYs0MPi95sddo3f7TL__________2b-z_yjEcIRfkwDRIxir-YXEABgzS8gAAAbdQMA8EYATtAhaMVgsDoBMTsAAAAAd_7____1gIjDNHMOVi7TYjNzOYcby8hjs3gmM99i4Rk5R6PtMRZgsGZMHSrssyEss993UFBOT4_ZZZCxXCaD-KBhWE4GwfxM2GK0mkw2y-FsuZgMhqPhaLQ_ArgcoIkYLJeTyWKyW41Wo81wN5oNFkggBhNE0aLBZDUaTRaT4Wo0Wc2Wi91ugyhatZqNNoPhajaZ7Xar4WC4HI3QhC1Gq8lksxzOlovJYDgajkZDBIODmWkwWQ3XopFt5BYNZ6O1cGTzuDWb2cg0Gy4Xi9FwLXp9TB_XaOOyDbdIMEBwL5KnRTpRmUaWkWUzWS1sholntRltHJ7dauYYLWariclkmoglmpNFOpFd9hWHaeYcrFymxWbmcg43lpHHZvFMZr7FwjNyjkb74mBmGkxWw7VoZBu5RcPZaC0c2TxuzWY2Ms2Gy8ViNFyLXh_TxzXauGzDfWM3GIyGi8lqtm_sBoPRcDFZzfYdOsN39TkblWWV5KNzGoa1pq3mNChcBov3pT6dhwVjQfv7HJ0mj-hZ1Bn9fr_f7_f7_X6_36D1HMwGhe95-Aunj-W5HM5GD2KDQRFLBBfpRPAwux2ml1vi82z8FrFEabpIJ3qFX3N0uuVOt9rhlricbs3R6RY-_XafW-jwuxWvh90terqlD79b5nDLHHafW7HYvZxu4dPucytfd7fK8pYe_XafWzU9Ouw-t-L1sLs1R9fD7nPLHW7NYDCYC01vs0UsEZwu0onoZTxd1H_UgKu5YrmaS0aDuWS4SgAAAAAAAAAAlmCa6SYAAAAATgY13AwXq3U6mMlsMtitlgvgIihLFzAIAAAAAABAscYea4CH2e0wvdwSn2fjtzIACeY8Zpt9RhBrtVrWAAAABLABAAAEcNONN4FjUdz_____OAAAADJy6AEAANDvA8I6cKXQC0fiVxCLxWC4fwAqxFqtVrcba7VaAQ1iN9pMJhP4____Dw!&excid=22&docw=0&cijs=1&nlb=false
Frame ID: 96CD9288F7E0F94189C93211DE8B3D53
Requests: 4 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Frame ID: 6EC898E7542C40EE83BE6C215B07FE97
Requests: 3 HTTP requests in this frame

Frame: https://28b80d983001049884fdc6317880bd6b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: A7B0D03D24D88750B9FF5FD0A4D8DE62
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/zrt_lookup_fy2021.html
Frame ID: BC5EB3AF623D700480FFC99E11E2F9E4
Requests: 1 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V8POUCLAZkVtFOZL_RtRHIrKKdyH6jaysAAABgYID-AElNTA7TxrZaiwarkVs0mNjcwsFm5FaOXCabYTWYjYwbIyCpiclh2thWa9FgNXKLBhObWzjYjNzKkctkM6wGs5FxYwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ8aDodPte9Xvf73SU-z1zj9yv8mqPTLXe61Q63xOV0a45Ot_Dpt_vcQoffrXg97G7R0y19-N0yh1vmsPvcisXu5XQLn3afW_m6u1WWt_Tot_vcqunRYfe5Fa-H3a05uh52n1vucGsGg8FcaHqb7QAAAADgwf___z8EAAAAgAgAAAAAEgAAAAAoBFT4tyBwAQAAAADD____vwaAZw4L7PIcFB6Hx-nw_AMAAAAACAAAAAASAAjohyUAYoz3Tvz_________xxigz7yR8f___3_DoAfAgw-AByEAAAAfQwTQPjbH58iwiRQUFmEEAAAAoGoYnuPIJJ2gYlHl__-_3wrAFQCAgEV2SmeQLLqDEm9hAAAABMYs0MPi95sddo3f7TL__________2b-z_yjEcIRfkwDRIxir-YXEABgzS8gAAAbdQMA8EYATtAhaMVgsDoBMTsAAAAAd_7____1gIjDNHMOVi7TYjNzOYcby8hjs3gmM99i4Rk5R6PtMRZgsGZMHSrssyEss993UFBOT4_ZZZCxXCaD-KBhWE4GwfxM2GK0mkw2y-FsuZgMhqPhaLQ_ArgcoIkYLJeTyWKyW41Wo81wN5oNFkggBhNE0aLBZDUaTRaT4Wo0Wc2Wi91ugyhatZqNNoPhajaZ7Xar4WC4HI3QhC1Gq8lksxzOlovJYDgajkZDBIODmWkwWQ3XopFt5BYNZ6O1cGTzuDWb2cg0Gy4Xi9FwLXp9TB_XaOOyDbdIMEBwL5KnRTpRmUaWkWUzWS1sholntRltHJ7dauYYLWariclkmoglmpNFOpFd9hWHaeYcrFymxWbmcg43lpHHZvFMZr7FwjNyjkb74mBmGkxWw7VoZBu5RcPZaC0c2TxuzWY2Ms2Gy8ViNFyLXh_TxzXauGzDfWM3GIyGi8lqtm_sBoPRcDFZzfYdOsN39TkblWWV5KNzGoa1pq3mNChcBov3pT6dhwVjQfv7HJ0mj-hZ1Bn9fr_f7_f7_X6_36D1HMwGhe95-Aunj-W5HM5GD2KDQRFLBBfpRPAwux2ml1vi82z8FrFEabpIJ3qFX3N0uuVOt9rhlricbs3R6RY-_XafW-jwuxWvh90terqlD79b5nDLHHafW7HYvZxu4dPucytfd7fK8pYe_XafWzU9Ouw-t-L1sLs1R9fD7nPLHW7NYDCYC01vs0UsEZwu0onoZTxd1H_UgKu5YrmaS0aDuWS4SgAAAAAAAAAAlmCa6SYAAAAATgY13AwXq3U6mMlsMtitlgvgIihLFzAIAAAAAABAscYea4CH2e0wvdwSn2fjtzIACeY8Zpt9RhBrtVrWAAAABLABAAAEcNONN4FjUdz_____OAAAADJy6AEAANDvA8I6cKXQC0fiVxCLxWC4fwAqxFqtVrcba7VaAQ1iN9pMJhP4____Dw!&excid=22&docw=0&cijs=1&nlb=false
Frame ID: D10547063428376A6A0DA7A354F46AE1
Requests: 3 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs
Frame ID: 71651F4CD71D0D3EC9BF8CF05C86278D
Requests: 16 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv7-FHwJc3Tfl80Y-h1aIH96SYBVlkPhR5OCzUOT5kuGdWIlja-KxGKyM3tmA87PIbS7UZHxeeEVXbVf8Hbf2rlI-tUXWJIl3rgKn0MGC3RAgnjtWsI2yQj8vtLevjXYdOfN8nT7o1ADIF321bON3ATWC8ROQNB_J5b7_5tJDihlTCtrTw8sDfxyggCfD1F4qGLKGRg2XVKJhDkFU_aic_eyy89cwLEWJo2MYsku3R63n6SQNIuV2GDMuRx9apHdAJxtisif_EGyfG1Ni1IOjcJkelnmtoEJhCTgkYwD8rtLM-ZcLLqzpyFo9IUJiPUsOsyip8KbkynizHlwuLPaM7d4Osiyebg&sai=AMfl-YRW6t8FgQdL2IRuZJkS-Ac_DlVsQgsis1wApfG5PVMQsY4FtEwvJkL5qK0EsDV6NgbODVpk-yyQeYeptOUeY8LMcJZQeSZ0k_Pxrj8x_bKSJRRFc_N1Aa7LbQQ4jQ&sig=Cg0ArKJSzE5heiqTpQOkEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 15E6DE5A0E176AD1658AE8049498DB27
Requests: 20 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Frame ID: E5ADB6C57D0124EFAD78DD946B6B5831
Requests: 3 HTTP requests in this frame

Frame: https://ad.ad-srv.net/request.php?zone=kkcbcktdgmf7&renderingType=html&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&documentReferer=https%3A%2F%2F0cdb8e87210a0ca781607e22327923a6.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&ancestorOrigins=https%3A%2F%2F0cdb8e87210a0ca781607e22327923a6.safeframe.googlesyndication.com%2Chttps%3A%2F%2Fwww.bg3.co&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&extVar[]=AF_SSP:Doubleclick+Ad+Exchange+by+Google&extVar[]=AF_DOM_DELI:www.bg3.co&extVar[]=AF_DOM_RTB:bg3.co&subid=7105060873762785654&rnd=81098&gdpr=0&gdpr_consent=&redirectClick=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3DL%26ai%3DCboqr6UhbZfq2McOI9u8Ps6abYJGtxbxc3ebspu4CwI23ARABIABg9Y27gZgEggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDTIAQmpAhGdqMqfqIM-4AIAqAMByAMCqgT-Ak_QYZFomtiqJrUMhlSzJYpCo3dpJ6aMQ6NjStaYoz_VqQDnNoXQH045hcGtGzvGIM3EyKs3T14TGh_6Yr7smiNGAmM6tbJl_I3-80K_3wO3NrEF2MDfJJBSKMLBdCj55w6xy_7n1l_3XUKCx8nR-gGj23Defpk7NM3BUzkiFw-Wn7hqxRQxLGNu2b9kM65VbrhF3KKbWiLSsbyz1t8CpeK6fF5BaR32RmtfdZOsPxtjgAdOZIsH4SI-AOwIyrobZRDsH_RFe2Xvx7iKlXII1Ewrk9o9A6Sg64W1UJuklzaLWdw7U1urvAvJ31MmTr6WKC2EmOvD3hVR1yxB8AbtTKu0vxy_Bk9IPt0NFp6Ynd9IQjQG4WijQPMZKj_VZL7NQOI-lv4UJv_A9LEr9-uT5C_rgH9EDiodamYA7gLLHwiC0VrAd-1OEq2x6l95Lzj3Rg6YTAalCcPt4eTwode1gyBAUndFofHkLW2vH-VvtIDg94nL03Y6qimi05-5LdngBAGABseL9NrNoKyasgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE68ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgw-gsCCAGADAHiDRMIicTFqsLSggMVQ4T9Bx0z0wYM0BUBgBcB%26num%3D1%26sig%3DAOD64_2YWjfXYmAGCDegd-zUgj69ZfnlwQ%26client%3Dca-pub-8933329999391104%26adurl%3Dhttps%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D54110933%3Bcrtbwp%3DZVtI6QAMW3oH_YRDAAbTM4u0qNerTunf4RWcLA%3Bcrtbdata%3DYuRdJOSHy5zI_PcTjfGRYKpHQjT3nfjq5kFGsrj9q6lBqx9Htn_7GTl7QWIkllmtB0Zv1VhWI64La16hzRAvlXD04MqW1HEyB7tZllmO0QvmJcZbf0ko94c4M2Qhdmv8owBELcNBe-ir3AVB4Xp0aWRxbg4Rm3WRhh51UAwxVFO-LOaajMikP-t1qzlwHdUHzTsJGp5DfTWeN8uThe2kIU7jQOZYXNLwQy91pGzS71x3kw8zAOxR8BqxL2e8QLHxN0emMd0A9203rUb4zBGTN06-QClL-MxkPalRKZDz3Pp0-Uv3UM-EOl6LBR_CirIRsdwWyPT5miNB4SKZKGrNxw2%3Badfibeg%3D0%3Bcdata%3Dpu6KinkRptpydr60SavkIc5FUbYsBq2I2udXaIzXfZ8rWKWEHL6U8cSqjIXd1ONvqU3n2qjTuTQp3-HcdHOt-nwqkKpBn-_tRcphiL3x-mVczQvwPX1n2TgIs4RpP7F-2e6R22Hel9zE4_sQZGQgqA2%3B%3BCREFURL%3Dhttps%253a%252f%252fwww.bg3.co%3BC%3D1%3Bcpdir%3D&uidRedirect=1
Frame ID: EC05D5279DF3F18B1D02CDD01BDF3018
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1700481259&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fshi-ni-ma-bei-shi-xiong-hao-quan-ti-zao-fa-fang-11wei-xing-yun-er-zhong-5zhang-quan-shuang-na-3000.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700481258931&bpp=335&bdt=1142&idt=893&shv=r20231109&mjsv=m202311150101&ptt=5&saldr=sd&cookie=ID%3D1a41361e827bc7a2%3AT%3D1700481257%3ART%3D1700481257%3AS%3DALNI_MYFSSKGpZM-0LwDSvHsIEtPXCrmyw&gpic=UID%3D00000cceb2dbfa89%3AT%3D1700481257%3ART%3D1700481257%3AS%3DALNI_MZprw4zR294mb7E3ZeSjhnV_dgsUQ&correlator=107145508175&frm=23&ife=1&pv=2&ga_vid=861161258.1700481257&ga_sid=1700481260&ga_hid=1611875559&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1718&biw=1600&bih=1200&isw=336&ish=280&ifk=1385638549&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079628%2C42532524%2C44795921%2C44809317%2C31078297%2C31079757%2C44807749%2C44807763%2C44808149%2C44808285%2C44809054%2C31079757&oid=2&pvsid=3724342431652275&tmod=731767895&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.4lfycdhy4v2h&btvi=1&fsb=1&dtd=923
Frame ID: 14C28C27F7C1C8F9FB43111AD170C7E3
Requests: 18 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: C0A76D7F225C67CD15631BA602F3FC54
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: E0649A3C09EF46B06A135535E9ADD42A
Requests: 2 HTTP requests in this frame

Frame: https://www.awin1.com/cshow.php?s=2965111&v=15168&q=361106&r=783431&pv=1&pref2=15168&pref1=23871800065761004452326012514013&gdpr=&gdpr_consent=
Frame ID: 64DB5EDA7F51E5EE56F3D5FB302EEBC9
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxiXwojGATAB&v=APEucNWcLfkXtMG9yfK2uT9U5yCcrOBA1hPQ7i4CXtvQO6IaE8vRvzpYt4Cojc0MB_foP4vbST71AtImxl-0mJOt6Xr11L8p1w
Frame ID: 4A08C1959E592A0C1029D5CE2BCF5533
Requests: 4 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Frame ID: 0BA76AD13FD57069BC91E73860A68735
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: A638282A7729BDF173F29BE6FDF875AB
Requests: 1 HTTP requests in this frame

Frame: https://sync.teads.tv/iframe?pid=169092&fromFormat=true&env=js-web&hb_provider=prebid&auctid=c9f24334-ebc2-4284-83d7-75d11f8708ac_4e1ab388-1e94-4ca3-bd0a-85357d24acb7&viewerId=8adde49d-de5a-4b5d-a829-faebc86d335c
Frame ID: EC6A24C7DBB9EA1B851CDC2626D87EBD
Requests: 12 HTTP requests in this frame

Frame: https://s8t.teads.tv/creative-bf4a5930-6f58-11ee-bc2b-9bbfb2e00e79/performance-image-dco-14648014-a7bd-4daa-918c-76e92e2cad3c.jpg
Frame ID: 3FAFABB141E93F781B848860954B32B6
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 37944A27C2E0FAB12996F1D564A1A6BB
Requests: 3 HTTP requests in this frame

Frame: https://prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=&gpp=&gpp_sid=
Frame ID: DADC21963C893FAB72A3675B1195631E
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/
Frame ID: CAD0A42095AF1F3D23D037FFC4CAA96F
Requests: 2 HTTP requests in this frame

Frame: https://adpushup-d.openx.net/w/1.0/pd?cc=1
Frame ID: 50C693A91F5DCB32194E96E78CCF74F7
Requests: 7 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C2045%2C3012%2C2043%2C2040%2C244%2C2039%2C3007%2C246%2C4%2C203%2C446%2C9%2C2055%2C2099%2C173%2C294%2C251%2C175%2C450%2C132%2C374%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C459%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C461%2C222%2C345%2C468%2C10000%2C80%2C108%2C229%2C307%2C508&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Frame ID: 0A4D028ABEE3789ACA82217969F3022C
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: 81CF11494A507AFAC7891AEAEB0D5341
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 0794E0065A06B9CE639A320F0E114CBF
Requests: 3 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1700481258438
Frame ID: A27FD77EDB4E0CB8FB1CD406C0D214FE
Requests: 15 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 9748A330B836A50D7696F0151ED99B51
Requests: 1 HTTP requests in this frame

Frame: https://public.servenobid.com/sync.html
Frame ID: 210F061EAB24CA2C75B53B0A1CF3516A
Requests: 13 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 810C259B0AE5CD1AC97CCF426F3CE2DB
Requests: 2 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements4951.js
Frame ID: 471E1BCA54699D86A79A1CC23A8663EB
Requests: 3 HTTP requests in this frame

Frame: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Frame ID: DFD94D2B9AAFABA66DEE9AFD15278498
Requests: 12 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Frame ID: C8ABC7040CD8A035477A92FC829D1F0C
Requests: 16 HTTP requests in this frame

Frame: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Frame ID: 99F6C5527F3D9BE768C8708D25DCFDB7
Requests: 6 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Frame ID: E1410389E9CA3FDF53D7C5BE74E200C0
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Frame ID: E0AA5A5E45EC118327983FAAAE625510
Requests: 4 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Frame ID: 48C62613EA35EB59A220C0B3BB5E56A6
Requests: 22 HTTP requests in this frame

Frame: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Frame ID: 64D589ADD7EF2AE479A5BBD7D6F02922
Requests: 9 HTTP requests in this frame

Frame: https://sync.adkernel.com/user-sync?zone=181225&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D152%26uid%3D%7BUID%7D&gdpr=0&gdpr_consent=&us_privacy=1YN-&
Frame ID: 0F43CB0732B11EE1AC196B988F00B6A3
Requests: 1 HTTP requests in this frame

Frame: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Frame ID: B5696C588C50205E2A15F61DF8AFD911
Requests: 5 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 283763C57EE3252CC2B2C0D0AD843EEF
Requests: 10 HTTP requests in this frame

Frame: https://www.conrad.ch/ztpv.php?awc=11467_414915_1700481262_8b6cd470-879b-11ee-92fe-22394270969d&insert=AW&gdpr=&gdpr_consent=
Frame ID: 7896072C7885B10A09F42B37DC9CD53B
Requests: 1 HTTP requests in this frame

Frame: https://www.awin1.com/cshow.php?s=2476255&v=15168&q=372492&r=414915&pref1=55866900078198704438458012514008&pv=1
Frame ID: 87DD0F5A976F667649FC3573DA6225A9
Requests: 1 HTTP requests in this frame

Frame: https://hal90008.redintelligence.net/request_content.php?s=55866900078198704438458012514008&a=9df64119
Frame ID: 375695BA09BF08CDC402D333329890CA
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 54F796791E5F0384B36A0AC0DA754761
Requests: 9 HTTP requests in this frame

Frame: https://csync.smilewanted.com/drop_cookie_sw.php
Frame ID: 805D1E173DFBCD0605FC78C36B0D34E9
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/smart/1703576616450435731
Frame ID: A4A30A9E2C025B936EF695892ABF770E
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/appnexus/7474076783371387213
Frame ID: EB789A15C3C93B757EB2446A6F021340
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/rubicon/LP6UMWJB-1L-S8I?gdpr=0
Frame ID: 235C48264686D9AAB6AA5CF1C43B7919
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Frame ID: B2F0A99A2B8C84EC2045A9F8AA272A83
Requests: 6 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/improve/e15db571-bef7-4663-8073-3076ef359599&partner_id=1010
Frame ID: 9D39ED36C3DA06EC3DDDE0A43970EB51
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/openx/0c1f6902-292a-0562-3b8a-009e1c36ddff
Frame ID: 49FF1F17D80C5B3C4942708BD674C742
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fsovrn%2F%24UID
Frame ID: A33D4188527BBEEED8F1985E1A874ED9
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/adform/4117521118395718454
Frame ID: A08022D9778F7FDA22E7CC9C34175EF6
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=adf&i=4117521118395718454&gdpr=0&gdpr_consent=
Frame ID: 711604167B74FF90FD90F25D4F921485
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV80YWMyMzQyNy0zNmM1LTRmNTMtYjBmNS0zMTAyNzM2ZmRkMTk=&gdpr=0&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Frame ID: C5E2A306F0F439C90984B474A4E9ED7A
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Frame ID: AC8FEA32B824E78684C171C6BC358B98
Requests: 2 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/outbrain/?gdpr=0
Frame ID: 1F0D08C20978E11FDBB7BFF1377FDD91
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/wWw_wJL4QR1GTnGjuCxp3xZ2mdhPvA02HD-zz8nIaqM?pi=smilewanted&tc=1
Frame ID: C1EFEEC69DADBF849C0263A459E35445
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
Frame ID: 3BF05D39F64579EC52E0F674DD2ED881
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=sus&i=ZVtI8MCo8XsAAATsBpAAAAAA
Frame ID: 7171120FEB0C0362F46C5ADAA7B69F57
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=rth&i=wWw_wJL4QR1GTnGjuCxp3xZ2mdhPvA02HD-zz8nIaqM&pi=gumgum&tc=1
Frame ID: B82B0096CEEA393B17BC6F76158CBB28
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: EF6F1E841405FF840FDB76EBC2EB35DA
Requests: 4 HTTP requests in this frame

Frame: https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D
Frame ID: 687D171049A9814EE970E48F375E29EF
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Frame ID: 9E86CCFC52FD61F41713E0F57462D61E
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=4183471A-AE64-47F0-9BED-A2E4BE6A654E&redir=true&gdpr=0&gdpr_consent=
Frame ID: 7F51D4D2201BC88E63A84CC8EE9EC8FD
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=dd1H8nfQF_FujBelcN1fpnveF6Ru0Eqpc9iBILK6
Frame ID: EA2FA4BA4DD53923889CF7E018059FC4
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7474076783371387213&gdpr=0&gdpr_consent=
Frame ID: 849FEC70797D698B7F4AB5CA352BBD38
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7303511412063664278&gdpr=0&gdpr_consent=
Frame ID: 7990F6BF12FACB268D85B41D7D0773E5
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=UnXRTK0nUb9TuntEpBAV0VXD8Bw&gdpr=0&gdpr_consent=
Frame ID: 494F15CAB673AC9B442957B2C998CD8D
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=b9472c9d-d39c-4b72-aa46-b46d4f527426&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
Frame ID: 60B74BA40D87DA827064C1A8C5DC5DFE
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AADaS07KtpIAABQ8zLmq8A&gdpr=0&gdpr_consent=
Frame ID: 41FD32652E633B0D312C0A7F75E20AE9
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU46c4162635e74bf0accfc7489ba82f87
Frame ID: AC9888A73539A92AB6862FD130F98BF5
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Frame ID: 9FA09B9687B0AE86578B627BACB9924A
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZVtI7wABCfk8agBd
Frame ID: 3743DA552D493432C22615E548C7F0A1
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:&gdpr=0&gdpr_consent=&gdpr=0
Frame ID: 35FF4F750B1907BE149D1E915CF2BBBB
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: 9A281A3431A93ACE8337ECACF0C07265
Requests: 1 HTTP requests in this frame

Frame: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Frame ID: 7DB2757CFA9AD730E1BF0B363A91B8E0
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=6979124475729010895
Frame ID: 39E5EB983FAE2F72E8D530DBCBAE3472
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5107433831084973692
Frame ID: 436DCD120520F164BA2D73FE1154ED02
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Frame ID: A2B0EE29F220392A09D8AF5710A453F7
Requests: 1 HTTP requests in this frame

Frame: https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent=
Frame ID: A4E0621CC589BB534566E284F51D5CC5
Requests: 1 HTTP requests in this frame

Frame: https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel
Frame ID: C995D1CC240AE13EBC2D66C898046B29
Requests: 1 HTTP requests in this frame

Frame: https://ads.servenobid.com/sync?pid=316&uid=4183471A-AE64-47F0-9BED-A2E4BE6A654E
Frame ID: 6CA54983F045BC3833A3FECF4A59D63C
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: CD4F181035CA51C6BD89C1CEBE5427C0
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 18A754B07F85309220A6FDEB37C5D2B8
Requests: 2 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=4183471A-AE64-47F0-9BED-A2E4BE6A654E&gdpr=0&gdpr_consent=
Frame ID: C75FAD7B195B106F880ADBFEA35415E1
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 088601FFDAA6583FECAB3FBCF51DE8EC
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=39puKE4JabSgUXhahYTMaXgT&gdpr=0&gdpr_consent=
Frame ID: 622256185A6497121D1EAA11130CF147
Requests: 1 HTTP requests in this frame

Frame: https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Frame ID: 420B8A88D6A5F644CC44FD5712893BD7
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:A379DE2D888F489CB298C763DF3EA238&gdpr=0&gdpr_consent=
Frame ID: FED6979461DB185B25EBEF3C32A8B161
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=7763854331
Frame ID: B8C96C96DDDDB718EF40D462AA497C0A
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/pubmatic/4183471A-AE64-47F0-9BED-A2E4BE6A654E
Frame ID: 235F66AACEDC70A118C506D1430384EE
Requests: 1 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=4183471A-AE64-47F0-9BED-A2E4BE6A654E&gdpr=0&gdpr_consent=
Frame ID: 99D3DE9D7D21F3E0159D4AD60EB9BF71
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 369A93D83CFEF0690B93D57E5D8F3478
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=NrGB8F9IYTTVbRhWVnTXRQYT&gdpr=0&gdpr_consent=
Frame ID: 4A4B930FD30C6B5F756702E02E23BAD3
Requests: 1 HTTP requests in this frame

Frame: https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Frame ID: 47281EC6646672C2DDC9A2C39FC467F9
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:A379DE2D888F489CB298C763DF3EA238&gdpr=0&gdpr_consent=
Frame ID: 0341B7FD2F60CB39049FE1D339D7DA2D
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=7028293210
Frame ID: 25BAB71877E77DCBAB55547A94BD8F5F
Requests: 1 HTTP requests in this frame

Frame: https://ads.servenobid.com/sync?pid=316&uid=4183471A-AE64-47F0-9BED-A2E4BE6A654E
Frame ID: 9A76F1B162499A4C292E9EBF4C00042A
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=pbm&i=4183471A-AE64-47F0-9BED-A2E4BE6A654E
Frame ID: CEA7081D9B287B6A4B239DFC13C5820E
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=pbm&i=4183471A-AE64-47F0-9BED-A2E4BE6A654E
Frame ID: 1B7B6C7657BAFABEA9A0AEF212AB619D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

是你嗎?北市熊好券提早發放 11位幸運兒中5張券爽拿3000 - 天天要聞

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • socket\.io.*\.js
Overall confidence: 100%
Detected patterns
  • <[^>]+\sdata-v(?:ue)?-
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/pagead/show_ads\.js
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • lightbox(?:-plus-jquery)?.{0,32}\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • /prebid\.js
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • statcounter\.com/counter/counter
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

608
Requests

75 %
HTTPS

0 %
IPv6

126
Domains

215
Subdomains

139
IPs

16
Countries

8567 kB
Transfer

18999 kB
Size

198
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 8
  • https://ads.aralego.com/sdk HTTP 301
  • https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Request Chain 137
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adiiix HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=adiiix
Request Chain 138
  • https://sync.aralego.com/idsync?euconsent-v2=${GDPR_CONSENT_607}& HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/ucfunnel/85cafe20-f5eb-38ad-8f29-8901d274b545?gdpr=0&euconsent= HTTP 302
  • https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-ggZQqjBE2oX53zT8UV_N1D1cmLohAo6xYzKP5BE-~A&redirect=
Request Chain 202
  • https://pixel.rubiconproject.com/exchange/sync.php?p=adiiix&khaos=LP6UMWJB-1L-S8I HTTP 302
  • https://sync.aralego.com/idsync?ucf_nid=dsp-34BA74DB2DB8A36B0867EE4A76799A2&ucf_user_id=LP6UMWJB-1L-S8I
Request Chain 207
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=nzpJ9s0AQj6UJPBz4TxKeQ&rk=usync-other HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=nzpJ9s0AQj6UJPBz4TxKeQ
Request Chain 209
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LP6UMWJB-1L-S8I
Request Chain 210
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=UD2SBWEzQuaLdd15GObGTA&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=UD2SBWEzQuaLdd15GObGTA
Request Chain 211
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/folwx5t5RtABbP9WiWp4yw?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-y9sqFgpE2oJJ5i.v6SazP9Sq_Q1DHYzNRGVlYw--~A
Request Chain 212
  • https://pixel.rubiconproject.com/exchange/sync.php?p=a9us HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=LP6UMWJB-1L-S8I&ex=d-rubiconproject.com&status=ok
Request Chain 213
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZTcwZjBkMmRlOWI1ZDY5MDhmMmEwYjZlOWM2MzM2OGRlYTIwNGQyOA
Request Chain 214
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TFA2VU1XSkItMUwtUzhJ HTTP 302
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEJQQIvjSEwwtEm4QX0tCESk&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFA2VU1XSkItMUwtUzhJ&google_push=
Request Chain 215
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEMl5QwV2SmtKIITt-6K6Ues&google_cver=1
Request Chain 216
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp HTTP 303
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&_bee_ppp=1 HTTP 303
  • https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AADaS07KtpIAABQ8zLmq8A&expires=30
Request Chain 217
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx HTTP 302
  • https://prebid.a-mo.net/setuid/magnite?uid=LP6UMWJB-1L-S8I
Request Chain 218
  • https://pixel.rubiconproject.com/exchange/sync.php?p=19564 HTTP 302
  • https://capi.connatix.com/us/pixel?puid=LP6UMWJB-1L-S8I&pId=11&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://capi.connatix.com/us/pixel?puid=LP6UMWJB-1L-S8I&pId=11&gdpr=&gdpr_consent=&us_privacy=&final=true
Request Chain 219
  • https://pixel.rubiconproject.com/exchange/sync.php?p=primis HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LP6UMWJB-1L-S8I
Request Chain 220
  • https://pixel.rubiconproject.com/exchange/sync.php?p=sovrn HTTP 302
  • https://ce.lijit.com/merge?pid=80&3pid=LP6UMWJB-1L-S8I
Request Chain 221
  • https://token.rubiconproject.com/token?pid=37556&a=1 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LP6UMWJB-1L-S8I HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3355&partner_device_id=LP6UMWJB-1L-S8I
Request Chain 222
  • https://token.rubiconproject.com/token?pid=26594 HTTP 302
  • https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LP6UMWJB-1L-S8I&redir=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=58160&ovsid=LP6UMWJB-1L-S8I&redir=true HTTP 302
  • https://hb.yahoo.net/cksync?cs=63&axid_e=eS1xalJ0OEVWRTJ1RzNqaDU2ajc4eU1WcG9KR0NzRVRzWX5B&ovsid=LP6UMWJB-1L-S8I&dpid=58160
Request Chain 245
  • https://pr-bh.ybp.yahoo.com/sync/taboola/80f40258-4d6d-4864-8dfc-336d46891148-tuctc54ce68?gdpr=1&us_privacy=1--- HTTP 302
  • https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-DqYbUdhE2oTP8qtFc9W1ugsJPXRmfs0zS0F47w--~A
Request Chain 252
  • https://ad.ad-srv.net/request.php?zone=kkcbcktdgmf7&renderingType=html&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&documentReferer=https%3A%2F%2F0cdb8e87210a0ca781607e22327923a6.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&ancestorOrigins=https%3A%2F%2F0cdb8e87210a0ca781607e22327923a6.safeframe.googlesyndication.com%2Chttps%3A%2F%2Fwww.bg3.co&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&extVar[]=AF_SSP:Doubleclick+Ad+Exchange+by+Google&extVar[]=AF_DOM_DELI:www.bg3.co&extVar[]=AF_DOM_RTB:bg3.co&subid=7105060873762785654&rnd=81098&gdpr=0&gdpr_consent=&redirectClick=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3DL%26ai%3DCboqr6UhbZfq2McOI9u8Ps6abYJGtxbxc3ebspu4CwI23ARABIABg9Y27gZgEggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDTIAQmpAhGdqMqfqIM-4AIAqAMByAMCqgT-Ak_QYZFomtiqJrUMhlSzJYpCo3dpJ6aMQ6NjStaYoz_VqQDnNoXQH045hcGtGzvGIM3EyKs3T14TGh_6Yr7smiNGAmM6tbJl_I3-80K_3wO3NrEF2MDfJJBSKMLBdCj55w6xy_7n1l_3XUKCx8nR-gGj23Defpk7NM3BUzkiFw-Wn7hqxRQxLGNu2b9kM65VbrhF3KKbWiLSsbyz1t8CpeK6fF5BaR32RmtfdZOsPxtjgAdOZIsH4SI-AOwIyrobZRDsH_RFe2Xvx7iKlXII1Ewrk9o9A6Sg64W1UJuklzaLWdw7U1urvAvJ31MmTr6WKC2EmOvD3hVR1yxB8AbtTKu0vxy_Bk9IPt0NFp6Ynd9IQjQG4WijQPMZKj_VZL7NQOI-lv4UJv_A9LEr9-uT5C_rgH9EDiodamYA7gLLHwiC0VrAd-1OEq2x6l95Lzj3Rg6YTAalCcPt4eTwode1gyBAUndFofHkLW2vH-VvtIDg94nL03Y6qimi05-5LdngBAGABseL9NrNoKyasgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE68ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgw-gsCCAGADAHiDRMIicTFqsLSggMVQ4T9Bx0z0wYM0BUBgBcB%26num%3D1%26sig%3DAOD64_2YWjfXYmAGCDegd-zUgj69ZfnlwQ%26client%3Dca-pub-8933329999391104%26adurl%3Dhttps%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D54110933%3Bcrtbwp%3DZVtI6QAMW3oH_YRDAAbTM4u0qNerTunf4RWcLA%3Bcrtbdata%3DYuRdJOSHy5zI_PcTjfGRYKpHQjT3nfjq5kFGsrj9q6lBqx9Htn_7GTl7QWIkllmtB0Zv1VhWI64La16hzRAvlXD04MqW1HEyB7tZllmO0QvmJcZbf0ko94c4M2Qhdmv8owBELcNBe-ir3AVB4Xp0aWRxbg4Rm3WRhh51UAwxVFO-LOaajMikP-t1qzlwHdUHzTsJGp5DfTWeN8uThe2kIU7jQOZYXNLwQy91pGzS71x3kw8zAOxR8BqxL2e8QLHxN0emMd0A9203rUb4zBGTN06-QClL-MxkPalRKZDz3Pp0-Uv3UM-EOl6LBR_CirIRsdwWyPT5miNB4SKZKGrNxw2%3Badfibeg%3D0%3Bcdata%3Dpu6KinkRptpydr60SavkIc5FUbYsBq2I2udXaIzXfZ8rWKWEHL6U8cSqjIXd1ONvqU3n2qjTuTQp3-HcdHOt-nwqkKpBn-_tRcphiL3x-mVczQvwPX1n2TgIs4RpP7F-2e6R22Hel9zE4_sQZGQgqA2%3B%3BCREFURL%3Dhttps%253a%252f%252fwww.bg3.co%3BC%3D1%3Bcpdir%3D HTTP 302
  • https://ad.ad-srv.net/request.php?zone=kkcbcktdgmf7&renderingType=html&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&documentReferer=https%3A%2F%2F0cdb8e87210a0ca781607e22327923a6.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&ancestorOrigins=https%3A%2F%2F0cdb8e87210a0ca781607e22327923a6.safeframe.googlesyndication.com%2Chttps%3A%2F%2Fwww.bg3.co&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&extVar[]=AF_SSP:Doubleclick+Ad+Exchange+by+Google&extVar[]=AF_DOM_DELI:www.bg3.co&extVar[]=AF_DOM_RTB:bg3.co&subid=7105060873762785654&rnd=81098&gdpr=0&gdpr_consent=&redirectClick=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3DL%26ai%3DCboqr6UhbZfq2McOI9u8Ps6abYJGtxbxc3ebspu4CwI23ARABIABg9Y27gZgEggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDTIAQmpAhGdqMqfqIM-4AIAqAMByAMCqgT-Ak_QYZFomtiqJrUMhlSzJYpCo3dpJ6aMQ6NjStaYoz_VqQDnNoXQH045hcGtGzvGIM3EyKs3T14TGh_6Yr7smiNGAmM6tbJl_I3-80K_3wO3NrEF2MDfJJBSKMLBdCj55w6xy_7n1l_3XUKCx8nR-gGj23Defpk7NM3BUzkiFw-Wn7hqxRQxLGNu2b9kM65VbrhF3KKbWiLSsbyz1t8CpeK6fF5BaR32RmtfdZOsPxtjgAdOZIsH4SI-AOwIyrobZRDsH_RFe2Xvx7iKlXII1Ewrk9o9A6Sg64W1UJuklzaLWdw7U1urvAvJ31MmTr6WKC2EmOvD3hVR1yxB8AbtTKu0vxy_Bk9IPt0NFp6Ynd9IQjQG4WijQPMZKj_VZL7NQOI-lv4UJv_A9LEr9-uT5C_rgH9EDiodamYA7gLLHwiC0VrAd-1OEq2x6l95Lzj3Rg6YTAalCcPt4eTwode1gyBAUndFofHkLW2vH-VvtIDg94nL03Y6qimi05-5LdngBAGABseL9NrNoKyasgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE68ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgw-gsCCAGADAHiDRMIicTFqsLSggMVQ4T9Bx0z0wYM0BUBgBcB%26num%3D1%26sig%3DAOD64_2YWjfXYmAGCDegd-zUgj69ZfnlwQ%26client%3Dca-pub-8933329999391104%26adurl%3Dhttps%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D54110933%3Bcrtbwp%3DZVtI6QAMW3oH_YRDAAbTM4u0qNerTunf4RWcLA%3Bcrtbdata%3DYuRdJOSHy5zI_PcTjfGRYKpHQjT3nfjq5kFGsrj9q6lBqx9Htn_7GTl7QWIkllmtB0Zv1VhWI64La16hzRAvlXD04MqW1HEyB7tZllmO0QvmJcZbf0ko94c4M2Qhdmv8owBELcNBe-ir3AVB4Xp0aWRxbg4Rm3WRhh51UAwxVFO-LOaajMikP-t1qzlwHdUHzTsJGp5DfTWeN8uThe2kIU7jQOZYXNLwQy91pGzS71x3kw8zAOxR8BqxL2e8QLHxN0emMd0A9203rUb4zBGTN06-QClL-MxkPalRKZDz3Pp0-Uv3UM-EOl6LBR_CirIRsdwWyPT5miNB4SKZKGrNxw2%3Badfibeg%3D0%3Bcdata%3Dpu6KinkRptpydr60SavkIc5FUbYsBq2I2udXaIzXfZ8rWKWEHL6U8cSqjIXd1ONvqU3n2qjTuTQp3-HcdHOt-nwqkKpBn-_tRcphiL3x-mVczQvwPX1n2TgIs4RpP7F-2e6R22Hel9zE4_sQZGQgqA2%3B%3BCREFURL%3Dhttps%253a%252f%252fwww.bg3.co%3BC%3D1%3Bcpdir%3D&uidRedirect=1
Request Chain 266
  • https://www.awin1.com/cshow.php?s=2965111&v=15168&q=361106&r=783431&pv=0&pref2=15168&pref1=23871800065761004452326012514013&gdpr=&gdpr_consent= HTTP 302
  • https://smartphoto-media.com/banner/campaign/nc-general-1-de-336x280-px.jpg
Request Chain 295
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMRhU4Np4eIhaHaGwMZonyE&google_cver=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMRhU4Np4eIhaHaGwMZonyE&google_cver=1&C=1
Request Chain 296
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZVtI7K260X9zfc-X-dAvRwAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMRhU4Np4eIhaHaGwMZonyE&google_cver=1
Request Chain 319
  • https://ad.doubleclick.net/ddm/trackimp/N1003055.279382DBMAMQDAIMLERSWI4/B30857771.379386518;dc_trk_aid=570606495;dc_trk_cid=203641274;ord=1700481260778;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=;dc_tdv=1 HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N1003055.279382DBMAMQDAIMLERSWI4/B30857771.379386518;dc_pre=COrhmKzC0oIDFVeXgwcdrusEXA;dc_trk_aid=570606495;dc_trk_cid=203641274;ord=1700481260778;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=;dc_tdv=1
Request Chain 323
  • https://sync.teads.tv/um?eid=3&fp=1&uid=&vid=8adde49d-de5a-4b5d-a829-faebc86d335c&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D&gdpr=0&_t=1700481261342 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=OGFkZGU0OWQtZGU1YS00YjVkLWE4MjktZmFlYmM4NmQzMzVj
Request Chain 325
  • https://dis.criteo.com/dis/usersync.aspx?r=79&p=145&cp=teads&cu=1&url=https%3A%2F%2Fsync.teads.tv%2Fum%3Ffp%3D1%26eid%3D80%26uid%3D%40%40CRITEO_USERID%40%40&gdpr=0&_t=1700481261342 HTTP 302
  • https://sync.teads.tv/um?fp=1&eid=80&uid=cf3e3e33-bb23-4edf-a138-da3a704b9cdc&gdpr=0
Request Chain 326
  • https://pr-bh.ybp.yahoo.com/sync/teads/8adde49d-de5a-4b5d-a829-faebc86d335c?gdpr=0&_t=1700481261342 HTTP 302
  • https://sync.teads.tv/um?eid=132&uid=y-FAjcWzlE2oQofoj_mpv_EHrO.N.ZRUVEi1M-~A
Request Chain 329
  • https://idsync.rlcdn.com/474599.gif?partner_uid=8adde49d-de5a-4b5d-a829-faebc86d335c_ch&_t=1700481261342 HTTP 307
  • https://idsync.rlcdn.com/1000.gif?memo=COf7HBIzCi8IARCzmAkaJzhhZGRlNDlkLWRlNWEtNGI1ZC1hODI5LWZhZWJjODZkMzM1Y19jaBAAGg0I7ZHtqgYSBQjoBxAAQgBKAA HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm HTTP 302
  • https://idsync.rlcdn.com/362358.gif?google_gid=CAESEAaRv-E1YScBpMXo852rzmU&google_cver=1
Request Chain 332
  • https://sync.teads.tv/um?fp=1&ssb_provider_id=1&uid=&vid=8adde49d-de5a-4b5d-a829-faebc86d335c&fb=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000024%26uuid%3D%5BVID%5D&gdpr=0&_t=1700481261342 HTTP 302
  • https://sync.springserve.com/usersync?aid=1000024&uuid=8adde49d-de5a-4b5d-a829-faebc86d335c
Request Chain 333
  • https://sync.teads.tv/um?fp=1&ssb_provider_id=3&google_nid=teadstv_ab&uid=&vid=8adde49d-de5a-4b5d-a829-faebc86d335c&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&gdpr=0&_t=1700481261342 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=OGFkZGU0OWQtZGU1YS00YjVkLWE4MjktZmFlYmM4NmQzMzVj HTTP 302
  • https://sync.teads.tv/um/report?ssb_provider_id=3&google_nid=teadstv_ab&fp=1
Request Chain 337
  • https://hal90008.redintelligence.net/request.php?zone=8w7qrx09r0fs&nw=20&renderingType=javascript&namespace=0dd2f4d6c8&subid=&uid=25a8874c5eb39f7b&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCwEnL60hbZcWyOr-r5LcPrfjQ4QaRwdCbafvwg5LcD_AuEAEg0syBGmD1jbuBmATIAQmpAiZpx6wPULI-qAMByAObBKoElgJP0NgrbOyuQ60rB_wNwTfTZR2rN_fcGEitpwoDw5hMRx7WWXTwap3VNIDtGVmgotQBFWcLgGSzuCkH40R0lFZmG_YZufczacUboBpHZTL8MJz-7Hc4g4QuyWuQ_9q8qSyNhyaX692U0F5zkOEjHd5rBLpH7MxjJwsqXDRcjIFmVQ7Qe_59odV5nBk4eLdsslRlw9HNg1HFjfi-jyhzfvCfq3ZphmABqNYTElppIsAe1P7iqZtn4M9kRP1U35LHb_g3OTafki1e3Fo3joaWdZfQdfnL1Jz0ATUUW-taci50lATnbsLg56Rs2mU5h1m-JkEWZltgIJzJ7Uzf1c7-LHwTGISpbKlRzNdtz2vaz-aTKgCJ2Fv2KsAE-saLjvwD4AQDiAXB3qL4PZAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIBhEAEYXTICigI6AoBASL39wTqACgOYCwHICwGADAGiDBgqFgoU5LSxAu61sQK1uLEC5LSxAu61sQKqDQJDSLATlbXRDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSOwDICaaNmysRusZAEu-XEo3_JuxlLDBjAI2tqMuA54kURRXVCJqyhEEtEOgDZpP2NL8pdEIGcoc8YCmfGAE%26sig%3DAOD64_1p17xf7CDN1bdGS8N-qt1IQBu1eA%26client%3Dca-pub-4485239425924787%26dbm_c%3DAKAmf-CgF3NTL-PMxINFonkbyGfWpdAzRXLj9NLzLyAcBQaIgpYU36MKZOx-aptP0xkNOMcLKTs5akKpjIrVChaAVqhyJXjaD6MlTpPttIGlJDIwDE4nwsSgU8sua5CWCVRCSkq783Ce7SgpPutgwThh18t3xOrcbfEd-EunYvbuLOAA_x-UpmY%26cry%3D1%26dbm_d%3DAKAmf-C0eAuinIXbYlms1uh0eEtCJzmlKQKGQdpCMF6DPb1qPZkwMH-4BAcKxIqP9sgHyBwlrfhEg9VD2nMmIl02h67LksZonuFGqoFsmYr20I_Ri-OdK0BDyX67sdnzNXuRUwVzRAkGc7BX0ei-StPoUoQ1lmGV4KxPfJ6aE2MuhjjZIRp2SFfI-kxPqq7APueVoXjCluXfRNXSaav5rdP-u-u0ksSqCXpwsjbu2BbEh9UpUGFNa504wZabHOA7M4hZN2uMQXkb4SqdcIsp7-0UqXEI4muqHP-hTQr6CkZLHbsfT_X67tqL9GXHWCWn8ZVnnnX4HeGiG-MeXRfoRv7krx19xNaz4g-sTsRxF4lKPUEhd_L2sPx7mfTMNem59HhFm-hP-Jk5-Rj2oFYyfShKOajsH4QuaveijlMj8vHylcC4JB42SBGQsiA52R-t8l770c5VK9bEbI1AjwokNmsIGN0dGR8Q5a_Co9tbolG9AUugVQFgTbtsyq7YVAqsEMfNYEPG1Dh3uF2rsU1EGaoN_141g9TDb8w3sajp3TL_1iUJ9SkIRNWsUd6YnSoEDJkLWkYAIgjrAAcrTQMAVs8HohSYRvo_ioIv_LpNv_bf3PGWqZFSeVs-HWb1FRx8ZKk4gcOU57ImVx32fUfXCkx0ttztvDm0LAjWe6JqQ9p4NTWKlpbi0W0%26adurl%3D&documentReferer=https%3A%2F%2Fwww.bg3.co%2F&ancestorOrigins=https%3A%2F%2Fwww.bg3.co%2Chttps%3A%2F%2Fwww.bg3.co&random=6478889498877&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
  • https://hal90008.redintelligence.net/request.php?zone=8w7qrx09r0fs&nw=20&renderingType=javascript&namespace=0dd2f4d6c8&subid=&uid=25a8874c5eb39f7b&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCwEnL60hbZcWyOr-r5LcPrfjQ4QaRwdCbafvwg5LcD_AuEAEg0syBGmD1jbuBmATIAQmpAiZpx6wPULI-qAMByAObBKoElgJP0NgrbOyuQ60rB_wNwTfTZR2rN_fcGEitpwoDw5hMRx7WWXTwap3VNIDtGVmgotQBFWcLgGSzuCkH40R0lFZmG_YZufczacUboBpHZTL8MJz-7Hc4g4QuyWuQ_9q8qSyNhyaX692U0F5zkOEjHd5rBLpH7MxjJwsqXDRcjIFmVQ7Qe_59odV5nBk4eLdsslRlw9HNg1HFjfi-jyhzfvCfq3ZphmABqNYTElppIsAe1P7iqZtn4M9kRP1U35LHb_g3OTafki1e3Fo3joaWdZfQdfnL1Jz0ATUUW-taci50lATnbsLg56Rs2mU5h1m-JkEWZltgIJzJ7Uzf1c7-LHwTGISpbKlRzNdtz2vaz-aTKgCJ2Fv2KsAE-saLjvwD4AQDiAXB3qL4PZAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIBhEAEYXTICigI6AoBASL39wTqACgOYCwHICwGADAGiDBgqFgoU5LSxAu61sQK1uLEC5LSxAu61sQKqDQJDSLATlbXRDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSOwDICaaNmysRusZAEu-XEo3_JuxlLDBjAI2tqMuA54kURRXVCJqyhEEtEOgDZpP2NL8pdEIGcoc8YCmfGAE%26sig%3DAOD64_1p17xf7CDN1bdGS8N-qt1IQBu1eA%26client%3Dca-pub-4485239425924787%26dbm_c%3DAKAmf-CgF3NTL-PMxINFonkbyGfWpdAzRXLj9NLzLyAcBQaIgpYU36MKZOx-aptP0xkNOMcLKTs5akKpjIrVChaAVqhyJXjaD6MlTpPttIGlJDIwDE4nwsSgU8sua5CWCVRCSkq783Ce7SgpPutgwThh18t3xOrcbfEd-EunYvbuLOAA_x-UpmY%26cry%3D1%26dbm_d%3DAKAmf-C0eAuinIXbYlms1uh0eEtCJzmlKQKGQdpCMF6DPb1qPZkwMH-4BAcKxIqP9sgHyBwlrfhEg9VD2nMmIl02h67LksZonuFGqoFsmYr20I_Ri-OdK0BDyX67sdnzNXuRUwVzRAkGc7BX0ei-StPoUoQ1lmGV4KxPfJ6aE2MuhjjZIRp2SFfI-kxPqq7APueVoXjCluXfRNXSaav5rdP-u-u0ksSqCXpwsjbu2BbEh9UpUGFNa504wZabHOA7M4hZN2uMQXkb4SqdcIsp7-0UqXEI4muqHP-hTQr6CkZLHbsfT_X67tqL9GXHWCWn8ZVnnnX4HeGiG-MeXRfoRv7krx19xNaz4g-sTsRxF4lKPUEhd_L2sPx7mfTMNem59HhFm-hP-Jk5-Rj2oFYyfShKOajsH4QuaveijlMj8vHylcC4JB42SBGQsiA52R-t8l770c5VK9bEbI1AjwokNmsIGN0dGR8Q5a_Co9tbolG9AUugVQFgTbtsyq7YVAqsEMfNYEPG1Dh3uF2rsU1EGaoN_141g9TDb8w3sajp3TL_1iUJ9SkIRNWsUd6YnSoEDJkLWkYAIgjrAAcrTQMAVs8HohSYRvo_ioIv_LpNv_bf3PGWqZFSeVs-HWb1FRx8ZKk4gcOU57ImVx32fUfXCkx0ttztvDm0LAjWe6JqQ9p4NTWKlpbi0W0%26adurl%3D&documentReferer=https%3A%2F%2Fwww.bg3.co%2F&ancestorOrigins=https%3A%2F%2Fwww.bg3.co%2Chttps%3A%2F%2Fwww.bg3.co&random=6478889498877&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Request Chain 345
  • https://adpushup-d.openx.net/w/1.0/pd HTTP 302
  • https://adpushup-d.openx.net/w/1.0/pd?cc=1
Request Chain 357
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D1%26gdpr_consent%3D%26uid%3D$UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fonetag-sys.com%252Fmatch%252F%253Fint_id%253D98%2526gdpr%253D1%2526gdpr_consent%253D%2526uid%253D%24UID HTTP 302
  • https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=5727349930025682732
Request Chain 358
  • https://ads.stickyadstv.com/user-matching?id=3679&gdpr=1&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=3&uid=89559b98dd2b11e3937e6453dfad7ac7&gdpr_consent=&gdpr=1
Request Chain 360
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABi-yU4UtLh8nXUE6x_QTNFjr_fnQceKenGQ
Request Chain 363
  • https://onetag-sys.com/match/?int_id=113&gdpr=1&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=eKBWEYpaotmCG1hZoNbYdik_XtkLPYeiwU2tMpj_SrU
Request Chain 365
  • https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm HTTP 302
  • https://onetag-sys.com/match/?int_id=106&google_gid=CAESEGNoWy_Cq1Epn6j2pVCflZw&google_cver=1
Request Chain 372
  • https://ib.adnxs.com/async_usersync?cbfn=queuePixels HTTP 307
  • https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Request Chain 373
  • https://cms.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=NJbwZzaboGQvx6AwMZboMzqVoDEvm_08MpP8Kws3
Request Chain 374
  • https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=4117521118395718454
Request Chain 378
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEBHhuCUauyIKFBtYPjCJ8uI&google_cver=1
Request Chain 383
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Request Chain 388
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fads.servenobid.com%252Fsync%253Fpid%253D312%2526uid%253D%2524UID HTTP 302
  • https://ads.servenobid.com/sync?pid=312&uid=7474076783371387213
Request Chain 389
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D HTTP 302
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1 HTTP 302
  • https://ads.servenobid.com/sync?pid=310&uid=HsAqvRZHqZL_pNejT3SGL5gs
Request Chain 391
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&zcc=1&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D&cb=1700481262602 HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=8535608598 HTTP 302
  • https://sync.1rx.io/usersync/turn/9008654770673040851?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-f6121b9c-7255-429e-ba89-3ba03e08ed8e-003?redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3DRX-f6121b9c-7255-429e-ba89-3ba03e08ed8e-003 HTTP 302
  • https://ads.servenobid.com/sync?pid=321&uid=RX-f6121b9c-7255-429e-ba89-3ba03e08ed8e-003
Request Chain 392
  • https://p.rfihub.com/cm?pub=44007&in=1 HTTP 302
  • https://ads.servenobid.com/sync?pid=324&uid=5141210828243336249
Request Chain 394
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D HTTP 302
  • https://ads.servenobid.com/sync?pid=327&uid=&us_privacy=1YN-&gdpr=0
Request Chain 395
  • https://ups.analytics.yahoo.com/ups/58559/occ HTTP 302
  • https://ads.servenobid.com/sync?pid=337&uid=y-GZbQZpdE2uHksfl28tIOoCDtWvyIBXHTJ63c6C8-~A
Request Chain 396
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID HTTP 302
  • https://sync.technoratimedia.com/services?srv=cs&source=disqus&uid=ua-21bf0895-e317-3c53-877e-44c5746bd37b&cb=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D34%26buyeruid%3D%5BUSER_ID%5D%26r%3DCid1YS0yMWJmMDg5NS1lMzE3LTNjNTMtODc3ZS00NGM1NzQ2YmQzN2IQ____________ASpTaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzQ2JnVpZD11YS0yMWJmMDg5NS1lMzE3LTNjNTMtODc3ZS00NGM1NzQ2YmQzN2IyAiIdOAE=&gdpr=&gdpr_consent=&us_privacy= HTTP 307
  • https://ssp.disqus.com/match?bidder=34&buyeruid=GDPR&r=Cid1YS0yMWJmMDg5NS1lMzE3LTNjNTMtODc3ZS00NGM1NzQ2YmQzN2IQ____________ASpTaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzQ2JnVpZD11YS0yMWJmMDg5NS1lMzE3LTNjNTMtODc3ZS00NGM1NzQ2YmQzN2IyAiIdOAE= HTTP 302
  • https://bh.contextweb.com/bh/rtset?pid=562894&ev=1&us_privacy=&rurl=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D29%26buyeruid%3D%25%25VGUID%25%25%26r%3DCid1YS0yMWJmMDg5NS1lMzE3LTNjNTMtODc3ZS00NGM1NzQ2YmQzN2IQ____________ASpTaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzQ2JnVpZD11YS0yMWJmMDg5NS1lMzE3LTNjNTMtODc3ZS00NGM1NzQ2YmQzN2IyAiIdOAI=%26gdpr%3D%26gdpr_consent%3D HTTP 302
  • https://ssp.disqus.com/match?bidder=29&buyeruid=8S1oQI9hAMEP&r=Cid1YS0yMWJmMDg5NS1lMzE3LTNjNTMtODc3ZS00NGM1NzQ2YmQzN2IQ____________ASpTaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzQ2JnVpZD11YS0yMWJmMDg5NS1lMzE3LTNjNTMtODc3ZS00NGM1NzQ2YmQzN2IyAiIdOAI=&gdpr=&gdpr_consent=&ev=1&us_privacy=&pid=562894 HTTP 302
  • https://ads.servenobid.com/sync?pid=346&uid=ua-21bf0895-e317-3c53-877e-44c5746bd37b
Request Chain 397
  • https://ups.analytics.yahoo.com/ups/58632/occ HTTP 302
  • https://ads.servenobid.com/sync?pid=339&uid=y-GZbQZpdE2uHksfl28tIOoCDtWvyIBXHTJ63c6C8-~A
Request Chain 399
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D353%26uid%3D%3Cvsid%3E HTTP 302
  • https://ads.servenobid.com/sync?pid=353&uid=0000EEA
Request Chain 403
  • https://www.awin1.com/cshow.php?s=2246412&v=11467&q=346432&r=414915&pref1=55866900078198704438458012514008&pv=1 HTTP 302
  • https://www.conrad.ch/ztpv.php?awc=11467_414915_1700481262_8b6cd470-879b-11ee-92fe-22394270969d&insert=AW&gdpr=&gdpr_consent=
Request Chain 412
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABi-yU45G_VKCNOgu4MyNmZT-OT1Q29jq7gA
Request Chain 414
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=2&uid=LP6UMWJB-1L-S8I&gdpr=0
Request Chain 415
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D0%26gdpr_consent%3D%26uid%3D$UID HTTP 302
  • https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=7474076783371387213
Request Chain 416
  • https://ads.stickyadstv.com/user-matching?id=3679&gdpr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=3&uid=28971733828fdc2105d35b02078b7c9&gdpr_consent=&gdpr=0
Request Chain 417
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=1YN-&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid] HTTP 302
  • https://onetag-sys.com/match/?int_id=107&uid=1703576616450435731
Request Chain 419
  • https://onetag-sys.com/match/?int_id=113&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=SUNmv8MeOZzj1OURt-HXkjbLM8kO2PZ9r3sKMEFFPnI
Request Chain 420
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=1YN-&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}%26uid%3D%23PMUID HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=1YN-&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}%26uid%3D%23PMUID&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NDE4MzQ3MUEtQUU2NC00N0YwLTlCRUQtQTJFNEJFNkE2NTRF&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=4183471A-AE64-47F0-9BED-A2E4BE6A654E
Request Chain 421
  • https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm HTTP 302
  • https://onetag-sys.com/match/?int_id=106&google_gid=CAESEGNoWy_Cq1Epn6j2pVCflZw&google_cver=1
Request Chain 422
  • https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=92&uid=y-GZbQZpdE2uHksfl28tIOoCDtWvyIBXHTJ63c6C8-~A
Request Chain 424
  • https://x.bidswitch.net/sync?ssp=onetag&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=onetag&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=bidswitch&ttd_tpi=1&ttd_puid=onetag&gdpr=0&gdpr_consent=
Request Chain 426
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZVtI7K260X9zfc-X-dAvRwAA%262205&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid= HTTP 303
  • https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZVtI7K260X9zfc-X-dAvRwAA%262205&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=f87a751a0d4c4ec99feb3fc873cbf8f1 HTTP 303
  • https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=f87a751a-0d4c-4ec9-9feb-3fc873cbf8f1 HTTP 302
  • https://p.rfihub.com/cm?pub=39342&in=1&userid=85718b52-9398-4014-ba2d-4404aaf88991%3A1700481263.6458466&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3D85718b52-9398-4014-ba2d-4404aaf88991%253A1700481263.6458466%26_%3D1700481263.6475616&cb=1700481263.6475928 HTTP 302
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5107433831084973692&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3D85718b52-9398-4014-ba2d-4404aaf88991%253A1700481263.6458466%26_%3D1700481263.6475616 HTTP 302
  • https://idsync.rlcdn.com/501709.gif?partner_uid=85718b52-9398-4014-ba2d-4404aaf88991%3A1700481263.6458466&_=1700481263.6475616 HTTP 307
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fidsync.rlcdn.com%2F52154.gif%3Fserved_by%3Devergreen%26partner_uid%3D%24UID HTTP 302
  • https://idsync.rlcdn.com/52154.gif?served_by=evergreen&partner_uid=7474076783371387213
Request Chain 427
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=7474076783371387213
Request Chain 429
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZVtI7K260X9zfc_X_dAvRwAACJ0AAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/casale/ZVtI7K260X9zfc_X_dAvRwAACJ0AAAAB
Request Chain 430
  • https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=
Request Chain 433
  • https://sync.srv.stackadapt.com/sync?nid=68 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=UnXRTK0nUb9TuntEpBAV0VXD8Bw
Request Chain 435
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZVtI7K260X9zfc_X_dAvRwAACJ0AAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESECiLWZN5L0sH2bqDTns1V_o&google_cver=1
Request Chain 438
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZVtI7K260X9zfc-X-dAvRwAA%262205&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid= HTTP 303
  • https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZVtI7K260X9zfc-X-dAvRwAA%262205&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=f5a99019b750448fb580ed10ec55d97c HTTP 303
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=liveintent&ttd_tpi=1&gdpr=0
Request Chain 439
  • https://ad.turn.com/r/cs?pid=21 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=8792481988559257043
Request Chain 440
  • https://euexchangesync.digitaleast.mobi/usersync/index.gif?us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=
Request Chain 441
  • https://trace.mediago.io/ju/cs/indexexchange HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=215&external_user_id=f34e96999ebc24ab21fxv200lp6un036
Request Chain 442
  • https://p.rfihub.com/cm?in=1&pub=2079 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5107433831084973692
Request Chain 444
  • https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid] HTTP 302
  • https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1 HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/smart/1703576616450435731
Request Chain 446
  • https://secure.adnxs.com/getuid?https://csync.smilewanted.com/set_partner_userid_get/appnexus/$UID HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/appnexus/7474076783371387213
Request Chain 448
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-smilewanted&gdpr=0&gdpr_consent= HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/rubicon/LP6UMWJB-1L-S8I?gdpr=0
Request Chain 452
  • https://csync.loopme.me/?redirect=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D124%26partneruserid%3D%7Bdevice_id%7D&pubid=5679&gdpr=0&gdpr_consent= HTTP 307
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=124&partneruserid=e0a6361e-61c3-4eac-aa8c-3123c77fc06c&gdpr_consent=null&gdpr=0
Request Chain 453
  • https://visitor.omnitagjs.com/visitor/bsync?uid=627080440e659fbe0f85333c665ae1de&name=SMARTADSERVER&url=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D117%26partneruserid%3DPARTNER_USER_ID%26gdpr%3DGDPR%26gdpr_consent%3DGDPR_CONSENT&gdpr=0&gdpr_consent= HTTP 307
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=117&partneruserid=49e8f2aa0ee5f7f46ea75408df45712c&gdpr=0&gdpr_consent=0
Request Chain 454
  • https://bh.contextweb.com/bh/rtset?pid=560288&ev=1&rurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D92%26partneruserid%3D%25%25VGUID%25%25&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=92&partneruserid=l7Kbz9cGdJ1a&ev=1&pid=560288&gdpr_consent=&gdpr=0
Request Chain 456
  • https://www.awin1.com/cshow.php?s=2246412&v=11467&q=346432&r=414915&pref1=55866900078198704438458012514008&pv=0 HTTP 302
  • https://ct.conrad.ch/content-chb2c/affiliate/banner/logo1/Conrad_Logo_120x60.png
Request Chain 459
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID HTTP 302
  • https://usersync.gumgum.com/usersync?b=apn&i=7474076783371387213
Request Chain 460
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_4ac23427-36c5-4f53-b0f5-3102736fdd19&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://u.ipw.metadsp.co.uk/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2&bsw_user_id=${BSW_USER_UD}&bsw_param=b9472c9d-d39c-4b72-aa46-b46d4f527426&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=1--- HTTP 302
  • https://u.ipw.metadsp.co.uk/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2&bsw_user_id=${BSW_USER_UD}&bsw_param=b9472c9d-d39c-4b72-aa46-b46d4f527426&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=1--- HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=339&expires=14&gdpr=0&gdpr_consent=&user_group=1&user_id=6762e454-e412-4973-818b-489dcdb48b77&ssp=gumgum2&bsw_param=b9472c9d-d39c-4b72-aa46-b46d4f527426 HTTP 302
  • https://usersync.gumgum.com/usersync?b=bsw&i=b9472c9d-d39c-4b72-aa46-b46d4f527426&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 461
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=opx&i=5e680fe4-315a-03aa-1a84-d79faada74cb
Request Chain 462
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sta&i=0-5275d14c-ad27-51bf-53ba-7b44a41015d1$ip$85.195.240.28
Request Chain 463
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=oth&i=y-b4Jw6gtE2pf3KPIOeUVClpVPmNwZfhJ.yNXA~A
Request Chain 464
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=vnt&i=3d623962-00d1-4f7b-9ffd-91061e88e62a
Request Chain 466
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_4ac23427-36c5-4f53-b0f5-3102736fdd19&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__ HTTP 302
  • https://b1sync.zemanta.com/usersync/gumgum/?cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__&gdpr=0&gdpr_consent=&puid=e_4ac23427-36c5-4f53-b0f5-3102736fdd19&s=2&us_privacy=1--- HTTP 302
  • https://usersync.gumgum.com/usersync?b=zem&i=3Cdbz4nENmYghW6LyDZs&gdpr=0&us_privacy=1---
Request Chain 467
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
  • https://usersync.gumgum.com/usersync?b=pln&i=8S1oQI9hAMEP&ev=1&pid=558355
Request Chain 468
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sad&i=1703576616450435731
Request Chain 470
  • https://ice.360yield.com/server_match?r=https://csync.smilewanted.com/set_partner_userid_get/improve/{PUB_USER_ID}&partner_id=1010 HTTP 302
  • https://ice.360yield.com/ul_cb/server_match?r=https://csync.smilewanted.com/set_partner_userid_get/improve/%7BPUB_USER_ID%7D&partner_id=1010 HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/improve/e15db571-bef7-4663-8073-3076ef359599&partner_id=1010
Request Chain 471
  • https://u.openx.net/w/1.0/cm?id=158474f5-20ec-4fcc-8ba8-4c101c556b25&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fopenx%2F HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/openx/0c1f6902-292a-0562-3b8a-009e1c36ddff
Request Chain 473
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEGw8GoxlAAPwID5PwBAZ5k8&google_cver=1&google_push=AXcoOmROGFasnPun4fy8ECIFmoDYQy_wWohcsS-4PM_HVtBOLnabSpyyNRzkT4SYtVuB2QInpfGrH06oMH0Z4Aw3lVe3sAl0C-nk1ZCSKjtCTEhOmkEyhylcdJYiSelKvWiSlwEV6JI_GH6VogrCuVhampdH HTTP 302
  • https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEGw8GoxlAAPwID5PwBAZ5k8&google_push=AXcoOmROGFasnPun4fy8ECIFmoDYQy_wWohcsS-4PM_HVtBOLnabSpyyNRzkT4SYtVuB2QInpfGrH06oMH0Z4Aw3lVe3sAl0C-nk1ZCSKjtCTEhOmkEyhylcdJYiSelKvWiSlwEV6JI_GH6VogrCuVhampdH&s=2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmROGFasnPun4fy8ECIFmoDYQy_wWohcsS-4PM_HVtBOLnabSpyyNRzkT4SYtVuB2QInpfGrH06oMH0Z4Aw3lVe3sAl0C-nk1ZCSKjtCTEhOmkEyhylcdJYiSelKvWiSlwEV6JI_GH6VogrCuVhampdH&google_hm=M0NkYno0bkVObVlnaFc2THlEWnM=
Request Chain 474
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEJQQIvjSEwwtEm4QX0tCESk&google_cver=1&google_push=AXcoOmRHmzUS6nXmU4k08YLEAk_yizFoztOL4mLDot3OZ47kWrCrilgW-25SPXRvfhk2zeyMnwtGb0wq5c0fepZfBPW--ti5vYPAkXl3IvByPR_Pr5vphMCFCISUtMJ9w-VdhPadN6rp7pzqSgIvstt8pRE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFA2VU1XSkItMUwtUzhJ&google_push=AXcoOmRHmzUS6nXmU4k08YLEAk_yizFoztOL4mLDot3OZ47kWrCrilgW-25SPXRvfhk2zeyMnwtGb0wq5c0fepZfBPW--ti5vYPAkXl3IvByPR_Pr5vphMCFCISUtMJ9w-VdhPadN6rp7pzqSgIvstt8pRE
Request Chain 476
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEMLRPR5gY-dSLhp1nG3zOhk&google_cver=1&google_push=AXcoOmTx5UnQwS6OGbXaPVMq3V_D5enyXffuQM-hYrJMyAsxMfcf5mMdvrAAVbIlJxJBfsWNl4V7HFW9VPZEF3OKyp_1l4CQGYttEK0HqjnmO5REzqZLDNhYrvzpSl-oXsSys_cgr3D2hd1f0oLBgrsDbms HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmTx5UnQwS6OGbXaPVMq3V_D5enyXffuQM-hYrJMyAsxMfcf5mMdvrAAVbIlJxJBfsWNl4V7HFW9VPZEF3OKyp_1l4CQGYttEK0HqjnmO5REzqZLDNhYrvzpSl-oXsSys_cgr3D2hd1f0oLBgrsDbms&google_hm=HsAqvRZHqZL_pNejT3SGL5gs
Request Chain 477
  • https://ads.yieldmo.com/exptsync?google_gid=CAESENVuBgfAd9HF3s2Zpo1dvTY&google_cver=1&google_push=AXcoOmRAZmRtJAJ6Zrjo5mMOZ8Y3Hyx6qM79XzRo0PfkpnYWAZJSKbFAenLac3D4bkFQBO6CqgKMGRfP5LqKnlEGet992tf75Os99eFtI-xrzLO9dIsjQXme2EQE_zh-UBUhT9Yw6rP9G9a4yLt3KeGKMRVo HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AXcoOmRAZmRtJAJ6Zrjo5mMOZ8Y3Hyx6qM79XzRo0PfkpnYWAZJSKbFAenLac3D4bkFQBO6CqgKMGRfP5LqKnlEGet992tf75Os99eFtI-xrzLO9dIsjQXme2EQE_zh-UBUhT9Yw6rP9G9a4yLt3KeGKMRVo&google_hm=M0ZIWVBycldXT3JlMms0UVp5OVo=
Request Chain 478
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEClPjxzFl3UVpCtlGijNoFY&google_cver=1&google_push=AXcoOmSyZlpQfIc88F_gTFTkR_sf-uvPQ_W5ve-l8i_HC7xGQAgEXu1CUtc5KaeI4VOb12yD_4fWSRfkLru05xyayGokxn-xGU4dBy9mc5qyU7bcyLT_Y3AvKR50kG1OkcFENQqfc7rEvtq7UHeJBA7brQ48 HTTP 302
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AXcoOmSyZlpQfIc88F_gTFTkR_sf-uvPQ_W5ve-l8i_HC7xGQAgEXu1CUtc5KaeI4VOb12yD_4fWSRfkLru05xyayGokxn-xGU4dBy9mc5qyU7bcyLT_Y3AvKR50kG1OkcFENQqfc7rEvtq7UHeJBA7brQ48&google_gid=CAESEClPjxzFl3UVpCtlGijNoFY HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzEzMjI0NTg4ODI5ODA1MTQ0MDIxMQ%3D%3D&google_push=AXcoOmSyZlpQfIc88F_gTFTkR_sf-uvPQ_W5ve-l8i_HC7xGQAgEXu1CUtc5KaeI4VOb12yD_4fWSRfkLru05xyayGokxn-xGU4dBy9mc5qyU7bcyLT_Y3AvKR50kG1OkcFENQqfc7rEvtq7UHeJBA7brQ48
Request Chain 479
  • https://cs.media.net/cksync?type=g&google_gid=CAESEDtIheIhcxRWk7CfTEvJb2o&google_cver=1&google_push=AXcoOmR7LNHsO7u2WEw1oLAXfFE15Jl3A26msNtXH-jGZNO_jlWLvaZEg1KL5ZCrVOps1qxidECh4SbfAmqnHmvgK1T4P63Xnb3GAhtr-lWPib5pVScoMCm82iKNwpwBelO_a3hig397_3D65ZRf41TcTaMa HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzQzNDgyODYyMDQzNDgyNzAwMFYxMA%3d%3d&mn_hm=MzQzNDgyODYyMDQzNDgyNzAwMFYxMA%3d%3d&google_sc=1&google_push=AXcoOmR7LNHsO7u2WEw1oLAXfFE15Jl3A26msNtXH-jGZNO_jlWLvaZEg1KL5ZCrVOps1qxidECh4SbfAmqnHmvgK1T4P63Xnb3GAhtr-lWPib5pVScoMCm82iKNwpwBelO_a3hig397_3D65ZRf41TcTaMa&gdpr=&gdpr_consent=
Request Chain 481
  • https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fadform%2F%24UID HTTP 303
  • https://csync.smilewanted.com/set_partner_userid_get/adform/4117521118395718454
Request Chain 483
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&ismms2s=1&p=161683&pu=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21482%26id%3D%23PMUID HTTP 302
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21482&id=4183471A-AE64-47F0-9BED-A2E4BE6A654E
Request Chain 484
  • https://visitor.omnitagjs.com/visitor/bsync?gdpr=0&gdpr_consent=&ismms2s=1&name=MinuteMedia&uid=a1aca1d7a7acd80e26595e82223f1e6f&url=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21502%26id%3D%5BBUYER_ID%5D HTTP 307
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21502&id=49e8f2aa0ee5f7f46ea75408df45712c
Request Chain 485
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21476%26id%3D&ismms2s=1&s=196326 HTTP 302
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21476&id=ZVtI7K260X9zfc-X-dAvRwAA%262205
Request Chain 486
  • https://u.openx.net/w/1.0/cm?gdpr=0&gdpr_consent=&id=29975467-6f1b-4e06-b545-920b22ea49b2&ismms2s=1&r=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21477%26id%3D HTTP 302
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21477&id=300c4990-66dd-04a8-0567-de852289ff68
Request Chain 487
  • https://prebid.a-mo.net/cchain/0?cb=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21492%26uid%3D&gdpr=0&gdpr_consent=&ismms2s=1 HTTP 302
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21492&uid=&gdpr=0
Request Chain 489
  • https://eb2.3lift.com/getuid?cmp_cs=&gdpr=0&ismms2s=1&redir=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21480%26id%3D%24UID HTTP 302
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21480&id=3132245888298051440211
Request Chain 492
  • https://c1.adform.net/serving/cookie/match?party=1301&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/usersync?b=adf&i=4117521118395718454&gdpr=0&gdpr_consent=
Request Chain 495
  • https://b1sync.zemanta.com/usersync/smilewanted?gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Foutbrain%2F__ZUID__ HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/outbrain/?gdpr=0
Request Chain 496
  • https://creativecdn.com/cm-notify?pi=smilewanted HTTP 302
  • https://creativecdn.com/cm-notify?pi=smilewanted&tc=1 HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/wWw_wJL4QR1GTnGjuCxp3xZ2mdhPvA02HD-zz8nIaqM?pi=smilewanted&tc=1
Request Chain 498
  • https://ads.stickyadstv.com/user-matching?id=3663&gdpr=0&gdpr_consent= HTTP 302
  • https://cs.yellowblue.io/cs?aid=11601&id=28971733828fdc2105d35b02078b7c9&gdpr_consent=&gdpr=0
Request Chain 500
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160295&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11576%26id%3D%23PMUID HTTP 302
  • https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=4183471A-AE64-47F0-9BED-A2E4BE6A654E
Request Chain 503
  • https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
  • https://usersync.gumgum.com/usersync?b=sus&i=ZVtI8MCo8XsAAATsBpAAAAAA
Request Chain 504
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1 HTTP 302
  • https://usersync.gumgum.com/usersync?b=rth&i=wWw_wJL4QR1GTnGjuCxp3xZ2mdhPvA02HD-zz8nIaqM&pi=gumgum&tc=1
Request Chain 505
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=gumgum
Request Chain 507
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=duration_media&khaos=LP6UMWJB-1L-S8I HTTP 302
  • https://ads.servenobid.com/sync?pid=323&uid=LP6UMWJB-1L-S8I
Request Chain 516
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Request Chain 518
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=dd1H8nfQF_FujBelcN1fpnveF6Ru0Eqpc9iBILK6
Request Chain 519
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7474076783371387213&gdpr=0&gdpr_consent=
Request Chain 520
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7303511412063664278&gdpr=0&gdpr_consent=
Request Chain 521
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=UnXRTK0nUb9TuntEpBAV0VXD8Bw&gdpr=0&gdpr_consent=
Request Chain 522
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=b9472c9d-d39c-4b72-aa46-b46d4f527426&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=b9472c9d-d39c-4b72-aa46-b46d4f527426&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=73ace345-1c47-4cb4-b6b4-120dbea4e5a8&ssp=pubmatic&expires=30&user_group=5&bsw_param=b9472c9d-d39c-4b72-aa46-b46d4f527426 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=b9472c9d-d39c-4b72-aa46-b46d4f527426&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
Request Chain 523
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent= HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFEYVMwN0t0cElBQUJROHpMbXE4QQ&gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partneruserid=AADaS07KtpIAABQ8zLmq8A&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dpp%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2%26userid%3DSMART_USER_ID&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=pp%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=2&userid=1703576616450435731&gdpr=0&gdpr_consent= HTTP 303
  • https://bh.contextweb.com/bh/rtset?ev=AADaS07KtpIAABQ8zLmq8A&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D1703576616450435731%26gdpr%3D0%26gdpr_consent%3D%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=1703576616450435731&gdpr=0&gdpr_consent=&bee_sync_partners=pm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AADaS07KtpIAABQ8zLmq8A&pid=558502&do=add&gdpr=0 HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AADaS07KtpIAABQ8zLmq8A&gdpr=0&gdpr_consent=
Request Chain 524
  • https://t.adx.opera.com/pub/sync?pubid=pub8730968190912 HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU46c4162635e74bf0accfc7489ba82f87
Request Chain 525
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token} HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Request Chain 526
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZVtI7wABCfk8agBd
Request Chain 527
  • https://b1sync.zemanta.com/usersync/pubmatic/?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:&gdpr=0&gdpr_consent=&gdpr=0
Request Chain 530
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=6979124475729010895
Request Chain 531
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5107433831084973692
Request Chain 536
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=QYNHGq5kR_Cb7aLkvmplTg%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 537
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=4183471A-AE64-47F0-9BED-A2E4BE6A654E&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=4183471A-AE64-47F0-9BED-A2E4BE6A654E&gdpr=0&gdpr_consent=&ct=y
Request Chain 538
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent= HTTP 307
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=1378167832
Request Chain 539
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=4183471A-AE64-47F0-9BED-A2E4BE6A654E HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=OWYyZXdwNGhjcmFSS0NaZlhCeGtLNEtEUQ==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%253D%253D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/a?adform_uid=4117521118395718454&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D HTTP 302
  • https://a.audrte.com/p
Request Chain 540
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEHKM539-nEtZRjAXRY3UskM&google_cver=1
Request Chain 541
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:A379DE2D888F489CB298C763DF3EA238
Request Chain 542
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=4117521118395718454
Request Chain 544
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=4183471A-AE64-47F0-9BED-A2E4BE6A654E&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-U0rDybFE2uXoSDSzq3azJk0z_bcZ6is-~A&gdpr=0
Request Chain 546
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=7b35772a-07a0-48b1-a6ad-b17e27b836f3-655b48ef-4348&gdpr=0&gdpr_consent=
Request Chain 547
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=4183471A-AE64-47F0-9BED-A2E4BE6A654E&gdpr=0&gdpr_consent= HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=1fc6b934b7bf1848&is_secure=true&networkId=17100&version=1&nuid=4183471A-AE64-47F0-9BED-A2E4BE6A654E&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAItEm7Y8jAUQNrKplkAAAAAAA&expiration=1700567664&nuid=4183471A-AE64-47F0-9BED-A2E4BE6A654E&is_secure=true&gdpr_consent=&gdpr=0
Request Chain 548
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8792481988559257043&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 549
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:d80d9c84-e311-4d24-bf5e-5fa7f88f02dd&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 554
  • https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&khaos=LP6UMWJB-1L-S8I HTTP 302
  • https://usersync.gumgum.com/usersync?b=mag&i=LP6UMWJB-1L-S8I
Request Chain 582
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Request Chain 583
  • https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent= HTTP 302
  • https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25_rid%26gdpr%3D0%26gdpr_consent%3D%25_gdpr_consent HTTP 302
  • https://sync.crwdcntrl.net/map/c=14544/tp=BIDB/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253D39puKE4JabSgUXhahYTMaXgT%2526gdpr%253D0%2526gdpr_consent%253D HTTP 302
  • https://pixel-eu.onaudience.com/?partner=104&icm&cver&mapped=d2a4031059ec0e3e6fe317187fe9f6e0&gdpr=0&redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D39puKE4JabSgUXhahYTMaXgT%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=39puKE4JabSgUXhahYTMaXgT&gdpr=0&gdpr_consent=
Request Chain 585
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:A379DE2D888F489CB298C763DF3EA238&gdpr=0&gdpr_consent=
Request Chain 586
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=7763854331
Request Chain 589
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=4183471A-AE64-47F0-9BED-A2E4BE6A654E&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=4183471A-AE64-47F0-9BED-A2E4BE6A654E&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 590
  • https://pixel.onaudience.com/?partner=214&mapped=4183471A-AE64-47F0-9BED-A2E4BE6A654E&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=0753012b7cfe28d6/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D HTTP 302
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=d2a4031059ec0e3e6fe317187fe9f6e0&gdpr=0 HTTP 302
  • https://pixel.onaudience.com/?partner=282&icm&cver&gdpr=0&smartmap=1&redirect=stags.bluekai.com%2Fsite%2F52799%3Fid%3D%25m HTTP 302
  • https://stags.bluekai.com/site/52799?id=66a9c5df6a2cdba4
Request Chain 593
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=4183471A-AE64-47F0-9BED-A2E4BE6A654E&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=4183471A-AE64-47F0-9BED-A2E4BE6A654E&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 594
  • https://pixel.onaudience.com/?partner=214&mapped=4183471A-AE64-47F0-9BED-A2E4BE6A654E&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
Request Chain 596
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Request Chain 597
  • https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent= HTTP 302
  • https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25_rid%26gdpr%3D0%26gdpr_consent%3D%25_gdpr_consent HTTP 302
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=377519b45e729d37/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253DNrGB8F9IYTTVbRhWVnTXRQYT%2526gdpr%253D0%2526gdpr_consent%253D HTTP 302
  • https://pixel-eu.onaudience.com/?partner=104&icm&cver&mapped=d2a4031059ec0e3e6fe317187fe9f6e0&gdpr=0&redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3DNrGB8F9IYTTVbRhWVnTXRQYT%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=NrGB8F9IYTTVbRhWVnTXRQYT&gdpr=0&gdpr_consent=
Request Chain 599
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:A379DE2D888F489CB298C763DF3EA238&gdpr=0&gdpr_consent=
Request Chain 600
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=7028293210

608 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request shi-ni-ma-bei-shi-xiong-hao-quan-ti-zao-fa-fang-11wei-xing-yun-er-zhong-5zhang-quan-shuang-na-3000.html
www.bg3.co/a/ 		54 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.bg3.co/a/shi-ni-ma-bei-shi-xiong-hao-quan-ti-zao-fa-fang-11wei-xing-yun-er-zhong-5zhang-quan-shuang-na-3000.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.231.174.251 New York, United States, ASN9744 (XLC-AS-AP XLC GLOBAL, HK),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
07d05f49f77edc8afaf4851de46fb5ca37642a32365a68476080636ef4920f70

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
max-age=60
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Mon, 20 Nov 2023 11:54:15 GMT
etag
"d77a-eWK5Hu1MbD+DxWTNGkG8edNv8JA"
expires
Mon, 20 Nov 2023 11:55:15 GMT
server
nginx/1.18.0 (Ubuntu)
vary
Accept-Encoding
v0.js
cdn.ampproject.org/ 		278 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/shi-ni-ma-bei-shi-xiong-hao-quan-ti-zao-fa-fang-11wei-xing-yun-er-zhong-5zhang-quan-shuang-na-3000.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f1.1e100.net
Software
sffe /
Resource Hash
908a935e15d34ec51aa5d98fb7c9f11b814fac80cc7e1bc32aed903df3754558
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Mon, 20 Nov 2023 11:54:16 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
73200
x-xss-protection
0
server
sffe
etag
"b209cac081bc437c"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3000, stale-while-revalidate=1206600
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Mon, 20 Nov 2023 11:54:16 GMT
amp-sidebar-0.1.js
cdn.ampproject.org/v0/ 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-sidebar-0.1.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/shi-ni-ma-bei-shi-xiong-hao-quan-ti-zao-fa-fang-11wei-xing-yun-er-zhong-5zhang-quan-shuang-na-3000.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f1.1e100.net
Software
sffe /
Resource Hash
4d7ee587b1b2fb177db15824d9de078179371e1068c7d71a7c3941dab2806eba
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Mon, 20 Nov 2023 11:54:16 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9651
x-xss-protection
0
server
sffe
etag
"e5d8e2e1a4e85f74"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Mon, 20 Nov 2023 11:54:16 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		98 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/shi-ni-ma-bei-shi-xiong-hao-quan-ti-zao-fa-fang-11wei-xing-yun-er-zhong-5zhang-quan-shuang-na-3000.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
c61e16d99a89f1a95eba2829ab592e0c12e843172af659fe54adb6ea3be85ea3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 11:54:16 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30390
x-xss-protection
0
server
cafe
etag
309 / 19681 / 31079658 / config-hash: 16204867678510254442
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 20 Nov 2023 11:54:16 GMT
js
www.googletagmanager.com/gtag/ 		268 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-JLX4K2W8JS
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/shi-ni-ma-bei-shi-xiong-hao-quan-ti-zao-fa-fang-11wei-xing-yun-er-zhong-5zhang-quan-shuang-na-3000.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.136 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s46-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
2c93b3d2c96c411fb1dc225167c458da263b9247bd0f3a9409a919a31138294a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 11:54:16 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
91441
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 20 Nov 2023 11:54:16 GMT
counter.js
www.statcounter.com/counter/ 		40 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.statcounter.com/counter/counter.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/shi-ni-ma-bei-shi-xiong-hao-quan-ti-zao-fa-fang-11wei-xing-yun-er-zhong-5zhang-quan-shuang-na-3000.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.219.77 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9b6a7ca7428363767b92f9cf0ebc6dc31c5228022e2d2cb5016c0d9493021d1c

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 11:54:16 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 17 Nov 2023 12:16:54 GMT
server
cloudflare
age
35681
etag
W/"655759b6-a1eb"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
cf-ray
82907f4b4fee2a33-CDG
expires
Mon, 20 Nov 2023 13:59:35 GMT
adRecover.js
delivery.adrecover.com/43519/ 		41 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://delivery.adrecover.com/43519/adRecover.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/shi-ni-ma-bei-shi-xiong-hao-quan-ti-zao-fa-fang-11wei-xing-yun-er-zhong-5zhang-quan-shuang-na-3000.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CF4) /
Resource Hash
8b6f510c76d49c6b1f3ce31698a30b4ae9aa10b553c3c8306de4366eb42e012c

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-client-geo
CH
date
Mon, 20 Nov 2023 11:54:16 GMT
content-encoding
br
age
10765
x-cache
HIT
x-client-device
desktop
content-length
11412
x-ap-device
DESKTOP
last-modified
Mon, 20 Nov 2023 07:59:29 GMT
server
ECAcc (frc/4CF4)
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
x-ap-geo
CH
accept-ranges
bytes
expires
Mon, 20 Nov 2023 12:54:16 GMT
adpushup.js
cdn.adpushup.com/42753/ 		758 KB
156 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/42753/adpushup.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/shi-ni-ma-bei-shi-xiong-hao-quan-ti-zao-fa-fang-11wei-xing-yun-er-zhong-5zhang-quan-shuang-na-3000.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CC5) /
Resource Hash
71f4499efa56831796e734d4e39cbc3943f9cc94d43498ae41b4cf7a85c15583

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-client-geo
CH
date
Mon, 20 Nov 2023 11:54:16 GMT
content-encoding
br
age
10765
x-cache
HIT
x-client-device
desktop
content-length
159658
x-ap-device
DESKTOP
last-modified
Mon, 20 Nov 2023 02:47:39 GMT
server
ECAcc (frc/4CC5)
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
x-ap-geo
CH
accept-ranges
bytes
expires
Mon, 20 Nov 2023 12:54:16 GMT
loader.js
cdn.taboola.com/libtrc/palmate-bg3co/ 		683 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/shi-ni-ma-bei-shi-xiong-hao-quan-ti-zao-fa-fang-11wei-xing-yun-er-zhong-5zhang-quan-shuang-na-3000.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e64d2ade9c3241f90069e1052f604316d35e3948084b463b7f04597c78bda549

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
ixDldmngqdPWN3JXowNINEeS5_KIZyyi
content-encoding
gzip
via
1.1 varnish
date
Mon, 20 Nov 2023 11:54:16 GMT
x-amz-request-id
MPT6G9PDYTR0XSXY
age
0
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
FAILED
content-length
56769
x-amz-id-2
9aJdiLn64IeMOAGknim+V7QUKvj7Qt4Q1TDM8dOmq9Qd3YasFA/zOClCEPh6UIl6wLsrFWtQTy8=
x-served-by
cache-vie6362-VIE
last-modified
Sun, 19 Nov 2023 10:46:17 GMT
server
AmazonS3
x-timer
S1700481256.224092,VS0,VE115
etag
"b10ea134d4565f7a3583d7b9453839f6"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
60
access-control-allow-origin
*
cache-control
private,max-age=14401
accept-ranges
bytes
x-cache-hits
1
sdk
cdn.aralego.net/ucfad/sdk/us-east/
Redirect Chain
  • https://ads.aralego.com/sdk
  • https://cdn.aralego.net/ucfad/sdk/us-east/sdk
39 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/shi-ni-ma-bei-shi-xiong-hao-quan-ti-zao-fa-fang-11wei-xing-yun-er-zhong-5zhang-quan-shuang-na-3000.html
Protocol
H2
Server
104.26.5.103 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb7942f135ce5b7b6bcb9becd335aac30ed761972e48d73197a287ae13b7565b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 11:54:17 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
7354
alt-svc
h3=":443"; ma=86400
content-length
40188
last-modified
Mon, 28 Aug 2023 06:02:11 GMT
server
cloudflare
etag
"64ec3863-9cfc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X%2FjrpG0PBO%2FRIWiapQpyBZ2RqA7s1gwr2n%2FIX5%2BJcSGNxaqd8e6mPXJcgJJJPppW3y5gF01TfKR0UfcTrThNwogOTJjufRy4yxGEVN46fUriL0RFaLMxa4axHxM1SgDw8g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
max-age=14400
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
82907f51ff197015-CDG

Redirect headers

location
https://cdn.aralego.net/ucfad/sdk/us-east/sdk
connection
close
content-length
0
player.js
cdn.unibotscdn.com/player/mvp/ 		331 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.unibotscdn.com/player/mvp/player.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/shi-ni-ma-bei-shi-xiong-hao-quan-ti-zao-fa-fang-11wei-xing-yun-er-zhong-5zhang-quan-shuang-na-3000.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.199.37.225 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
138-199-37-225.bunnyinfra.net
Software
BunnyCDN-DE1-1055 /
Resource Hash
6c8d47a6034307bb944699be960a5da5d005fd156cfd230c8ec261707e07d87e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 11:54:16 GMT
content-encoding
br
cdn-edgestorageid
755
cdn-storageserver
DE-663
cdn-cachedat
11/16/2023 07:44:49
cdn-pullzone
873945
last-modified
Thu, 16 Nov 2023 07:43:37 GMT
server
BunnyCDN-DE1-1055
cdn-fileserver
656
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
W/"6555c829-52a84"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
cache-control
public, max-age=3600
cdn-requestid
83f5118c1028db02dfd20b4c3e57be73
cdn-requestcountrycode
CH
cdn-status
200
cdn-requestpullsuccess
True
t.php
c.statcounter.com/ 		192 B
568 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.statcounter.com/t.php?sc_project=12918656&u1=ECD3169F087E4FA2D1591EFFDA2CF845&java=1&security=dd738f34&sc_snum=1&sess=de22c1&p=0&rcat=d&rdom=d&rdomg=new&bb=1&jg=new&rr=1.1.1.1.1.1.1.1.1&resolution=1600&h=1200&camefrom=&u=https%3A//www.bg3.co/a/shi-ni-ma-bei-shi-xiong-hao-quan-ti-zao-fa-fang-11wei-xing-yun-er-zhong-5zhang-quan-shuang-na-3000.html&t=%E6%98%AF%E4%BD%A0%E5%97%8E%EF%BC%9F%E5%8C%97%E5%B8%82%E7%86%8A%E5%A5%BD%E5%88%B8%E6%8F%90%E6%97%A9%E7%99%BC%E6%94%BE%E3%80%8011%E4%BD%8D%E5%B9%B8%E9%81%8B%E5%85%92%E4%B8%AD5%E5%BC%B5%E5%88%B8%E7%88%BD%E6%8B%BF3000%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&invisible=1&sc_rum_e_s=2578&sc_rum_e_e=2583&sc_rum_f_s=0&sc_rum_f_e=2574&get_config=true
Requested by
Host: www.statcounter.com
URL: https://www.statcounter.com/counter/counter.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.219.77 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb2697b60c526a1d4980e0874700e7c2b4f43bb9292770f71bb4bb972506e415

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 11:54:16 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
content-type
application/json
access-control-allow-origin
https://www.bg3.co
p3p
policyref="http://www.statcounter.com/w3c/p3p.xml", CP="ADMa OUR COM NAV NID DSP NOI COR"
access-control-allow-credentials
true
cf-ray
82907f4bd9552a33-CDG
expires
Mon, 26 Jul 1997 05:00:00 GMT
jquery-2.2.2.min.js
code.jquery.com/ 		84 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-2.2.2.min.js
Requested by
Host: delivery.adrecover.com
URL: https://delivery.adrecover.com/43519/adRecover.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
dfa729d82a3effadab1000181cb99108f232721e3b0af74cfae4c12704b35a32

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 11:54:16 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
5680625
x-cache
HIT, HIT
content-length
29880
x-served-by
cache-lga21979-LGA, cache-vie6379-VIE
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
x-timer
S1700481257.768332,VS0,VE0
etag
W/"28feccc0-14e98"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=604800
accept-ranges
bytes
x-cache-hits
36, 41022
jquery-3.6.0.min.js
code.jquery.com/ 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.6.0.min.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 11:54:16 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
5243156
x-cache
HIT, HIT
content-length
30875
x-served-by
cache-lga21931-LGA, cache-vie6379-VIE
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
x-timer
S1700481257.768315,VS0,VE0
etag
W/"28feccc0-15d9d"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=604800
accept-ranges
bytes
x-cache-hits
8, 546803
impl.20231119-2-RELEASE.js
cdn.taboola.com/libtrc/ 		819 KB
170 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/impl.20231119-2-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
ea8b99401dbe358a299402c6d93400c1bbaccf061c343f651950717ed4ae74bd

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
L8XnUWUdgXKDPfsPCTqj1NjPFkGIuILq
content-encoding
br
via
1.1 varnish
date
Mon, 20 Nov 2023 11:54:16 GMT
x-amz-request-id
M16Q1VZDRCDR92JN
age
5594
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
173677
x-amz-id-2
TqFLi+lFnp+7phbgZXrtA+bt8x4gM9ZXNUB1fMnaTuGU4QyZ/3RsTGUq3/RHNmuISXARIL7O5Z4=
x-served-by
cache-vie6362-VIE
last-modified
Sun, 19 Nov 2023 10:12:49 GMT
server
AmazonS3-br
x-timer
S1700481257.502995,VS0,VE0
etag
"be90bfec9df6ae52244316dc8e7902bc"
vary
Accept-Encoding
content-type
application/javascript
abp
18
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
24408
2bf882849e3465db1eb55a718fa91639.jpg
static.bg3.co/imgs/202111/ 		0
0
9436781df30adda9cc1ad7f81ab6f203.jpg
static.bg3.co/imgs/202309/ 		0
0
62e76284948495397491fd259a83a640.jpg
static.bg3.co/imgs/202112/ 		0
0
58d0d4e5ac25132e2b1f1cad91b26d52.jpg
static.bg3.co/imgs/202109/ 		0
0
28273d5d9d6990579d63c5f67caf162a.jpg
static.bg3.co/imgs/202309/ 		0
0
f7d23c997f931c0ea6b7cd23bd0a74cc.jpg
static.bg3.co/imgs/202203/ 		0
0
2bf882849e3465db1eb55a718fa91639.jpg
static.bg3.co/imgs/202201/ 		0
0
ee089dea41efa1cf49df83e5e893180c.jpg
static.bg3.co/imgs/202112/ 		0
0
cde17d7cb7036a83dddb8ced87e2eef9.jpg
static.bg3.co/imgs/202111/ 		0
0
33f5b5b37777a7593e07e026d1e3ac50.jpg
static.bg3.co/imgs/202106/ 		0
0
60dd441d9d3f3bb2c5f2879e82d4cbdb.jpg
static.bg3.co/imgs/202111/ 		0
0
181e1e1719a83efe37f9f1648972aab1.jpg
static.bg3.co/imgs/202310/ 		0
0
30b15266f952e1e27fdfff0462ab340a.jpg
static.bg3.co/imgs/202110/ 		0
0
5bd01fceddc112c377fe58f03ceffea8.jpg
static.bg3.co/imgs/202112/ 		0
0
b00ad1e581647b85b22d63f4a80162c3.jpg
static.bg3.co/imgs/202111/ 		0
0
ec275d6dc73e90f39946e53d0c9228d8.jpg
static.bg3.co/imgs/202309/ 		0
0
1e77e81eb96db75da4615d8e00368945.jpg
static.bg3.co/imgs/202310/ 		0
0
9acaddc229779614bccd63aa38e17f02.jpg
static.bg3.co/imgs/202309/ 		0
0
14ad466621d64ee27504f558ba4d2fce.jpg
static.bg3.co/imgs/202106/ 		0
0
e4a4daccb980b8f00615a45d476b3e2d.jpg
static.bg3.co/imgs/202310/ 		0
0
c1c0730bf13ee13dd8f4eb6859d356ca.jpg
static.bg3.co/imgs/202310/ 		0
0
ad1e9ececa31411bb33077d541532f95.jpg
static.bg3.co/imgs/202309/ 		0
0
1e1d2f5e724af6a21a29b811732a5bf7.jpg
static.bg3.co/imgs/202105/ 		0
0
5e0085d69a88e650cfe07b39796e70ce.jpg
static.bg3.co/imgs/202110/ 		0
0
45b27ea2ff34ce70865ae030e3c3277d.jpg
static.bg3.co/imgs/202105/ 		0
0
amp-auto-lightbox-0.1.js
cdn.ampproject.org/rtv/012310301456000/v0/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310301456000/v0/amp-auto-lightbox-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f1.1e100.net
Software
sffe /
Resource Hash
22d9dc8a34bcbffe719050b949b9872f9af036a9bbfd3ca2e99165d604acaf24
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sat, 18 Nov 2023 05:32:45 GMT
age
195692
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2975
x-xss-protection
0
server
sffe
etag
"ebb1be4e47c7faed"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 17 Nov 2024 05:32:45 GMT
amp-loader-0.1.js
cdn.ampproject.org/rtv/012310301456000/v0/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310301456000/v0/amp-loader-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f1.1e100.net
Software
sffe /
Resource Hash
ff65d80be1d7ee6ad9620de618dc1bd3962d81fa505806c02038dd6acc3641b8
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 17 Nov 2023 04:39:45 GMT
age
285272
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3938
x-xss-protection
0
server
sffe
etag
"3c281510b2fc8bce"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 16 Nov 2024 04:39:45 GMT
sync
gum.criteo.com/ 		46 B
288 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231119-2-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 11:54:16 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
237272
expires
60
json
trc.taboola.com/palmate-bg3co/trc/3/ 		75 KB
17 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/palmate-bg3co/trc/3/json?tim=12%3A54%3A16.798&lti=deflated&data=%7B%22id%22%3A572%2C%22ii%22%3A%22%2Fa%2Fshi-ni-ma-bei-shi-xiong-hao-quan-ti-zao-fa-fang-11wei-xing-yun-er-zhong-5zhang-quan-shuang-na-3000.html%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1700390770373%2C%22vi%22%3A1700481256788%2C%22cv%22%3A%2220231119-2-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2Fshi-ni-ma-bei-shi-xiong-hao-quan-ti-zao-fa-fang-11wei-xing-yun-er-zhong-5zhang-quan-shuang-na-3000.html%22%2C%22bv%22%3A%220%22%2C%22wc%22%3Atrue%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bu%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2Fshi-ni-ma-bei-shi-xiong-hao-quan-ti-zao-fa-fang-11wei-xing-yun-er-zhong-5zhang-quan-shuang-na-3000.html%22%2C%22vpi%22%3A%22%2Fa%2Fshi-ni-ma-bei-shi-xiong-hao-quan-ti-zao-fa-fang-11wei-xing-yun-er-zhong-5zhang-quan-shuang-na-3000.html%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A3527%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A6%2C%22uim%22%3A%22alternating-thumbnails-a%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Article%20Feed%22%2C%22orig_uip%22%3A%22Below%20Article%20Feed%22%2C%22cd%22%3A1994.8125%2C%22mw%22%3A760%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Fa%2Fshi-ni-ma-bei-shi-xiong-hao-quan-ti-zao-fa-fang-11wei-xing-yun-er-zhong-5zhang-quan-shuang-na-3000.html%2CBelow%20Article%20Feed%3Dalternating-thumbnails-a%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231119-2-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
21618801ecedac8df5d9817f96991e6490f1e45c1d110261d3f2e86edd3bddff

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
457
date
Mon, 20 Nov 2023 11:54:17 GMT
content-encoding
gzip
via
1.1 varnish
cpu
1.1802083333333333
x-fastly-to-nlb-rtt
80067
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-vie6362-VIE
x-log-content-encoding
gzip
server
nginx
x-timer
S1700481257.826223,VS0,VE457
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
https://www.bg3.co
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/ 		430 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/pubads_impl.js?cb=31079658
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
87960e7994f9fc5f6d2fc8c0b93be02f4b9b7cdca0dd9c726f5806d8e9092068
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 20:58:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
53734
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
138013
x-xss-protection
0
server
cafe
etag
17202369310903786887
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Mon, 18 Nov 2024 20:58:42 GMT
collect
region1.google-analytics.com/g/ 		0
251 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-JLX4K2W8JS&gtm=45je3b81v9102959953&_p=1700481256110&gcd=11l1l1l1l1&dma=0&cid=861161258.1700481257&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1700481256&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fshi-ni-ma-bei-shi-xiong-hao-quan-ti-zao-fa-fang-11wei-xing-yun-er-zhong-5zhang-quan-shuang-na-3000.html&dt=%E6%98%AF%E4%BD%A0%E5%97%8E%EF%BC%9F%E5%8C%97%E5%B8%82%E7%86%8A%E5%A5%BD%E5%88%B8%E6%8F%90%E6%97%A9%E7%99%BC%E6%94%BE%E3%80%8011%E4%BD%8D%E5%B9%B8%E9%81%8B%E5%85%92%E4%B8%AD5%E5%BC%B5%E5%88%B8%E7%88%BD%E6%8B%BF3000%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=3357
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JLX4K2W8JS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.32.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Nov 2023 11:54:17 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
playerConfig
socket.unibots.in/website/ 		4 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://socket.unibots.in/website/playerConfig?playerName=bg3.co_1695642730139
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/player/mvp/player.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
139.144.5.218 Mumbai, India, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
139-144-5-218.ip.linodeusercontent.com
Software
/ Express
Resource Hash
6124ddbc7df84e85aa43612cba88bec643f514127f1c2274f0e7f9a3d6c8dad9

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 20 Nov 2023 11:54:17 GMT
keep-alive
timeout=5
x-powered-by
Express
content-length
3737
etag
W/"e99-DlD8MarDyco2rkZchfDXSV4nBa4"
content-type
application/json; charset=utf-8
logs
http-intake.logs.datadoghq.com/api/v2/ 		2 B
252 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://http-intake.logs.datadoghq.com/api/v2/logs?dd-api-key=pub6b45632781dd758b20e9d8357c39efab&ddsource=nodejs&service=adpushup.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.233.145.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-233-145-170.compute-1.amazonaws.com
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 20 Nov 2023 11:54:17 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
accept-encoding
identity,gzip,x-gzip,deflate,x-deflate,zstd
content-type
application/json
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
2
pb.42753.1698934930219.js
cdn.adpushup.com/prebid/ 		437 KB
127 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4C8E) /
Resource Hash
6356de0eb2efef06a8338e5779a7d4e0f35fb127823cf356c6e3d5495d96b230

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-client-geo
CH
date
Mon, 20 Nov 2023 11:54:17 GMT
content-encoding
br
age
1479723
x-cache
HIT
x-client-device
desktop
content-length
130160
last-modified
Thu, 02 Nov 2023 14:21:48 GMT
server
ECAcc (frc/4C8E)
etag
W/"6543b07c-6d3da"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
expires
Tue, 19 Nov 2024 11:54:17 GMT
quantcast.js
cdn.adpushup.com/pbuseridscripts/ 		450 B
311 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CD4) /
Resource Hash
26914004d3a8d5ddde2202b642d7936eb61c9f195b5cd3c87e44ef8ad4d57c16

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-client-geo
CH
date
Mon, 20 Nov 2023 11:54:17 GMT
content-encoding
br
age
6655076
x-cache
HIT
x-client-device
desktop
content-length
211
last-modified
Mon, 28 Jun 2021 04:15:23 GMT
server
ECAcc (frc/4CD4)
etag
W/"60d94cdb-1c2"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
expires
Tue, 19 Nov 2024 11:54:17 GMT
logs
http-intake.logs.datadoghq.com/api/v2/ 		2 B
253 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://http-intake.logs.datadoghq.com/api/v2/logs?dd-api-key=pub6b45632781dd758b20e9d8357c39efab&ddsource=nodejs&service=adpushup.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.233.145.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-233-145-170.compute-1.amazonaws.com
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 20 Nov 2023 11:54:17 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
accept-encoding
identity,gzip,x-gzip,deflate,x-deflate,zstd
content-type
application/json
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
2
linkPreview.js
cdn.adpushup.com/42753/ 		75 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/42753/linkPreview.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/shi-ni-ma-bei-shi-xiong-hao-quan-ti-zao-fa-fang-11wei-xing-yun-er-zhong-5zhang-quan-shuang-na-3000.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4D07) /
Resource Hash
6b278e48df6b2e2f917803f532a9257fbb46bf576a8dfc07f1f8eb94468b54e8

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-client-geo
CH
date
Mon, 20 Nov 2023 11:54:17 GMT
content-encoding
br
age
5767873
x-cache
HIT
x-client-device
desktop
content-length
18371
last-modified
Tue, 13 Dec 2022 07:20:55 GMT
server
ECAcc (frc/4D07)
etag
W/"639827d7-12dc3"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
expires
Tue, 19 Nov 2024 11:54:17 GMT
testmode
e3.adpushup.com/AdPushupFeedbackWebService/feedback/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/testmode?data=eyJjcmVhdGVkVFMiOjE3MDA0ODEyNTcxNjIsInBhY2tldElkIjoiMDAwMEE3MDEtZmFhOGJmY2EtNGI0OS00NDU2LTg0MDctNzY2NTUzYWZlNWFkIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL3NoaS1uaS1tYS1iZWktc2hpLXhpb25nLWhhby1xdWFuLXRpLXphby1mYS1mYW5nLTExd2VpLXhpbmcteXVuLWVyLXpob25nLTV6aGFuZy1xdWFuLXNodWFuZy1uYS0zMDAwLmh0bWwiLCJtb2RlIjo0LCJlcnJvckNvZGUiOjAsInJlZmVycmVyIjoiIiwicGxhdGZvcm0iOiJERVNLVE9QIiwiaXNHZW5pZWUiOmZhbHNlLCJzZWN0aW9ucyI6bnVsbCwiY291bnRyeSI6IkNIIn0%3D&c_b=3493
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/shi-ni-ma-bei-shi-xiong-hao-quan-ti-zao-fa-fang-11wei-xing-yun-er-zhong-5zhang-quan-shuang-na-3000.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Nov 2023 11:54:17 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
sync
e3.adpushup.com/AdPushupFeedbackWebService/user/ 		70 B
365 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/user/sync
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/shi-ni-ma-bei-shi-xiong-hao-quan-ti-zao-fa-fang-11wei-xing-yun-er-zhong-5zhang-quan-shuang-na-3000.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Nov 2023 11:54:17 GMT
server
nginx/1.18.0 (Ubuntu)
ap-cookie-status
cookies ap_uid and ap_usid not set due to GDPR
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
block.jpg
delivery.adrecover.com/ 		631 B
735 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://delivery.adrecover.com/block.jpg?ts=1700481257360
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/shi-ni-ma-bei-shi-xiong-hao-quan-ti-zao-fa-fang-11wei-xing-yun-er-zhong-5zhang-quan-shuang-na-3000.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CC2) /
Resource Hash
9284d948e86d2e99f31483b5f4b3a4c3e65e0a6fbca9a8d2db8c6095f82ac3f5

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Tue, 19 Nov 2024 11:54:17 GMT
date
Mon, 20 Nov 2023 11:54:17 GMT
last-modified
Wed, 23 Jun 2021 06:37:54 GMT
server
ECAcc (frc/4CC2)
age
8211533
etag
"60d2d6c2-277"
x-cache
HIT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-client-device
desktop
content-length
631
x-client-geo
CH
floating-unit.20231119-2-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/floating-unit.20231119-2-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1c268ab113a7d52033e7c4d86907523f1c4f504b82de84d67774bb7be6046833

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
f5TLypaBZ8lJRIMT310FZeEW5XPktfVb
content-encoding
gzip
via
1.1 varnish
date
Mon, 20 Nov 2023 11:54:17 GMT
x-amz-request-id
3W8A9K0BZSYQ9TQB
age
91805
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
2493
x-amz-id-2
yEBiUdHCqs6UeiLjHgSW7EyEgvJj60pZFnGejLFyOxG+xrmy7KdSw73U9ScsFbiWaMbL912TqNo=
x-served-by
cache-vie6362-VIE
last-modified
Sun, 19 Nov 2023 10:24:10 GMT
server
AmazonS3
x-timer
S1700481257.406861,VS0,VE0
etag
"cd33eb56105822c6f9696b456d31016d"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
79
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
22999
taboola-vignette-new-scanning.20231119-2-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		27 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/taboola-vignette-new-scanning.20231119-2-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cc0a1cb7f121c79e5d263d4b826802abf870db94b2f85e3fe6d399190d3a428f

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
5tXlezIL4oRcd5b2glRfU6sBT_V.NwUY
content-encoding
gzip
via
1.1 varnish
date
Mon, 20 Nov 2023 11:54:17 GMT
x-amz-request-id
CVQ9A18ZE2JY5BXW
age
91838
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
8019
x-amz-id-2
fe8B67kqRITUsfAPwmAaSjGawOKdp4Qpx6VUTyMrs8pA+QgOuoBMTO8MShLIXj7CS+hvPOOqkY4=
x-served-by
cache-vie6362-VIE
last-modified
Sun, 19 Nov 2023 10:23:36 GMT
server
AmazonS3
x-timer
S1700481257.424141,VS0,VE0
etag
"b21c15233ac0d158e8fdba6b09302eff"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
65
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
19181
distance-from-article.20231119-2-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/distance-from-article.20231119-2-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9a38aeba19257175b7386fef7772d3955118373a352dc8fb0af8e620ec48bb59

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
T9kvjKY3qlmER3uKUAPOH2UFj7sT6Ozu
content-encoding
gzip
via
1.1 varnish
date
Mon, 20 Nov 2023 11:54:17 GMT
x-amz-request-id
VDRB5RN68HEVH4S2
age
91788
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1132
x-amz-id-2
02o64Kgwnl/bXgKoT+7o77JLDhK9EK37TAevY88+VqhLEAbXPKsEtpm9GU63J1YvBq7ONUfuduk=
x-served-by
cache-vie6362-VIE
last-modified
Sun, 19 Nov 2023 10:24:28 GMT
server
AmazonS3
x-timer
S1700481257.437272,VS0,VE0
etag
"2ad96843d77bfa623858b9486824ee9e"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
44
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
336418
article-detection.20231119-2-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/article-detection.20231119-2-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8ee33ba584dec62f105c296165d6a4608ee4dc077be0a298f5e82dabd231a2b8

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
I0zUVChVKdFsF9Sh06xJ279rxks6kxku
content-encoding
gzip
via
1.1 varnish
date
Mon, 20 Nov 2023 11:54:17 GMT
x-amz-request-id
B8QYBW1ETVT0M1B5
age
91776
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1291
x-amz-id-2
UYGzfcdjzSBpG91W+wwkanW4GOtDEYS7UCfWtNo5ob2KvZCrfDx5MdMIq+3CeEzMK4vagUy/24o=
x-served-by
cache-vie6362-VIE
last-modified
Sun, 19 Nov 2023 10:24:42 GMT
server
AmazonS3
x-timer
S1700481257.437261,VS0,VE0
etag
"309c8a8b9dd4632831b956d8ed701b61"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
95
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
336106
UnitFeedManagerDesktop.min.js
vidstat.taboola.com/lite-unit/4.5.9/ 		120 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/lite-unit/4.5.9/UnitFeedManagerDesktop.min.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231119-2-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1a92d33f554ce1738ba8de92d34c2e82eb9aa06f4c29a530e7fe5348954dee07

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 11:54:17 GMT
via
1.1 881b12332738e10f6e80298fbdcd7e8e.cloudfront.net (CloudFront), 1.1 varnish
content-encoding
gzip
x-amz-cf-pop
VIE50-C2
age
179497
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront, HIT
content-length
34194
x-served-by
cache-vie6380-VIE
last-modified
Sat, 18 Nov 2023 10:01:07 GMT
server
AmazonS3
x-timer
S1700481258.587526,VS0,VE0
etag
"71c188f2046759c2140f9eafdaccf881"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
AP8RoRrOMarcmETHJcf7mazfoHLne3KSyPWnK2h2sD3UDtbzltmKrw==
x-cache-hits
15747
feed-card-placeholder.20231119-2-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		5 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/feed-card-placeholder.20231119-2-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
29fed531947f334253a55fb9e09553524dd47f058baaf5a15058e53ae414f168

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
cBrPjPRxJPV_DxVXoUbT1s7OjT1ZCjxQ
content-encoding
gzip
via
1.1 varnish
date
Mon, 20 Nov 2023 11:54:17 GMT
x-amz-request-id
4SE7WBAC9EGBER01
age
91799
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1262
x-amz-id-2
uRieVI0oxRDZeP6wNOJ4eFuGsySIe0JExZQBc/beHn+cFqIkxOXGVEasq6H27+CrZuy1h5DuxxM=
x-served-by
cache-vie6362-VIE
last-modified
Sun, 19 Nov 2023 10:24:19 GMT
server
AmazonS3
x-timer
S1700481257.440877,VS0,VE0
etag
"9aa29954727bef0c2e10b90c3abc773c"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
22
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
328211
userx.20231119-2-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/userx.20231119-2-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
26802c926a96d982462ffc09a88fc08de45bd9b8dc6e7f7ec701bbbd4883bba4

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
x0KSGMaGmQopBtdL0UPxuqn1eKXsx8m2
content-encoding
gzip
via
1.1 varnish
date
Mon, 20 Nov 2023 11:54:17 GMT
x-amz-request-id
FZ23TVP1HA205ZPZ
age
91843
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
5398
x-amz-id-2
GTH3YUk/arolhi68qKAWs37Y6tUbglVx2XQfavCW9Xcnj1u9Tzv2qfs+nxvgTCwcIddCR9VPrVo=
x-served-by
cache-vie6362-VIE
last-modified
Sun, 19 Nov 2023 10:23:30 GMT
server
AmazonS3
x-timer
S1700481257.452613,VS0,VE0
etag
"a0cfff3482a6fc05802e6b5dbf85b996"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
42
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
45982
explore-more.20231119-2-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		26 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/explore-more.20231119-2-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5c036eff22c2d20fc6ee4256cb05f531266317d2bae1338c06223e5e440a4bc5

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
lOdcDMSsG0aN5XrTHhr_Tmnnmp.9X.dX
content-encoding
gzip
via
1.1 varnish
date
Mon, 20 Nov 2023 11:54:17 GMT
x-amz-request-id
WTKE4PRN0MYSP8A1
age
91794
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
7706
x-amz-id-2
O3vh/YzkyRWDmoh++k0fH5EUMUh8svTEqiOqBUVJ+Fr0n2XuKjeO35iyr97YwJY6Me2aJKTnjzE=
x-served-by
cache-vie6362-VIE
last-modified
Sun, 19 Nov 2023 10:24:22 GMT
server
AmazonS3
x-timer
S1700481257.474091,VS0,VE0
etag
"1c276fadc9fdf1c4ed0eaadad7cbc045"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
9
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
176425
supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&tvi48=12019&tvi50=11108&lti=deflated&ri=a781c51a7dc3fc9c3bad27163d925e90&sd=v2_ba4f90ee413fe98c2dcfb32f71a3d944_80f40258-4d6d-4864-8dfc-336d46891148-tuctc54ce68_1700481256_1700481256_CNawjgYQ2YJdGNSa0-S-MSABKAEwKziy0A1AvogQSIGh3QNQ____________AVgAYABosa_ptcr9986tAXAA&ui=80f40258-4d6d-4864-8dfc-336d46891148-tuctc54ce68&pi=/a/shi-ni-ma-bei-shi-xiong-hao-quan-ti-zao-fa-fang-11wei-xing-yun-er-zhong-5zhang-quan-shuang-na-3000.html&wi=-5453048407064001129&pt=text&vi=1700481256788&d=%7B%22event_type%22%3A%22next_up%22%2C%22event_state%22%3A%22RENDERED%22%2C%22event_value%22%3Anull%2C%22event_msg%22%3Anull%7D&tim=12%3A54%3A17.393&id=4845&llvl=2&cv=20231119-2-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/shi-ni-ma-bei-shi-xiong-hao-quan-ti-zao-fa-fang-11wei-xing-yun-er-zhong-5zhang-quan-shuang-na-3000.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Mon, 20 Nov 2023 11:54:17 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&tvi48=12019&tvi50=11108&lti=deflated&ri=a781c51a7dc3fc9c3bad27163d925e90&sd=v2_ba4f90ee413fe98c2dcfb32f71a3d944_80f40258-4d6d-4864-8dfc-336d46891148-tuctc54ce68_1700481256_1700481256_CNawjgYQ2YJdGNSa0-S-MSABKAEwKziy0A1AvogQSIGh3QNQ____________AVgAYABosa_ptcr9986tAXAA&ui=80f40258-4d6d-4864-8dfc-336d46891148-tuctc54ce68&pi=/a/shi-ni-ma-bei-shi-xiong-hao-quan-ti-zao-fa-fang-11wei-xing-yun-er-zhong-5zhang-quan-shuang-na-3000.html&wi=-5453048407064001129&pt=text&vi=1700481256788&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22taboola-vignette-before-load%22%2C%22eventTime%22%3A1700481257395%7D&tim=12%3A54%3A17.395&id=4869&llvl=2&cv=20231119-2-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/shi-ni-ma-bei-shi-xiong-hao-quan-ti-zao-fa-fang-11wei-xing-yun-er-zhong-5zhang-quan-shuang-na-3000.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Mon, 20 Nov 2023 11:54:17 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&tvi48=12019&tvi50=11108&lti=deflated&ri=a781c51a7dc3fc9c3bad27163d925e90&sd=v2_ba4f90ee413fe98c2dcfb32f71a3d944_80f40258-4d6d-4864-8dfc-336d46891148-tuctc54ce68_1700481256_1700481256_CNawjgYQ2YJdGNSa0-S-MSABKAEwKziy0A1AvogQSIGh3QNQ____________AVgAYABosa_ptcr9986tAXAA&ui=80f40258-4d6d-4864-8dfc-336d46891148-tuctc54ce68&pi=/a/shi-ni-ma-bei-shi-xiong-hao-quan-ti-zao-fa-fang-11wei-xing-yun-er-zhong-5zhang-quan-shuang-na-3000.html&wi=-5453048407064001129&pt=text&vi=1700481256788&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22block_clicks_init%22%2C%22type%22%3A%22block-clicks-manager%22%2C%22eventTime%22%3A1700481257408%7D&tim=12%3A54%3A17.408&id=542&llvl=2&cv=20231119-2-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/shi-ni-ma-bei-shi-xiong-hao-quan-ti-zao-fa-fang-11wei-xing-yun-er-zhong-5zhang-quan-shuang-na-3000.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Mon, 20 Nov 2023 11:54:17 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&tvi48=12019&tvi50=11108&lti=deflated&ri=a781c51a7dc3fc9c3bad27163d925e90&sd=v2_ba4f90ee413fe98c2dcfb32f71a3d944_80f40258-4d6d-4864-8dfc-336d46891148-tuctc54ce68_1700481256_1700481256_CNawjgYQ2YJdGNSa0-S-MSABKAEwKziy0A1AvogQSIGh3QNQ____________AVgAYABosa_ptcr9986tAXAA&ui=80f40258-4d6d-4864-8dfc-336d46891148-tuctc54ce68&pi=/a/shi-ni-ma-bei-shi-xiong-hao-quan-ti-zao-fa-fang-11wei-xing-yun-er-zhong-5zhang-quan-shuang-na-3000.html&wi=-5453048407064001129&pt=text&vi=1700481256788&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22ADOPTED%22%2C%22event_value%22%3A%22%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=12%3A54%3A17.449&id=9775&llvl=2&cv=20231119-2-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/shi-ni-ma-bei-shi-xiong-hao-quan-ti-zao-fa-fang-11wei-xing-yun-er-zhong-5zhang-quan-shuang-na-3000.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Mon, 20 Nov 2023 11:54:17 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
90 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=12%3A54%3A17.453&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-rec-reel-01-x-delta&llvl=2&id=6733&cv=20231119-2-RELEASE&lt=deflated&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/shi-ni-ma-bei-shi-xiong-hao-quan-ti-zao-fa-fang-11wei-xing-yun-er-zhong-5zhang-quan-shuang-na-3000.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 11:54:17 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
64121
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=12%3A54%3A17.455&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-01-x-delta&llvl=2&id=7373&cv=20231119-2-RELEASE&lt=deflated&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/shi-ni-ma-bei-shi-xiong-hao-quan-ti-zao-fa-fang-11wei-xing-yun-er-zhong-5zhang-quan-shuang-na-3000.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 11:54:17 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
64121
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=12%3A54%3A17.462&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-01-b-em-delta&llvl=2&id=677&cv=20231119-2-RELEASE&lt=deflated&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/shi-ni-ma-bei-shi-xiong-hao-quan-ti-zao-fa-fang-11wei-xing-yun-er-zhong-5zhang-quan-shuang-na-3000.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 11:54:17 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
64546
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=12%3A54%3A17.464&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-y-em-delta&llvl=2&id=402&cv=20231119-2-RELEASE&lt=deflated&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/shi-ni-ma-bei-shi-xiong-hao-quan-ti-zao-fa-fang-11wei-xing-yun-er-zhong-5zhang-quan-shuang-na-3000.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 11:54:17 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
64546
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=12%3A54%3A17.501&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-y-em-delta&llvl=2&id=6735&cv=20231119-2-RELEASE&lt=deflated&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/shi-ni-ma-bei-shi-xiong-hao-quan-ti-zao-fa-fang-11wei-xing-yun-er-zhong-5zhang-quan-shuang-na-3000.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 11:54:17 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
64546
f89e1763-220d-4e09-ba69-9e040548fb7a.svg
cdn.taboola.com/static/f8/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/static/f8/f89e1763-220d-4e09-ba69-9e040548fb7a.svg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/shi-ni-ma-bei-shi-xiong-hao-quan-ti-zao-fa-fang-11wei-xing-yun-er-zhong-5zhang-quan-shuang-na-3000.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
cMrDKn.emLmm9kiiOOF64ulDT4DRy6LK
content-encoding
gzip
via
1.1 varnish
date
Mon, 20 Nov 2023 11:54:17 GMT
x-amz-request-id
HJ09X8P4R5KH42F4
age
108
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1758
x-amz-id-2
faxoqOsk5L3JnOp4CGBe8HUwS5iaEetHw/chB8MAH8m+ety0Y1JRUtqjb3j3A4EIJUkOzqIpZ3duwTaXeu03nw==
x-served-by
cache-vie6362-VIE
last-modified
Wed, 07 Feb 2018 11:15:52 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1700481258.528086,VS0,VE0
etag
"b8b410e4b18d45aa2f3d9bc09cd335fb"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
abp
16
cache-control
private,max-age=31536000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
120
a44dd3a297afd0fd45a77e615d8725b7.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_1020%2Cw_1360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		64 KB
64 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_1020%2Cw_1360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/a44dd3a297afd0fd45a77e615d8725b7.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/shi-ni-ma-bei-shi-xiong-hao-quan-ti-zao-fa-fang-11wei-xing-yun-er-zhong-5zhang-quan-shuang-na-3000.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
6cbfc53259b69d29991ab5e7f1669aeff87bf0dbbe131a8c2f99772706e3dbfe

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
4
date
Mon, 20 Nov 2023 11:54:17 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_1020%2Cw_1360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/a44dd3a297afd0fd45a77e615d8725b7.png
age
2182606
edge-cache-tag
537961867663570220257868072190384183561,300725542225319019678437132620861179772,29ecf9b93bbf306179626feeda1fab70
cache-tag
537961867663570220257868072190384183561,300725542225319019678437132620861179772,29ecf9b93bbf306179626feeda1fab70
x-cache
Miss from cloudfront, MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
664
expiration
expiry-date="Thu, 09 Nov 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://newstral.com/
content-length
65216
x-backend-name
US_nlb103
x-served-by
cache-iad-kiad7000108-IAD, cache-iad-kiad7000126-IAD, cache-lga21983-LGA, cache-iad-kiad7000107-IAD, cache-vie6362-VIE
last-modified
Mon, 09 Oct 2023 15:24:23 GMT
server
nginx
surrogate-reporting
width=1200,height=900,bytes=94988,owidth=1600,oheight=900,obytes=1969816
x-timer
S1700481258.625349,VS0,VE4
etag
"5f94f88518bbe3cf09b142baaf69eb8f"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 1, 3, 1
a44dd3a297afd0fd45a77e615d8725b7.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		31 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/a44dd3a297afd0fd45a77e615d8725b7.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/shi-ni-ma-bei-shi-xiong-hao-quan-ti-zao-fa-fang-11wei-xing-yun-er-zhong-5zhang-quan-shuang-na-3000.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
cb40fcf965f3d229a5a881610d25acfa093d88e2d4f289f6a840eb77605bee2f

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
2
date
Mon, 20 Nov 2023 11:54:17 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/a44dd3a297afd0fd45a77e615d8725b7.png
age
3645764
edge-cache-tag
537961867663570220257868072190384183561,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag
537961867663570220257868072190384183561,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
209
req-referer
https://www.balkanweb.com/
content-length
31438
x-request-id
2cdce063c2a5bed3dd194b765530106b
x-backend-name
US_nlb101
x-served-by
cache-iad-kjyo7100084-IAD, cache-iad-kiad7000095-IAD, cache-iad-kiad7000027-IAD, cache-vie6362-VIE
last-modified
Mon, 09 Oct 2023 07:11:21 GMT
server
nginx
surrogate-reporting
width=1600,height=800,bytes=102834,owidth=1600,oheight=900,obytes=1969816
x-timer
S1700481258.625399,VS0,VE2
etag
"4019c28cafd9072c313501ab53da30b0"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 23, 1
vor-fernseher-schlafen.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.praxisvita.de/assets/field/image/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.praxisvita.de/assets/field/image/vor-fernseher-schlafen.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/shi-ni-ma-bei-shi-xiong-hao-quan-ti-zao-fa-fang-11wei-xing-yun-er-zhong-5zhang-quan-shuang-na-3000.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
6ba2cc026d52f2538409d772333659645e50c96ad4046db8791a1362d2165992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
4
date
Mon, 20 Nov 2023 11:54:17 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.praxisvita.de/assets/field/image/vor-fernseher-schlafen.jpg
age
2925449
edge-cache-tag
430253247494455142512804023790638936492,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
430253247494455142512804023790638936492,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache
Miss from cloudfront, HIT, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
511
expiration
expiry-date="Fri, 10 Nov 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.express.de/
content-length
9818
x-backend-name
CH_nlb804
x-served-by
cache-iad-kiad7000023-IAD, cache-iad-kiad7000023-IAD, cache-lga21943-LGA, cache-iad-kcgs7200161-IAD, cache-vie6362-VIE
last-modified
Tue, 10 Oct 2023 16:25:57 GMT
server
nginx
surrogate-reporting
width=730,height=405,bytes=26065,owidth=730,oheight=440,obytes=42565
x-timer
S1700481258.625317,VS0,VE4
etag
"8ce1a8274050c19cae6b75afece629f3"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 5, 1, 6, 1
594a95f3-be21-4dc6-af39-afadf864db68__J0ZglXGT.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/594a95f3-be21-4dc6-af39-afadf864db68__J0ZglXGT.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/shi-ni-ma-bei-shi-xiong-hao-quan-ti-zao-fa-fang-11wei-xing-yun-er-zhong-5zhang-quan-shuang-na-3000.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
463c22dc8c2d4a1be87d3c8c018d947db83778f737fc751b09786e2bb15098f6

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Mon, 20 Nov 2023 11:54:17 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/594a95f3-be21-4dc6-af39-afadf864db68__J0ZglXGT.jpg
age
2269318
edge-cache-tag
414442406602868598301845405230173776699,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
cache-tag
414442406602868598301845405230173776699,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
64
req-referer
https://www.werstreamt.es/
content-length
10890
x-request-id
fc4b83a10309fbf9e97ecbaf69601fa7
x-backend-name
US_nlb106
x-served-by
cache-iad-kcgs7200102-IAD, cache-iad-kiad7000133-IAD, cache-iad-kcgs7200040-IAD, cache-vie6362-VIE
last-modified
Sun, 08 Oct 2023 23:02:06 GMT
server
nginx
surrogate-reporting
width=460,height=256,bytes=16026,owidth=2000,oheight=1457,obytes=197392
x-timer
S1700481258.642560,VS0,VE0
etag
"62fd0b04b6800b3d86bda697925731cb"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 46, 2
d859f247-97bc-4213-b6b9-a03e0240fbbb__W6tDfJbM.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/ 		44 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/d859f247-97bc-4213-b6b9-a03e0240fbbb__W6tDfJbM.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/shi-ni-ma-bei-shi-xiong-hao-quan-ti-zao-fa-fang-11wei-xing-yun-er-zhong-5zhang-quan-shuang-na-3000.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
f49b76bcedfbd3a70cccf72017a02878dc92f9c746a7d975b01730f3f240f681

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Mon, 20 Nov 2023 11:54:17 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/d859f247-97bc-4213-b6b9-a03e0240fbbb__W6tDfJbM.jpg
age
1113492
edge-cache-tag
439779570990945258899787989732356055491,498584393636076703798430334516519001030,29ecf9b93bbf306179626feeda1fab70
cache-tag
439779570990945258899787989732356055491,498584393636076703798430334516519001030,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
562
req-referer
https://www.tippsundtricks.co/
content-length
44738
x-request-id
47f799efb54e092ce8052a3837759587
x-backend-name
LA_nlb203
x-served-by
cache-iad-kiad7000173-IAD, cache-iad-kjyo7100140-IAD, cache-lax-kwhp1940023-LAX, cache-iad-kcgs7200029-IAD, cache-vie6362-VIE
last-modified
Thu, 02 Nov 2023 12:52:37 GMT
server
nginx
surrogate-reporting
width=920,height=460,bytes=65523,owidth=1999,oheight=1249,obytes=234996
x-timer
S1700481258.667354,VS0,VE1
etag
"81bde38df58dc346b767fae8bd5e5114"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 4, 1
c0c9bf6e27eed65170696418845dd923.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/c0c9bf6e27eed65170696418845dd923.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/shi-ni-ma-bei-shi-xiong-hao-quan-ti-zao-fa-fang-11wei-xing-yun-er-zhong-5zhang-quan-shuang-na-3000.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
397e4855767b9fd7bb269563c3c16b4316532b8530fa22bb63901767d80ce1da

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Mon, 20 Nov 2023 11:54:17 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/c0c9bf6e27eed65170696418845dd923.jpg
age
3520566
edge-cache-tag
381064826422856754031056717022716645425,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
381064826422856754031056717022716645425,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
HIT, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
64
req-referer
https://www.calcalist.co.il/
content-length
6982
x-request-id
61e3e9ee09792955d810094801bc2239
x-backend-name
LA_nlb203
x-served-by
cache-iad-kjyo7100139-IAD, cache-iad-kjyo7100139-IAD, cache-lax-kwhp1940104-LAX, cache-iad-kcgs7200095-IAD, cache-vie6362-VIE
last-modified
Mon, 25 Sep 2023 09:42:49 GMT
server
nginx
surrogate-reporting
width=621,height=344,bytes=20731,owidth=621,oheight=466,obytes=45377
x-timer
S1700481258.682549,VS0,VE1
etag
"be804ab281d9fecd5052ab6ec3b2b1f8"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 94, 1, 28, 1
fc0772d8cb91fa4ee2ec76921cf11c9e.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/fc0772d8cb91fa4ee2ec76921cf11c9e.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/shi-ni-ma-bei-shi-xiong-hao-quan-ti-zao-fa-fang-11wei-xing-yun-er-zhong-5zhang-quan-shuang-na-3000.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
a446bff20e44b2ad64dc35f3eb66a297602784929e4bd33ef8440e425081d2ae

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Mon, 20 Nov 2023 11:54:17 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/fc0772d8cb91fa4ee2ec76921cf11c9e.jpg
age
601022
edge-cache-tag
421773306693512624719134079980535455654,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
cache-tag
421773306693512624719134079980535455654,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
429
req-referer
https://www.tippsundtricks.co/
content-length
16630
x-request-id
47fb000437a9d738ae64994f27ac5551
x-backend-name
LA_nlb204
x-served-by
cache-iad-kjyo7100102-IAD, cache-iad-kiad7000113-IAD, cache-lax-kwhp1940055-LAX, cache-iad-kcgs7200167-IAD, cache-vie6362-VIE
last-modified
Mon, 13 Nov 2023 12:55:41 GMT
server
nginx
surrogate-reporting
width=460,height=256,bytes=31273,owidth=1200,oheight=627,obytes=105782
x-timer
S1700481258.682542,VS0,VE1
etag
"099a88d901aeb436090aa3e936ad04e5"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 6, 1
a44dd3a297afd0fd45a77e615d8725b7.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		35 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/a44dd3a297afd0fd45a77e615d8725b7.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/shi-ni-ma-bei-shi-xiong-hao-quan-ti-zao-fa-fang-11wei-xing-yun-er-zhong-5zhang-quan-shuang-na-3000.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
45c0a12dc14bbca7d59f3826fc57c3491eff7042d59ba79bf4634c8bc02b01a5

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Mon, 20 Nov 2023 11:54:17 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/a44dd3a297afd0fd45a77e615d8725b7.png
age
3448287
edge-cache-tag
537961867663570220257868072190384183561,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
537961867663570220257868072190384183561,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
860
req-referer
https://www.waz.de/
content-length
36228
x-request-id
a6dee29943f378335ea8b167ea7aa591
x-backend-name
LA_nlb203
x-served-by
cache-iad-kiad7000109-IAD, cache-iad-kcgs7200179-IAD, cache-lax-kwhp1940080-LAX, cache-iad-kjyo7100055-IAD, cache-vie6362-VIE
last-modified
Mon, 09 Oct 2023 07:11:34 GMT
server
nginx
surrogate-reporting
width=1600,height=888,bytes=115572,owidth=1600,oheight=900,obytes=1969816
x-timer
S1700481258.682537,VS0,VE1
etag
"c9342bfaf26d82ffb33ec16e67fbc427"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 58, 1, 1, 1
d859f247-97bc-4213-b6b9-a03e0240fbbb__W6tDfJbM.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/ 		52 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/d859f247-97bc-4213-b6b9-a03e0240fbbb__W6tDfJbM.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/shi-ni-ma-bei-shi-xiong-hao-quan-ti-zao-fa-fang-11wei-xing-yun-er-zhong-5zhang-quan-shuang-na-3000.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
5e0191866b70198f58f2f361124c6da016b6fd945f92dfb187738dae64917ec2

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Mon, 20 Nov 2023 11:54:17 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/d859f247-97bc-4213-b6b9-a03e0240fbbb__W6tDfJbM.jpg
age
1551699
edge-cache-tag
439779570990945258899787989732356055491,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
439779570990945258899787989732356055491,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time
346
req-referer
https://www.tag24.de/
content-length
52790
x-request-id
6cead554c0a890a23361cd60acf22057
x-backend-name
CH_nlb801
x-served-by
cache-iad-kiad7000094-IAD, cache-iad-kjyo7100175-IAD, cache-lga21964-LGA, cache-iad-kcgs7200042-IAD, cache-vie6362-VIE
last-modified
Thu, 02 Nov 2023 12:52:38 GMT
server
nginx
surrogate-reporting
width=1999,height=1110,bytes=199267,owidth=1999,oheight=1249,obytes=234996
x-timer
S1700481258.710423,VS0,VE0
etag
"513d1dc8ffcced3b7ad93fdd0d3000f0"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 2, 0, 24, 2
vor-fernseher-schlafen.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.praxisvita.de/assets/field/image/ 		24 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.praxisvita.de/assets/field/image/vor-fernseher-schlafen.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/shi-ni-ma-bei-shi-xiong-hao-quan-ti-zao-fa-fang-11wei-xing-yun-er-zhong-5zhang-quan-shuang-na-3000.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
0e74f29339bda35da749039ee4129d2c8f7423603c215098adb7fc2e9f4dfa67

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Mon, 20 Nov 2023 11:54:17 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.praxisvita.de/assets/field/image/vor-fernseher-schlafen.jpg
age
2925448
edge-cache-tag
430253247494455142512804023790638936492,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
430253247494455142512804023790638936492,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache
Miss from cloudfront, HIT, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
917
expiration
expiry-date="Fri, 10 Nov 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.tag24.de/
content-length
24906
x-backend-name
LA_nlb201
x-served-by
cache-iad-kiad7000023-IAD, cache-iad-kiad7000023-IAD, cache-lax-kwhp1940045-LAX, cache-iad-kjyo7100032-IAD, cache-vie6362-VIE
last-modified
Tue, 10 Oct 2023 16:25:57 GMT
server
nginx
surrogate-reporting
width=730,height=405,bytes=26065,owidth=730,oheight=440,obytes=42565
x-timer
S1700481258.736204,VS0,VE1
etag
"8ce1a8274050c19cae6b75afece629f3"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 40, 1, 31, 1
594a95f3-be21-4dc6-af39-afadf864db68__J0ZglXGT.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/ 		33 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/594a95f3-be21-4dc6-af39-afadf864db68__J0ZglXGT.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/shi-ni-ma-bei-shi-xiong-hao-quan-ti-zao-fa-fang-11wei-xing-yun-er-zhong-5zhang-quan-shuang-na-3000.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
7ac3517a3dc7faa2258f56236360201bb0f23aa702ff53300bcb4efc8e4407af

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
7
date
Mon, 20 Nov 2023 11:54:17 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/594a95f3-be21-4dc6-af39-afadf864db68__J0ZglXGT.jpg
age
2326462
edge-cache-tag
414442406602868598301845405230173776699,475000658346574341699039966618312097677,29ecf9b93bbf306179626feeda1fab70
cache-tag
414442406602868598301845405230173776699,475000658346574341699039966618312097677,29ecf9b93bbf306179626feeda1fab70
x-cache
Miss from cloudfront, HIT, HIT, MISS, MISS, HIT
x-envoy-upstream-service-time
106
expiration
expiry-date="Fri, 17 Nov 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.noen.at/
content-length
33638
x-backend-name
US_nlb101
x-served-by
cache-iad-kcgs7200084-IAD, cache-iad-kcgs7200046-IAD, cache-ewr18154-EWR, cache-iad-kjyo7100020-IAD, cache-vie6362-VIE
last-modified
Tue, 17 Oct 2023 04:49:19 GMT
server
nginx
surrogate-reporting
width=940,height=523,bytes=48351,owidth=2000,oheight=1457,obytes=197392
x-timer
S1700481258.736160,VS0,VE7
etag
"3bb4cf0d908a96cab5dd4873ba3cea84"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 0, 0, 1
feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE3MDA0ODEyNTc2MTQsInBhY2tldElkIjoiMDAwMEE3MDEtZmFhOGJmY2EtNGI0OS00NDU2LTg0MDctNzY2NTUzYWZlNWFkIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL3NoaS1uaS1tYS1iZWktc2hpLXhpb25nLWhhby1xdWFuLXRpLXphby1mYS1mYW5nLTExd2VpLXhpbmcteXVuLWVyLXpob25nLTV6aGFuZy1xdWFuLXNodWFuZy1uYS0zMDAwLmh0bWwiLCJtb2RlIjoxLCJlcnJvckNvZGUiOjEsInJlZmVycmVyIjoiIiwicGxhdGZvcm0iOiJERVNLVE9QIiwiaXNHZW5pZWUiOmZhbHNlLCJzZWN0aW9ucyI6W3sic2VjdGlvbklkIjoiNzdhOWMyMmYtYWMwMi00NWRkLTk2YmMtYjA4OTZhOGE3ZDVhIiwic2VjdGlvbk5hbWUiOiJBUF9MX0RfQVJUSUNMRV83MjhYMjUwXzc3YTljIiwic3RhdHVzIjoxLCJuZXR3b3JrIjoiYWRwVGFncyIsIm5ldHdvcmtBZFVuaXRJZCI6IkFEUF80Mjc1M183MjhYMjUwXzc3YTljMjJmLWFjMDItNDVkZC05NmJjLWIwODk2YThhN2Q1YSIsInNlcnZpY2VzIjpbMSwzXSwiYWRVbml0VHlwZSI6MX1dLCJwYWdlR3JvdXAiOiJBUlRJQ0xFIiwicGFnZVZhcmlhdGlvbklkIjoiOTY3NTAxMjUtYjkwYy00OTdhLTg2OTktNzMxNzFmN2I0OTM1IiwicGFnZVZhcmlhdGlvbk5hbWUiOiJBZFB1c2h1cCIsInBhZ2VWYXJpYXRpb25UeXBlIjoxLCJjb3VudHJ5IjoiQ0gifQ%3D%3D&c_b=3947.7000045776367
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/shi-ni-ma-bei-shi-xiong-hao-quan-ti-zao-fa-fang-11wei-xing-yun-er-zhong-5zhang-quan-shuang-na-3000.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Nov 2023 11:54:17 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE3MDA0ODEyNTc2MzAsInBhY2tldElkIjoiMDAwMEE3MDEtZmFhOGJmY2EtNGI0OS00NDU2LTg0MDctNzY2NTUzYWZlNWFkIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL3NoaS1uaS1tYS1iZWktc2hpLXhpb25nLWhhby1xdWFuLXRpLXphby1mYS1mYW5nLTExd2VpLXhpbmcteXVuLWVyLXpob25nLTV6aGFuZy1xdWFuLXNodWFuZy1uYS0zMDAwLmh0bWwiLCJtb2RlIjoxLCJlcnJvckNvZGUiOjEsInJlZmVycmVyIjoiIiwicGxhdGZvcm0iOiJERVNLVE9QIiwiaXNHZW5pZWUiOmZhbHNlLCJzZWN0aW9ucyI6W3sic2VjdGlvbklkIjoiZDFjMTBhNzItMjdiNC00OTMxLThjZTctOTlhMThlYmJkYmFlIiwic2VjdGlvbk5hbWUiOiJBUF9JX0RfQVJUSUNMRV83MjhYOTBfZDFjMTAiLCJzdGF0dXMiOjEsIm5ldHdvcmsiOiJhZHBUYWdzIiwibmV0d29ya0FkVW5pdElkIjoiU1RJQ0tZX0FEUF80Mjc1M183MjhYOTBfZDFjMTBhNzItMjdiNC00OTMxLThjZTctOTlhMThlYmJkYmFlIiwic2VydmljZXMiOls1LDNdLCJhZFVuaXRUeXBlIjozfV0sInBhZ2VHcm91cCI6IkFSVElDTEUiLCJwYWdlVmFyaWF0aW9uSWQiOiI5Njc1MDEyNS1iOTBjLTQ5N2EtODY5OS03MzE3MWY3YjQ5MzUiLCJwYWdlVmFyaWF0aW9uTmFtZSI6IkFkUHVzaHVwIiwicGFnZVZhcmlhdGlvblR5cGUiOjEsImNvdW50cnkiOiJDSCJ9&c_b=3963.2000045776367
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/shi-ni-ma-bei-shi-xiong-hao-quan-ti-zao-fa-fang-11wei-xing-yun-er-zhong-5zhang-quan-shuang-na-3000.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Nov 2023 11:54:17 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE3MDA0ODEyNTc2MzYsInBhY2tldElkIjoiMDAwMEE3MDEtZmFhOGJmY2EtNGI0OS00NDU2LTg0MDctNzY2NTUzYWZlNWFkIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL3NoaS1uaS1tYS1iZWktc2hpLXhpb25nLWhhby1xdWFuLXRpLXphby1mYS1mYW5nLTExd2VpLXhpbmcteXVuLWVyLXpob25nLTV6aGFuZy1xdWFuLXNodWFuZy1uYS0zMDAwLmh0bWwiLCJtb2RlIjoxLCJlcnJvckNvZGUiOjEsInJlZmVycmVyIjoiIiwicGxhdGZvcm0iOiJERVNLVE9QIiwiaXNHZW5pZWUiOmZhbHNlLCJzZWN0aW9ucyI6W3sic2VjdGlvbklkIjoiODYxZTBmNWUtMTRmMC00ZmUwLWIxZjYtMzVhMjhmMzNkMjI4Iiwic2VjdGlvbk5hbWUiOiJBUF9JX0RfMzM2WDI4MF84NjFlMCIsInN0YXR1cyI6MSwibmV0d29yayI6ImFkcFRhZ3MiLCJuZXR3b3JrQWRVbml0SWQiOiJBRFBfNDI3NTNfMzM2WDI4MF84NjFlMGY1ZS0xNGYwLTRmZTAtYjFmNi0zNWEyOGYzM2QyMjgiLCJzZXJ2aWNlcyI6WzVdLCJhZFVuaXRUeXBlIjo4fV0sInBhZ2VHcm91cCI6IkFSVElDTEUiLCJwYWdlVmFyaWF0aW9uSWQiOiI5Njc1MDEyNS1iOTBjLTQ5N2EtODY5OS03MzE3MWY3YjQ5MzUiLCJwYWdlVmFyaWF0aW9uTmFtZSI6IkFkUHVzaHVwIiwicGFnZVZhcmlhdGlvblR5cGUiOjEsImNvdW50cnkiOiJDSCJ9&c_b=3966
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/shi-ni-ma-bei-shi-xiong-hao-quan-ti-zao-fa-fang-11wei-xing-yun-er-zhong-5zhang-quan-shuang-na-3000.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Nov 2023 11:54:17 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
ads
securepubads.g.doubleclick.net/gampad/ 		65 KB
19 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=424210605974472&correlator=2286623854437321&eid=31079660%2C31079658%2C31079525&output=ldjh&gdfp_req=1&vrg=202311130101&ptt=17&impl=fifs&iu_parts=103512698%3A22574853003%2C22967173653&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&sfv=1-0-40&ists=1&fas=8&eri=1&sc=1&cookie_enabled=1&arp=1&abxe=1&dt=1700481257744&lmt=1700481257&adxs=-9&adys=-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fshi-ni-ma-bei-shi-xiong-hao-quan-ti-zao-fa-fang-11wei-xing-yun-er-zhong-5zhang-quan-shuang-na-3000.html&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=861161258.1700481257&ga_sid=1700481258&ga_hid=100393372&ga_fc=true&dlt=1700481256067&idt=1620&prev_scp=stopUnfilledRefresh3%3Dd_g0_u0%26adpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D0%26fluid%3D0%26vacant_variation%3Dexperiment_bp_0%26vacant_RCA%3DE_0%26refreshcount%3D0%26refreshrate%3D30%26control_reporting%3Dchrome_DESKTOP_3_0_pv%26cluster_reporting%3Dchrome_DESKTOP_3_1_active_0_pv%26ap_refresh_type%3DAV_8%26fcEnabled%3D0&cust_params=da%3Dadx%26outbrain%3Dtrue%26ap_product%3Dadpushup%26pubmatic_eb_disable%3Dfalse%26ap_fp_engine_ran%3D0%26fp_engine_ran%3D0_3%26ap_fp_engine_type%3Dnone%26ap_fp_engine_temp%3Dnone_3%26adro%3Dv8_c%26faid%3Dfalse&adks=3412779558&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/pubads_impl.js?cb=31079658
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
694ab50b2fb7c8c158cd646e6e06e4180af068411762ccac0a999de0bfb083e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 11:54:18 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19191
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
0cdb8e87210a0ca781607e22327923a6.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 50BB 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://0cdb8e87210a0ca781607e22327923a6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/pubads_impl.js?cb=31079658
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f193.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 20 Nov 2023 11:54:18 GMT
expires
Tue, 19 Nov 2024 11:54:18 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pubads_impl_page_level_ads.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/ 		39 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/pubads_impl_page_level_ads.js?cb=31079658
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/pubads_impl.js?cb=31079658
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
c8934c75d7b6faf5e681a0d3fc7854a70876feebd7f613f792ffe35345486b16
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 17:37:50 GMT
content-encoding
br
x-content-type-options
nosniff
age
65787
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13740
x-xss-protection
0
server
cafe
etag
13319621592303420164
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Mon, 18 Nov 2024 17:37:50 GMT
ucfad-formats.css
cdn.aralego.net/css/dev/ 		975 B
618 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.5.103 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 11:54:17 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
7413
cf-polished
origSize=1191
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 16 Mar 2018 07:19:46 GMT
server
cloudflare
etag
W/"5aab7012-4a7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GUDYRbOIDuZxPiisvOUaEcyRYxiEFZYcmRSCYf19BydFOZL5hNy4i2U1WAirKMW5hi5g2aWnvRW%2B%2BBJA4OyK4oo43IB3I2eM2qrUHWRuc7%2F9bnDkGEuxVlEOjyrcoJw%2BvA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
access-control-allow-credentials
true
cf-ray
82907f554be47015-CDG
idRequest
sync.aralego.com/ 		46 B
488 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.96.203.13 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
f281a2c9029f18139e99793cb086b71fd4eb03f9aa85539a3f0b8a993e0e2c6a

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 20 Nov 2023 11:54:18 GMT
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://www.bg3.co
Access-Control-Allow-Credentials
true
Connection
close
Content-Length
46
testmode
e3.adpushup.com/AdPushupFeedbackWebService/feedback/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/testmode?data=eyJjcmVhdGVkVFMiOjE3MDA0ODEyNTc2MTQsInBhY2tldElkIjoiMDAwMEE3MDEtZmFhOGJmY2EtNGI0OS00NDU2LTg0MDctNzY2NTUzYWZlNWFkIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL3NoaS1uaS1tYS1iZWktc2hpLXhpb25nLWhhby1xdWFuLXRpLXphby1mYS1mYW5nLTExd2VpLXhpbmcteXVuLWVyLXpob25nLTV6aGFuZy1xdWFuLXNodWFuZy1uYS0zMDAwLmh0bWwiLCJtb2RlIjo1LCJlcnJvckNvZGUiOjEsInJlZmVycmVyIjoiIiwicGxhdGZvcm0iOiJERVNLVE9QIiwiaXNHZW5pZWUiOmZhbHNlLCJzZWN0aW9ucyI6bnVsbCwicGFnZUdyb3VwIjoiQVJUSUNMRSIsInBhZ2VWYXJpYXRpb25JZCI6Ijk2NzUwMTI1LWI5MGMtNDk3YS04Njk5LTczMTcxZjdiNDkzNSIsInBhZ2VWYXJpYXRpb25OYW1lIjoiQWRQdXNodXAiLCJwYWdlVmFyaWF0aW9uVHlwZSI6MSwiY291bnRyeSI6IkNIIn0%3D&c_b=4138.800003051758
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/shi-ni-ma-bei-shi-xiong-hao-quan-ti-zao-fa-fang-11wei-xing-yun-er-zhong-5zhang-quan-shuang-na-3000.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Nov 2023 11:54:17 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
socket.io.min.js
cdn.socket.io/4.5.4/ 		43 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.socket.io/4.5.4/socket.io.min.js
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/player/mvp/player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-111.fra56.r.cloudfront.net
Software
Vercel /
Resource Hash
18a36a927dac54650b18b903f8f8778219e02e13946e581d9b3e1e4995f7435b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 29 Oct 2023 16:47:17 GMT
content-encoding
gzip
via
1.1 3f52d342c56014599dee37446f6c9f2e.cloudfront.net (CloudFront)
strict-transport-security
max-age=63072000
x-amz-cf-pop
FRA56-P2
age
2088027
x-cache
Hit from cloudfront
content-disposition
inline; filename="socket.io.min.js"
server
Vercel
x-vercel-id
fra1::58txd-1698598036852-d74a80e9fa02
etag
W/"db9bf2a88958a37857fb8f7b56e0fe04"
x-vercel-cache
HIT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
x-amz-cf-id
VuUlIeYFb2oT4O81ilbpnfCZal-Ipml_zX5kySsjqnqdWatncv2P6Q==
prebid.js
cdn.unibotscdn.com/player/prebid/ 		519 KB
165 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.unibotscdn.com/player/prebid/prebid.js
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/player/mvp/player.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.199.37.225 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
138-199-37-225.bunnyinfra.net
Software
BunnyCDN-DE1-1055 /
Resource Hash
b499758f19f8908ac7f96fcb014f53fc5ab0fb1b372828c83c9c0d4f76403bcc

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 11:54:17 GMT
content-encoding
br
cdn-edgestorageid
1048
cdn-storageserver
DE-663
cdn-cachedat
11/19/2023 16:40:21
cdn-pullzone
873945
last-modified
Mon, 16 Oct 2023 11:44:57 GMT
server
BunnyCDN-DE1-1055
cdn-fileserver
645
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
W/"652d2239-81b53"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
cache-control
public, max-age=3600
cdn-requestid
cb97dd25be7bf799d8fd82f61afbb896
cdn-requestcountrycode
CH
cdn-status
200
cdn-requestpullsuccess
True
ad_request
ads.aralego.com/ 		564 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=0&bl=en-US&je=1&dnt=0&host=www.bg3.co&u=https%3A%2F%2Fwww.bg3.co%2Fa%2Fshi-ni-ma-bei-shi-xiong-hao-quan-ti-zao-fa-fang-11wei-xing-yun-er-zhong-5zhang-quan-shuang-na-3000.html&adid=ad-34BA6B783D78883D133AD3AD3D6293B9&w=&h=280&ver=UCX_WEB-20200113&pos=1&seq=0&cb=0.13754632710348047&gdpr=%24%7BGDPR%7D&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&format=300%2C250%3B336%2C280%3B&lang=en-US%2Cen&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&uaMobile=%3F0
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.210.196.208 Lanham, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
7eddc7e40f583d7244a3f2235d6be162336c446b943ebcf7a4f4a0d02fa18030

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 11:54:18 GMT
x-width
336
x-height
280
x-adstyle
banner
access-control-allow-methods
GET,POST,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.bg3.co
access-control-expose-headers
X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
vary
Accept-Encoding
access-control-allow-credentials
true
x-adsource
PSA
x-adtype
html
connection
close
content-length
564
quant.js
secure.quantserve.com/ 		21 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.228.74.168 , United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
77daa4388c965a3e23b5a6c800727d8025ab108f89cf5679e79136986d5b4561

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 11:54:18 GMT
content-encoding
gzip
etag
"e23JaXq4HVtlOmThpFhluQ=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Mon, 27 Nov 2023 11:54:18 GMT
next-up-widget.20231119-2-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/next-up-widget.20231119-2-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4f0f1ba4a556e805f1dc51a163e57d5b3ea5707f0de3ffdf3ee5644802d3c90b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
egl0OlSRFiXYPrKT707nu6iDd6fXqMFS
content-encoding
gzip
via
1.1 varnish
date
Mon, 20 Nov 2023 11:54:17 GMT
x-amz-request-id
JJ7JT7ACBT1S7FNJ
age
91811
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
4623
x-amz-id-2
EKTt/F7QIdHv0YsdI6p/V0m6XaXNEhTKcSe6WwphDE6TRH+NL6MbNUg+vzWJrBTD9f97OZKOuSc=
x-served-by
cache-vie6362-VIE
last-modified
Sun, 19 Nov 2023 10:24:04 GMT
server
AmazonS3
x-timer
S1700481258.888385,VS0,VE0
etag
"5d199273c5f259ff06dfce5bce842d05"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
23
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
22096
abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&tvi48=12019&tvi50=11108&lti=deflated&ri=a781c51a7dc3fc9c3bad27163d925e90&sd=v2_ba4f90ee413fe98c2dcfb32f71a3d944_80f40258-4d6d-4864-8dfc-336d46891148-tuctc54ce68_1700481256_1700481256_CNawjgYQ2YJdGNSa0-S-MSABKAEwKziy0A1AvogQSIGh3QNQ____________AVgAYABosa_ptcr9986tAXAA&ui=80f40258-4d6d-4864-8dfc-336d46891148-tuctc54ce68&pi=/a/shi-ni-ma-bei-shi-xiong-hao-quan-ti-zao-fa-fang-11wei-xing-yun-er-zhong-5zhang-quan-shuang-na-3000.html&wi=-5453048407064001129&pt=text&vi=1700481256788&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22taboola-vignette-script-loaded%22%2C%22type%22%3A%22%7B%5C%22timeFromLoad%5C%22%3A1923%7D%22%2C%22eventTime%22%3A1700481257988%7D&tim=12%3A54%3A17.988&id=4927&llvl=2&cv=20231119-2-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/shi-ni-ma-bei-shi-xiong-hao-quan-ti-zao-fa-fang-11wei-xing-yun-er-zhong-5zhang-quan-shuang-na-3000.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Mon, 20 Nov 2023 11:54:18 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20231120
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
54374ca9aaab918b809ba0b892ca64608d5b90016d9504963cf0086543b8b24b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 20 Nov 2023 11:54:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
28406
x-jsd-version
1.0.1879
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230103-FRA, cache-mad22076-MAD
x-jsd-version-type
version
server
cloudflare
etag
W/"641-6eL8VJKYP7rPKt7pIkuMsRZaGKA"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C5QxIT%2BHqvchYiezhIX4q78fONkma%2BkN7kv1SAVzSJZRk4TYFiTQB7Lyk8BkLayjtbrOO%2BO8Bi7b6NykZntVp6FhFYmTSjoZk9jBAHQn%2FtJ30Gu3yKl3l%2FPEonTChh%2BgGkY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
82907f590c126f0b-CDG
prebidjs
rtb.openx.net/openrtbb/ 		53 B
229 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
/
Resource Hash
da39d73efc7b689981eb9a0efe62dfb75630d3bc96b59cb9def7e3e8b319697b

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 20 Nov 2023 11:54:18 GMT
content-encoding
gzip
via
1.1 google
vary
Origin
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77
prebidjs
rtb.openx.net/openrtbb/ 		53 B
346 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
/
Resource Hash
da39d73efc7b689981eb9a0efe62dfb75630d3bc96b59cb9def7e3e8b319697b

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 20 Nov 2023 11:54:18 GMT
content-encoding
gzip
via
1.1 google
vary
Origin
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77
cdb
bidder.criteo.com/ 		0
189 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=35&wv=7.48.0&cb=50231020905&lsavail=0
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.bg3.co
date
Mon, 20 Nov 2023 11:54:17 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
prebid
prebid.media.net/rtb/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUPEPKI9
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
153.63.120.34.bc.googleusercontent.com
Software
envoy /
Resource Hash
b79aaa51117a1951245d7ae76d7ba8b51ce157906c83274fb85c4f3c00b626f2

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 20 Nov 2023 11:54:17 GMT
via
1.1 google
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
server
envoy
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
77
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 20 Nov 2023 11:54:18 GMT
prebid
ib.adnxs.com/ut/v3/ 		137 B
697 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
526e0c8275d83d3128391224ad8be0c13fc533540fd32328fdc854656e6f6822
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 20 Nov 2023 11:54:18 GMT
an-x-request-uuid
ee845eb6-1c89-47df-a6d8-bf8705d04547
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
85.195.240.28; 85.195.240.28; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
137
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
c
prebid.a-mo.net/a/ 		0
273 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.84.158 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.bg3.co
date
Mon, 20 Nov 2023 11:54:17 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
2
server
envoy
vary
origin, Accept-Encoding
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
540 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=693656
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3ff9267bd909bb07c13011982f40e3ac3cb47f047efa0481b561b749e962eb07

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 20 Nov 2023 11:54:18 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=82opRsMGsaNEDPVV6ziqo2jv59yPXbovJRXGu0ibMK2NaXejI0hefpJl3iVPIshCQY83rxkFEVf23VW8c6wbdHCIZZXqRcB8eHUyGP0qgRPWxtaKYoSrW%2Frf16CscK%2B7idYaohyJ"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
82907f577b590246-CDG
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
312 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=693656
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3ff9267bd909bb07c13011982f40e3ac3cb47f047efa0481b561b749e962eb07

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 20 Nov 2023 11:54:18 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GTLJjMHAZ3%2BK%2BSmD82iityX%2FFM0ThCRi7vFTwe%2FB2UTXcG%2FEhvcOvOhYSKLGpsFbcTt4c15jHdPoWu3adp7ItEhUsYaYttX%2F7RhkHOygQDs6YMkmwxUKv10St0elijUCCpi7tcqE"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
82907f577b530246-CDG
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
hbjson
grid.bidswitch.net/ 		24 B
361 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://grid.bidswitch.net/hbjson
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.198.57.253 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-198-57-253.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
0bca7cef24e2ee118b5ef971943822304c6ce1d05970de2cb6aceac50a9ef3f6

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 20 Nov 2023 11:54:18 GMT
Content-Encoding
gzip
Server
nginx
Content-Type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
49
auction
prebid-server.rubiconproject.com/openrtb2/ 		186 B
467 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.173.144.137 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
3354f123cd773f4cb98abc428c0d0b632b6c960a80daed1238b0ae84801710c3

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
content-encoding
gzip
x-prebid
pbs-java/2.3.0
Content-Type
application/json
access-control-allow-origin
https://www.bg3.co
Cache-Control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
174
Expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		436 B
942 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20616&site_id=395958&zone_id=2209398&size_id=15&alt_size_ids=2%2C1%2C13%2C14%2C19%2C43%2C44%2C117&rp_schain=1.0,1!adpushup.com,062d9a21f747ddee7c25d4297776e0aa,1,,,&eid_pubcid.org=5e0a9803-cd22-4857-b3a4-88ecef38bb56%5E1&rf=https%3A%2F%2Fwww.bg3.co%2Fa%2Fshi-ni-ma-bei-shi-xiong-hao-quan-ti-zao-fa-fang-11wei-xing-yun-er-zhong-5zhang-quan-shuang-na-3000.html&kw=%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E%EF%BC%8C%E6%98%AF%E4%BD%A0%E5%97%8E%EF%BC%9F%E5%8C%97%E5%B8%82%E7%86%8A%E5%A5%BD%E5%88%B8%E6%8F%90%E6%97%A9%E7%99%BC%E6%94%BE11%E4%BD%8D%E5%B9%B8%E9%81%8B%E5%85%92%E4%B8%AD5%E5%BC%B5%E5%88%B8%E7%88%BD%E6%8B%BF3000&tg_i.domain=bg3.co&tg_i.page=https%3A%2F%2Fwww.bg3.co%2Fa%2Fshi-ni-ma-bei-shi-xiong-hao-quan-ti-zao-fa-fang-11wei-xing-yun-er-zhong-5zhang-quan-shuang-na-3000.html&tk_flint=pbjs_lite_v7.48.0&x_source.tid=9d642c3f-2960-4ce6-acc4-d3c354a277fa&l_pb_bid_id=236bc61ad5781e&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=9d642c3f-2960-4ce6-acc4-d3c354a277fa&rp_maxbids=1&slots=1&rand=0.9730786567540406
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.173.144.140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
031538e8246c95d3e2eb864048f65711bb61f7be59466f201dbab04b25d20c45

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 20 Nov 2023 11:54:18 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
436
expires
Wed, 17 Sep 1975 21:32:10 GMT
auction
tlx.3lift.com/header/ 		19 B
636 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=7.48.0&referrer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fshi-ni-ma-bei-shi-xiong-hao-quan-ti-zao-fa-fang-11wei-xing-yun-er-zhong-5zhang-quan-shuang-na-3000.html&tmax=2500
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.69.18.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-69-18-37.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 20 Nov 2023 11:54:18 GMT
accept-ch
sec-ch-prefers-color-scheme,sec-ch-ua-full-version-list,sec-ch-downlink,sec-ch-viewport-width,sec-ch-ua-mobile,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua-full-version,sec-ch-ua,sec-ch-ua-bitness,sec-ch-device-memory,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ect,sec-ch-save-data,sec-ch-viewport-height,sec-ch-width,user-agent,sec-ch-dpr,sec-ch-ua-platform
x-auction-status
29, 29, 29, 29, 29, 29, 29
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
v1
hb-api.omnitagjs.com/hb-api/prebid/ 		3 B
518 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fshi-ni-ma-bei-shi-xiong-hao-quan-ti-zao-fa-fang-11wei-xing-yun-er-zhong-5zhang-quan-shuang-na-3000.html&PageUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fshi-ni-ma-bei-shi-xiong-hao-quan-ti-zao-fa-fang-11wei-xing-yun-er-zhong-5zhang-quan-shuang-na-3000.html&PageReferrer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fshi-ni-ma-bei-shi-xiong-hao-quan-ti-zao-fa-fang-11wei-xing-yun-er-zhong-5zhang-quan-shuang-na-3000.html&CanonicalUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fshi-ni-ma-bei-shi-xiong-hao-quan-ti-zao-fa-fang-11wei-xing-yun-er-zhong-5zhang-quan-shuang-na-3000.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
79.125.51.132 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-79-125-51-132.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
37517e5f3dc66819f61f5a7bb8ace1921282415f10551d2defa5c3eb0985b570
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 20 Nov 2023 11:54:18 GMT
via
kong/2.8.4
x-content-type-options
nosniff
x-kong-proxy-latency
1
p3p
CP="CAO PSA OUR"
x-kong-upstream-latency
13
content-length
3
pragma
no-cache
access-control-max-age
3600
access-control-allow-methods
OPTIONS, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Accept-Encoding
access-control-allow-headers
Accept-Encoding, Content-Type
expires
0
/
prebid.smilewanted.com/ 		0
306 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 20 Nov 2023 11:54:18 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
82907f57bfe4229c-CDG
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
prebid-request
onetag-sys.com/ 		15 B
407 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://www.bg3.co
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
adreq
ads.servenobid.com/ 		592 B
665 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/adreq?cb=345
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.72.113.40 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-72-113-40.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
28e026f161423cce78e0ca4ed0be8cd12d40d7493fa34693ccd997b6336efb5f

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 20 Nov 2023 11:54:18 GMT
content-encoding
gzip
amp-access-control-allow-source-origin
*
vary
accept-encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
bid-request
a.teads.tv/hb/ 		811 B
919 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.21.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-21-51.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2a48abf8abb4eb4632ebb9378fa6d6b7723e18e6ff2b21fe248991d86cb3b38d

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 20 Nov 2023 11:54:18 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
348
expires
Mon, 20 Nov 2023 11:54:18 GMT
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=12%3A54%3A18.091&type=warn&msg=TRC.TranslationsManager%20-%20missing%20feature%20in%20translationMap%3A%20userx.&llvl=2&id=664&cv=20231119-2-RELEASE&lt=deflated&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/shi-ni-ma-bei-shi-xiong-hao-quan-ti-zao-fa-fang-11wei-xing-yun-er-zhong-5zhang-quan-shuang-na-3000.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 11:54:18 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
70406
css2
fonts.googleapis.com/ 		20 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231119-2-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f10.1e100.net
Software
ESF /
Resource Hash
a44f5d561cd3e602e092304c1356809a206492fa189be1c11d923e8e768b06b5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 20 Nov 2023 11:54:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 20 Nov 2023 10:32:09 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 20 Nov 2023 11:54:18 GMT
spa-detector.20231119-2-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/spa-detector.20231119-2-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3aed54cf078852c46ce8fda57cd8c0d0df15f8034ebd77b165aadf01c690a85b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
euTEIIBsrlwFvyiDfiybiHaq9qEeITMg
content-encoding
gzip
via
1.1 varnish
date
Mon, 20 Nov 2023 11:54:18 GMT
x-amz-request-id
KX8FVG3RYHB6A9F9
age
91826
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
778
x-amz-id-2
OEiZEft9Am2+OdLnSawvo7bmrPKG06X8FaFNfn/yHiYAoFhk3wAYX4oQs1jwD9v9119g/263LaA=
x-served-by
cache-vie6362-VIE
last-modified
Sun, 19 Nov 2023 10:23:52 GMT
server
AmazonS3
x-timer
S1700481258.118329,VS0,VE0
etag
"c73e8757446bb7f78f2e431cf2744fb3"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
22
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
177486
supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&tvi48=12019&tvi50=11108&lti=deflated&ri=a781c51a7dc3fc9c3bad27163d925e90&sd=v2_ba4f90ee413fe98c2dcfb32f71a3d944_80f40258-4d6d-4864-8dfc-336d46891148-tuctc54ce68_1700481256_1700481256_CNawjgYQ2YJdGNSa0-S-MSABKAEwKziy0A1AvogQSIGh3QNQ____________AVgAYABosa_ptcr9986tAXAA&ui=80f40258-4d6d-4864-8dfc-336d46891148-tuctc54ce68&pi=/a/shi-ni-ma-bei-shi-xiong-hao-quan-ti-zao-fa-fang-11wei-xing-yun-er-zhong-5zhang-quan-shuang-na-3000.html&wi=-5453048407064001129&pt=text&vi=1700481256788&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22AVAILABLE%22%2C%22event_value%22%3A%22%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=12%3A54%3A18.097&id=8745&llvl=2&cv=20231119-2-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/shi-ni-ma-bei-shi-xiong-hao-quan-ti-zao-fa-fang-11wei-xing-yun-er-zhong-5zhang-quan-shuang-na-3000.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Mon, 20 Nov 2023 11:54:18 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&tvi48=12019&tvi50=11108&lti=deflated&ri=a781c51a7dc3fc9c3bad27163d925e90&sd=v2_ba4f90ee413fe98c2dcfb32f71a3d944_80f40258-4d6d-4864-8dfc-336d46891148-tuctc54ce68_1700481256_1700481256_CNawjgYQ2YJdGNSa0-S-MSABKAEwKziy0A1AvogQSIGh3QNQ____________AVgAYABosa_ptcr9986tAXAA&ui=80f40258-4d6d-4864-8dfc-336d46891148-tuctc54ce68&pi=/a/shi-ni-ma-bei-shi-xiong-hao-quan-ti-zao-fa-fang-11wei-xing-yun-er-zhong-5zhang-quan-shuang-na-3000.html&wi=-5453048407064001129&pt=text&vi=1700481256788&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22explore-more%22%2C%22type%22%3A%22header%20found%22%2C%22eventTime%22%3A1700481258098%7D&tim=12%3A54%3A18.098&id=4774&llvl=2&cv=20231119-2-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/shi-ni-ma-bei-shi-xiong-hao-quan-ti-zao-fa-fang-11wei-xing-yun-er-zhong-5zhang-quan-shuang-na-3000.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Mon, 20 Nov 2023 11:54:18 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&tvi48=12019&tvi50=11108&lti=deflated&ri=a781c51a7dc3fc9c3bad27163d925e90&sd=v2_ba4f90ee413fe98c2dcfb32f71a3d944_80f40258-4d6d-4864-8dfc-336d46891148-tuctc54ce68_1700481256_1700481256_CNawjgYQ2YJdGNSa0-S-MSABKAEwKziy0A1AvogQSIGh3QNQ____________AVgAYABosa_ptcr9986tAXAA&ui=80f40258-4d6d-4864-8dfc-336d46891148-tuctc54ce68&pi=/a/shi-ni-ma-bei-shi-xiong-hao-quan-ti-zao-fa-fang-11wei-xing-yun-er-zhong-5zhang-quan-shuang-na-3000.html&wi=-5453048407064001129&pt=text&vi=1700481256788&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22CLICKABLE%22%2C%22event_value%22%3A%22tblOriginalState%3A%20true%22%2C%22event_msg%22%3A%22back%20button%20enabled%2C%20history%20changed.%22%2C%22event_key%22%3A%22%22%7D&tim=12%3A54%3A18.101&id=5331&llvl=2&cv=20231119-2-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/shi-ni-ma-bei-shi-xiong-hao-quan-ti-zao-fa-fang-11wei-xing-yun-er-zhong-5zhang-quan-shuang-na-3000.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Mon, 20 Nov 2023 11:54:18 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&tvi48=12019&tvi50=11108&lti=deflated&ri=a781c51a7dc3fc9c3bad27163d925e90&sd=v2_ba4f90ee413fe98c2dcfb32f71a3d944_80f40258-4d6d-4864-8dfc-336d46891148-tuctc54ce68_1700481256_1700481256_CNawjgYQ2YJdGNSa0-S-MSABKAEwKziy0A1AvogQSIGh3QNQ____________AVgAYABosa_ptcr9986tAXAA&ui=80f40258-4d6d-4864-8dfc-336d46891148-tuctc54ce68&pi=/a/shi-ni-ma-bei-shi-xiong-hao-quan-ti-zao-fa-fang-11wei-xing-yun-er-zhong-5zhang-quan-shuang-na-3000.html&wi=-5453048407064001129&pt=text&vi=1700481256788&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22explore-more%22%2C%22type%22%3A%22explore-more-available%22%2C%22eventTime%22%3A1700481258103%7D&tim=12%3A54%3A18.103&id=3432&llvl=2&cv=20231119-2-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/shi-ni-ma-bei-shi-xiong-hao-quan-ti-zao-fa-fang-11wei-xing-yun-er-zhong-5zhang-quan-shuang-na-3000.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Mon, 20 Nov 2023 11:54:18 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
container.html
0cdb8e87210a0ca781607e22327923a6.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 5001 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://0cdb8e87210a0ca781607e22327923a6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/pubads_impl.js?cb=31079658
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f193.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 20 Nov 2023 11:54:18 GMT
expires
Tue, 19 Nov 2024 11:54:18 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
/
pro.ip-api.com/json/ 		119 B
275 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pro.ip-api.com/json/?fields=query,status,message,countryCode,country,city,region&key=LWKtz4EzQwMJRyQ
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/player/mvp/player.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.77.64.70 , Germany, ASN16276 (OVH, FR),
Reverse DNS
de-fra-1.pro.ip-api.com
Software
/
Resource Hash
f4241f69003507c35c7127c2e0ba2ea84dd8341b56cc82dc7a5dcaac1737e0ac

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 20 Nov 2023 11:54:18 GMT
Content-Length
119
Content-Type
application/json; charset=utf-8
supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&tvi48=12019&tvi50=11108&lti=deflated&ri=a781c51a7dc3fc9c3bad27163d925e90&sd=v2_ba4f90ee413fe98c2dcfb32f71a3d944_80f40258-4d6d-4864-8dfc-336d46891148-tuctc54ce68_1700481256_1700481256_CNawjgYQ2YJdGNSa0-S-MSABKAEwKziy0A1AvogQSIGh3QNQ____________AVgAYABosa_ptcr9986tAXAA&ui=80f40258-4d6d-4864-8dfc-336d46891148-tuctc54ce68&pi=/a/shi-ni-ma-bei-shi-xiong-hao-quan-ti-zao-fa-fang-11wei-xing-yun-er-zhong-5zhang-quan-shuang-na-3000.html&wi=-5453048407064001129&pt=text&vi=1700481256788&d=%7B%22event_type%22%3A%22distance_from_article%22%2C%22event_state%22%3A%22reported%22%2C%22event_value%22%3A%22303.8125%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=12%3A54%3A18.252&id=5103&llvl=2&cv=20231119-2-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/shi-ni-ma-bei-shi-xiong-hao-quan-ti-zao-fa-fang-11wei-xing-yun-er-zhong-5zhang-quan-shuang-na-3000.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Mon, 20 Nov 2023 11:54:18 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
a44dd3a297afd0fd45a77e615d8725b7.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/a44dd3a297afd0fd45a77e615d8725b7.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/shi-ni-ma-bei-shi-xiong-hao-quan-ti-zao-fa-fang-11wei-xing-yun-er-zhong-5zhang-quan-shuang-na-3000.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
5e6326e5f874d98105cbde063ff5eb7134506f50687e393a0b0fde1696665699

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Mon, 20 Nov 2023 11:54:18 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/a44dd3a297afd0fd45a77e615d8725b7.png
age
1453000
edge-cache-tag
537961867663570220257868072190384183561,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
cache-tag
537961867663570220257868072190384183561,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
x-cache
Miss from cloudfront, HIT, MISS, MISS, MISS, HIT
x-envoy-upstream-service-time
109
expiration
expiry-date="Thu, 09 Nov 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://sparen-gewinnen.de/
content-length
5028
x-backend-name
CH_nlb804
x-served-by
cache-iad-kjyo7100158-IAD, cache-iad-kiad7000048-IAD, cache-chi-kigq8000102-CHI, cache-iad-kcgs7200119-IAD, cache-vie6362-VIE
last-modified
Mon, 09 Oct 2023 14:16:59 GMT
server
nginx
surrogate-reporting
width=160,height=160,bytes=7687,owidth=1600,oheight=900,obytes=1969816
x-timer
S1700481258.316190,VS0,VE1
etag
"82ae79e91b2f76a4ec46e20adaca7858"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 0, 0, 0, 1
d859f247-97bc-4213-b6b9-a03e0240fbbb__W6tDfJbM.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/d859f247-97bc-4213-b6b9-a03e0240fbbb__W6tDfJbM.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/shi-ni-ma-bei-shi-xiong-hao-quan-ti-zao-fa-fang-11wei-xing-yun-er-zhong-5zhang-quan-shuang-na-3000.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
2f6f9b770875285347c8d91395a1beaaa3ab4d69a2cbd141e69c689662fc138f

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Mon, 20 Nov 2023 11:54:18 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/d859f247-97bc-4213-b6b9-a03e0240fbbb__W6tDfJbM.jpg
age
1110829
edge-cache-tag
439779570990945258899787989732356055491,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
cache-tag
439779570990945258899787989732356055491,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
454
req-referer
https://www.fashion-facts.eu/
content-length
5836
x-request-id
7b02a2038791e49c5f61aede61e231a0
x-backend-name
CH_nlb801
x-served-by
cache-iad-kcgs7200129-IAD, cache-iad-kiad7000164-IAD, cache-lga21971-LGA, cache-iad-kjyo7100148-IAD, cache-vie6362-VIE
last-modified
Thu, 02 Nov 2023 12:52:37 GMT
server
nginx
surrogate-reporting
width=160,height=160,bytes=9276,owidth=1999,oheight=1249,obytes=234996
x-timer
S1700481258.316200,VS0,VE0
etag
"62b4388a6e5efacccdc317e403ab8b47"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 8, 2
vor-fernseher-schlafen.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.praxisvita.de/assets/field/image/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.praxisvita.de/assets/field/image/vor-fernseher-schlafen.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/shi-ni-ma-bei-shi-xiong-hao-quan-ti-zao-fa-fang-11wei-xing-yun-er-zhong-5zhang-quan-shuang-na-3000.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
38a0c32c2c0ca83c556e0079553686f731b7a1c4c8553a65cbb7877c1605a3e4

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Mon, 20 Nov 2023 11:54:18 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.praxisvita.de/assets/field/image/vor-fernseher-schlafen.jpg
age
494032
edge-cache-tag
430253247494455142512804023790638936492,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
cache-tag
430253247494455142512804023790638936492,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
x-cache
Miss from cloudfront, MISS, MISS, MISS, MISS, HIT
x-envoy-upstream-service-time
2022
expiration
expiry-date="Fri, 24 Nov 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://news.livedoor.com/
content-length
3026
x-backend-name
LA_nlb201
x-served-by
cache-iad-kjyo7100070-IAD, cache-iad-kcgs7200075-IAD, cache-lax-kwhp1940106-LAX, cache-iad-kiad7000082-IAD, cache-vie6362-VIE
last-modified
Tue, 24 Oct 2023 09:10:25 GMT
server
nginx
surrogate-reporting
width=160,height=160,bytes=4532,owidth=730,oheight=440,obytes=42565
x-timer
S1700481258.316183,VS0,VE1
etag
"59f2cf684b0ecac707cda3fbb56bfb5f"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 0, 1
css2
fonts.googleapis.com/ Frame 5001 		4 KB
744 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: 0cdb8e87210a0ca781607e22327923a6.safeframe.googlesyndication.com
URL: https://0cdb8e87210a0ca781607e22327923a6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f10.1e100.net
Software
ESF /
Resource Hash
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://0cdb8e87210a0ca781607e22327923a6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 20 Nov 2023 11:54:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 20 Nov 2023 10:10:06 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 20 Nov 2023 11:54:18 GMT
/
track.adform.net/adfscript/ Frame 4139 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfscript/?bn=54110933;rtbwp=ZVtI6QAMW3oH_YRDAAbTM4u0qNerTunf4RWcLA;rtbdata=YuRdJOSHy5zI_PcTjfGRYKpHQjT3nfjq5kFGsrj9q6lBqx9Htn_7GTl7QWIkllmtB0Zv1VhWI64La16hzRAvlXD04MqW1HEyB7tZllmO0QvmJcZbf0ko94c4M2Qhdmv8owBELcNBe-ir3AVB4Xp0aWRxbg4Rm3WRhh51UAwxVFO-LOaajMikP-t1qzlwHdUHzTsJGp5DfTWeN8uThe2kIU7jQOZYXNLwQy91pGzS71x3kw8zAOxR8BqxL2e8QLHxN0emMd0A9203rUb4zBGTN06-QClL-MxkPalRKZDz3Pp0-Uv3UM-EOl6LBR_CirIRsdwWyPT5miNB4SKZKGrNxw2;nofp=1;click=https://adclick.g.doubleclick.net/aclk?sa=L&ai=Cboqr6UhbZfq2McOI9u8Ps6abYJGtxbxc3ebspu4CwI23ARABIABg9Y27gZgEggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDTIAQmpAhGdqMqfqIM-4AIAqAMByAMCqgT-Ak_QYZFomtiqJrUMhlSzJYpCo3dpJ6aMQ6NjStaYoz_VqQDnNoXQH045hcGtGzvGIM3EyKs3T14TGh_6Yr7smiNGAmM6tbJl_I3-80K_3wO3NrEF2MDfJJBSKMLBdCj55w6xy_7n1l_3XUKCx8nR-gGj23Defpk7NM3BUzkiFw-Wn7hqxRQxLGNu2b9kM65VbrhF3KKbWiLSsbyz1t8CpeK6fF5BaR32RmtfdZOsPxtjgAdOZIsH4SI-AOwIyrobZRDsH_RFe2Xvx7iKlXII1Ewrk9o9A6Sg64W1UJuklzaLWdw7U1urvAvJ31MmTr6WKC2EmOvD3hVR1yxB8AbtTKu0vxy_Bk9IPt0NFp6Ynd9IQjQG4WijQPMZKj_VZL7NQOI-lv4UJv_A9LEr9-uT5C_rgH9EDiodamYA7gLLHwiC0VrAd-1OEq2x6l95Lzj3Rg6YTAalCcPt4eTwode1gyBAUndFofHkLW2vH-VvtIDg94nL03Y6qimi05-5LdngBAGABseL9NrNoKyasgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE68ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgw-gsCCAGADAHiDRMIicTFqsLSggMVQ4T9Bx0z0wYM0BUBgBcB&num=1&sig=AOD64_2YWjfXYmAGCDegd-zUgj69ZfnlwQ&client=ca-pub-8933329999391104&adurl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/shi-ni-ma-bei-shi-xiong-hao-quan-ti-zao-fa-fang-11wei-xing-yun-er-zhong-5zhang-quan-shuang-na-3000.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.232 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
68d76794d4aeb8533ea3a0ad4ac9906609394671991531f869c06a58ceea0901
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://0cdb8e87210a0ca781607e22327923a6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Nov 2023 11:54:18 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
1997
expires
-1
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 4139 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/shi-ni-ma-bei-shi-xiong-hao-quan-ti-zao-fa-fang-11wei-xing-yun-er-zhong-5zhang-quan-shuang-na-3000.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f1.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://0cdb8e87210a0ca781607e22327923a6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 11:23:59 GMT
content-encoding
br
x-content-type-options
nosniff
age
1819
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 04 Dec 2023 11:23:59 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 4139 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/shi-ni-ma-bei-shi-xiong-hao-quan-ti-zao-fa-fang-11wei-xing-yun-er-zhong-5zhang-quan-shuang-na-3000.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f1.1e100.net
Software
cafe /
Resource Hash
3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://0cdb8e87210a0ca781607e22327923a6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 09:24:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
8970
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8541
x-xss-protection
0
server
cafe
etag
737174102934380276
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 04 Dec 2023 09:24:48 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 4139 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/shi-ni-ma-bei-shi-xiong-hao-quan-ti-zao-fa-fang-11wei-xing-yun-er-zhong-5zhang-quan-shuang-na-3000.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f1.1e100.net
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://0cdb8e87210a0ca781607e22327923a6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 00:22:39 GMT
content-encoding
br
x-content-type-options
nosniff
age
387099
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 15 Nov 2024 00:22:39 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 4139 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/shi-ni-ma-bei-shi-xiong-hao-quan-ti-zao-fa-fang-11wei-xing-yun-er-zhong-5zhang-quan-shuang-na-3000.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
sffe /
Resource Hash
d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://0cdb8e87210a0ca781607e22327923a6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 11:54:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65070
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1700193896630564"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 20 Nov 2023 11:54:18 GMT
interstitial_ad_frame_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/ Frame 5001 		21 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/interstitial_ad_frame_fy2021.js
Requested by
Host: 0cdb8e87210a0ca781607e22327923a6.safeframe.googlesyndication.com
URL: https://0cdb8e87210a0ca781607e22327923a6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f1.1e100.net
Software
cafe /
Resource Hash
25b1b4e9934aa4cb8e8bdf5fd7911f6ec67acde6b6b39f1561aec2244f7826af
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://0cdb8e87210a0ca781607e22327923a6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 17:53:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
64870
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8781
x-xss-protection
0
server
cafe
etag
9666818975682992898
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 03 Dec 2023 17:53:08 GMT
cookieSyncIframe.html
cdn.aralego.net/ucfad/cookie/ Frame 36F0 		714 B
618 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.5.103 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
47b193b0d3ac7fcb7bf22555b602c310145a0f6c1fd9acae397c121b22203f19

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
age
7127
alt-svc
h3=":443"; ma=86400
cache-control
max-age=14400
cf-cache-status
HIT
cf-ray
82907f58c96b7015-CDG
content-encoding
br
content-type
text/html
date
Mon, 20 Nov 2023 11:54:18 GMT
last-modified
Wed, 09 Feb 2022 05:59:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t5FNIYZYTIj%2F6xqDcNVmmIbsHOOPzi1F%2FMQuxSPT98UyMs0GN7ydYNz%2FOV8DxnKHKEHfz6ymxcG3NYFjPhLjL%2B%2BOaZEbVI8w3eVnevSYogyZAtKDPLLFUcv8289Dcrw9Sg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 610A
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adiiix
  • https://eus.rubiconproject.com/usync.html?p=adiiix
281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=adiiix
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-22-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 20 Nov 2023 11:54:18 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Mon, 20 Nov 2023 11:54:18 GMT
location
https://eus.rubiconproject.com/usync.html?p=adiiix
server
AkamaiGHost
idsync
sync.aralego.com/
Redirect Chain
  • https://sync.aralego.com/idsync?euconsent-v2=${GDPR_CONSENT_607}&
  • https://pr-bh.ybp.yahoo.com/sync/ucfunnel/85cafe20-f5eb-38ad-8f29-8901d274b545?gdpr=0&euconsent=
  • https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-ggZQqjBE2oX53zT8UV_N1D1cmLohAo6xYzKP5BE-~A&redirect=
35 B
155 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-ggZQqjBE2oX53zT8UV_N1D1cmLohAo6xYzKP5BE-~A&redirect=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/shi-ni-ma-bei-shi-xiong-hao-quan-ti-zao-fa-fang-11wei-xing-yun-er-zhong-5zhang-quan-shuang-na-3000.html
Protocol
HTTP/1.1
Server
192.96.203.13 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 20 Nov 2023 11:54:19 GMT
Connection
close
Content-Length
35
Content-Type
image/gif

Redirect headers

date
Mon, 20 Nov 2023 11:54:19 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-ggZQqjBE2oX53zT8UV_N1D1cmLohAo6xYzKP5BE-~A&redirect=
content-length
0
rules-p-54Nt-1NAaEEe0.js
rules.quantcount.com/ 		160 B
642 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-54Nt-1NAaEEe0.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-31.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
edc30a0e05622f71d52d07a0b7b5e94e654ee06854f893be1954336730eb0db6

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 11:09:35 GMT
via
1.1 44b457512f742b4e48fc7f0c87d8ed92.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
2685
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
160
last-modified
Thu, 13 Oct 2022 15:29:19 GMT
server
AmazonS3
etag
"05b131079c67d484167fd1b1f6c79577"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
Wo559PNg5imYOnY3JpyZRblfVatxi2HIV1d8Mo_Xzv2eJtf6VW9NUg==
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 2B4B 		24 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
26f2560c76237605dea97edf1b41b5024996646515162dd9092835b1dd7803c6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 11:54:18 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10246
x-xss-protection
0
server
cafe
etag
12747137571287339090
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 20 Nov 2023 11:54:18 GMT
st
imprammp.taboola.com/ Frame 9C6D 		577 B
497 B 		Document
General
Check archive.org
Download Go to
Full URL
https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8POUCLAZkVtFOZL_RtRHIrKKdyH6jaysAAABgYID-AElNTA7TxrZaiwarkVs0mNjcwsFm5FaOXCabYTWYjYwbIyCpiclh2thWa9FgNXKLBhObWzjYjNzKkctkM6wGs5FxYwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ8aDodPte9Xvf73SU-z1zj9yv8mqPTLXe61Q63xOV0a45Ot_Dpt_vcQoffrXg97G7R0y19-N0yh1vmsPvcisXu5XQLn3afW_m6u1WWt_Tot_vcqunRYfe5Fa-H3a05uh52n1vucGsGg8FcaHqb7QAAAADgwf___z8EAAAAgAgAAAAAEgAAAAAoBFT4tyBwAQAAAADD____vwaAZw4L7PIcFB6Hx-nw_AMAAAAACAAAAAASAAjohyUAYoz3Tvz_________xxigz7yR8f___3_DoAfAgw-AByEAAAAfQwTQPjbH58iwiRQUFmEEAAAAoGoYnuPIJJ2gYlHl__-_3wrAFQCAgEV2SmeQLLqDEm9hAAAABMYs0MPi95sddo3f7TL__________2b-z_yjEcIRfkwDRIxir-YXEABgzS8gAAAbdQMA8EYATtAhaMVgsDoBMTsAAAAAd_7____1gIjDNHMOVi7TYjNzOYcby8hjs3gmM99i4Rk5R6PtMRZgsGZMHSrssyEss993UFBOT4_ZZZCxXCaD-KBhWE4GwfxM2GK0mkw2y-FsuZgMhqPhaLQ_ArgcoIkYLJeTyWKyW41Wo81wN5oNFkggBhNE0aLBZDUaTRaT4Wo0Wc2Wi91ugyhatZqNNoPhajaZ7Xar4WC4HI3QhC1Gq8lksxzOlovJYDgajkZDBIODmWkwWQ3XopFt5BYNZ6O1cGTzuDWb2cg0Gy4Xi9FwLXp9TB_XaOOyDbdIMEBwL5KnRTpRmUaWkWUzWS1sholntRltHJ7dauYYLWariclkmoglmpNFOpFd9hWHaeYcrFymxWbmcg43lpHHZvFMZr7FwjNyjkb74mBmGkxWw7VoZBu5RcPZaC0c2TxuzWY2Ms2Gy8ViNFyLXh_TxzXauGzDfWM3GIyGi8lqtm_sBoPRcDFZzfYdOsN39TkblWWV5KNzGoa1pq3mNChcBov3pT6dhwVjQfv7HJ0mj-hZ1Bn9fr_f7_f7_X6_36D1HMwGhe95-Aunj-W5HM5GD2KDQRFLBBfpRPAwux2ml1vi82z8FrFEabpIJ3qFX3N0uuVOt9rhlricbs3R6RY-_XafW-jwuxWvh90terqlD79b5nDLHHafW7HYvZxu4dPucytfd7fK8pYe_XafWzU9Ouw-t-L1sLs1R9fD7nPLHW7NYDCYC01vs0UsEZwu0onoZTxd1H_UgKu5YrmaS0aDuWS4SgAAAAAAAAAAlmCa6SYAAAAATgY13AwXq3U6mMlsMtitlgvgIihLFzAIAAAAAABAscYea4CH2e0wvdwSn2fjtzIACeY8Zpt9RhBrtVrWAAAABLABAAAEcNONN4FjUdz_____OAAAADJy6AEAANDvA8I6cKXQC0fiVxCLxWC4fwAqxFqtVrcba7VaAQ1iN9pMJhP4____Dw!&cmcv=&pix=undefined&cb=1700481258413&uv=3358&tms=1700481258413&abt=adxsub-out_vA!adxsub-out_vB!lvlstst-in2_vC!lvlstst1_vC!pl148380-820_vA!t45!u2822_vA!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=5bda4c65-405d-40bf-803d-9dedf0506d8c&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.5.9/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
b4acaa15532c1ddad6fbba2c3b7c0eab6c0fdb6a7343be26353f357cca1370d3

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-type
text/html;charset=ISO-8859-1
date
Mon, 20 Nov 2023 11:54:18 GMT
server
nginx
vary
Accept-Encoding
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-vie6362-VIE
x-timer
S1700481258.444536,VS0,VE21
sync
am-match.taboola.com/ Frame 96CD 		422 B
508 B 		Document
General
Check archive.org
Download Go to
Full URL
https://am-match.taboola.com/sync?dast=V8POUCLAZkVtFOZL_RtRHIrKKdyH6jaysAAABgYID-AElNTA7TxrZaiwarkVs0mNjcwsFm5FaOXCabYTWYjYwbIyCpiclh2thWa9FgNXKLBhObWzjYjNzKkctkM6wGs5FxYwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ8aDodPte9Xvf73SU-z1zj9yv8mqPTLXe61Q63xOV0a45Ot_Dpt_vcQoffrXg97G7R0y19-N0yh1vmsPvcisXu5XQLn3afW_m6u1WWt_Tot_vcqunRYfe5Fa-H3a05uh52n1vucGsGg8FcaHqb7QAAAADgwf___z8EAAAAgAgAAAAAEgAAAAAoBFT4tyBwAQAAAADD____vwaAZw4L7PIcFB6Hx-nw_AMAAAAACAAAAAASAAjohyUAYoz3Tvz_________xxigz7yR8f___3_DoAfAgw-AByEAAAAfQwTQPjbH58iwiRQUFmEEAAAAoGoYnuPIJJ2gYlHl__-_3wrAFQCAgEV2SmeQLLqDEm9hAAAABMYs0MPi95sddo3f7TL__________2b-z_yjEcIRfkwDRIxir-YXEABgzS8gAAAbdQMA8EYATtAhaMVgsDoBMTsAAAAAd_7____1gIjDNHMOVi7TYjNzOYcby8hjs3gmM99i4Rk5R6PtMRZgsGZMHSrssyEss993UFBOT4_ZZZCxXCaD-KBhWE4GwfxM2GK0mkw2y-FsuZgMhqPhaLQ_ArgcoIkYLJeTyWKyW41Wo81wN5oNFkggBhNE0aLBZDUaTRaT4Wo0Wc2Wi91ugyhatZqNNoPhajaZ7Xar4WC4HI3QhC1Gq8lksxzOlovJYDgajkZDBIODmWkwWQ3XopFt5BYNZ6O1cGTzuDWb2cg0Gy4Xi9FwLXp9TB_XaOOyDbdIMEBwL5KnRTpRmUaWkWUzWS1sholntRltHJ7dauYYLWariclkmoglmpNFOpFd9hWHaeYcrFymxWbmcg43lpHHZvFMZr7FwjNyjkb74mBmGkxWw7VoZBu5RcPZaC0c2TxuzWY2Ms2Gy8ViNFyLXh_TxzXauGzDfWM3GIyGi8lqtm_sBoPRcDFZzfYdOsN39TkblWWV5KNzGoa1pq3mNChcBov3pT6dhwVjQfv7HJ0mj-hZ1Bn9fr_f7_f7_X6_36D1HMwGhe95-Aunj-W5HM5GD2KDQRFLBBfpRPAwux2ml1vi82z8FrFEabpIJ3qFX3N0uuVOt9rhlricbs3R6RY-_XafW-jwuxWvh90terqlD79b5nDLHHafW7HYvZxu4dPucytfd7fK8pYe_XafWzU9Ouw-t-L1sLs1R9fD7nPLHW7NYDCYC01vs0UsEZwu0onoZTxd1H_UgKu5YrmaS0aDuWS4SgAAAAAAAAAAlmCa6SYAAAAATgY13AwXq3U6mMlsMtitlgvgIihLFzAIAAAAAABAscYea4CH2e0wvdwSn2fjtzIACeY8Zpt9RhBrtVrWAAAABLABAAAEcNONN4FjUdz_____OAAAADJy6AEAANDvA8I6cKXQC0fiVxCLxWC4fwAqxFqtVrcba7VaAQ1iN9pMJhP4____Dw!&excid=22&docw=0&cijs=1&nlb=false
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.5.9/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
301e6c6cf9d3992d62489f5bffc5e2b1878826640aeb427a4e56ff05e0f903f8

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

content-type
text/html;charset=ISO-8859-1
date
Mon, 20 Nov 2023 11:54:18 GMT
machineid
3407
server
nginx
VideoBidRequestHandlerServlet
wf.taboola.com/ 		2 KB
696 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=165757&tagid=946347&crid=-1&noaop=3&sortOrderType=0&cb=1700481258426&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=1&pv=148380820&pt=-421288486&tz=60&viewable=true&ddast=V8POUCLAZkVtFOZL_RtRHIrKKdyH6jaysAAABgYID-AElNTA7TxrZaiwarkVs0mNjcwsFm5FaOXCabYTWYjYwbIyCpiclh2thWa9FgNXKLBhObWzjYjNzKkctkM6wGs5FxYwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ8aDodPte9Xvf73SU-z1zj9yv8mqPTLXe61Q63xOV0a45Ot_Dpt_vcQoffrXg97G7R0y19-N0yh1vmsPvcisXu5XQLn3afW_m6u1WWt_Tot_vcqunRYfe5Fa-H3a05uh52n1vucGsGg8FcaHqb7QAAAADgwf___z8EAAAAgAgAAAAAEgAAAAAoBFT4tyBwAQAAAADD____vwaAZw4L7PIcFB6Hx-nw_AMAAAAACAAAAAASAAjohyUAYoz3Tvz_________xxigz7yR8f___3_DoAfAgw-AByEAAAAfQwTQPjbH58iwiRQUFmEEAAAAoGoYnuPIJJ2gYlHl__-_3wrAFQCAgEV2SmeQLLqDEm9hAAAABMYs0MPi95sddo3f7TL__________2b-z_yjEcIRfkwDRIxir-YXEABgzS8gAAAbdQMA8EYATtAhaMVgsDoBMTsAAAAAd_7____1gIjDNHMOVi7TYjNzOYcby8hjs3gmM99i4Rk5R6PtMRZgsGZMHSrssyEss993UFBOT4_ZZZCxXCaD-KBhWE4GwfxM2GK0mkw2y-FsuZgMhqPhaLQ_ArgcoIkYLJeTyWKyW41Wo81wN5oNFkggBhNE0aLBZDUaTRaT4Wo0Wc2Wi91ugyhatZqNNoPhajaZ7Xar4WC4HI3QhC1Gq8lksxzOlovJYDgajkZDBIODmWkwWQ3XopFt5BYNZ6O1cGTzuDWb2cg0Gy4Xi9FwLXp9TB_XaOOyDbdIMEBwL5KnRTpRmUaWkWUzWS1sholntRltHJ7dauYYLWariclkmoglmpNFOpFd9hWHaeYcrFymxWbmcg43lpHHZvFMZr7FwjNyjkb74mBmGkxWw7VoZBu5RcPZaC0c2TxuzWY2Ms2Gy8ViNFyLXh_TxzXauGzDfWM3GIyGi8lqtm_sBoPRcDFZzfYdOsN39TkblWWV5KNzGoa1pq3mNChcBov3pT6dhwVjQfv7HJ0mj-hZ1Bn9fr_f7_f7_X6_36D1HMwGhe95-Aunj-W5HM5GD2KDQRFLBBfpRPAwux2ml1vi82z8FrFEabpIJ3qFX3N0uuVOt9rhlricbs3R6RY-_XafW-jwuxWvh90terqlD79b5nDLHHafW7HYvZxu4dPucytfd7fK8pYe_XafWzU9Ouw-t-L1sLs1R9fD7nPLHW7NYDCYC01vs0UsEZwu0onoZTxd1H_UgKu5YrmaS0aDuWS4SgAAAAAAAAAAlmCa6SYAAAAATgY13AwXq3U6mMlsMtitlgvgIihLFzAIAAAAAABAscYea4CH2e0wvdwSn2fjtzIACeY8Zpt9RhBrtVrWAAAABLABAAAEcNONN4FjUdz_____OAAAADJy6AEAANDvA8I6cKXQC0fiVxCLxWC4fwAqxFqtVrcba7VaAQ1iN9pMJhP4____Dw!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=3262075&dpubid=583815&abtst=adxsub-out_vA!adxsub-out_vB!lvlstst-in2_vC!lvlstst1_vC!pl148380-820_vA!t45!u2822_vA!ufm_vD&mPre=0.033&cirf=https%3A%2F%2Fwww.bg3.co&en=1&subu=3
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.5.9/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
c77615484d98e7e270b000f3210b0297ab039196c109f27e38339ce0dcd71586

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
text/plain

Response headers

x-cache-hits
0
date
Mon, 20 Nov 2023 11:54:19 GMT
content-encoding
gzip
via
1.1 varnish
machineid
1457
x-cache
MISS
x-served-by
cache-vie6362-VIE
pragma
no-cache
server
nginx
x-timer
S1700481258.444547,VS0,VE561
vary
Accept-Encoding
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
accept-ranges
bytes
expires
Sat, 26 Jul 1997 05:00:00 GMT
st
am-vid-events.taboola.com/ 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=66361655&crid=-1&dast=V8POUCLAZkVtFOZL_RtRHIrKKdyH6jaysAAABgYID-AElNTA7TxrZaiwarkVs0mNjcwsFm5FaOXCabYTWYjYwbIyCpiclh2thWa9FgNXKLBhObWzjYjNzKkctkM6wGs5FxYwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ8aDodPte9Xvf73SU-z1zj9yv8mqPTLXe61Q63xOV0a45Ot_Dpt_vcQoffrXg97G7R0y19-N0yh1vmsPvcisXu5XQLn3afW_m6u1WWt_Tot_vcqunRYfe5Fa-H3a05uh52n1vucGsGg8FcaHqb7QAAAADgwf___z8EAAAAgAgAAAAAEgAAAAAoBFT4tyBwAQAAAADD____vwaAZw4L7PIcFB6Hx-nw_AMAAAAACAAAAAASAAjohyUAYoz3Tvz_________xxigz7yR8f___3_DoAfAgw-AByEAAAAfQwTQPjbH58iwiRQUFmEEAAAAoGoYnuPIJJ2gYlHl__-_3wrAFQCAgEV2SmeQLLqDEm9hAAAABMYs0MPi95sddo3f7TL__________2b-z_yjEcIRfkwDRIxir-YXEABgzS8gAAAbdQMA8EYATtAhaMVgsDoBMTsAAAAAd_7____1gIjDNHMOVi7TYjNzOYcby8hjs3gmM99i4Rk5R6PtMRZgsGZMHSrssyEss993UFBOT4_ZZZCxXCaD-KBhWE4GwfxM2GK0mkw2y-FsuZgMhqPhaLQ_ArgcoIkYLJeTyWKyW41Wo81wN5oNFkggBhNE0aLBZDUaTRaT4Wo0Wc2Wi91ugyhatZqNNoPhajaZ7Xar4WC4HI3QhC1Gq8lksxzOlovJYDgajkZDBIODmWkwWQ3XopFt5BYNZ6O1cGTzuDWb2cg0Gy4Xi9FwLXp9TB_XaOOyDbdIMEBwL5KnRTpRmUaWkWUzWS1sholntRltHJ7dauYYLWariclkmoglmpNFOpFd9hWHaeYcrFymxWbmcg43lpHHZvFMZr7FwjNyjkb74mBmGkxWw7VoZBu5RcPZaC0c2TxuzWY2Ms2Gy8ViNFyLXh_TxzXauGzDfWM3GIyGi8lqtm_sBoPRcDFZzfYdOsN39TkblWWV5KNzGoa1pq3mNChcBov3pT6dhwVjQfv7HJ0mj-hZ1Bn9fr_f7_f7_X6_36D1HMwGhe95-Aunj-W5HM5GD2KDQRFLBBfpRPAwux2ml1vi82z8FrFEabpIJ3qFX3N0uuVOt9rhlricbs3R6RY-_XafW-jwuxWvh90terqlD79b5nDLHHafW7HYvZxu4dPucytfd7fK8pYe_XafWzU9Ouw-t-L1sLs1R9fD7nPLHW7NYDCYC01vs0UsEZwu0onoZTxd1H_UgKu5YrmaS0aDuWS4SgAAAAAAAAAAlmCa6SYAAAAATgY13AwXq3U6mMlsMtitlgvgIihLFzAIAAAAAABAscYea4CH2e0wvdwSn2fjtzIACeY8Zpt9RhBrtVrWAAAABLABAAAEcNONN4FjUdz_____OAAAADJy6AEAANDvA8I6cKXQC0fiVxCLxWC4fwAqxFqtVrcba7VaAQ1iN9pMJhP4____Dw!&cmcv=&pix=31589837&cb=1700481258413&uv=3358&tms=1700481258413&abt=adxsub-out_vA!adxsub-out_vB!lvlstst-in2_vC!lvlstst1_vC!pl148380-820_vA!t45!u2822_vA!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&debug=pn:!sqg:!torgn:1700481253670.2!ts:1700481258413&mntl=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/shi-ni-ma-bei-shi-xiong-hao-quan-ti-zao-fa-fang-11wei-xing-yun-er-zhong-5zhang-quan-shuang-na-3000.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 11:54:18 GMT
content-length
0
server
nginx
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 36F0 		100 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
59c8ce09b1aaf0fbdff21b02a5b34d7caa2c1c3e2ed0e095bbb6cef17a946752
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 11:54:18 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31359
x-xss-protection
0
server
cafe
etag
840 / 19681 / m202311090101 / config-hash: 16204867678510254442
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 20 Nov 2023 11:54:18 GMT
bg3.co_1695642730139.js
cdn.unibotscdn.com/clientdata/js/ 		667 B
845 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.unibotscdn.com/clientdata/js/bg3.co_1695642730139.js
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/player/mvp/player.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.199.37.225 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
138-199-37-225.bunnyinfra.net
Software
BunnyCDN-DE1-1055 /
Resource Hash
4e720c484e9d70120a25dcf437b14c5d3a718f1af17c5279fc7ca15823ffed6d

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 11:54:18 GMT
content-encoding
br
cdn-edgestorageid
1048
cdn-storageserver
DE-662
cdn-cachedat
09/26/2023 10:16:02
cdn-pullzone
873945
last-modified
Tue, 26 Sep 2023 10:14:53 GMT
server
BunnyCDN-DE1-1055
cdn-fileserver
339
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
W/"6512af1d-29b"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cdn-cache
REVALIDATED
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
cache-control
public, max-age=3600
cdn-requestid
c72afb04b048c5e95862d134170036b5
cdn-requestcountrycode
CH
cdn-status
200
cdn-requestpullsuccess
True
videojs.ads.css
cdn.unibotscdn.com/ubplayer/dist/css/ 		975 B
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.unibotscdn.com/ubplayer/dist/css/videojs.ads.css
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/player/mvp/player.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.199.37.225 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
138-199-37-225.bunnyinfra.net
Software
BunnyCDN-DE1-1055 /
Resource Hash
7fe6b65765f099da8417a13bf95bada41c2c1a16cbf134893318586e66152e45

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 11:54:18 GMT
content-encoding
br
cdn-edgestorageid
874
cdn-storageserver
DE-662
cdn-cachedat
10/31/2023 18:50:59
cdn-pullzone
873945
last-modified
Tue, 04 Apr 2023 10:04:13 GMT
server
BunnyCDN-DE1-1055
cdn-fileserver
569
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
W/"642bf61d-3cf"
vary
Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=3600
cdn-requestid
53764cb570061efad239668f4445ce09
cdn-requestcountrycode
CH
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
videojs.ima.css
cdn.unibotscdn.com/ubplayer/dist/css/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.unibotscdn.com/ubplayer/dist/css/videojs.ima.css
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/player/mvp/player.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.199.37.225 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
138-199-37-225.bunnyinfra.net
Software
BunnyCDN-DE1-1055 /
Resource Hash
ee5efed459c124675f1a2445a7e0b1f57b9a4f75ef1d59f914348a69c23ef487

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 11:54:18 GMT
content-encoding
br
cdn-edgestorageid
1055
cdn-storageserver
DE-167
cdn-cachedat
10/31/2023 19:01:06
cdn-pullzone
873945
last-modified
Tue, 04 Apr 2023 10:04:13 GMT
server
BunnyCDN-DE1-1055
cdn-fileserver
576
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
W/"642bf61d-eda"
vary
Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=3600
cdn-requestid
f2a5bb925f85e9bd8d3d9da099534b40
cdn-requestcountrycode
CH
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
video-js.min.css
cdn.unibotscdn.com/ubplayer/dist/css/ 		39 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.unibotscdn.com/ubplayer/dist/css/video-js.min.css
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/player/mvp/player.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.199.37.225 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
138-199-37-225.bunnyinfra.net
Software
BunnyCDN-DE1-1055 /
Resource Hash
ef19d3570dea1c5a973fb7f6fc98c525cd8ce6d01db1937f8459975979648bdc

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 11:54:18 GMT
content-encoding
br
cdn-edgestorageid
755
cdn-storageserver
DE-677
cdn-cachedat
11/10/2023 21:11:01
cdn-pullzone
873945
last-modified
Tue, 04 Apr 2023 10:04:08 GMT
server
BunnyCDN-DE1-1055
cdn-fileserver
296
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
W/"642bf618-9cdf"
vary
Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=3600
cdn-requestid
d638f5aaad6782447b48571ccbe3761c
cdn-requestcountrycode
CH
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
bg3.co_1695642730139.css
cdn.unibotscdn.com/clientdata/css/ 		440 B
983 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.unibotscdn.com/clientdata/css/bg3.co_1695642730139.css
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/player/mvp/player.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.199.37.225 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
138-199-37-225.bunnyinfra.net
Software
BunnyCDN-DE1-1055 /
Resource Hash
67db2b0c3deefc3f84f7ceaad4268e56b2220f2486c54c7b5ef34dab9f6f15b4

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 11:54:18 GMT
content-encoding
br
cdn-edgestorageid
755
cdn-storageserver
DE-382
cdn-cachedat
11/05/2023 20:42:32
cdn-pullzone
873945
last-modified
Sun, 05 Nov 2023 20:34:22 GMT
server
BunnyCDN-DE1-1055
cdn-fileserver
374
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
W/"6547fc4e-1b8"
vary
Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cdn-cache
REVALIDATED
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=3600
cdn-requestid
2148dc76f77e8653df8fb22dcfd3d074
cdn-requestcountrycode
CH
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
main.css
cdn.unibotscdn.com/ubplayer/mvp/css/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.unibotscdn.com/ubplayer/mvp/css/main.css
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/player/mvp/player.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.199.37.225 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
138-199-37-225.bunnyinfra.net
Software
BunnyCDN-DE1-1055 /
Resource Hash
838d9a1a5d61f0848947207dd5d35761f92c39f57f192ca7091cee62c84e7b54

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 11:54:18 GMT
content-encoding
br
cdn-edgestorageid
1078
cdn-storageserver
DE-677
cdn-cachedat
11/05/2023 14:34:02
cdn-pullzone
873945
last-modified
Fri, 25 Aug 2023 05:21:29 GMT
server
BunnyCDN-DE1-1055
cdn-fileserver
296
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
W/"64e83a59-1333"
vary
Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=3600
cdn-requestid
b2d1462263e0d13ab5c91445b3b079ff
cdn-requestcountrycode
CH
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
ima3.js
imasdk.googleapis.com/js/sdkloader/ 		365 KB
126 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/player/mvp/player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.202 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f10.1e100.net
Software
sffe /
Resource Hash
4b11a3cb86b8e90ee13ac577dbb1a2398373c7d7777a18066cf50b991ecae129
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 11:54:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
128095
x-xss-protection
0
expires
Mon, 20 Nov 2023 11:54:18 GMT
generic
match.adsrvr.org/track/cmf/ Frame 9C6D 		70 B
149 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8POUCLAZkVtFOZL_RtRHIrKKdyH6jaysAAABgYID-AElNTA7TxrZaiwarkVs0mNjcwsFm5FaOXCabYTWYjYwbIyCpiclh2thWa9FgNXKLBhObWzjYjNzKkctkM6wGs5FxYwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ8aDodPte9Xvf73SU-z1zj9yv8mqPTLXe61Q63xOV0a45Ot_Dpt_vcQoffrXg97G7R0y19-N0yh1vmsPvcisXu5XQLn3afW_m6u1WWt_Tot_vcqunRYfe5Fa-H3a05uh52n1vucGsGg8FcaHqb7QAAAADgwf___z8EAAAAgAgAAAAAEgAAAAAoBFT4tyBwAQAAAADD____vwaAZw4L7PIcFB6Hx-nw_AMAAAAACAAAAAASAAjohyUAYoz3Tvz_________xxigz7yR8f___3_DoAfAgw-AByEAAAAfQwTQPjbH58iwiRQUFmEEAAAAoGoYnuPIJJ2gYlHl__-_3wrAFQCAgEV2SmeQLLqDEm9hAAAABMYs0MPi95sddo3f7TL__________2b-z_yjEcIRfkwDRIxir-YXEABgzS8gAAAbdQMA8EYATtAhaMVgsDoBMTsAAAAAd_7____1gIjDNHMOVi7TYjNzOYcby8hjs3gmM99i4Rk5R6PtMRZgsGZMHSrssyEss993UFBOT4_ZZZCxXCaD-KBhWE4GwfxM2GK0mkw2y-FsuZgMhqPhaLQ_ArgcoIkYLJeTyWKyW41Wo81wN5oNFkggBhNE0aLBZDUaTRaT4Wo0Wc2Wi91ugyhatZqNNoPhajaZ7Xar4WC4HI3QhC1Gq8lksxzOlovJYDgajkZDBIODmWkwWQ3XopFt5BYNZ6O1cGTzuDWb2cg0Gy4Xi9FwLXp9TB_XaOOyDbdIMEBwL5KnRTpRmUaWkWUzWS1sholntRltHJ7dauYYLWariclkmoglmpNFOpFd9hWHaeYcrFymxWbmcg43lpHHZvFMZr7FwjNyjkb74mBmGkxWw7VoZBu5RcPZaC0c2TxuzWY2Ms2Gy8ViNFyLXh_TxzXauGzDfWM3GIyGi8lqtm_sBoPRcDFZzfYdOsN39TkblWWV5KNzGoa1pq3mNChcBov3pT6dhwVjQfv7HJ0mj-hZ1Bn9fr_f7_f7_X6_36D1HMwGhe95-Aunj-W5HM5GD2KDQRFLBBfpRPAwux2ml1vi82z8FrFEabpIJ3qFX3N0uuVOt9rhlricbs3R6RY-_XafW-jwuxWvh90terqlD79b5nDLHHafW7HYvZxu4dPucytfd7fK8pYe_XafWzU9Ouw-t-L1sLs1R9fD7nPLHW7NYDCYC01vs0UsEZwu0onoZTxd1H_UgKu5YrmaS0aDuWS4SgAAAAAAAAAAlmCa6SYAAAAATgY13AwXq3U6mMlsMtitlgvgIihLFzAIAAAAAABAscYea4CH2e0wvdwSn2fjtzIACeY8Zpt9RhBrtVrWAAAABLABAAAEcNONN4FjUdz_____OAAAADJy6AEAANDvA8I6cKXQC0fiVxCLxWC4fwAqxFqtVrcba7VaAQ1iN9pMJhP4____Dw!&cmcv=&pix=undefined&cb=1700481258413&uv=3358&tms=1700481258413&abt=adxsub-out_vA!adxsub-out_vB!lvlstst-in2_vC!lvlstst1_vC!pl148380-820_vA!t45!u2822_vA!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=5bda4c65-405d-40bf-803d-9dedf0506d8c&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 11:54:18 GMT
server
Kestrel
content-length
70
content-type
image/gif
80f40258-4d6d-4864-8dfc-336d46891148-tuctc54ce68
pr-bh.ybp.yahoo.com/sync/taboola/ Frame 9C6D 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/taboola/80f40258-4d6d-4864-8dfc-336d46891148-tuctc54ce68?gdpr=1&us_privacy=1---
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8POUCLAZkVtFOZL_RtRHIrKKdyH6jaysAAABgYID-AElNTA7TxrZaiwarkVs0mNjcwsFm5FaOXCabYTWYjYwbIyCpiclh2thWa9FgNXKLBhObWzjYjNzKkctkM6wGs5FxYwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ8aDodPte9Xvf73SU-z1zj9yv8mqPTLXe61Q63xOV0a45Ot_Dpt_vcQoffrXg97G7R0y19-N0yh1vmsPvcisXu5XQLn3afW_m6u1WWt_Tot_vcqunRYfe5Fa-H3a05uh52n1vucGsGg8FcaHqb7QAAAADgwf___z8EAAAAgAgAAAAAEgAAAAAoBFT4tyBwAQAAAADD____vwaAZw4L7PIcFB6Hx-nw_AMAAAAACAAAAAASAAjohyUAYoz3Tvz_________xxigz7yR8f___3_DoAfAgw-AByEAAAAfQwTQPjbH58iwiRQUFmEEAAAAoGoYnuPIJJ2gYlHl__-_3wrAFQCAgEV2SmeQLLqDEm9hAAAABMYs0MPi95sddo3f7TL__________2b-z_yjEcIRfkwDRIxir-YXEABgzS8gAAAbdQMA8EYATtAhaMVgsDoBMTsAAAAAd_7____1gIjDNHMOVi7TYjNzOYcby8hjs3gmM99i4Rk5R6PtMRZgsGZMHSrssyEss993UFBOT4_ZZZCxXCaD-KBhWE4GwfxM2GK0mkw2y-FsuZgMhqPhaLQ_ArgcoIkYLJeTyWKyW41Wo81wN5oNFkggBhNE0aLBZDUaTRaT4Wo0Wc2Wi91ugyhatZqNNoPhajaZ7Xar4WC4HI3QhC1Gq8lksxzOlovJYDgajkZDBIODmWkwWQ3XopFt5BYNZ6O1cGTzuDWb2cg0Gy4Xi9FwLXp9TB_XaOOyDbdIMEBwL5KnRTpRmUaWkWUzWS1sholntRltHJ7dauYYLWariclkmoglmpNFOpFd9hWHaeYcrFymxWbmcg43lpHHZvFMZr7FwjNyjkb74mBmGkxWw7VoZBu5RcPZaC0c2TxuzWY2Ms2Gy8ViNFyLXh_TxzXauGzDfWM3GIyGi8lqtm_sBoPRcDFZzfYdOsN39TkblWWV5KNzGoa1pq3mNChcBov3pT6dhwVjQfv7HJ0mj-hZ1Bn9fr_f7_f7_X6_36D1HMwGhe95-Aunj-W5HM5GD2KDQRFLBBfpRPAwux2ml1vi82z8FrFEabpIJ3qFX3N0uuVOt9rhlricbs3R6RY-_XafW-jwuxWvh90terqlD79b5nDLHHafW7HYvZxu4dPucytfd7fK8pYe_XafWzU9Ouw-t-L1sLs1R9fD7nPLHW7NYDCYC01vs0UsEZwu0onoZTxd1H_UgKu5YrmaS0aDuWS4SgAAAAAAAAAAlmCa6SYAAAAATgY13AwXq3U6mMlsMtitlgvgIihLFzAIAAAAAABAscYea4CH2e0wvdwSn2fjtzIACeY8Zpt9RhBrtVrWAAAABLABAAAEcNONN4FjUdz_____OAAAADJy6AEAANDvA8I6cKXQC0fiVxCLxWC4fwAqxFqtVrcba7VaAQ1iN9pMJhP4____Dw!&cmcv=&pix=undefined&cb=1700481258413&uv=3358&tms=1700481258413&abt=adxsub-out_vA!adxsub-out_vB!lvlstst-in2_vC!lvlstst1_vC!pl148380-820_vA!t45!u2822_vA!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=5bda4c65-405d-40bf-803d-9dedf0506d8c&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.250.107.139 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-250-107-139.eu-west-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 11:54:19 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
usync.html
eus.rubiconproject.com/ Frame 6EC8 		281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8POUCLAZkVtFOZL_RtRHIrKKdyH6jaysAAABgYID-AElNTA7TxrZaiwarkVs0mNjcwsFm5FaOXCabYTWYjYwbIyCpiclh2thWa9FgNXKLBhObWzjYjNzKkctkM6wGs5FxYwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ8aDodPte9Xvf73SU-z1zj9yv8mqPTLXe61Q63xOV0a45Ot_Dpt_vcQoffrXg97G7R0y19-N0yh1vmsPvcisXu5XQLn3afW_m6u1WWt_Tot_vcqunRYfe5Fa-H3a05uh52n1vucGsGg8FcaHqb7QAAAADgwf___z8EAAAAgAgAAAAAEgAAAAAoBFT4tyBwAQAAAADD____vwaAZw4L7PIcFB6Hx-nw_AMAAAAACAAAAAASAAjohyUAYoz3Tvz_________xxigz7yR8f___3_DoAfAgw-AByEAAAAfQwTQPjbH58iwiRQUFmEEAAAAoGoYnuPIJJ2gYlHl__-_3wrAFQCAgEV2SmeQLLqDEm9hAAAABMYs0MPi95sddo3f7TL__________2b-z_yjEcIRfkwDRIxir-YXEABgzS8gAAAbdQMA8EYATtAhaMVgsDoBMTsAAAAAd_7____1gIjDNHMOVi7TYjNzOYcby8hjs3gmM99i4Rk5R6PtMRZgsGZMHSrssyEss993UFBOT4_ZZZCxXCaD-KBhWE4GwfxM2GK0mkw2y-FsuZgMhqPhaLQ_ArgcoIkYLJeTyWKyW41Wo81wN5oNFkggBhNE0aLBZDUaTRaT4Wo0Wc2Wi91ugyhatZqNNoPhajaZ7Xar4WC4HI3QhC1Gq8lksxzOlovJYDgajkZDBIODmWkwWQ3XopFt5BYNZ6O1cGTzuDWb2cg0Gy4Xi9FwLXp9TB_XaOOyDbdIMEBwL5KnRTpRmUaWkWUzWS1sholntRltHJ7dauYYLWariclkmoglmpNFOpFd9hWHaeYcrFymxWbmcg43lpHHZvFMZr7FwjNyjkb74mBmGkxWw7VoZBu5RcPZaC0c2TxuzWY2Ms2Gy8ViNFyLXh_TxzXauGzDfWM3GIyGi8lqtm_sBoPRcDFZzfYdOsN39TkblWWV5KNzGoa1pq3mNChcBov3pT6dhwVjQfv7HJ0mj-hZ1Bn9fr_f7_f7_X6_36D1HMwGhe95-Aunj-W5HM5GD2KDQRFLBBfpRPAwux2ml1vi82z8FrFEabpIJ3qFX3N0uuVOt9rhlricbs3R6RY-_XafW-jwuxWvh90terqlD79b5nDLHHafW7HYvZxu4dPucytfd7fK8pYe_XafWzU9Ouw-t-L1sLs1R9fD7nPLHW7NYDCYC01vs0UsEZwu0onoZTxd1H_UgKu5YrmaS0aDuWS4SgAAAAAAAAAAlmCa6SYAAAAATgY13AwXq3U6mMlsMtitlgvgIihLFzAIAAAAAABAscYea4CH2e0wvdwSn2fjtzIACeY8Zpt9RhBrtVrWAAAABLABAAAEcNONN4FjUdz_____OAAAADJy6AEAANDvA8I6cKXQC0fiVxCLxWC4fwAqxFqtVrcba7VaAQ1iN9pMJhP4____Dw!&cmcv=&pix=undefined&cb=1700481258413&uv=3358&tms=1700481258413&abt=adxsub-out_vA!adxsub-out_vB!lvlstst-in2_vC!lvlstst1_vC!pl148380-820_vA!t45!u2822_vA!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=5bda4c65-405d-40bf-803d-9dedf0506d8c&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-22-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://imprammp.taboola.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 20 Nov 2023 11:54:18 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
auction
prebid-server.rubiconproject.com/openrtb2/ 		185 B
466 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.173.144.137 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
06c19b767c5a4f32f0fa17bf35cd701900facfa105564cef5c61d9e89649da64

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
content-encoding
gzip
x-prebid
pbs-java/2.3.0
Content-Type
application/json
access-control-allow-origin
https://www.bg3.co
Cache-Control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
173
Expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		423 B
758 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20616&site_id=395958&zone_id=2209398&size_id=2&alt_size_ids=1%2C43%2C44%2C55&rp_schain=1.0,1!adpushup.com,062d9a21f747ddee7c25d4297776e0aa,1,,,&eid_pubcid.org=5e0a9803-cd22-4857-b3a4-88ecef38bb56%5E1&rf=https%3A%2F%2Fwww.bg3.co%2Fa%2Fshi-ni-ma-bei-shi-xiong-hao-quan-ti-zao-fa-fang-11wei-xing-yun-er-zhong-5zhang-quan-shuang-na-3000.html&kw=%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E%EF%BC%8C%E6%98%AF%E4%BD%A0%E5%97%8E%EF%BC%9F%E5%8C%97%E5%B8%82%E7%86%8A%E5%A5%BD%E5%88%B8%E6%8F%90%E6%97%A9%E7%99%BC%E6%94%BE11%E4%BD%8D%E5%B9%B8%E9%81%8B%E5%85%92%E4%B8%AD5%E5%BC%B5%E5%88%B8%E7%88%BD%E6%8B%BF3000&tg_i.domain=bg3.co&tg_i.page=https%3A%2F%2Fwww.bg3.co%2Fa%2Fshi-ni-ma-bei-shi-xiong-hao-quan-ti-zao-fa-fang-11wei-xing-yun-er-zhong-5zhang-quan-shuang-na-3000.html&tk_flint=pbjs_lite_v7.48.0&x_source.tid=c9f24334-ebc2-4284-83d7-75d11f8708ac&l_pb_bid_id=52ec7b72be7e7&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=c9f24334-ebc2-4284-83d7-75d11f8708ac&rp_maxbids=1&slots=1&rand=0.8291153433275622
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.173.144.140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
981e6a9b0f29bb96c91283b5d7e214a2fd1ab8dc810bc7741b7821cf3dc24245

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 20 Nov 2023 11:54:18 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
423
expires
Wed, 17 Sep 1975 21:32:10 GMT
cdb
bidder.criteo.com/ 		0
188 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=35&wv=7.48.0&cb=78886284646&lsavail=0
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.bg3.co
date
Mon, 20 Nov 2023 11:54:17 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
v1
hb-api.omnitagjs.com/hb-api/prebid/ 		3 B
517 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fshi-ni-ma-bei-shi-xiong-hao-quan-ti-zao-fa-fang-11wei-xing-yun-er-zhong-5zhang-quan-shuang-na-3000.html&PageUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fshi-ni-ma-bei-shi-xiong-hao-quan-ti-zao-fa-fang-11wei-xing-yun-er-zhong-5zhang-quan-shuang-na-3000.html&PageReferrer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fshi-ni-ma-bei-shi-xiong-hao-quan-ti-zao-fa-fang-11wei-xing-yun-er-zhong-5zhang-quan-shuang-na-3000.html&CanonicalUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fshi-ni-ma-bei-shi-xiong-hao-quan-ti-zao-fa-fang-11wei-xing-yun-er-zhong-5zhang-quan-shuang-na-3000.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
79.125.51.132 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-79-125-51-132.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
37517e5f3dc66819f61f5a7bb8ace1921282415f10551d2defa5c3eb0985b570
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 20 Nov 2023 11:54:18 GMT
via
kong/2.8.4
x-content-type-options
nosniff
x-kong-proxy-latency
0
p3p
CP="CAO PSA OUR"
x-kong-upstream-latency
12
content-length
3
pragma
no-cache
access-control-max-age
3600
access-control-allow-methods
OPTIONS, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Accept-Encoding
access-control-allow-headers
Accept-Encoding, Content-Type
expires
0
c
prebid.a-mo.net/a/ 		0
131 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.84.158 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.bg3.co
date
Mon, 20 Nov 2023 11:54:17 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
2
server
envoy
vary
origin, Accept-Encoding
hbjson
grid.bidswitch.net/ 		24 B
361 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://grid.bidswitch.net/hbjson
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.198.57.253 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-198-57-253.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
56a003d0ec375b1ddcbc1f431d75c3ad3a0a381d2034e7f3afe0ed9eceadc7e6

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 20 Nov 2023 11:54:18 GMT
Content-Encoding
gzip
Server
nginx
Content-Type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
49
/
prebid.smilewanted.com/ 		0
35 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 20 Nov 2023 11:54:18 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
82907f5a0b2e229c-CDG
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
adreq
ads.servenobid.com/ 		592 B
665 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/adreq?cb=8468
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.72.113.40 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-72-113-40.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
0a38b62cf381eaa74d4f3ea6301f26d75b161172c480caa50da6ff8967a151ad

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 20 Nov 2023 11:54:18 GMT
content-encoding
gzip
amp-access-control-allow-source-origin
*
vary
accept-encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
bid-request
a.teads.tv/hb/ 		811 B
689 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.21.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-21-51.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
1848c07baac491efd31919145deb2d62592de4d0f49cf51a655e5ace84186a70

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 20 Nov 2023 11:54:18 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
352
expires
Mon, 20 Nov 2023 11:54:18 GMT
prebid
prebid.media.net/rtb/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUPEPKI9
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
153.63.120.34.bc.googleusercontent.com
Software
envoy /
Resource Hash
82559c3d323c22c9b4b3b07675201980161e66f4e2fa423526bc1db9f8a0e4ee

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 20 Nov 2023 11:54:18 GMT
via
1.1 google
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
server
envoy
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
95
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 20 Nov 2023 11:54:18 GMT
prebid-request
onetag-sys.com/ 		15 B
406 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://www.bg3.co
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
auction
tlx.3lift.com/header/ 		19 B
587 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=7.48.0&referrer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fshi-ni-ma-bei-shi-xiong-hao-quan-ti-zao-fa-fang-11wei-xing-yun-er-zhong-5zhang-quan-shuang-na-3000.html&tmax=2500
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.69.18.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-69-18-37.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 20 Nov 2023 11:54:18 GMT
accept-ch
sec-ch-dpr,user-agent,sec-ch-width,sec-ch-viewport-height,sec-ch-save-data,sec-ch-ect,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-device-memory,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-full-version,sec-ch-ua-arch,sec-ch-rtt,sec-ch-ua-mobile,sec-ch-viewport-width,sec-ch-downlink,sec-ch-ua-full-version-list,sec-ch-prefers-color-scheme,sec-ch-ua-platform
x-auction-status
29, 29, 29, 29
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
309 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=693656
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b059dc6605f0bb9478ea0bfe4e157ab79c9dfb3245680fef411c83f6c5ce07e6

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 20 Nov 2023 11:54:18 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9Z42rkOb1g8izRi1hUZuv%2Fl92ljIXe3DJHH0V%2BOavuccU5F76iV1onhQAMHIEFJO6MKYrG1eNXJ7pV3tAVM1BItxZ5ImeADUPW505wVc9QBOy25Z1%2FHsDOfwUwIY8Tl8z3kHgzaC"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
82907f5a3edd0246-CDG
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
306 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=693656
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b059dc6605f0bb9478ea0bfe4e157ab79c9dfb3245680fef411c83f6c5ce07e6

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 20 Nov 2023 11:54:18 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QIrHR7F04zDIJNMsjPUoPoNi1emMtFM5YHh6p1co2HoUsr2dmAM7w6AuEkjxUG40x784k52hIOMFJAlXv7M08CKpYHTCPWihOPnZj78zSD6rmEas67Sey9m%2FP056Q%2BilDhstmxv6"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
82907f5a3edf0246-CDG
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
304 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=693656
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b059dc6605f0bb9478ea0bfe4e157ab79c9dfb3245680fef411c83f6c5ce07e6

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 20 Nov 2023 11:54:18 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pOU9RiNf1aKlHszHIIX2L7k3vWdqoOYsWzJWOHGc5moEPWAXlsxrvEehs2eHaCKXis%2FxZM4QRQtdafW6fpLfuGgYYRziPi8MzYl191227pDkMl5OcLieMMjeNGTxh1aixludJqPc"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
82907f5a3ee10246-CDG
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
prebid
ib.adnxs.com/ut/v3/ 		139 B
698 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
8e93f4d7d8e8fbe1e3433968410d9fc6b8fba3b78504243aef73c40d757ce333
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 20 Nov 2023 11:54:18 GMT
an-x-request-uuid
935af85b-9a4a-406c-b206-735839b1ce41
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
85.195.240.28; 85.195.240.28; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
139
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
prebidjs
rtb.openx.net/openrtbb/ 		53 B
220 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
/
Resource Hash
734446e57fa652f11e4a07499e8c29e7544b55d280c661d30ea5c4559e584114

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 20 Nov 2023 11:54:18 GMT
content-encoding
gzip
via
1.1 google
vary
Origin
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77
prebidjs
rtb.openx.net/openrtbb/ 		53 B
220 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
/
Resource Hash
734446e57fa652f11e4a07499e8c29e7544b55d280c661d30ea5c4559e584114

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 20 Nov 2023 11:54:18 GMT
content-encoding
gzip
via
1.1 google
vary
Origin
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77
bootstrap.js
s1.adform.net/stoat/630/s1.adform.net/ Frame 4139 		37 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/630/s1.adform.net/bootstrap.js
Requested by
Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=54110933;rtbwp=ZVtI6QAMW3oH_YRDAAbTM4u0qNerTunf4RWcLA;rtbdata=YuRdJOSHy5zI_PcTjfGRYKpHQjT3nfjq5kFGsrj9q6lBqx9Htn_7GTl7QWIkllmtB0Zv1VhWI64La16hzRAvlXD04MqW1HEyB7tZllmO0QvmJcZbf0ko94c4M2Qhdmv8owBELcNBe-ir3AVB4Xp0aWRxbg4Rm3WRhh51UAwxVFO-LOaajMikP-t1qzlwHdUHzTsJGp5DfTWeN8uThe2kIU7jQOZYXNLwQy91pGzS71x3kw8zAOxR8BqxL2e8QLHxN0emMd0A9203rUb4zBGTN06-QClL-MxkPalRKZDz3Pp0-Uv3UM-EOl6LBR_CirIRsdwWyPT5miNB4SKZKGrNxw2;nofp=1;click=https://adclick.g.doubleclick.net/aclk?sa=L&ai=Cboqr6UhbZfq2McOI9u8Ps6abYJGtxbxc3ebspu4CwI23ARABIABg9Y27gZgEggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDTIAQmpAhGdqMqfqIM-4AIAqAMByAMCqgT-Ak_QYZFomtiqJrUMhlSzJYpCo3dpJ6aMQ6NjStaYoz_VqQDnNoXQH045hcGtGzvGIM3EyKs3T14TGh_6Yr7smiNGAmM6tbJl_I3-80K_3wO3NrEF2MDfJJBSKMLBdCj55w6xy_7n1l_3XUKCx8nR-gGj23Defpk7NM3BUzkiFw-Wn7hqxRQxLGNu2b9kM65VbrhF3KKbWiLSsbyz1t8CpeK6fF5BaR32RmtfdZOsPxtjgAdOZIsH4SI-AOwIyrobZRDsH_RFe2Xvx7iKlXII1Ewrk9o9A6Sg64W1UJuklzaLWdw7U1urvAvJ31MmTr6WKC2EmOvD3hVR1yxB8AbtTKu0vxy_Bk9IPt0NFp6Ynd9IQjQG4WijQPMZKj_VZL7NQOI-lv4UJv_A9LEr9-uT5C_rgH9EDiodamYA7gLLHwiC0VrAd-1OEq2x6l95Lzj3Rg6YTAalCcPt4eTwode1gyBAUndFofHkLW2vH-VvtIDg94nL03Y6qimi05-5LdngBAGABseL9NrNoKyasgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE68ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgw-gsCCAGADAHiDRMIicTFqsLSggMVQ4T9Bx0z0wYM0BUBgBcB&num=1&sig=AOD64_2YWjfXYmAGCDegd-zUgj69ZfnlwQ&client=ca-pub-8933329999391104&adurl=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
c9b3df2175f6b51e8c7ca74de67d096dad198f28de115078f9332fa3fb379ab5

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://0cdb8e87210a0ca781607e22327923a6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 11:54:18 GMT
content-encoding
gzip
last-modified
Fri, 17 Nov 2023 10:42:02 GMT
server
nginx
x-cache-status
STALE
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Sat, 18 Nov 2023 15:27:20 GMT
bulk
trc.taboola.com/palmate-bg3co/log/3/ 		0
290 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/palmate-bg3co/log/3/bulk?tvi48=12019&tvi50=11108&route=AM%3AIL%3AV&lti=deflated&bulkSize=12
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231119-2-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
90
date
Mon, 20 Nov 2023 11:54:18 GMT
via
1.1 varnish
x-fastly-to-nlb-rtt
80110
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-vie6362-VIE
pragma
no-cache
server
nginx
x-timer
S1700481259.627811,VS0,VE90
content-type
image/gif
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/ Frame 36F0 		429 KB
134 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
b04dfae5d49297b8b6a514bd8bf1c7bea7ebe622232401a5abed5a92809a2b66
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 11:23:57 GMT
content-encoding
br
x-content-type-options
nosniff
age
1821
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
137535
x-xss-protection
0
server
cafe
etag
18342593356503948095
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Tue, 19 Nov 2024 11:23:57 GMT
generic
match.adsrvr.org/track/cmf/ Frame 96CD 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8POUCLAZkVtFOZL_RtRHIrKKdyH6jaysAAABgYID-AElNTA7TxrZaiwarkVs0mNjcwsFm5FaOXCabYTWYjYwbIyCpiclh2thWa9FgNXKLBhObWzjYjNzKkctkM6wGs5FxYwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ8aDodPte9Xvf73SU-z1zj9yv8mqPTLXe61Q63xOV0a45Ot_Dpt_vcQoffrXg97G7R0y19-N0yh1vmsPvcisXu5XQLn3afW_m6u1WWt_Tot_vcqunRYfe5Fa-H3a05uh52n1vucGsGg8FcaHqb7QAAAADgwf___z8EAAAAgAgAAAAAEgAAAAAoBFT4tyBwAQAAAADD____vwaAZw4L7PIcFB6Hx-nw_AMAAAAACAAAAAASAAjohyUAYoz3Tvz_________xxigz7yR8f___3_DoAfAgw-AByEAAAAfQwTQPjbH58iwiRQUFmEEAAAAoGoYnuPIJJ2gYlHl__-_3wrAFQCAgEV2SmeQLLqDEm9hAAAABMYs0MPi95sddo3f7TL__________2b-z_yjEcIRfkwDRIxir-YXEABgzS8gAAAbdQMA8EYATtAhaMVgsDoBMTsAAAAAd_7____1gIjDNHMOVi7TYjNzOYcby8hjs3gmM99i4Rk5R6PtMRZgsGZMHSrssyEss993UFBOT4_ZZZCxXCaD-KBhWE4GwfxM2GK0mkw2y-FsuZgMhqPhaLQ_ArgcoIkYLJeTyWKyW41Wo81wN5oNFkggBhNE0aLBZDUaTRaT4Wo0Wc2Wi91ugyhatZqNNoPhajaZ7Xar4WC4HI3QhC1Gq8lksxzOlovJYDgajkZDBIODmWkwWQ3XopFt5BYNZ6O1cGTzuDWb2cg0Gy4Xi9FwLXp9TB_XaOOyDbdIMEBwL5KnRTpRmUaWkWUzWS1sholntRltHJ7dauYYLWariclkmoglmpNFOpFd9hWHaeYcrFymxWbmcg43lpHHZvFMZr7FwjNyjkb74mBmGkxWw7VoZBu5RcPZaC0c2TxuzWY2Ms2Gy8ViNFyLXh_TxzXauGzDfWM3GIyGi8lqtm_sBoPRcDFZzfYdOsN39TkblWWV5KNzGoa1pq3mNChcBov3pT6dhwVjQfv7HJ0mj-hZ1Bn9fr_f7_f7_X6_36D1HMwGhe95-Aunj-W5HM5GD2KDQRFLBBfpRPAwux2ml1vi82z8FrFEabpIJ3qFX3N0uuVOt9rhlricbs3R6RY-_XafW-jwuxWvh90terqlD79b5nDLHHafW7HYvZxu4dPucytfd7fK8pYe_XafWzU9Ouw-t-L1sLs1R9fD7nPLHW7NYDCYC01vs0UsEZwu0onoZTxd1H_UgKu5YrmaS0aDuWS4SgAAAAAAAAAAlmCa6SYAAAAATgY13AwXq3U6mMlsMtitlgvgIihLFzAIAAAAAABAscYea4CH2e0wvdwSn2fjtzIACeY8Zpt9RhBrtVrWAAAABLABAAAEcNONN4FjUdz_____OAAAADJy6AEAANDvA8I6cKXQC0fiVxCLxWC4fwAqxFqtVrcba7VaAQ1iN9pMJhP4____Dw!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 11:54:18 GMT
server
Kestrel
content-length
70
content-type
image/gif
80f40258-4d6d-4864-8dfc-336d46891148-tuctc54ce68
pr-bh.ybp.yahoo.com/sync/taboola/ Frame 96CD 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/taboola/80f40258-4d6d-4864-8dfc-336d46891148-tuctc54ce68?gdpr=1&us_privacy=1---
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8POUCLAZkVtFOZL_RtRHIrKKdyH6jaysAAABgYID-AElNTA7TxrZaiwarkVs0mNjcwsFm5FaOXCabYTWYjYwbIyCpiclh2thWa9FgNXKLBhObWzjYjNzKkctkM6wGs5FxYwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ8aDodPte9Xvf73SU-z1zj9yv8mqPTLXe61Q63xOV0a45Ot_Dpt_vcQoffrXg97G7R0y19-N0yh1vmsPvcisXu5XQLn3afW_m6u1WWt_Tot_vcqunRYfe5Fa-H3a05uh52n1vucGsGg8FcaHqb7QAAAADgwf___z8EAAAAgAgAAAAAEgAAAAAoBFT4tyBwAQAAAADD____vwaAZw4L7PIcFB6Hx-nw_AMAAAAACAAAAAASAAjohyUAYoz3Tvz_________xxigz7yR8f___3_DoAfAgw-AByEAAAAfQwTQPjbH58iwiRQUFmEEAAAAoGoYnuPIJJ2gYlHl__-_3wrAFQCAgEV2SmeQLLqDEm9hAAAABMYs0MPi95sddo3f7TL__________2b-z_yjEcIRfkwDRIxir-YXEABgzS8gAAAbdQMA8EYATtAhaMVgsDoBMTsAAAAAd_7____1gIjDNHMOVi7TYjNzOYcby8hjs3gmM99i4Rk5R6PtMRZgsGZMHSrssyEss993UFBOT4_ZZZCxXCaD-KBhWE4GwfxM2GK0mkw2y-FsuZgMhqPhaLQ_ArgcoIkYLJeTyWKyW41Wo81wN5oNFkggBhNE0aLBZDUaTRaT4Wo0Wc2Wi91ugyhatZqNNoPhajaZ7Xar4WC4HI3QhC1Gq8lksxzOlovJYDgajkZDBIODmWkwWQ3XopFt5BYNZ6O1cGTzuDWb2cg0Gy4Xi9FwLXp9TB_XaOOyDbdIMEBwL5KnRTpRmUaWkWUzWS1sholntRltHJ7dauYYLWariclkmoglmpNFOpFd9hWHaeYcrFymxWbmcg43lpHHZvFMZr7FwjNyjkb74mBmGkxWw7VoZBu5RcPZaC0c2TxuzWY2Ms2Gy8ViNFyLXh_TxzXauGzDfWM3GIyGi8lqtm_sBoPRcDFZzfYdOsN39TkblWWV5KNzGoa1pq3mNChcBov3pT6dhwVjQfv7HJ0mj-hZ1Bn9fr_f7_f7_X6_36D1HMwGhe95-Aunj-W5HM5GD2KDQRFLBBfpRPAwux2ml1vi82z8FrFEabpIJ3qFX3N0uuVOt9rhlricbs3R6RY-_XafW-jwuxWvh90terqlD79b5nDLHHafW7HYvZxu4dPucytfd7fK8pYe_XafWzU9Ouw-t-L1sLs1R9fD7nPLHW7NYDCYC01vs0UsEZwu0onoZTxd1H_UgKu5YrmaS0aDuWS4SgAAAAAAAAAAlmCa6SYAAAAATgY13AwXq3U6mMlsMtitlgvgIihLFzAIAAAAAABAscYea4CH2e0wvdwSn2fjtzIACeY8Zpt9RhBrtVrWAAAABLABAAAEcNONN4FjUdz_____OAAAADJy6AEAANDvA8I6cKXQC0fiVxCLxWC4fwAqxFqtVrcba7VaAQ1iN9pMJhP4____Dw!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.250.107.139 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-250-107-139.eu-west-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 11:54:19 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
sync
x.bidswitch.net/ Frame 96CD 		43 B
146 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8POUCLAZkVtFOZL_RtRHIrKKdyH6jaysAAABgYID-AElNTA7TxrZaiwarkVs0mNjcwsFm5FaOXCabYTWYjYwbIyCpiclh2thWa9FgNXKLBhObWzjYjNzKkctkM6wGs5FxYwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ8aDodPte9Xvf73SU-z1zj9yv8mqPTLXe61Q63xOV0a45Ot_Dpt_vcQoffrXg97G7R0y19-N0yh1vmsPvcisXu5XQLn3afW_m6u1WWt_Tot_vcqunRYfe5Fa-H3a05uh52n1vucGsGg8FcaHqb7QAAAADgwf___z8EAAAAgAgAAAAAEgAAAAAoBFT4tyBwAQAAAADD____vwaAZw4L7PIcFB6Hx-nw_AMAAAAACAAAAAASAAjohyUAYoz3Tvz_________xxigz7yR8f___3_DoAfAgw-AByEAAAAfQwTQPjbH58iwiRQUFmEEAAAAoGoYnuPIJJ2gYlHl__-_3wrAFQCAgEV2SmeQLLqDEm9hAAAABMYs0MPi95sddo3f7TL__________2b-z_yjEcIRfkwDRIxir-YXEABgzS8gAAAbdQMA8EYATtAhaMVgsDoBMTsAAAAAd_7____1gIjDNHMOVi7TYjNzOYcby8hjs3gmM99i4Rk5R6PtMRZgsGZMHSrssyEss993UFBOT4_ZZZCxXCaD-KBhWE4GwfxM2GK0mkw2y-FsuZgMhqPhaLQ_ArgcoIkYLJeTyWKyW41Wo81wN5oNFkggBhNE0aLBZDUaTRaT4Wo0Wc2Wi91ugyhatZqNNoPhajaZ7Xar4WC4HI3QhC1Gq8lksxzOlovJYDgajkZDBIODmWkwWQ3XopFt5BYNZ6O1cGTzuDWb2cg0Gy4Xi9FwLXp9TB_XaOOyDbdIMEBwL5KnRTpRmUaWkWUzWS1sholntRltHJ7dauYYLWariclkmoglmpNFOpFd9hWHaeYcrFymxWbmcg43lpHHZvFMZr7FwjNyjkb74mBmGkxWw7VoZBu5RcPZaC0c2TxuzWY2Ms2Gy8ViNFyLXh_TxzXauGzDfWM3GIyGi8lqtm_sBoPRcDFZzfYdOsN39TkblWWV5KNzGoa1pq3mNChcBov3pT6dhwVjQfv7HJ0mj-hZ1Bn9fr_f7_f7_X6_36D1HMwGhe95-Aunj-W5HM5GD2KDQRFLBBfpRPAwux2ml1vi82z8FrFEabpIJ3qFX3N0uuVOt9rhlricbs3R6RY-_XafW-jwuxWvh90terqlD79b5nDLHHafW7HYvZxu4dPucytfd7fK8pYe_XafWzU9Ouw-t-L1sLs1R9fD7nPLHW7NYDCYC01vs0UsEZwu0onoZTxd1H_UgKu5YrmaS0aDuWS4SgAAAAAAAAAAlmCa6SYAAAAATgY13AwXq3U6mMlsMtitlgvgIihLFzAIAAAAAABAscYea4CH2e0wvdwSn2fjtzIACeY8Zpt9RhBrtVrWAAAABLABAAAEcNONN4FjUdz_____OAAAADJy6AEAANDvA8I6cKXQC0fiVxCLxWC4fwAqxFqtVrcba7VaAQ1iN9pMJhP4____Dw!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.121.8.101 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-121-8-101.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 11:54:18 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
auctionData
e3.adpushup.com/AdPushupFeedbackWebService/feedback/aphb/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/aphb/auctionData?data=eyJzaXRlSWQiOjQyNzUzLCJ1cmwiOiJodHRwczovL3d3dy5iZzMuY28vYS9zaGktbmktbWEtYmVpLXNoaS14aW9uZy1oYW8tcXVhbi10aS16YW8tZmEtZmFuZy0xMXdlaS14aW5nLXl1bi1lci16aG9uZy01emhhbmctcXVhbi1zaHVhbmctbmEtMzAwMC5odG1sIiwic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInBsYXRmb3JtIjoiREVTS1RPUCIsInBhY2tldElkIjoiMDAwMEE3MDEtZmFhOGJmY2EtNGI0OS00NDU2LTg0MDctNzY2NTUzYWZlNWFkIiwicGFnZUdyb3VwIjoiQVJUSUNMRSIsInBhZ2VWYXJpYXRpb25JZCI6Ijk2NzUwMTI1LWI5MGMtNDk3YS04Njk5LTczMTcxZjdiNDkzNSIsInBhZ2VWYXJpYXRpb25OYW1lIjoiQWRQdXNodXAiLCJwYWdlVmFyaWF0aW9uVHlwZSI6MSwic2VjdGlvbnMiOlt7InNlY3Rpb25JZCI6Ijc3YTljMjJmLWFjMDItNDVkZC05NmJjLWIwODk2YThhN2Q1YSIsInNlY3Rpb25OYW1lIjoiQVBfTF9EX0FSVElDTEVfNzI4WDI1MF83N2E5YyIsInBsYWNlbWVudCI6MSwicmVmcmVzaENvdW50IjowLCJwcmViaWRBdWN0aW9uSWQiOiJkYTQ4ZDRkMi0zNjJlLTRjY2ItYWZhZC0zMDIyOWU4ZWJiNmQiLCJ0aW1lT2ZBdWN0aW9uIjoxNzAwNDgxMjU4MDE1LCJiaWRzIjpbeyJjcG0iOjAuMSwiYWRJZCI6Ijg5YTFjOTZiNWE1ZTJkZSIsIm9yaWdpbmFsQ3BtIjowLjEsImJpZGRlciI6InRlYWRzIiwicmV2ZW51ZSI6MC4wMDAxLCJmb3JtYXRUeXBlIjoiYmFubmVyIiwicmVzcG9uc2VUaW1lIjo0NjgsInRpbWVPZkJpZFJlY2VpdmVkIjoxNzAwNDgxMjU4NTM3fSx7ImNwbSI6MC4xLCJhZElkIjoiOTA1NGFjNGE2MGUzMDU5Iiwib3JpZ2luYWxDcG0iOjAuMSwiYmlkZGVyIjoidGVhZHMiLCJyZXZlbnVlIjowLjAwMDEsImZvcm1hdFR5cGUiOiJiYW5uZXIiLCJyZXNwb25zZVRpbWUiOjQ3MSwidGltZU9mQmlkUmVjZWl2ZWQiOjE3MDA0ODEyNTg1NDB9XSwidGltZWRPdXRCaWRkZXJzIjpbXSwicmVxdWVzdGVkRm9ybWF0cyI6WyJkaXNwbGF5IiwidmlkZW8iLCJuYXRpdmUiXSwicHJlYmlkV2lubmVyIjoidGVhZHMiLCJwcmViaWRXaW5uZXJBZFVuaXRJZCI6Ijg5YTFjOTZiNWE1ZTJkZSIsInByZWJpZFdpbm5lckNwbSI6MC4wMDAxfV0sImNvdW50cnkiOiJDSCJ9&c_b=4993
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/shi-ni-ma-bei-shi-xiong-hao-quan-ti-zao-fa-fang-11wei-xing-yun-er-zhong-5zhang-quan-shuang-na-3000.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Nov 2023 11:54:18 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
ads
securepubads.g.doubleclick.net/gampad/ 		64 KB
15 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=424210605974472&correlator=3173472832495935&eid=31079660%2C31079658%2C31079525&output=ldjh&gdfp_req=1&vrg=202311130101&ptt=17&impl=fifs&iu_parts=103512698%3A22574853003%2C22477626096&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C728x250%7C728x90%7C690x90%7C690x250%7C675x90%7C675x250%7C670x90%7C670x250%7C650x90%7C650x250%7C650x150%7C630x90%7C630x250%7C602x100%7C600x90%7C600x250%7C580x90%7C570x90%7C550x150%7C468x60%7C320x50%7C320x100%7C300x50%7C300x100%7C300x75%7C300x250%7C250x250%7C200x200&fluid=height&ifi=2&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D1a41361e827bc7a2%3AT%3D1700481257%3ART%3D1700481257%3AS%3DALNI_MYFSSKGpZM-0LwDSvHsIEtPXCrmyw&gpic=UID%3D00000cceb2dbfa89%3AT%3D1700481257%3ART%3D1700481257%3AS%3DALNI_MZprw4zR294mb7E3ZeSjhnV_dgsUQ&arp=1&abxe=1&dt=1700481258706&lmt=1700481258&adxs=236&adys=60&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fshi-ni-ma-bei-shi-xiong-hao-quan-ti-zao-fa-fang-11wei-xing-yun-er-zhong-5zhang-quan-shuang-na-3000.html&vis=1&psz=728x-1&msz=728x-1&fws=4&ohw=728&ga_vid=861161258.1700481257&ga_sid=1700481258&ga_hid=100393372&ga_fc=true&dlt=1700481256067&idt=1620&prev_scp=stopUnfilledRefresh3%3Dd_g0_u0%26adpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D1%26fluid%3D0%26vacant_variation%3Dexperiment_bp_0%26vacant_RCA%3DE_0%26refreshcount%3D0%26refreshrate%3D27%26control_reporting%3Dchrome_DESKTOP_3_0%26cluster_reporting%3Dchrome_DESKTOP_3_1_active_0%26refresh27Split%3Drefresh_experiment_3_pv%26ap_refresh_type%3DAV_1%26hb_ap_format%3Dbanner%26hb_ap_pb%3D0.10%26hb_ap_adid%3D89a1c96b5a5e2de%26hb_ap_bidder%3Dteads%26fcEnabled%3D0&cust_params=da%3Dadx%26outbrain%3Dtrue%26ap_product%3Dadpushup%26pubmatic_eb_disable%3Dfalse%26ap_fp_engine_ran%3D0%26fp_engine_ran%3D0_3%26ap_fp_engine_type%3Dnone%26ap_fp_engine_temp%3Dnone_3%26adro%3Dv8_c%26faid%3Dfalse&adks=1420297610&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/pubads_impl.js?cb=31079658
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
868a771e36482835204be9ca38a2c2a8df0465ccea1fab53a090243f45063ef6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 11:54:19 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14762
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame 36F0 		492 B
604 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3441359473568310&correlator=4032425606298889&eid=31079667%2C44808652%2C31079575&output=ldjh&gdfp_req=1&vrg=202311090101&ptt=17&impl=fifs&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&sfv=1-0-40&sc=1&cdm=cdn.aralego.net&abxe=1&dt=1700481258762&lmt=1644386353&adxs=-12245933&adys=-12245933&biw=-12245933&bih=-12245933&scr_x=-12245933&scr_y=-12245933&ucis=c6ezcqiseuix&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&nhd=1&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2FcookieSyncIframe.html&ref=https%3A%2F%2Fwww.bg3.co%2F&top=https%3A%2F%2Fwww.bg3.co%2F&vis=1&psz=0x0&msz=0x-1&fws=256&ohw=0&ea=0&ga_vid=1498338541.1700481259&ga_sid=1700481259&ga_hid=681324636&ga_fc=false&dlt=1700481258432&idt=294&adks=64515409&frm=24
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
22103664a3e32dc362fab1501f0b56cab92ab920b7d9cd2c084704d2d44510a7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 11:54:18 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
234
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://cdn.aralego.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
28b80d983001049884fdc6317880bd6b.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame A7B0 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://28b80d983001049884fdc6317880bd6b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f193.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 20 Nov 2023 11:54:18 GMT
expires
Tue, 19 Nov 2024 11:54:18 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
usync.js
eus.rubiconproject.com/ Frame 610A 		46 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-22-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
e57ed78afee3ccb5320cc741459f82ade5883644242f3a06687086418012facd

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=adiiix
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 20 Nov 2023 11:54:18 GMT
Content-Encoding
gzip
Last-Modified
Mon, 20 Nov 2023 04:24:50 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=59423
Connection
keep-alive
Content-Length
13229
Expires
Tue, 21 Nov 2023 04:24:41 GMT
usync.js
eus.rubiconproject.com/ Frame 6EC8 		46 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-22-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
e57ed78afee3ccb5320cc741459f82ade5883644242f3a06687086418012facd

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 20 Nov 2023 11:54:18 GMT
Content-Encoding
gzip
Last-Modified
Mon, 20 Nov 2023 04:24:50 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=59423
Connection
keep-alive
Content-Length
13229
Expires
Tue, 21 Nov 2023 04:24:41 GMT
/
track.adform.net/adfserve/ Frame 4139 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfserve/?CC=1&bn=54110933;rtbwp=ZVtI6QAMW3oH_YRDAAbTM4u0qNerTunf4RWcLA;rtbdata=YuRdJOSHy5zI_PcTjfGRYKpHQjT3nfjq5kFGsrj9q6lBqx9Htn_7GTl7QWIkllmtB0Zv1VhWI64La16hzRAvlXD04MqW1HEyB7tZllmO0QvmJcZbf0ko94c4M2Qhdmv8owBELcNBe-ir3AVB4Xp0aWRxbg4Rm3WRhh51UAwxVFO-LOaajMikP-t1qzlwHdUHzTsJGp5DfTWeN8uThe2kIU7jQOZYXNLwQy91pGzS71x3kw8zAOxR8BqxL2e8QLHxN0emMd0A9203rUb4zBGTN06-QClL-MxkPalRKZDz3Pp0-Uv3UM-EOl6LBR_CirIRsdwWyPT5miNB4SKZKGrNxw2;nofp=1;click=https://adclick.g.doubleclick.net/aclk?sa=L&ai=Cboqr6UhbZfq2McOI9u8Ps6abYJGtxbxc3ebspu4CwI23ARABIABg9Y27gZgEggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDTIAQmpAhGdqMqfqIM-4AIAqAMByAMCqgT-Ak_QYZFomtiqJrUMhlSzJYpCo3dpJ6aMQ6NjStaYoz_VqQDnNoXQH045hcGtGzvGIM3EyKs3T14TGh_6Yr7smiNGAmM6tbJl_I3-80K_3wO3NrEF2MDfJJBSKMLBdCj55w6xy_7n1l_3XUKCx8nR-gGj23Defpk7NM3BUzkiFw-Wn7hqxRQxLGNu2b9kM65VbrhF3KKbWiLSsbyz1t8CpeK6fF5BaR32RmtfdZOsPxtjgAdOZIsH4SI-AOwIyrobZRDsH_RFe2Xvx7iKlXII1Ewrk9o9A6Sg64W1UJuklzaLWdw7U1urvAvJ31MmTr6WKC2EmOvD3hVR1yxB8AbtTKu0vxy_Bk9IPt0NFp6Ynd9IQjQG4WijQPMZKj_VZL7NQOI-lv4UJv_A9LEr9-uT5C_rgH9EDiodamYA7gLLHwiC0VrAd-1OEq2x6l95Lzj3Rg6YTAalCcPt4eTwode1gyBAUndFofHkLW2vH-VvtIDg94nL03Y6qimi05-5LdngBAGABseL9NrNoKyasgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE68ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgw-gsCCAGADAHiDRMIicTFqsLSggMVQ4T9Bx0z0wYM0BUBgBcB&num=1&sig=AOD64_2YWjfXYmAGCDegd-zUgj69ZfnlwQ&client=ca-pub-8933329999391104&adurl=;js=1;adfxid=1x;1300;set=en-US|en-US|1600X1200|0|0|0|24|8|3|7|1|;fd=0|0&CREFURL=https%3A%2F%2Fwww.bg3.co
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.232 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
ded71afe368361dc6df8cd5ceb1b1487c74d3551b1ac3f6565670de91ac04093
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://0cdb8e87210a0ca781607e22327923a6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Nov 2023 11:54:18 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
3715
expires
-1
khaos.json
token.rubiconproject.com/ Frame 610A 		7 B
765 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
66ef90d06496cfd000aab8206f2b6221
Expires
0
khaos.json
token.rubiconproject.com/ Frame 6EC8 		7 B
380 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?gdpr=1&us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
66ef90d06496cfd000aab8206f2b6221
Expires
0
L2Evc2hpLW5pLW1hLWJlaS1zaGkteGlvbmctaGFvLXF1YW4tdGktemFvLWZhLWZhbmctMTF3ZWkteGluZy15dW4tZXItemhvbmctNXpoYW5nLXF1YW4tc2h1YW5nLW5hLTMwMDAuaHRtbA==.json
cdn.adpushup.com/42753/ 		555 B
245 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/42753/L2Evc2hpLW5pLW1hLWJlaS1zaGkteGlvbmctaGFvLXF1YW4tdGktemFvLWZhLWZhbmctMTF3ZWkteGluZy15dW4tZXItemhvbmctNXpoYW5nLXF1YW4tc2h1YW5nLW5hLTMwMDAuaHRtbA==.json
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
6d83b77c3d8c5c0ccc7078540a1fb0bd9fa43eeb82b89f83264d469aa100c088

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Tue, 19 Nov 2024 11:54:19 GMT
date
Mon, 20 Nov 2023 11:53:14 GMT
content-encoding
br
server
nginx/1.18.0
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
cache-control
max-age=31536000
x-client-device
desktop
x-client-geo
CH
pixel;r=729309330;rf=0;a=p-54Nt-1NAaEEe0;url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fshi-ni-ma-bei-shi-xiong-hao-quan-ti-zao-fa-fang-11wei-xing-yun-er-zhong-5zhang-quan-shuang-na-3000.html;uh=e51ed67dfb8d91...
pixel.quantserve.com/ 		35 B
371 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=729309330;rf=0;a=p-54Nt-1NAaEEe0;url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fshi-ni-ma-bei-shi-xiong-hao-quan-ti-zao-fa-fang-11wei-xing-yun-er-zhong-5zhang-quan-shuang-na-3000.html;uh=e51ed67dfb8d91dc24b15e2ace0c3bc33bc53c3e1dfb09200d6c2f8387d67ea6;uht=2;fpan=1;fpa=P0-426779085-1700481258360;pbc=5e0a9803-cd22-4857-b3a4-88ecef38bb56;ns=0;ce=1;qjs=1;qv=6076e8c2-20231114150359;cm=;gdpr=0;ref=;d=bg3.co;dst=1;et=1700481258887;tzo=-60;ogl=;ses=820d8cc3-549a-46aa-a9b2-163b505ad787;mdl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/shi-ni-ma-bei-shi-xiong-hao-quan-ti-zao-fa-fang-11wei-xing-yun-er-zhong-5zhang-quan-shuang-na-3000.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.228.74.168 , United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Nov 2023 11:54:18 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
auctionData
e3.adpushup.com/AdPushupFeedbackWebService/feedback/aphb/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/aphb/auctionData?data=eyJzaXRlSWQiOjQyNzUzLCJ1cmwiOiJodHRwczovL3d3dy5iZzMuY28vYS9zaGktbmktbWEtYmVpLXNoaS14aW9uZy1oYW8tcXVhbi10aS16YW8tZmEtZmFuZy0xMXdlaS14aW5nLXl1bi1lci16aG9uZy01emhhbmctcXVhbi1zaHVhbmctbmEtMzAwMC5odG1sIiwic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInBsYXRmb3JtIjoiREVTS1RPUCIsInBhY2tldElkIjoiMDAwMEE3MDEtZmFhOGJmY2EtNGI0OS00NDU2LTg0MDctNzY2NTUzYWZlNWFkIiwicGFnZUdyb3VwIjoiQVJUSUNMRSIsInBhZ2VWYXJpYXRpb25JZCI6Ijk2NzUwMTI1LWI5MGMtNDk3YS04Njk5LTczMTcxZjdiNDkzNSIsInBhZ2VWYXJpYXRpb25OYW1lIjoiQWRQdXNodXAiLCJwYWdlVmFyaWF0aW9uVHlwZSI6MSwic2VjdGlvbnMiOlt7InNlY3Rpb25JZCI6ImQxYzEwYTcyLTI3YjQtNDkzMS04Y2U3LTk5YTE4ZWJiZGJhZSIsInNlY3Rpb25OYW1lIjoiQVBfSV9EX0FSVElDTEVfNzI4WDkwX2QxYzEwIiwicGxhY2VtZW50IjoxLCJyZWZyZXNoQ291bnQiOjAsInByZWJpZEF1Y3Rpb25JZCI6ImY3YmFkNGJiLTIzZjUtNGJiNC04YWY5LTdhYTI2NTdjMmYyOCIsInRpbWVPZkF1Y3Rpb24iOjE3MDA0ODEyNTgwNzUsImJpZHMiOlt7ImNwbSI6MC4xLCJhZElkIjoiOTE5YWNlZDA1ZTBmZmZkIiwib3JpZ2luYWxDcG0iOjAuMSwiYmlkZGVyIjoidGVhZHMiLCJyZXZlbnVlIjowLjAwMDEsImZvcm1hdFR5cGUiOiJiYW5uZXIiLCJyZXNwb25zZVRpbWUiOjM1MSwidGltZU9mQmlkUmVjZWl2ZWQiOjE3MDA0ODEyNTg4NzV9LHsiY3BtIjowLjEsImFkSWQiOiI5MjVlNmEwMDg2NTFkNjQiLCJvcmlnaW5hbENwbSI6MC4xLCJiaWRkZXIiOiJ0ZWFkcyIsInJldmVudWUiOjAuMDAwMSwiZm9ybWF0VHlwZSI6ImJhbm5lciIsInJlc3BvbnNlVGltZSI6MzUyLCJ0aW1lT2ZCaWRSZWNlaXZlZCI6MTcwMDQ4MTI1ODg3Nn1dLCJ0aW1lZE91dEJpZGRlcnMiOltdLCJyZXF1ZXN0ZWRGb3JtYXRzIjpbImRpc3BsYXkiLCJ2aWRlbyIsIm5hdGl2ZSJdLCJwcmViaWRXaW5uZXIiOiJ0ZWFkcyIsInByZWJpZFdpbm5lckFkVW5pdElkIjoiOTE5YWNlZDA1ZTBmZmZkIiwicHJlYmlkV2lubmVyQ3BtIjowLjAwMDF9XSwiY291bnRyeSI6IkNIIn0%3D&c_b=5226.300003051758
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/shi-ni-ma-bei-shi-xiong-hao-quan-ti-zao-fa-fang-11wei-xing-yun-er-zhong-5zhang-quan-shuang-na-3000.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Nov 2023 11:54:18 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame 36F0 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202311090101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
667dbe72c15327d9395b3c168b978c56a62e33612d99e92db8bfc85edd75b25d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 11:54:19 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12368
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		28 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=424210605974472&correlator=4198793260488646&eid=31079660%2C31079658%2C31079525&output=ldjh&gdfp_req=1&vrg=202311130101&ptt=17&impl=fifs&iu_parts=103512698%3A22574853003%2C22479095528&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C970x90%7C900x90%7C728x90%7C690x90%7C675x90%7C670x90%7C650x90%7C630x90%7C600x90%7C580x90%7C570x90%7C468x60%7C320x50%7C300x50%7C300x75&fluid=height&ifi=3&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D1a41361e827bc7a2%3AT%3D1700481257%3ART%3D1700481257%3AS%3DALNI_MYFSSKGpZM-0LwDSvHsIEtPXCrmyw&gpic=UID%3D00000cceb2dbfa89%3AT%3D1700481257%3ART%3D1700481257%3AS%3DALNI_MZprw4zR294mb7E3ZeSjhnV_dgsUQ&arp=1&abxe=1&dt=1700481258923&lmt=1700481258&adxs=315&adys=1110&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fshi-ni-ma-bei-shi-xiong-hao-quan-ti-zao-fa-fang-11wei-xing-yun-er-zhong-5zhang-quan-shuang-na-3000.html&vis=1&psz=970x-1&msz=970x-1&fws=516&ohw=1600&ga_vid=861161258.1700481257&ga_sid=1700481258&ga_hid=100393372&ga_fc=true&dlt=1700481256067&idt=1620&prev_scp=stopUnfilledRefresh3%3Dd_g0_u0%26adpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D1%26fluid%3D0%26vacant_variation%3Dexperiment_bp_0%26vacant_RCA%3DE_0%26refreshcount%3D0%26refreshrate%3D30%26control_reporting%3Dchrome_DESKTOP_3_0%26cluster_reporting%3Dchrome_DESKTOP_3_1_active_0%26ap_refresh_type%3DAV_3%26hb_ap_format%3Dbanner%26hb_ap_pb%3D0.10%26hb_ap_adid%3D919aced05e0fffd%26hb_ap_bidder%3Dteads%26fcEnabled%3D0&cust_params=da%3Dadx%26outbrain%3Dtrue%26ap_product%3Dadpushup%26pubmatic_eb_disable%3Dfalse%26ap_fp_engine_ran%3D0%26fp_engine_ran%3D0_3%26ap_fp_engine_type%3Dnone%26ap_fp_engine_temp%3Dnone_3%26adro%3Dv8_c%26faid%3Dfalse&adks=2825066673&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/pubads_impl.js?cb=31079658
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
e5535630aee81a6e646850eb23f3d587ee14f9c46ce9e47bf6ce68f15e11295e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 11:54:19 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12347
x-xss-protection
0
google-lineitem-id
5221339621
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138440835884
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame 2B4B 		151 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
0ee518905c8d0b61371c39d22ccbfcfc40b63248083f1fbeab8e965bef0ac1b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 11:54:19 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52859
x-xss-protection
0
server
cafe
etag
10090177806707469710
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 20 Nov 2023 11:54:19 GMT
bd4e7bcd7e.html
tm.ad-srv.net/tm/a/container/html/ Frame 4139 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tm.ad-srv.net/tm/a/container/html/bd4e7bcd7e.html?eli=8869608&cguid=fe8b6e5471&click=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3DL%26ai%3DCboqr6UhbZfq2McOI9u8Ps6abYJGtxbxc3ebspu4CwI23ARABIABg9Y27gZgEggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDTIAQmpAhGdqMqfqIM-4AIAqAMByAMCqgT-Ak_QYZFomtiqJrUMhlSzJYpCo3dpJ6aMQ6NjStaYoz_VqQDnNoXQH045hcGtGzvGIM3EyKs3T14TGh_6Yr7smiNGAmM6tbJl_I3-80K_3wO3NrEF2MDfJJBSKMLBdCj55w6xy_7n1l_3XUKCx8nR-gGj23Defpk7NM3BUzkiFw-Wn7hqxRQxLGNu2b9kM65VbrhF3KKbWiLSsbyz1t8CpeK6fF5BaR32RmtfdZOsPxtjgAdOZIsH4SI-AOwIyrobZRDsH_RFe2Xvx7iKlXII1Ewrk9o9A6Sg64W1UJuklzaLWdw7U1urvAvJ31MmTr6WKC2EmOvD3hVR1yxB8AbtTKu0vxy_Bk9IPt0NFp6Ynd9IQjQG4WijQPMZKj_VZL7NQOI-lv4UJv_A9LEr9-uT5C_rgH9EDiodamYA7gLLHwiC0VrAd-1OEq2x6l95Lzj3Rg6YTAalCcPt4eTwode1gyBAUndFofHkLW2vH-VvtIDg94nL03Y6qimi05-5LdngBAGABseL9NrNoKyasgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE68ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgw-gsCCAGADAHiDRMIicTFqsLSggMVQ4T9Bx0z0wYM0BUBgBcB%26num%3D1%26sig%3DAOD64_2YWjfXYmAGCDegd-zUgj69ZfnlwQ%26client%3Dca-pub-8933329999391104%26adurl%3Dhttps%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D54110933%3Bcrtbwp%3DZVtI6QAMW3oH_YRDAAbTM4u0qNerTunf4RWcLA%3Bcrtbdata%3DYuRdJOSHy5zI_PcTjfGRYKpHQjT3nfjq5kFGsrj9q6lBqx9Htn_7GTl7QWIkllmtB0Zv1VhWI64La16hzRAvlXD04MqW1HEyB7tZllmO0QvmJcZbf0ko94c4M2Qhdmv8owBELcNBe-ir3AVB4Xp0aWRxbg4Rm3WRhh51UAwxVFO-LOaajMikP-t1qzlwHdUHzTsJGp5DfTWeN8uThe2kIU7jQOZYXNLwQy91pGzS71x3kw8zAOxR8BqxL2e8QLHxN0emMd0A9203rUb4zBGTN06-QClL-MxkPalRKZDz3Pp0-Uv3UM-EOl6LBR_CirIRsdwWyPT5miNB4SKZKGrNxw2%3Badfibeg%3D0%3Bcdata%3Dpu6KinkRptpydr60SavkIc5FUbYsBq2I2udXaIzXfZ8rWKWEHL6U8cSqjIXd1ONvqU3n2qjTuTQp3-HcdHOt-nwqkKpBn-_tRcphiL3x-mVczQvwPX1n2TgIs4RpP7F-2e6R22Hel9zE4_sQZGQgqA2%3B%3BCREFURL%3Dhttps%253a%252f%252fwww.bg3.co%3BC%3D1%3Bcpdir%3D&eVS=Doubleclick+Ad+Exchange+by+Google&eVRDD=www.bg3.co&eVRDB=bg3.co&eVAI=7105060873762785654&rnd=81098&gdpr=0&gdpr_consent=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/shi-ni-ma-bei-shi-xiong-hao-quan-ti-zao-fa-fang-11wei-xing-yun-er-zhong-5zhang-quan-shuang-na-3000.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
5.9.97.245 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.245.97.9.5.clients.your-server.de
Software
nginx /
Resource Hash
375f82806b053c4641fb7f00545ed284b173f0078672978ea09b46fc95e8e4aa

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://0cdb8e87210a0ca781607e22327923a6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 20 Nov 2023 11:54:19 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type
text/html; charset=utf-8
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Expires
0
/
track.adform.net/csimpr/ Frame 4139 		35 B
625 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/csimpr/?bn=54110933&csi=jZXd-dZSeh1nA_SbcNf1kSqCOEHaLkv0Dk-fpag8K5TrygPkIxxfk0iAWuy386qgKnxD8JmFpm0YOtQbc9HjGmQBbo50IEXs0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.232 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://0cdb8e87210a0ca781607e22327923a6.safeframe.googlesyndication.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 20 Nov 2023 11:54:19 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://0cdb8e87210a0ca781607e22327923a6.safeframe.googlesyndication.com
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
ThirdParty
s1.adform.net/stoat/630/s1.adform.net/load/v/0.0.236/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:types/ Frame 4139 		34 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/630/s1.adform.net/load/v/0.0.236/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:types/ThirdParty
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
f56bc825839f62fe7b2597768b08fa433e8ad2e02db872cface67b4821ffe034

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://0cdb8e87210a0ca781607e22327923a6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 11:54:19 GMT
content-encoding
gzip
last-modified
Fri, 17 Nov 2023 10:42:02 GMT
server
nginx
x-cache-status
STALE
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Sat, 18 Nov 2023 15:27:22 GMT
video.min.js
vjs.zencdn.net/7.11.4/ 		524 KB
145 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vjs.zencdn.net/7.11.4/video.min.js
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/player/mvp/player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
36450a92fe687195cf33d0a8098dce473f832a07144be0d5e532293341c296d2

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-served-by
cache-vie6327-VIE
date
Mon, 20 Nov 2023 11:54:19 GMT
content-encoding
gzip
last-modified
Thu, 04 Feb 2021 16:37:54 GMT
etag
"dca7de69f28da40d65353c2e9323442b"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
timing-allow-origin
*
content-length
148475
x-cache-hits
2232
cmOsUnit.css
vidstat.taboola.com/vpaid/units/33_5_8/assets/css/ 		60 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/units/33_5_8/assets/css/cmOsUnit.css
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.5.9/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
83ecdfb76c38605f0e3538a0a9de0f1e57a457a2dfebe0654ee2f9b13c49a2ec

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-meta-mtime
1700031478
date
Mon, 20 Nov 2023 11:54:19 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
XXQWPNNNGHCKM6SY
age
449714
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-meta-ctime
1700031478
x-amz-meta-mode
33188
content-length
7924
x-amz-id-2
1xhf5twDpZJ1Xin0vrp+/iRXXBHoj8b8I9G4ihXLLWT9OElrflzK5oZzeuC6g0JPwz92qNImQUE=
x-served-by
cache-vie6362-VIE
last-modified
Wed, 15 Nov 2023 06:57:59 GMT
server
AmazonS3-br
x-timer
S1700481259.093522,VS0,VE0
etag
"a6067988de416f653559cce5285c7c1b"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
540305
cmTagFEED_MANAGER.js
vidstat.taboola.com/vpaid/units/33_5_8/infra/ 		604 KB
121 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/units/33_5_8/infra/cmTagFEED_MANAGER.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.5.9/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
b87f3aad27cbbca4f420872f410bde6254aa7235d6db390730f1d9f46511dd97

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-meta-mtime
1700031467
date
Mon, 20 Nov 2023 11:54:19 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
7H0TH5SRT6JHDNMN
age
449711
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-meta-ctime
1700031468
x-amz-meta-mode
33188
content-length
123398
x-amz-id-2
xBgM2eSxQZzy05wv1wz7Z/pskjUZp4ZaN+q1WMC/acfLPR+sUzKbKDx6NfxgPSBW7g6AZEJGeB8=
x-served-by
cache-vie6380-VIE
last-modified
Wed, 15 Nov 2023 06:57:49 GMT
server
AmazonS3-br
x-timer
S1700481259.094378,VS0,VE0
etag
"e8023cd27890386539e680dcc790152c"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
355558
f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ 		254 B
702 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/shi-ni-ma-bei-shi-xiong-hao-quan-ti-zao-fa-fang-11wei-xing-yun-er-zhong-5zhang-quan-shuang-na-3000.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
date
Mon, 20 Nov 2023 11:54:19 GMT
via
1.1 varnish
x-amz-request-id
FD26D12Y7BK355FT
age
8694
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
254
x-amz-id-2
ViPQbxvd//l6ZZAdT0W7FeqOO7M2ZDvihd8iXMpSx2rgFjyfVu3JdyZFiwkgF0Pws1fRiv4vTZg=
x-served-by
cache-vie6362-VIE
last-modified
Wed, 24 Jun 2015 07:14:11 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer
S1700481259.108621,VS0,VE0
etag
"dfa7b52c86e56bd67fa4002f6ed19854"
content-type
image/png
abp
88
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
5374
idsync
sync.aralego.com/ Frame 610A
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=adiiix&khaos=LP6UMWJB-1L-S8I
  • https://sync.aralego.com/idsync?ucf_nid=dsp-34BA74DB2DB8A36B0867EE4A76799A2&ucf_user_id=LP6UMWJB-1L-S8I
35 B
155 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.aralego.com/idsync?ucf_nid=dsp-34BA74DB2DB8A36B0867EE4A76799A2&ucf_user_id=LP6UMWJB-1L-S8I
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/shi-ni-ma-bei-shi-xiong-hao-quan-ti-zao-fa-fang-11wei-xing-yun-er-zhong-5zhang-quan-shuang-na-3000.html
Protocol
HTTP/1.1
Server
192.96.203.13 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 20 Nov 2023 11:54:19 GMT
Connection
close
Content-Length
35
Content-Type
image/gif

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://sync.aralego.com/idsync?ucf_nid=dsp-34BA74DB2DB8A36B0867EE4A76799A2&ucf_user_id=LP6UMWJB-1L-S8I
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
Expires
0
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/ Frame 2B4B 		397 KB
134 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/show_ads_impl_fy2021.js?bust=31079757
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
f258fa04db9e260e56de5cf937578644a11f91dc1c740876e01734422e014998
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 11:54:19 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
137252
x-xss-protection
0
server
cafe
etag
16994080794773672787
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Mon, 20 Nov 2023 11:54:19 GMT
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/ Frame BC5E 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
50219
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4118
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 19 Nov 2023 21:57:20 GMT
etag
16674218716276178799
expires
Sun, 03 Dec 2023 21:57:20 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
js
www.googletagmanager.com/gtag/ 		271 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JLX4K2W8JS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.136 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s46-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
5eeb86d477534d91cad7ead970143eb16ea7b7ff979d03622e0a45885865f3b4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 11:54:19 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
91866
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 20 Nov 2023 11:54:19 GMT
logs
http-intake.logs.datadoghq.com/api/v2/ 		2 B
252 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://http-intake.logs.datadoghq.com/api/v2/logs?dd-api-key=pub6b45632781dd758b20e9d8357c39efab&ddsource=nodejs&service=adpushup.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.233.145.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-233-145-170.compute-1.amazonaws.com
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 20 Nov 2023 11:54:19 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
accept-encoding
identity,gzip,x-gzip,deflate,x-deflate,zstd
content-type
application/json
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
2
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 610A
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=nzpJ9s0AQj6UJPBz4TxKeQ&rk=usync-other
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=nzpJ9s0AQj6UJPBz4TxKeQ
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=nzpJ9s0AQj6UJPBz4TxKeQ
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/shi-ni-ma-bei-shi-xiong-hao-quan-ti-zao-fa-fang-11wei-xing-yun-er-zhong-5zhang-quan-shuang-na-3000.html
Protocol
HTTP/1.1
Server
67.220.226.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 20 Nov 2023 11:54:20 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
N1MYWDFM1TQ8Q0YYPF7R
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=nzpJ9s0AQj6UJPBz4TxKeQ
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
78e3bdce5107450057bade54d54a0a7e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
rubicon
match.adsrvr.org/track/cmf/ Frame 610A 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/rubicon
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/shi-ni-ma-bei-shi-xiong-hao-quan-ti-zao-fa-fang-11wei-xing-yun-er-zhong-5zhang-quan-shuang-na-3000.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 11:54:19 GMT
server
Kestrel
content-length
70
content-type
image/gif
setuid
px.ads.linkedin.com/ Frame 610A
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LP6UMWJB-1L-S8I
0
651 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LP6UMWJB-1L-S8I
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/shi-ni-ma-bei-shi-xiong-hao-quan-ti-zao-fa-fang-11wei-xing-yun-er-zhong-5zhang-quan-shuang-na-3000.html
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 11:54:19 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: 1DF5C6C45BA74C388D92170064196B55 Ref B: GVA30EDGE0117 Ref C: 2023-11-20T11:54:19Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYKlCV0PmPYKXgvKyMdsg==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LP6UMWJB-1L-S8I
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
66ef90d06496cfd000aab8206f2b6221
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
s.amazon-adsystem.com/ Frame 610A
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=UD2SBWEzQuaLdd15GObGTA&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=UD2SBWEzQuaLdd15GObGTA
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=UD2SBWEzQuaLdd15GObGTA
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/shi-ni-ma-bei-shi-xiong-hao-quan-ti-zao-fa-fang-11wei-xing-yun-er-zhong-5zhang-quan-shuang-na-3000.html
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 20 Nov 2023 11:54:20 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
TGY28B0TZDXEMJYDAEC9
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=UD2SBWEzQuaLdd15GObGTA
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 610A
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/folwx5t5RtABbP9WiWp4yw?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-y9sqFgpE2oJJ5i.v6SazP9Sq_Q1DHYzNRGVlYw--~A
42 B
678 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-y9sqFgpE2oJJ5i.v6SazP9Sq_Q1DHYzNRGVlYw--~A
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/shi-ni-ma-bei-shi-xiong-hao-quan-ti-zao-fa-fang-11wei-xing-yun-er-zhong-5zhang-quan-shuang-na-3000.html
Protocol
HTTP/1.1
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
78e3bdce5107450057bade54d54a0a7e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Mon, 20 Nov 2023 11:54:19 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-y9sqFgpE2oJJ5i.v6SazP9Sq_Q1DHYzNRGVlYw--~A
content-length
0
ecm3
s.amazon-adsystem.com/ Frame 610A
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=a9us
  • https://s.amazon-adsystem.com/ecm3?id=LP6UMWJB-1L-S8I&ex=d-rubiconproject.com&status=ok
43 B
720 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=LP6UMWJB-1L-S8I&ex=d-rubiconproject.com&status=ok
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/shi-ni-ma-bei-shi-xiong-hao-quan-ti-zao-fa-fang-11wei-xing-yun-er-zhong-5zhang-quan-shuang-na-3000.html
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 20 Nov 2023 11:54:19 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
5SVQ7ZC237HJB9TD3QCF
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://s.amazon-adsystem.com/ecm3?id=LP6UMWJB-1L-S8I&ex=d-rubiconproject.com&status=ok
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
Expires
0
pixel
cm.g.doubleclick.net/ Frame 610A
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZTcwZjBkMmRlOWI1ZDY5MDhmMmEwYjZlOWM2MzM2OGRlYTIwNGQyOA
170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZTcwZjBkMmRlOWI1ZDY5MDhmMmEwYjZlOWM2MzM2OGRlYTIwNGQyOA
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/shi-ni-ma-bei-shi-xiong-hao-quan-ti-zao-fa-fang-11wei-xing-yun-er-zhong-5zhang-quan-shuang-na-3000.html
Protocol
H2
Server
142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Nov 2023 11:54:19 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZTcwZjBkMmRlOWI1ZDY5MDhmMmEwYjZlOWM2MzM2OGRlYTIwNGQyOA
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
28e1e7d28d06b07ec669bc9e43057b8e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 610A
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TFA2VU1XSkItMUwtUzhJ
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEJQQIvjSEwwtEm4QX0tCESk&google_cver=1
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFA2VU1XSkItMUwtUzhJ&google_push=
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFA2VU1XSkItMUwtUzhJ&google_push=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/shi-ni-ma-bei-shi-xiong-hao-quan-ti-zao-fa-fang-11wei-xing-yun-er-zhong-5zhang-quan-shuang-na-3000.html
Protocol
H2
Server
142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Nov 2023 11:54:19 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFA2VU1XSkItMUwtUzhJ&google_push=
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
Expires
0
tap.php
pixel.rubiconproject.com/ Frame 610A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEMl5QwV2SmtKIITt-6K6Ues&google_cver=1
42 B
678 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEMl5QwV2SmtKIITt-6K6Ues&google_cver=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/shi-ni-ma-bei-shi-xiong-hao-quan-ti-zao-fa-fang-11wei-xing-yun-er-zhong-5zhang-quan-shuang-na-3000.html
Protocol
HTTP/1.1
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Mon, 20 Nov 2023 11:54:19 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEMl5QwV2SmtKIITt-6K6Ues&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame 610A
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&_bee_ppp=1
  • https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AADaS07KtpIAABQ8zLmq8A&expires=30
42 B
678 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AADaS07KtpIAABQ8zLmq8A&expires=30
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/shi-ni-ma-bei-shi-xiong-hao-quan-ti-zao-fa-fang-11wei-xing-yun-er-zhong-5zhang-quan-shuang-na-3000.html
Protocol
HTTP/1.1
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
78e3bdce5107450057bade54d54a0a7e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AADaS07KtpIAABQ8zLmq8A&expires=30
Date
Mon, 20 Nov 2023 11:54:19 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
magnite
prebid.a-mo.net/setuid/ Frame 610A
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx
  • https://prebid.a-mo.net/setuid/magnite?uid=LP6UMWJB-1L-S8I
0
150 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid/magnite?uid=LP6UMWJB-1L-S8I
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/shi-ni-ma-bei-shi-xiong-hao-quan-ti-zao-fa-fang-11wei-xing-yun-er-zhong-5zhang-quan-shuang-na-3000.html
Protocol
H2
Server
147.75.84.158 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 11:54:19 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
vary
Accept-Encoding

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://prebid.a-mo.net/setuid/magnite?uid=LP6UMWJB-1L-S8I
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
Expires
0
pixel
capi.connatix.com/us/ Frame 610A
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=19564
  • https://capi.connatix.com/us/pixel?puid=LP6UMWJB-1L-S8I&pId=11&gdpr=&gdpr_consent=&us_privacy=
  • https://capi.connatix.com/us/pixel?puid=LP6UMWJB-1L-S8I&pId=11&gdpr=&gdpr_consent=&us_privacy=&final=true
82 B
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://capi.connatix.com/us/pixel?puid=LP6UMWJB-1L-S8I&pId=11&gdpr=&gdpr_consent=&us_privacy=&final=true
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/shi-ni-ma-bei-shi-xiong-hao-quan-ti-zao-fa-fang-11wei-xing-yun-er-zhong-5zhang-quan-shuang-na-3000.html
Protocol
H2
Server
104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 11:54:20 GMT
cf-cache-status
DYNAMIC
server
cloudflare
surrogate-control
no-cache, no-store, must-revalidate, max-age=0
vary
Accept-Encoding
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, max-age=0
cf-ray
82907f63bdd9027c-CDG
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Mon, 20 Nov 2023 11:54:20 GMT
cf-cache-status
DYNAMIC
server
cloudflare
location
https://capi.connatix.com/us/pixel?puid=LP6UMWJB-1L-S8I&pId=11&gdpr=&gdpr_consent=&us_privacy=&final=true
cache-control
no-cache, no-store, must-revalidate, max-age=0
cf-ray
82907f633d27027c-CDG
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
content-length
0
alt-svc
h3=":443"; ma=86400
liveCS.php
live.primis.tech/live/ Frame 610A
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=primis
  • https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LP6UMWJB-1L-S8I
0
524 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LP6UMWJB-1L-S8I
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/shi-ni-ma-bei-shi-xiong-hao-quan-ti-zao-fa-fang-11wei-xing-yun-er-zhong-5zhang-quan-shuang-na-3000.html
Protocol
H2
Server
13.32.99.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-61.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Nov 2023 11:54:20 GMT
content-encoding
gzip
via
1.1 d262e104d5d9dd6a4a52f090bdf9395c.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA60-P3
age
0
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/html; charset=utf-8
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
E-FMBsGHLBenU2emaVusxeEAOJfZxSqEvqpGKJxIbiG8r26_sc0i1A==

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LP6UMWJB-1L-S8I
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
Expires
0
merge
ce.lijit.com/ Frame 610A
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=sovrn
  • https://ce.lijit.com/merge?pid=80&3pid=LP6UMWJB-1L-S8I
0
311 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=80&3pid=LP6UMWJB-1L-S8I
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/shi-ni-ma-bei-shi-xiong-hao-quan-ti-zao-fa-fang-11wei-xing-yun-er-zhong-5zhang-quan-shuang-na-3000.html
Protocol
HTTP/1.1
Server
216.52.2.39 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Expires
Fri, 20 Mar 2009 00:00:00 GMT
Pragma
no-cache
Date
Mon, 20 Nov 2023 11:54:20 GMT
X-MERGE
GDPR Optout true
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap7ams1
P3P
CP="CUR ADM OUR NOR STA NID"

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ce.lijit.com/merge?pid=80&3pid=LP6UMWJB-1L-S8I
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
Expires
0
check
pixel.tapad.com/idsync/ex/receive/ Frame 610A
Redirect Chain
  • https://token.rubiconproject.com/token?pid=37556&a=1
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LP6UMWJB-1L-S8I
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3355&partner_device_id=LP6UMWJB-1L-S8I
95 B
435 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3355&partner_device_id=LP6UMWJB-1L-S8I
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/shi-ni-ma-bei-shi-xiong-hao-quan-ti-zao-fa-fang-11wei-xing-yun-er-zhong-5zhang-quan-shuang-na-3000.html
Protocol
H2
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 11:54:20 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

date
Mon, 20 Nov 2023 11:54:20 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin
*
location
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3355&partner_device_id=LP6UMWJB-1L-S8I
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
cksync
hb.yahoo.net/ Frame 610A
Redirect Chain
  • https://token.rubiconproject.com/token?pid=26594
  • https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LP6UMWJB-1L-S8I&redir=true
  • https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=58160&ovsid=LP6UMWJB-1L-S8I&redir=true
  • https://hb.yahoo.net/cksync?cs=63&axid_e=eS1xalJ0OEVWRTJ1RzNqaDU2ajc4eU1WcG9KR0NzRVRzWX5B&ovsid=LP6UMWJB-1L-S8I&dpid=58160
52 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hb.yahoo.net/cksync?cs=63&axid_e=eS1xalJ0OEVWRTJ1RzNqaDU2ajc4eU1WcG9KR0NzRVRzWX5B&ovsid=LP6UMWJB-1L-S8I&dpid=58160
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/shi-ni-ma-bei-shi-xiong-hao-quan-ti-zao-fa-fang-11wei-xing-yun-er-zhong-5zhang-quan-shuang-na-3000.html
Protocol
H2
Server
2.19.126.72 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-19-126-72.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
5f20338b9aab2f5f33562eb3b0b23d999896ce426cacd2231b4123510571df4e
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains, max-age=604800

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=86400 ; includeSubDomains, max-age=604800
date
Mon, 20 Nov 2023 11:54:20 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
52
x-mnet-hl2
E
expires
Mon, 20 Nov 2023 11:54:20 GMT

Redirect headers

location
https://hb.yahoo.net/cksync?cs=63&axid_e=eS1xalJ0OEVWRTJ1RzNqaDU2ajc4eU1WcG9KR0NzRVRzWX5B&ovsid=LP6UMWJB-1L-S8I&dpid=58160
date
Mon, 20 Nov 2023 11:54:20 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
content_v3.js
vidstat.taboola.com/ 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/content_v3.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/33_5_8/infra/cmTagFEED_MANAGER.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
12af7975664854ca36da674714083fa05297940fce71e42dabf688e2eb19a0f1

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 11:54:19 GMT
via
1.1 07ba06e632a891feeba3436a80d00ee4.cloudfront.net (CloudFront), 1.1 varnish
content-encoding
gzip
x-amz-cf-pop
VIE50-C2
age
685630
x-cache
Hit from cloudfront, HIT
content-length
4839
x-served-by
cache-vie6362-VIE
last-modified
Wed, 20 Jul 2022 13:23:50 GMT
server
AmazonS3
x-timer
S1700481259.472293,VS0,VE0
etag
"f7533e747bb02a8eb527ada4f2749620"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
HTwZxlTSakFPdvc0cDCR9PASMc04sIkVuaGJjIo42iGHTRf8TP49Vw==
x-cache-hits
80969
OvaMediaPlayer.js
vidstat.taboola.com/vpaid/vPlayer/player/v148380.820/ 		429 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/vPlayer/player/v148380.820/OvaMediaPlayer.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/33_5_8/infra/cmTagFEED_MANAGER.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
d09bbf5a3eedc517944746c3b161073aca9b18426de79f97c46b1f565223285b

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-meta-mtime
1700472654
date
Mon, 20 Nov 2023 11:54:19 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
E1634YTWNJWEM3G1
age
8535
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-meta-ctime
1700472667
x-amz-meta-mode
33188
content-length
81853
x-amz-id-2
lwHWMIfsFD1M/rAEXg4qNOHBIRZo3hNB6W8IO8FA1OJ7SVMve1ByDL1JJA4ckFB8dyty87yKnZs=
x-served-by
cache-vie6380-VIE
last-modified
Mon, 20 Nov 2023 09:31:08 GMT
server
AmazonS3-br
x-timer
S1700481260.565952,VS0,VE0
etag
"b511c7baca104751b1015b00c25bfb40"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
3733
sync
am-match.taboola.com/ Frame D105 		577 B
662 B 		Document
General
Check archive.org
Download Go to
Full URL
https://am-match.taboola.com/sync?dast=V8POUCLAZkVtFOZL_RtRHIrKKdyH6jaysAAABgYID-AElNTA7TxrZaiwarkVs0mNjcwsFm5FaOXCabYTWYjYwbIyCpiclh2thWa9FgNXKLBhObWzjYjNzKkctkM6wGs5FxYwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ8aDodPte9Xvf73SU-z1zj9yv8mqPTLXe61Q63xOV0a45Ot_Dpt_vcQoffrXg97G7R0y19-N0yh1vmsPvcisXu5XQLn3afW_m6u1WWt_Tot_vcqunRYfe5Fa-H3a05uh52n1vucGsGg8FcaHqb7QAAAADgwf___z8EAAAAgAgAAAAAEgAAAAAoBFT4tyBwAQAAAADD____vwaAZw4L7PIcFB6Hx-nw_AMAAAAACAAAAAASAAjohyUAYoz3Tvz_________xxigz7yR8f___3_DoAfAgw-AByEAAAAfQwTQPjbH58iwiRQUFmEEAAAAoGoYnuPIJJ2gYlHl__-_3wrAFQCAgEV2SmeQLLqDEm9hAAAABMYs0MPi95sddo3f7TL__________2b-z_yjEcIRfkwDRIxir-YXEABgzS8gAAAbdQMA8EYATtAhaMVgsDoBMTsAAAAAd_7____1gIjDNHMOVi7TYjNzOYcby8hjs3gmM99i4Rk5R6PtMRZgsGZMHSrssyEss993UFBOT4_ZZZCxXCaD-KBhWE4GwfxM2GK0mkw2y-FsuZgMhqPhaLQ_ArgcoIkYLJeTyWKyW41Wo81wN5oNFkggBhNE0aLBZDUaTRaT4Wo0Wc2Wi91ugyhatZqNNoPhajaZ7Xar4WC4HI3QhC1Gq8lksxzOlovJYDgajkZDBIODmWkwWQ3XopFt5BYNZ6O1cGTzuDWb2cg0Gy4Xi9FwLXp9TB_XaOOyDbdIMEBwL5KnRTpRmUaWkWUzWS1sholntRltHJ7dauYYLWariclkmoglmpNFOpFd9hWHaeYcrFymxWbmcg43lpHHZvFMZr7FwjNyjkb74mBmGkxWw7VoZBu5RcPZaC0c2TxuzWY2Ms2Gy8ViNFyLXh_TxzXauGzDfWM3GIyGi8lqtm_sBoPRcDFZzfYdOsN39TkblWWV5KNzGoa1pq3mNChcBov3pT6dhwVjQfv7HJ0mj-hZ1Bn9fr_f7_f7_X6_36D1HMwGhe95-Aunj-W5HM5GD2KDQRFLBBfpRPAwux2ml1vi82z8FrFEabpIJ3qFX3N0uuVOt9rhlricbs3R6RY-_XafW-jwuxWvh90terqlD79b5nDLHHafW7HYvZxu4dPucytfd7fK8pYe_XafWzU9Ouw-t-L1sLs1R9fD7nPLHW7NYDCYC01vs0UsEZwu0onoZTxd1H_UgKu5YrmaS0aDuWS4SgAAAAAAAAAAlmCa6SYAAAAATgY13AwXq3U6mMlsMtitlgvgIihLFzAIAAAAAABAscYea4CH2e0wvdwSn2fjtzIACeY8Zpt9RhBrtVrWAAAABLABAAAEcNONN4FjUdz_____OAAAADJy6AEAANDvA8I6cKXQC0fiVxCLxWC4fwAqxFqtVrcba7VaAQ1iN9pMJhP4____Dw!&excid=22&docw=0&cijs=1&nlb=false
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/33_5_8/infra/cmTagFEED_MANAGER.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
b4acaa15532c1ddad6fbba2c3b7c0eab6c0fdb6a7343be26353f357cca1370d3

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

content-type
text/html;charset=ISO-8859-1
date
Mon, 20 Nov 2023 11:54:19 GMT
machineid
3408
server
nginx
st
am-vid-events.taboola.com/ 		0
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=16&cisd=convusmp&cipid=66361655&crid=-1&dast=V8POUCLAZkVtFOZL_RtRHIrKKdyH6jaysAAABgYID-AElNTA7TxrZaiwarkVs0mNjcwsFm5FaOXCabYTWYjYwbIyCpiclh2thWa9FgNXKLBhObWzjYjNzKkctkM6wGs5FxYwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ8aDodPte9Xvf73SU-z1zj9yv8mqPTLXe61Q63xOV0a45Ot_Dpt_vcQoffrXg97G7R0y19-N0yh1vmsPvcisXu5XQLn3afW_m6u1WWt_Tot_vcqunRYfe5Fa-H3a05uh52n1vucGsGg8FcaHqb7QAAAADgwf___z8EAAAAgAgAAAAAEgAAAAAoBFT4tyBwAQAAAADD____vwaAZw4L7PIcFB6Hx-nw_AMAAAAACAAAAAASAAjohyUAYoz3Tvz_________xxigz7yR8f___3_DoAfAgw-AByEAAAAfQwTQPjbH58iwiRQUFmEEAAAAoGoYnuPIJJ2gYlHl__-_3wrAFQCAgEV2SmeQLLqDEm9hAAAABMYs0MPi95sddo3f7TL__________2b-z_yjEcIRfkwDRIxir-YXEABgzS8gAAAbdQMA8EYATtAhaMVgsDoBMTsAAAAAd_7____1gIjDNHMOVi7TYjNzOYcby8hjs3gmM99i4Rk5R6PtMRZgsGZMHSrssyEss993UFBOT4_ZZZCxXCaD-KBhWE4GwfxM2GK0mkw2y-FsuZgMhqPhaLQ_ArgcoIkYLJeTyWKyW41Wo81wN5oNFkggBhNE0aLBZDUaTRaT4Wo0Wc2Wi91ugyhatZqNNoPhajaZ7Xar4WC4HI3QhC1Gq8lksxzOlovJYDgajkZDBIODmWkwWQ3XopFt5BYNZ6O1cGTzuDWb2cg0Gy4Xi9FwLXp9TB_XaOOyDbdIMEBwL5KnRTpRmUaWkWUzWS1sholntRltHJ7dauYYLWariclkmoglmpNFOpFd9hWHaeYcrFymxWbmcg43lpHHZvFMZr7FwjNyjkb74mBmGkxWw7VoZBu5RcPZaC0c2TxuzWY2Ms2Gy8ViNFyLXh_TxzXauGzDfWM3GIyGi8lqtm_sBoPRcDFZzfYdOsN39TkblWWV5KNzGoa1pq3mNChcBov3pT6dhwVjQfv7HJ0mj-hZ1Bn9fr_f7_f7_X6_36D1HMwGhe95-Aunj-W5HM5GD2KDQRFLBBfpRPAwux2ml1vi82z8FrFEabpIJ3qFX3N0uuVOt9rhlricbs3R6RY-_XafW-jwuxWvh90terqlD79b5nDLHHafW7HYvZxu4dPucytfd7fK8pYe_XafWzU9Ouw-t-L1sLs1R9fD7nPLHW7NYDCYC01vs0UsEZwu0onoZTxd1H_UgKu5YrmaS0aDuWS4SgAAAAAAAAAAlmCa6SYAAAAATgY13AwXq3U6mMlsMtitlgvgIihLFzAIAAAAAABAscYea4CH2e0wvdwSn2fjtzIACeY8Zpt9RhBrtVrWAAAABLABAAAEcNONN4FjUdz_____OAAAADJy6AEAANDvA8I6cKXQC0fiVxCLxWC4fwAqxFqtVrcba7VaAQ1iN9pMJhP4____Dw!&cmcv=&pix=31579697&cb=1700481259544&uv=3358&tms=1700481259544&su=3&abt=adxsub-out_vA!adxsub-out_vB!lvlstst-in2_vC!lvlstst-in2_vC!lvlstst1_vC!pl148380-820_vA!t45!u2822_vA!ufm_vG&ft=0&unm=FEED_MANAGER&su=3&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/shi-ni-ma-bei-shi-xiong-hao-quan-ti-zao-fa-fang-11wei-xing-yun-er-zhong-5zhang-quan-shuang-na-3000.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 11:54:19 GMT
content-length
0
server
nginx
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012310301456000/ Frame 7165 		196 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/pubads_impl.js?cb=31079658
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f1.1e100.net
Software
sffe /
Resource Hash
c6077711ce3174050ccebe6559eb5f0e251942c2cad21900d1c3ef316065565b
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 17 Nov 2023 02:37:57 GMT
age
292582
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56081
x-xss-protection
0
server
sffe
etag
"6a17d296884b026a"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 16 Nov 2024 02:37:57 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012310301456000/v0/ Frame 7165 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310301456000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/pubads_impl.js?cb=31079658
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f1.1e100.net
Software
sffe /
Resource Hash
b53b6ad23b258ce11eed97786741510819a369348afcf1260856fe3041fc33de
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sat, 18 Nov 2023 08:33:14 GMT
age
184865
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5225
x-xss-protection
0
server
sffe
etag
"0b7142e00666043e"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 17 Nov 2024 08:33:14 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012310301456000/v0/ Frame 7165 		95 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310301456000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/pubads_impl.js?cb=31079658
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f1.1e100.net
Software
sffe /
Resource Hash
3907cc5ed9d4a0cdb316d069614220b55fccd5624ac173592a7a4c2c3aae0636
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 17 Nov 2023 03:53:12 GMT
age
288067
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29077
x-xss-protection
0
server
sffe
etag
"7b1f1965b6cd6fda"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 16 Nov 2024 03:53:12 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012310301456000/v0/ Frame 7165 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310301456000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/pubads_impl.js?cb=31079658
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f1.1e100.net
Software
sffe /
Resource Hash
516f5e4c2dc5c69f3e1707e76695f866f8e62468aca15c1a9ddb165eb684f6f0
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 17 Nov 2023 01:14:32 GMT
age
297587
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1911
x-xss-protection
0
server
sffe
etag
"5b0a82507b260c6e"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 16 Nov 2024 01:14:32 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012310301456000/v0/ Frame 7165 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310301456000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/pubads_impl.js?cb=31079658
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f1.1e100.net
Software
sffe /
Resource Hash
18ebc36644e10f87e20812c15e329c1b25848c62cd6cdfe74427cdf8995bc3a9
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 16 Nov 2023 14:54:32 GMT
age
334787
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12952
x-xss-protection
0
server
sffe
etag
"9817e561a46c70fa"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 15 Nov 2024 14:54:32 GMT
css
fonts.googleapis.com/ Frame 7165 		14 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/pubads_impl.js?cb=31079658
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f10.1e100.net
Software
ESF /
Resource Hash
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 20 Nov 2023 11:54:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 20 Nov 2023 10:10:52 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 20 Nov 2023 11:54:19 GMT
zh_tw.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 7165 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/zh_tw.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/shi-ni-ma-bei-shi-xiong-hao-quan-ti-zao-fa-fang-11wei-xing-yun-er-zhong-5zhang-quan-shuang-na-3000.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f1.1e100.net
Software
cafe /
Resource Hash
a956a6fe1ee57805393bf1781b32486b4ed9ca402a04320280e59a18bc348a87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 20:50:26 GMT
x-content-type-options
nosniff
server
cafe
age
54233
etag
7688947696963022458
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3430
x-xss-protection
0
expires
Mon, 20 Nov 2023 20:50:26 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 7165 		344 B
474 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/shi-ni-ma-bei-shi-xiong-hao-quan-ti-zao-fa-fang-11wei-xing-yun-er-zhong-5zhang-quan-shuang-na-3000.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f1.1e100.net
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 06:58:21 GMT
x-content-type-options
nosniff
server
cafe
age
17758
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
344
x-xss-protection
0
expires
Tue, 21 Nov 2023 06:58:21 GMT
l
www.google.com/ads/measurement/ Frame 7165 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRuWlVoyqZ_vyADi-aMdFLbgka4s3bQMySOClXENrqfDBW0QJw-2P9NtAH10QVWx3-_JlFR-GeFdI8Q80DMAtypbRJDtw
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/shi-ni-ma-bei-shi-xiong-hao-quan-ti-zao-fa-fang-11wei-xing-yun-er-zhong-5zhang-quan-shuang-na-3000.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.196 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f4.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 36F0 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f1.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 11:54:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 20 Nov 2023 11:54:19 GMT
blackScreen5.mp4
vidstatb.taboola.com/vid/ 		89 KB
89 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://vidstatb.taboola.com/vid/blackScreen5.mp4
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/shi-ni-ma-bei-shi-xiong-hao-quan-ti-zao-fa-fang-11wei-xing-yun-er-zhong-5zhang-quan-shuang-na-3000.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0407dafc112212a135d1aa4dd9b40ba0208c6bb6b1959f5535af093254189d66

Request headers

Referer
https://www.bg3.co/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

x-amz-meta-mtime
1497790207
date
Mon, 20 Nov 2023 11:54:19 GMT
via
1.1 218366faeb88f6d265d2589e37ea2dac.cloudfront.net (CloudFront), 1.1 varnish
x-amz-cf-pop
VIE50-C2
age
2149855
x-cache
Hit from cloudfront, HIT
Content-Range
bytes 0-90783/90784
x-amz-meta-mode
33188
Content-Length
90784
x-served-by
cache-vie6362-VIE
last-modified
Sun, 02 Jul 2017 20:40:57 GMT
server
AmazonS3
x-timer
S1700481260.721372,VS0,VE0
etag
"b2b087fe4ae638c533731c347fcd4df8"
x-amz-meta-uid
0
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
video/mp4
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
bg9T-gv14JSkyVMhukNhGve01LY3p6mSTu9jgy5Lc7cFiv-PrvE9VQ==
x-cache-hits
283402
cds-pips.js
cdn.taboola.com/scripts/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/cds-pips.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231119-2-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bce4b47b8fc12de49fac0a00e9039e38aa568aba0ee9154b93d20465f0289cfa

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
uLMchp7BESXZGZqPSJ8.FcfKBYdWFxIf
content-encoding
gzip
via
1.1 varnish
date
Mon, 20 Nov 2023 11:54:19 GMT
x-amz-request-id
E8XBPKMNM2KCVP59
age
1873
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1347
x-amz-id-2
yTPvbXIRcxO5XZ6sWa9txL89PBOhDe/tjG0AnOUNUSHCcGLrcnB/kKk/Qg3tOP8kDW2m9nj1tJc=
x-served-by
cache-vie6362-VIE
last-modified
Sun, 29 Oct 2023 14:06:32 GMT
server
AmazonS3
x-timer
S1700481260.721385,VS0,VE0
etag
"c52aa1ea682aef8ad5ebf7aff9662e35"
vary
Accept-Encoding
content-type
application/javascript
abp
73
access-control-allow-origin
*
cache-control
private, max-age=3600
accept-ranges
bytes
x-cache-hits
15399
eid.es5.js
cdn.taboola.com/scripts/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/eid.es5.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231119-2-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
12b5eaccd8a9d81a6a12512566d2b72aa7c100b4a261a08ee6aae4679a9e36b4

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
Bqo64Ai0BniIkPPSnUb8_cZLJGu.sClo
content-encoding
gzip
via
1.1 varnish
date
Mon, 20 Nov 2023 11:54:19 GMT
x-amz-request-id
HSXDMWCXGT481WMK
age
28532
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
6467
x-amz-id-2
Yvejyq0xvm2CvT5GvdqXG1xoFM+/iaDWfjluQrdxS0wTQgv2s6aEmUypU50vHC7G1JcdLoAH37s=
x-served-by
cache-vie6362-VIE
last-modified
Sun, 02 Apr 2023 13:09:57 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1700481260.721366,VS0,VE0
etag
"2fdf3e79d5e851201a0d52a886453d8b"
vary
Accept-Encoding
content-type
application/javascript
abp
15
access-control-allow-origin
*
cache-control
private,max-age=14400
accept-ranges
bytes
x-cache-hits
171079
14763004658117789537
tpc.googlesyndication.com/simgad/4419003181693219904/ Frame 7165 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/4419003181693219904/14763004658117789537?w=400&h=209&tw=1&q=75
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/shi-ni-ma-bei-shi-xiong-hao-quan-ti-zao-fa-fang-11wei-xing-yun-er-zhong-5zhang-quan-shuang-na-3000.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f1.1e100.net
Software
sffe /
Resource Hash
f471474dd75493645ff390d1453f47391552c551c7afc66a35790d37559d3276
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 07:08:45 GMT
x-content-type-options
nosniff
age
17134
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
22968
x-xss-protection
0
last-modified
Fri, 09 Jun 2023 12:31:20 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 19 Nov 2024 07:08:45 GMT
truncated
/ Frame 7165 		206 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 7165 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 7165 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b3293749642a38ae63a4d29afcca7abc69250f934fd0f0585a662c6c2eff88ce

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
generic
match.adsrvr.org/track/cmf/ Frame D105 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8POUCLAZkVtFOZL_RtRHIrKKdyH6jaysAAABgYID-AElNTA7TxrZaiwarkVs0mNjcwsFm5FaOXCabYTWYjYwbIyCpiclh2thWa9FgNXKLBhObWzjYjNzKkctkM6wGs5FxYwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ8aDodPte9Xvf73SU-z1zj9yv8mqPTLXe61Q63xOV0a45Ot_Dpt_vcQoffrXg97G7R0y19-N0yh1vmsPvcisXu5XQLn3afW_m6u1WWt_Tot_vcqunRYfe5Fa-H3a05uh52n1vucGsGg8FcaHqb7QAAAADgwf___z8EAAAAgAgAAAAAEgAAAAAoBFT4tyBwAQAAAADD____vwaAZw4L7PIcFB6Hx-nw_AMAAAAACAAAAAASAAjohyUAYoz3Tvz_________xxigz7yR8f___3_DoAfAgw-AByEAAAAfQwTQPjbH58iwiRQUFmEEAAAAoGoYnuPIJJ2gYlHl__-_3wrAFQCAgEV2SmeQLLqDEm9hAAAABMYs0MPi95sddo3f7TL__________2b-z_yjEcIRfkwDRIxir-YXEABgzS8gAAAbdQMA8EYATtAhaMVgsDoBMTsAAAAAd_7____1gIjDNHMOVi7TYjNzOYcby8hjs3gmM99i4Rk5R6PtMRZgsGZMHSrssyEss993UFBOT4_ZZZCxXCaD-KBhWE4GwfxM2GK0mkw2y-FsuZgMhqPhaLQ_ArgcoIkYLJeTyWKyW41Wo81wN5oNFkggBhNE0aLBZDUaTRaT4Wo0Wc2Wi91ugyhatZqNNoPhajaZ7Xar4WC4HI3QhC1Gq8lksxzOlovJYDgajkZDBIODmWkwWQ3XopFt5BYNZ6O1cGTzuDWb2cg0Gy4Xi9FwLXp9TB_XaOOyDbdIMEBwL5KnRTpRmUaWkWUzWS1sholntRltHJ7dauYYLWariclkmoglmpNFOpFd9hWHaeYcrFymxWbmcg43lpHHZvFMZr7FwjNyjkb74mBmGkxWw7VoZBu5RcPZaC0c2TxuzWY2Ms2Gy8ViNFyLXh_TxzXauGzDfWM3GIyGi8lqtm_sBoPRcDFZzfYdOsN39TkblWWV5KNzGoa1pq3mNChcBov3pT6dhwVjQfv7HJ0mj-hZ1Bn9fr_f7_f7_X6_36D1HMwGhe95-Aunj-W5HM5GD2KDQRFLBBfpRPAwux2ml1vi82z8FrFEabpIJ3qFX3N0uuVOt9rhlricbs3R6RY-_XafW-jwuxWvh90terqlD79b5nDLHHafW7HYvZxu4dPucytfd7fK8pYe_XafWzU9Ouw-t-L1sLs1R9fD7nPLHW7NYDCYC01vs0UsEZwu0onoZTxd1H_UgKu5YrmaS0aDuWS4SgAAAAAAAAAAlmCa6SYAAAAATgY13AwXq3U6mMlsMtitlgvgIihLFzAIAAAAAABAscYea4CH2e0wvdwSn2fjtzIACeY8Zpt9RhBrtVrWAAAABLABAAAEcNONN4FjUdz_____OAAAADJy6AEAANDvA8I6cKXQC0fiVxCLxWC4fwAqxFqtVrcba7VaAQ1iN9pMJhP4____Dw!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 11:54:19 GMT
server
Kestrel
content-length
70
content-type
image/gif
/
sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/ Frame D105
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/taboola/80f40258-4d6d-4864-8dfc-336d46891148-tuctc54ce68?gdpr=1&us_privacy=1---
  • https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-DqYbUdhE2oTP8qtFc9W1ugsJPXRmfs0zS0F47w--~A
0
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-DqYbUdhE2oTP8qtFc9W1ugsJPXRmfs0zS0F47w--~A
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8POUCLAZkVtFOZL_RtRHIrKKdyH6jaysAAABgYID-AElNTA7TxrZaiwarkVs0mNjcwsFm5FaOXCabYTWYjYwbIyCpiclh2thWa9FgNXKLBhObWzjYjNzKkctkM6wGs5FxYwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ8aDodPte9Xvf73SU-z1zj9yv8mqPTLXe61Q63xOV0a45Ot_Dpt_vcQoffrXg97G7R0y19-N0yh1vmsPvcisXu5XQLn3afW_m6u1WWt_Tot_vcqunRYfe5Fa-H3a05uh52n1vucGsGg8FcaHqb7QAAAADgwf___z8EAAAAgAgAAAAAEgAAAAAoBFT4tyBwAQAAAADD____vwaAZw4L7PIcFB6Hx-nw_AMAAAAACAAAAAASAAjohyUAYoz3Tvz_________xxigz7yR8f___3_DoAfAgw-AByEAAAAfQwTQPjbH58iwiRQUFmEEAAAAoGoYnuPIJJ2gYlHl__-_3wrAFQCAgEV2SmeQLLqDEm9hAAAABMYs0MPi95sddo3f7TL__________2b-z_yjEcIRfkwDRIxir-YXEABgzS8gAAAbdQMA8EYATtAhaMVgsDoBMTsAAAAAd_7____1gIjDNHMOVi7TYjNzOYcby8hjs3gmM99i4Rk5R6PtMRZgsGZMHSrssyEss993UFBOT4_ZZZCxXCaD-KBhWE4GwfxM2GK0mkw2y-FsuZgMhqPhaLQ_ArgcoIkYLJeTyWKyW41Wo81wN5oNFkggBhNE0aLBZDUaTRaT4Wo0Wc2Wi91ugyhatZqNNoPhajaZ7Xar4WC4HI3QhC1Gq8lksxzOlovJYDgajkZDBIODmWkwWQ3XopFt5BYNZ6O1cGTzuDWb2cg0Gy4Xi9FwLXp9TB_XaOOyDbdIMEBwL5KnRTpRmUaWkWUzWS1sholntRltHJ7dauYYLWariclkmoglmpNFOpFd9hWHaeYcrFymxWbmcg43lpHHZvFMZr7FwjNyjkb74mBmGkxWw7VoZBu5RcPZaC0c2TxuzWY2Ms2Gy8ViNFyLXh_TxzXauGzDfWM3GIyGi8lqtm_sBoPRcDFZzfYdOsN39TkblWWV5KNzGoa1pq3mNChcBov3pT6dhwVjQfv7HJ0mj-hZ1Bn9fr_f7_f7_X6_36D1HMwGhe95-Aunj-W5HM5GD2KDQRFLBBfpRPAwux2ml1vi82z8FrFEabpIJ3qFX3N0uuVOt9rhlricbs3R6RY-_XafW-jwuxWvh90terqlD79b5nDLHHafW7HYvZxu4dPucytfd7fK8pYe_XafWzU9Ouw-t-L1sLs1R9fD7nPLHW7NYDCYC01vs0UsEZwu0onoZTxd1H_UgKu5YrmaS0aDuWS4SgAAAAAAAAAAlmCa6SYAAAAATgY13AwXq3U6mMlsMtitlgvgIihLFzAIAAAAAABAscYea4CH2e0wvdwSn2fjtzIACeY8Zpt9RhBrtVrWAAAABLABAAAEcNONN4FjUdz_____OAAAADJy6AEAANDvA8I6cKXQC0fiVxCLxWC4fwAqxFqtVrcba7VaAQ1iN9pMJhP4____Dw!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 11:54:19 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
27636

Redirect headers

date
Mon, 20 Nov 2023 11:54:19 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-DqYbUdhE2oTP8qtFc9W1ugsJPXRmfs0zS0F47w--~A
content-length
0
view
securepubads.g.doubleclick.net/pcs/ Frame 15E6 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv7-FHwJc3Tfl80Y-h1aIH96SYBVlkPhR5OCzUOT5kuGdWIlja-KxGKyM3tmA87PIbS7UZHxeeEVXbVf8Hbf2rlI-tUXWJIl3rgKn0MGC3RAgnjtWsI2yQj8vtLevjXYdOfN8nT7o1ADIF321bON3ATWC8ROQNB_J5b7_5tJDihlTCtrTw8sDfxyggCfD1F4qGLKGRg2XVKJhDkFU_aic_eyy89cwLEWJo2MYsku3R63n6SQNIuV2GDMuRx9apHdAJxtisif_EGyfG1Ni1IOjcJkelnmtoEJhCTgkYwD8rtLM-ZcLLqzpyFo9IUJiPUsOsyip8KbkynizHlwuLPaM7d4Osiyebg&sai=AMfl-YRW6t8FgQdL2IRuZJkS-Ac_DlVsQgsis1wApfG5PVMQsY4FtEwvJkL5qK0EsDV6NgbODVpk-yyQeYeptOUeY8LMcJZQeSZ0k_Pxrj8x_bKSJRRFc_N1Aa7LbQQ4jQ&sig=Cg0ArKJSzE5heiqTpQOkEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/shi-ni-ma-bei-shi-xiong-hao-quan-ti-zao-fa-fang-11wei-xing-yun-er-zhong-5zhang-quan-shuang-na-3000.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 11:54:19 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
logs
http-intake.logs.datadoghq.com/api/v2/ 		2 B
252 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://http-intake.logs.datadoghq.com/api/v2/logs?dd-api-key=pub6b45632781dd758b20e9d8357c39efab&ddsource=nodejs&service=adpushup.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.233.145.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-233-145-170.compute-1.amazonaws.com
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 20 Nov 2023 11:54:19 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
accept-encoding
identity,gzip,x-gzip,deflate,x-deflate,zstd
content-type
application/json
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
2
c9f24334-ebc2-4284-83d7-75d11f8708ac_4e1ab388-1e94-4ca3-bd0a-85357d24acb7
a.teads.tv/hb/ad/ Frame 15E6 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/ad/c9f24334-ebc2-4284-83d7-75d11f8708ac_4e1ab388-1e94-4ca3-bd0a-85357d24acb7
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.21.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-21-51.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
8c76d9b55973334fee51f6e0f73610139ffaf318b3d5696787fefa86b445b014

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Nov 2023 11:54:19 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
2568
expires
Mon, 20 Nov 2023 11:54:19 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 15E6 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/pubads_impl.js?cb=31079658
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
sffe /
Resource Hash
d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 11:54:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65070
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1700193896630564"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 20 Nov 2023 11:54:19 GMT
aphb
e3.adpushup.com/AdPushupFeedbackWebService/feedback/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/aphb?data=eyJzaXRlSWQiOjQyNzUzLCJ1cmwiOiJodHRwczovL3d3dy5iZzMuY28vYS9zaGktbmktbWEtYmVpLXNoaS14aW9uZy1oYW8tcXVhbi10aS16YW8tZmEtZmFuZy0xMXdlaS14aW5nLXl1bi1lci16aG9uZy01emhhbmctcXVhbi1zaHVhbmctbmEtMzAwMC5odG1sIiwic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInBsYXRmb3JtIjoiREVTS1RPUCIsInBhY2tldElkIjoiMDAwMEE3MDEtZmFhOGJmY2EtNGI0OS00NDU2LTg0MDctNzY2NTUzYWZlNWFkIiwicGFnZUdyb3VwIjoiQVJUSUNMRSIsInBhZ2VWYXJpYXRpb25JZCI6Ijk2NzUwMTI1LWI5MGMtNDk3YS04Njk5LTczMTcxZjdiNDkzNSIsInBhZ2VWYXJpYXRpb25OYW1lIjoiQWRQdXNodXAiLCJwYWdlVmFyaWF0aW9uVHlwZSI6MSwiYmlkcyI6W3siYmlkZGVyIjoidGVhZHMiLCJyZXZlbnVlIjowLjAwMDEsInJlc3BvbnNlVGltZSI6MzUxLCJuZXR3b3JrUmVsYXRpb24iOjF9XSwibW9kZSI6MSwiZXJyb3JDb2RlIjoxLCJ3aW5uZXIiOiJ0ZWFkcyIsIndpbm5lck5ldHdvcmtSZWxhdGlvbiI6MSwid2lubmluZ1JldmVudWUiOjAuMDAwMSwid2lubmVyQWRVbml0SWQiOiI5MTlhY2VkMDVlMGZmZmQiLCJ0aW1lZE91dEJpZGRlcnMiOltdLCJzZXJ2aWNlcyI6WzUsM10sInNlY3Rpb25JZCI6ImQxYzEwYTcyLTI3YjQtNDkzMS04Y2U3LTk5YTE4ZWJiZGJhZSIsInNlY3Rpb25OYW1lIjoiQVBfSV9EX0FSVElDTEVfNzI4WDkwX2QxYzEwIiwiZm9ybWF0VHlwZSI6ImJhbm5lciIsInJlZnJlc2hDb3VudCI6MCwicGxhY2VtZW50IjoxLCJyZW5kZXJlZEFkU2l6ZSI6IjcyOHg5MCIsInByZWJpZEF1Y3Rpb25JZCI6ImY3YmFkNGJiLTIzZjUtNGJiNC04YWY5LTdhYTI2NTdjMmYyOCIsImhlYWRlckJpZGRpbmdUeXBlIjoxLCJjb3VudHJ5IjoiQ0gifQ%3D%3D&c_b=6073.100006103516
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/shi-ni-ma-bei-shi-xiong-hao-quan-ti-zao-fa-fang-11wei-xing-yun-er-zhong-5zhang-quan-shuang-na-3000.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Nov 2023 11:54:19 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
usync.html
eus.rubiconproject.com/ Frame E5AD 		281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8POUCLAZkVtFOZL_RtRHIrKKdyH6jaysAAABgYID-AElNTA7TxrZaiwarkVs0mNjcwsFm5FaOXCabYTWYjYwbIyCpiclh2thWa9FgNXKLBhObWzjYjNzKkctkM6wGs5FxYwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ8aDodPte9Xvf73SU-z1zj9yv8mqPTLXe61Q63xOV0a45Ot_Dpt_vcQoffrXg97G7R0y19-N0yh1vmsPvcisXu5XQLn3afW_m6u1WWt_Tot_vcqunRYfe5Fa-H3a05uh52n1vucGsGg8FcaHqb7QAAAADgwf___z8EAAAAgAgAAAAAEgAAAAAoBFT4tyBwAQAAAADD____vwaAZw4L7PIcFB6Hx-nw_AMAAAAACAAAAAASAAjohyUAYoz3Tvz_________xxigz7yR8f___3_DoAfAgw-AByEAAAAfQwTQPjbH58iwiRQUFmEEAAAAoGoYnuPIJJ2gYlHl__-_3wrAFQCAgEV2SmeQLLqDEm9hAAAABMYs0MPi95sddo3f7TL__________2b-z_yjEcIRfkwDRIxir-YXEABgzS8gAAAbdQMA8EYATtAhaMVgsDoBMTsAAAAAd_7____1gIjDNHMOVi7TYjNzOYcby8hjs3gmM99i4Rk5R6PtMRZgsGZMHSrssyEss993UFBOT4_ZZZCxXCaD-KBhWE4GwfxM2GK0mkw2y-FsuZgMhqPhaLQ_ArgcoIkYLJeTyWKyW41Wo81wN5oNFkggBhNE0aLBZDUaTRaT4Wo0Wc2Wi91ugyhatZqNNoPhajaZ7Xar4WC4HI3QhC1Gq8lksxzOlovJYDgajkZDBIODmWkwWQ3XopFt5BYNZ6O1cGTzuDWb2cg0Gy4Xi9FwLXp9TB_XaOOyDbdIMEBwL5KnRTpRmUaWkWUzWS1sholntRltHJ7dauYYLWariclkmoglmpNFOpFd9hWHaeYcrFymxWbmcg43lpHHZvFMZr7FwjNyjkb74mBmGkxWw7VoZBu5RcPZaC0c2TxuzWY2Ms2Gy8ViNFyLXh_TxzXauGzDfWM3GIyGi8lqtm_sBoPRcDFZzfYdOsN39TkblWWV5KNzGoa1pq3mNChcBov3pT6dhwVjQfv7HJ0mj-hZ1Bn9fr_f7_f7_X6_36D1HMwGhe95-Aunj-W5HM5GD2KDQRFLBBfpRPAwux2ml1vi82z8FrFEabpIJ3qFX3N0uuVOt9rhlricbs3R6RY-_XafW-jwuxWvh90terqlD79b5nDLHHafW7HYvZxu4dPucytfd7fK8pYe_XafWzU9Ouw-t-L1sLs1R9fD7nPLHW7NYDCYC01vs0UsEZwu0onoZTxd1H_UgKu5YrmaS0aDuWS4SgAAAAAAAAAAlmCa6SYAAAAATgY13AwXq3U6mMlsMtitlgvgIihLFzAIAAAAAABAscYea4CH2e0wvdwSn2fjtzIACeY8Zpt9RhBrtVrWAAAABLABAAAEcNONN4FjUdz_____OAAAADJy6AEAANDvA8I6cKXQC0fiVxCLxWC4fwAqxFqtVrcba7VaAQ1iN9pMJhP4____Dw!&excid=22&docw=0&cijs=1&nlb=false
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-22-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://am-match.taboola.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 20 Nov 2023 11:54:19 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
request.php
ad.ad-srv.net/ Frame EC05
Redirect Chain
  • https://ad.ad-srv.net/request.php?zone=kkcbcktdgmf7&renderingType=html&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&documentReferer=https%3A%2F%2F0cdb8e87210a0ca78160...
  • https://ad.ad-srv.net/request.php?zone=kkcbcktdgmf7&renderingType=html&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&documentReferer=https%3A%2F%2F0cdb8e87210a0ca78160...
5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.ad-srv.net/request.php?zone=kkcbcktdgmf7&renderingType=html&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&documentReferer=https%3A%2F%2F0cdb8e87210a0ca781607e22327923a6.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&ancestorOrigins=https%3A%2F%2F0cdb8e87210a0ca781607e22327923a6.safeframe.googlesyndication.com%2Chttps%3A%2F%2Fwww.bg3.co&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&extVar[]=AF_SSP:Doubleclick+Ad+Exchange+by+Google&extVar[]=AF_DOM_DELI:www.bg3.co&extVar[]=AF_DOM_RTB:bg3.co&subid=7105060873762785654&rnd=81098&gdpr=0&gdpr_consent=&redirectClick=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3DL%26ai%3DCboqr6UhbZfq2McOI9u8Ps6abYJGtxbxc3ebspu4CwI23ARABIABg9Y27gZgEggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDTIAQmpAhGdqMqfqIM-4AIAqAMByAMCqgT-Ak_QYZFomtiqJrUMhlSzJYpCo3dpJ6aMQ6NjStaYoz_VqQDnNoXQH045hcGtGzvGIM3EyKs3T14TGh_6Yr7smiNGAmM6tbJl_I3-80K_3wO3NrEF2MDfJJBSKMLBdCj55w6xy_7n1l_3XUKCx8nR-gGj23Defpk7NM3BUzkiFw-Wn7hqxRQxLGNu2b9kM65VbrhF3KKbWiLSsbyz1t8CpeK6fF5BaR32RmtfdZOsPxtjgAdOZIsH4SI-AOwIyrobZRDsH_RFe2Xvx7iKlXII1Ewrk9o9A6Sg64W1UJuklzaLWdw7U1urvAvJ31MmTr6WKC2EmOvD3hVR1yxB8AbtTKu0vxy_Bk9IPt0NFp6Ynd9IQjQG4WijQPMZKj_VZL7NQOI-lv4UJv_A9LEr9-uT5C_rgH9EDiodamYA7gLLHwiC0VrAd-1OEq2x6l95Lzj3Rg6YTAalCcPt4eTwode1gyBAUndFofHkLW2vH-VvtIDg94nL03Y6qimi05-5LdngBAGABseL9NrNoKyasgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE68ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgw-gsCCAGADAHiDRMIicTFqsLSggMVQ4T9Bx0z0wYM0BUBgBcB%26num%3D1%26sig%3DAOD64_2YWjfXYmAGCDegd-zUgj69ZfnlwQ%26client%3Dca-pub-8933329999391104%26adurl%3Dhttps%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D54110933%3Bcrtbwp%3DZVtI6QAMW3oH_YRDAAbTM4u0qNerTunf4RWcLA%3Bcrtbdata%3DYuRdJOSHy5zI_PcTjfGRYKpHQjT3nfjq5kFGsrj9q6lBqx9Htn_7GTl7QWIkllmtB0Zv1VhWI64La16hzRAvlXD04MqW1HEyB7tZllmO0QvmJcZbf0ko94c4M2Qhdmv8owBELcNBe-ir3AVB4Xp0aWRxbg4Rm3WRhh51UAwxVFO-LOaajMikP-t1qzlwHdUHzTsJGp5DfTWeN8uThe2kIU7jQOZYXNLwQy91pGzS71x3kw8zAOxR8BqxL2e8QLHxN0emMd0A9203rUb4zBGTN06-QClL-MxkPalRKZDz3Pp0-Uv3UM-EOl6LBR_CirIRsdwWyPT5miNB4SKZKGrNxw2%3Badfibeg%3D0%3Bcdata%3Dpu6KinkRptpydr60SavkIc5FUbYsBq2I2udXaIzXfZ8rWKWEHL6U8cSqjIXd1ONvqU3n2qjTuTQp3-HcdHOt-nwqkKpBn-_tRcphiL3x-mVczQvwPX1n2TgIs4RpP7F-2e6R22Hel9zE4_sQZGQgqA2%3B%3BCREFURL%3Dhttps%253a%252f%252fwww.bg3.co%3BC%3D1%3Bcpdir%3D&uidRedirect=1
Requested by
Host: tm.ad-srv.net
URL: https://tm.ad-srv.net/tm/a/container/html/bd4e7bcd7e.html?eli=8869608&cguid=fe8b6e5471&click=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3DL%26ai%3DCboqr6UhbZfq2McOI9u8Ps6abYJGtxbxc3ebspu4CwI23ARABIABg9Y27gZgEggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDTIAQmpAhGdqMqfqIM-4AIAqAMByAMCqgT-Ak_QYZFomtiqJrUMhlSzJYpCo3dpJ6aMQ6NjStaYoz_VqQDnNoXQH045hcGtGzvGIM3EyKs3T14TGh_6Yr7smiNGAmM6tbJl_I3-80K_3wO3NrEF2MDfJJBSKMLBdCj55w6xy_7n1l_3XUKCx8nR-gGj23Defpk7NM3BUzkiFw-Wn7hqxRQxLGNu2b9kM65VbrhF3KKbWiLSsbyz1t8CpeK6fF5BaR32RmtfdZOsPxtjgAdOZIsH4SI-AOwIyrobZRDsH_RFe2Xvx7iKlXII1Ewrk9o9A6Sg64W1UJuklzaLWdw7U1urvAvJ31MmTr6WKC2EmOvD3hVR1yxB8AbtTKu0vxy_Bk9IPt0NFp6Ynd9IQjQG4WijQPMZKj_VZL7NQOI-lv4UJv_A9LEr9-uT5C_rgH9EDiodamYA7gLLHwiC0VrAd-1OEq2x6l95Lzj3Rg6YTAalCcPt4eTwode1gyBAUndFofHkLW2vH-VvtIDg94nL03Y6qimi05-5LdngBAGABseL9NrNoKyasgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE68ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgw-gsCCAGADAHiDRMIicTFqsLSggMVQ4T9Bx0z0wYM0BUBgBcB%26num%3D1%26sig%3DAOD64_2YWjfXYmAGCDegd-zUgj69ZfnlwQ%26client%3Dca-pub-8933329999391104%26adurl%3Dhttps%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D54110933%3Bcrtbwp%3DZVtI6QAMW3oH_YRDAAbTM4u0qNerTunf4RWcLA%3Bcrtbdata%3DYuRdJOSHy5zI_PcTjfGRYKpHQjT3nfjq5kFGsrj9q6lBqx9Htn_7GTl7QWIkllmtB0Zv1VhWI64La16hzRAvlXD04MqW1HEyB7tZllmO0QvmJcZbf0ko94c4M2Qhdmv8owBELcNBe-ir3AVB4Xp0aWRxbg4Rm3WRhh51UAwxVFO-LOaajMikP-t1qzlwHdUHzTsJGp5DfTWeN8uThe2kIU7jQOZYXNLwQy91pGzS71x3kw8zAOxR8BqxL2e8QLHxN0emMd0A9203rUb4zBGTN06-QClL-MxkPalRKZDz3Pp0-Uv3UM-EOl6LBR_CirIRsdwWyPT5miNB4SKZKGrNxw2%3Badfibeg%3D0%3Bcdata%3Dpu6KinkRptpydr60SavkIc5FUbYsBq2I2udXaIzXfZ8rWKWEHL6U8cSqjIXd1ONvqU3n2qjTuTQp3-HcdHOt-nwqkKpBn-_tRcphiL3x-mVczQvwPX1n2TgIs4RpP7F-2e6R22Hel9zE4_sQZGQgqA2%3B%3BCREFURL%3Dhttps%253a%252f%252fwww.bg3.co%3BC%3D1%3Bcpdir%3D&eVS=Doubleclick+Ad+Exchange+by+Google&eVRDD=www.bg3.co&eVRDB=bg3.co&eVAI=7105060873762785654&rnd=81098&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
116.202.48.214 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.214.48.202.116.clients.your-server.de
Software
Apache /
Resource Hash
545d74e5bc8d28ec765c75421af8139b15aa179816aa3db2dcf0bbf3bd951fa8

Request headers

Referer
https://0cdb8e87210a0ca781607e22327923a6.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Encoding
gzip
Content-Length
1591
Content-Type
text/html; charset=utf-8
Date
Mon, 20 Nov 2023 11:54:20 GMT
Expires
Mon, 20 Nov 2023 11:54:20 +0100
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma
no-cache
Server
Apache
Vary
Accept-Encoding
X-NEORY-SubId
23871800065761004452326012514013

Redirect headers

Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
Date
Mon, 20 Nov 2023 11:54:19 GMT
Expires
Mon, 20 Nov 2023 11:54:19 +0100
Location
request.php?zone=kkcbcktdgmf7&renderingType=html&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&documentReferer=https%3A%2F%2F0cdb8e87210a0ca781607e22327923a6.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&ancestorOrigins=https%3A%2F%2F0cdb8e87210a0ca781607e22327923a6.safeframe.googlesyndication.com%2Chttps%3A%2F%2Fwww.bg3.co&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&extVar[]=AF_SSP:Doubleclick+Ad+Exchange+by+Google&extVar[]=AF_DOM_DELI:www.bg3.co&extVar[]=AF_DOM_RTB:bg3.co&subid=7105060873762785654&rnd=81098&gdpr=0&gdpr_consent=&redirectClick=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3DL%26ai%3DCboqr6UhbZfq2McOI9u8Ps6abYJGtxbxc3ebspu4CwI23ARABIABg9Y27gZgEggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDTIAQmpAhGdqMqfqIM-4AIAqAMByAMCqgT-Ak_QYZFomtiqJrUMhlSzJYpCo3dpJ6aMQ6NjStaYoz_VqQDnNoXQH045hcGtGzvGIM3EyKs3T14TGh_6Yr7smiNGAmM6tbJl_I3-80K_3wO3NrEF2MDfJJBSKMLBdCj55w6xy_7n1l_3XUKCx8nR-gGj23Defpk7NM3BUzkiFw-Wn7hqxRQxLGNu2b9kM65VbrhF3KKbWiLSsbyz1t8CpeK6fF5BaR32RmtfdZOsPxtjgAdOZIsH4SI-AOwIyrobZRDsH_RFe2Xvx7iKlXII1Ewrk9o9A6Sg64W1UJuklzaLWdw7U1urvAvJ31MmTr6WKC2EmOvD3hVR1yxB8AbtTKu0vxy_Bk9IPt0NFp6Ynd9IQjQG4WijQPMZKj_VZL7NQOI-lv4UJv_A9LEr9-uT5C_rgH9EDiodamYA7gLLHwiC0VrAd-1OEq2x6l95Lzj3Rg6YTAalCcPt4eTwode1gyBAUndFofHkLW2vH-VvtIDg94nL03Y6qimi05-5LdngBAGABseL9NrNoKyasgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE68ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgw-gsCCAGADAHiDRMIicTFqsLSggMVQ4T9Bx0z0wYM0BUBgBcB%26num%3D1%26sig%3DAOD64_2YWjfXYmAGCDegd-zUgj69ZfnlwQ%26client%3Dca-pub-8933329999391104%26adurl%3Dhttps%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D54110933%3Bcrtbwp%3DZVtI6QAMW3oH_YRDAAbTM4u0qNerTunf4RWcLA%3Bcrtbdata%3DYuRdJOSHy5zI_PcTjfGRYKpHQjT3nfjq5kFGsrj9q6lBqx9Htn_7GTl7QWIkllmtB0Zv1VhWI64La16hzRAvlXD04MqW1HEyB7tZllmO0QvmJcZbf0ko94c4M2Qhdmv8owBELcNBe-ir3AVB4Xp0aWRxbg4Rm3WRhh51UAwxVFO-LOaajMikP-t1qzlwHdUHzTsJGp5DfTWeN8uThe2kIU7jQOZYXNLwQy91pGzS71x3kw8zAOxR8BqxL2e8QLHxN0emMd0A9203rUb4zBGTN06-QClL-MxkPalRKZDz3Pp0-Uv3UM-EOl6LBR_CirIRsdwWyPT5miNB4SKZKGrNxw2%3Badfibeg%3D0%3Bcdata%3Dpu6KinkRptpydr60SavkIc5FUbYsBq2I2udXaIzXfZ8rWKWEHL6U8cSqjIXd1ONvqU3n2qjTuTQp3-HcdHOt-nwqkKpBn-_tRcphiL3x-mVczQvwPX1n2TgIs4RpP7F-2e6R22Hel9zE4_sQZGQgqA2%3B%3BCREFURL%3Dhttps%253a%252f%252fwww.bg3.co%3BC%3D1%3Bcpdir%3D&uidRedirect=1
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma
no-cache
Server
Apache
ads
googleads.g.doubleclick.net/pagead/ Frame 14C2 		28 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1700481259&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fshi-ni-ma-bei-shi-xiong-hao-quan-ti-zao-fa-fang-11wei-xing-yun-er-zhong-5zhang-quan-shuang-na-3000.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700481258931&bpp=335&bdt=1142&idt=893&shv=r20231109&mjsv=m202311150101&ptt=5&saldr=sd&cookie=ID%3D1a41361e827bc7a2%3AT%3D1700481257%3ART%3D1700481257%3AS%3DALNI_MYFSSKGpZM-0LwDSvHsIEtPXCrmyw&gpic=UID%3D00000cceb2dbfa89%3AT%3D1700481257%3ART%3D1700481257%3AS%3DALNI_MZprw4zR294mb7E3ZeSjhnV_dgsUQ&correlator=107145508175&frm=23&ife=1&pv=2&ga_vid=861161258.1700481257&ga_sid=1700481260&ga_hid=1611875559&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1718&biw=1600&bih=1200&isw=336&ish=280&ifk=1385638549&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079628%2C42532524%2C44795921%2C44809317%2C31078297%2C31079757%2C44807749%2C44807763%2C44808149%2C44808285%2C44809054%2C31079757&oid=2&pvsid=3724342431652275&tmod=731767895&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.4lfycdhy4v2h&btvi=1&fsb=1&dtd=923
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/show_ads_impl_fy2021.js?bust=31079757
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
2d7d35c3f0e3787bacb3751810f167c10d15b67d4b538403d8fab781ca93bee9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
13155
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 20 Nov 2023 11:54:20 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 7165 		33 KB
34 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f3.1e100.net
Software
sffe /
Resource Hash
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.bg3.co
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 09:09:18 GMT
x-content-type-options
nosniff
age
528302
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34108
x-xss-protection
0
last-modified
Tue, 23 May 2023 16:35:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 13 Nov 2024 09:09:18 GMT
collect
region1.google-analytics.com/g/ 		0
45 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-Z0TZ7TDHS1&gtm=45je3b81v886690812&_p=1700481256110&gcd=11l1l1l1l1&dma=0&cid=861161258.1700481257&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1700481259&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fshi-ni-ma-bei-shi-xiong-hao-quan-ti-zao-fa-fang-11wei-xing-yun-er-zhong-5zhang-quan-shuang-na-3000.html&dt=%E6%98%AF%E4%BD%A0%E5%97%8E%EF%BC%9F%E5%8C%97%E5%B8%82%E7%86%8A%E5%A5%BD%E5%88%B8%E6%8F%90%E6%97%A9%E7%99%BC%E6%94%BE%E3%80%8011%E4%BD%8D%E5%B9%B8%E9%81%8B%E5%85%92%E4%B8%AD5%E5%BC%B5%E5%88%B8%E7%88%BD%E6%8B%BF3000%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&en=link_preview&_fv=1&_ss=1&_ee=1&epn.value=1&epn.siteid=42753&ep.error_msg=no_mapping_success&tfd=6266
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.32.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Nov 2023 11:54:20 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
videojs.ads.js
cdn.unibotscdn.com/ubplayer/dist/js/ 		91 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.unibotscdn.com/ubplayer/dist/js/videojs.ads.js
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/player/mvp/player.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.199.37.225 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
138-199-37-225.bunnyinfra.net
Software
BunnyCDN-DE1-1055 /
Resource Hash
93e53cf7e7e1427faa0000478272623fd4ca34513d311ef2458aa83d7168e365

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 11:54:20 GMT
content-encoding
br
cdn-edgestorageid
1076
cdn-storageserver
DE-164
cdn-cachedat
10/31/2023 18:59:58
cdn-pullzone
873945
last-modified
Tue, 04 Apr 2023 10:04:21 GMT
server
BunnyCDN-DE1-1055
cdn-fileserver
577
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
W/"642bf625-16c3c"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
cache-control
public, max-age=3600
cdn-requestid
d526f0e34511aaf0f47977a0f0673b76
cdn-requestcountrycode
CH
cdn-status
200
cdn-requestpullsuccess
True
videojs.ima.js
cdn.unibotscdn.com/ubplayer/dist/js/ 		84 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.unibotscdn.com/ubplayer/dist/js/videojs.ima.js
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/player/mvp/player.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.199.37.225 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
138-199-37-225.bunnyinfra.net
Software
BunnyCDN-DE1-1055 /
Resource Hash
02587860036008e67522b434daebbb32422476ba6454c6f31816951ebeade07b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 11:54:20 GMT
content-encoding
br
cdn-edgestorageid
1077
cdn-storageserver
DE-676
cdn-cachedat
11/15/2023 02:37:50
cdn-pullzone
873945
last-modified
Tue, 04 Apr 2023 10:04:22 GMT
server
BunnyCDN-DE1-1055
cdn-fileserver
339
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
W/"642bf626-14fe2"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
cache-control
public, max-age=3600
cdn-requestid
f934c3e7d4301553af239191daf146a6
cdn-requestcountrycode
CH
cdn-status
200
cdn-requestpullsuccess
True
can-autoplay.min.js
cdn.unibotscdn.com/ubplayer/dist/js/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.unibotscdn.com/ubplayer/dist/js/can-autoplay.min.js
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/player/mvp/player.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.199.37.225 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
138-199-37-225.bunnyinfra.net
Software
BunnyCDN-DE1-1055 /
Resource Hash
432af925fe0914739b9f31b8ac74eebeb26321b8cbef1e2884bdbac10b2842cd

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 11:54:20 GMT
content-encoding
br
cdn-edgestorageid
865
cdn-storageserver
DE-588
cdn-cachedat
10/31/2023 18:50:43
cdn-pullzone
873945
last-modified
Tue, 04 Apr 2023 10:04:16 GMT
server
BunnyCDN-DE1-1055
cdn-fileserver
565
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
W/"642bf620-2ae4"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
cache-control
public, max-age=3600
cdn-requestid
37014759fb4c6493c49a070812694c81
cdn-requestcountrycode
CH
cdn-status
200
cdn-requestpullsuccess
True
videojs-playlist.min.js
cdn.unibotscdn.com/ubplayer/dist/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.unibotscdn.com/ubplayer/dist/js/videojs-playlist.min.js
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/player/mvp/player.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.199.37.225 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
138-199-37-225.bunnyinfra.net
Software
BunnyCDN-DE1-1055 /
Resource Hash
2b4533ec5aec934be2ae10b698a5e00d83831e37d8231f9897a0770aee8809c5

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 11:54:20 GMT
content-encoding
br
cdn-edgestorageid
865
cdn-storageserver
DE-168
cdn-cachedat
10/31/2023 18:50:51
cdn-pullzone
873945
last-modified
Tue, 04 Apr 2023 10:04:20 GMT
server
BunnyCDN-DE1-1055
cdn-fileserver
573
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
W/"642bf624-13b1"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
cache-control
public, max-age=3600
cdn-requestid
57554435701e6b19361a0e692acc0af9
cdn-requestcountrycode
CH
cdn-status
200
cdn-requestpullsuccess
True
usync.js
eus.rubiconproject.com/ Frame E5AD 		46 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-22-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
e57ed78afee3ccb5320cc741459f82ade5883644242f3a06687086418012facd

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 20 Nov 2023 11:54:20 GMT
Content-Encoding
gzip
Last-Modified
Mon, 20 Nov 2023 04:24:50 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=59421
Connection
keep-alive
Content-Length
13229
Expires
Tue, 21 Nov 2023 04:24:41 GMT
d16715ae-6ce8-4eb6-a167-26c236cc7606
https://www.bg3.co/ 		31 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.bg3.co/d16715ae-6ce8-4eb6-a167-26c236cc7606
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/shi-ni-ma-bei-shi-xiong-hao-quan-ti-zao-fa-fang-11wei-xing-yun-er-zhong-5zhang-quan-shuang-na-3000.html
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length
31
Content-Type
application/javascript
truncated
/ Frame 15E6 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e84a392c62b318acbfd3ef9454cbec30ee39ed7f078ce4824182b50760e64b90

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
/
pips.taboola.com/ 		4 B
119 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pips.taboola.com/
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-served-by
cache-vie6380-VIE
date
Mon, 20 Nov 2023 11:54:20 GMT
via
1.1 varnish
server
Varnish
access-control-allow-methods
GET
x-cache
HIT
access-control-allow-origin
https://www.bg3.co
cache-control
no-store
accept-ranges
bytes
content-length
4
retry-after
0
x-cache-hits
0
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame C0A7 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f1.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
1820
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 20 Nov 2023 11:24:00 GMT
expires
Tue, 19 Nov 2024 11:24:00 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame E064 		829 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.196 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f4.1e100.net
Software
GSE /
Resource Hash
c353b95add73ee29a17ca96105740450358e2d23dc1a9b6db05fda835c2798cb
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-e-TBcPlMehtAnE-75JMUzQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-e-TBcPlMehtAnE-75JMUzQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 20 Nov 2023 11:54:20 GMT
expires
Mon, 20 Nov 2023 11:54:20 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
nc-general-1-de-336x280-px.jpg
smartphoto-media.com/banner/campaign/ Frame EC05
Redirect Chain
  • https://www.awin1.com/cshow.php?s=2965111&v=15168&q=361106&r=783431&pv=0&pref2=15168&pref1=23871800065761004452326012514013&gdpr=&gdpr_consent=
  • https://smartphoto-media.com/banner/campaign/nc-general-1-de-336x280-px.jpg
32 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartphoto-media.com/banner/campaign/nc-general-1-de-336x280-px.jpg
Requested by
Host: ad.ad-srv.net
URL: https://ad.ad-srv.net/request.php?zone=kkcbcktdgmf7&renderingType=html&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&documentReferer=https%3A%2F%2F0cdb8e87210a0ca781607e22327923a6.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&ancestorOrigins=https%3A%2F%2F0cdb8e87210a0ca781607e22327923a6.safeframe.googlesyndication.com%2Chttps%3A%2F%2Fwww.bg3.co&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&extVar[]=AF_SSP:Doubleclick+Ad+Exchange+by+Google&extVar[]=AF_DOM_DELI:www.bg3.co&extVar[]=AF_DOM_RTB:bg3.co&subid=7105060873762785654&rnd=81098&gdpr=0&gdpr_consent=&redirectClick=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3DL%26ai%3DCboqr6UhbZfq2McOI9u8Ps6abYJGtxbxc3ebspu4CwI23ARABIABg9Y27gZgEggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDTIAQmpAhGdqMqfqIM-4AIAqAMByAMCqgT-Ak_QYZFomtiqJrUMhlSzJYpCo3dpJ6aMQ6NjStaYoz_VqQDnNoXQH045hcGtGzvGIM3EyKs3T14TGh_6Yr7smiNGAmM6tbJl_I3-80K_3wO3NrEF2MDfJJBSKMLBdCj55w6xy_7n1l_3XUKCx8nR-gGj23Defpk7NM3BUzkiFw-Wn7hqxRQxLGNu2b9kM65VbrhF3KKbWiLSsbyz1t8CpeK6fF5BaR32RmtfdZOsPxtjgAdOZIsH4SI-AOwIyrobZRDsH_RFe2Xvx7iKlXII1Ewrk9o9A6Sg64W1UJuklzaLWdw7U1urvAvJ31MmTr6WKC2EmOvD3hVR1yxB8AbtTKu0vxy_Bk9IPt0NFp6Ynd9IQjQG4WijQPMZKj_VZL7NQOI-lv4UJv_A9LEr9-uT5C_rgH9EDiodamYA7gLLHwiC0VrAd-1OEq2x6l95Lzj3Rg6YTAalCcPt4eTwode1gyBAUndFofHkLW2vH-VvtIDg94nL03Y6qimi05-5LdngBAGABseL9NrNoKyasgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE68ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgw-gsCCAGADAHiDRMIicTFqsLSggMVQ4T9Bx0z0wYM0BUBgBcB%26num%3D1%26sig%3DAOD64_2YWjfXYmAGCDegd-zUgj69ZfnlwQ%26client%3Dca-pub-8933329999391104%26adurl%3Dhttps%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D54110933%3Bcrtbwp%3DZVtI6QAMW3oH_YRDAAbTM4u0qNerTunf4RWcLA%3Bcrtbdata%3DYuRdJOSHy5zI_PcTjfGRYKpHQjT3nfjq5kFGsrj9q6lBqx9Htn_7GTl7QWIkllmtB0Zv1VhWI64La16hzRAvlXD04MqW1HEyB7tZllmO0QvmJcZbf0ko94c4M2Qhdmv8owBELcNBe-ir3AVB4Xp0aWRxbg4Rm3WRhh51UAwxVFO-LOaajMikP-t1qzlwHdUHzTsJGp5DfTWeN8uThe2kIU7jQOZYXNLwQy91pGzS71x3kw8zAOxR8BqxL2e8QLHxN0emMd0A9203rUb4zBGTN06-QClL-MxkPalRKZDz3Pp0-Uv3UM-EOl6LBR_CirIRsdwWyPT5miNB4SKZKGrNxw2%3Badfibeg%3D0%3Bcdata%3Dpu6KinkRptpydr60SavkIc5FUbYsBq2I2udXaIzXfZ8rWKWEHL6U8cSqjIXd1ONvqU3n2qjTuTQp3-HcdHOt-nwqkKpBn-_tRcphiL3x-mVczQvwPX1n2TgIs4RpP7F-2e6R22Hel9zE4_sQZGQgqA2%3B%3BCREFURL%3Dhttps%253a%252f%252fwww.bg3.co%3BC%3D1%3Bcpdir%3D&uidRedirect=1
Protocol
H2
Server
149.126.4.39 , Switzerland, ASN47302 (CYON, CH),
Reverse DNS
s030.cyon.net
Software
/
Resource Hash
132a512a7263a25b445c6c6f005e79a4b62c2e64dc1510207abc2342c7f0e660
Security Headers
Name Value
Strict-Transport-Security max-age=3600

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ad.ad-srv.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 11:54:20 GMT
strict-transport-security
max-age=3600
last-modified
Fri, 03 Jun 2022 09:04:52 GMT
etag
"81eb-6299ceb4-aa64c445a9608208;;;"
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
33259
expires
Mon, 27 Nov 2023 11:54:20 GMT

Redirect headers

Date
Mon, 20 Nov 2023 11:54:20 GMT
Strict-Transport-Security
max-age=86400
Node
Helix
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location
https://smartphoto-media.com/banner/campaign/nc-general-1-de-336x280-px.jpg
Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
0
native.js
a.teads.tv/media/flavors/ Frame 15E6 		98 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/media/flavors/native.js
Requested by
Host: a.teads.tv
URL: https://a.teads.tv/hb/ad/c9f24334-ebc2-4284-83d7-75d11f8708ac_4e1ab388-1e94-4ca3-bd0a-85357d24acb7
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.21.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-21-51.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
29996083786b7c45a679db1d2ffc53bef4ea9db2722708a3394df912e6f08bd9

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 11:54:20 GMT
content-encoding
gzip
last-modified
Thu, 16 Nov 2023 15:56:24 GMT
x-amz-request-id
4P7V96G407YWK2HW
etag
"7e5d8cbbee2fc901e221888af3db1965"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
private, must-revalidate, max-age=1800, no-transform
x-bucket
a
accept-ranges
bytes
content-length
24641
x-amz-id-2
YhjAffVG4GmWH/F50OVQ2/nYedPCpTfP1hXFxI9ZrdxACdTe1PjcZM293IU1pBhoBh3f0znwgYs=
expires
Mon, 20 Nov 2023 12:24:20 GMT
khaos.json
token.rubiconproject.com/ Frame E5AD 		7 B
380 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?gdpr=1&us_privacy=1---&khaos=LP6UMWJB-1L-S8I
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
28e1e7d28d06b07ec669bc9e43057b8e
Expires
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 14C2 		42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AJOau10J42-yfwjYnlh-50BuHMfVl8ZGkJs2v1ve7_5fujFw3If1ByUOUAu1b2GpnQ4CZqJKphgS_JPGaB2fH8FgpY52Hv_AxmDg5Zbcc6BiBZzkc
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1700481259&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fshi-ni-ma-bei-shi-xiong-hao-quan-ti-zao-fa-fang-11wei-xing-yun-er-zhong-5zhang-quan-shuang-na-3000.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700481258931&bpp=335&bdt=1142&idt=893&shv=r20231109&mjsv=m202311150101&ptt=5&saldr=sd&cookie=ID%3D1a41361e827bc7a2%3AT%3D1700481257%3ART%3D1700481257%3AS%3DALNI_MYFSSKGpZM-0LwDSvHsIEtPXCrmyw&gpic=UID%3D00000cceb2dbfa89%3AT%3D1700481257%3ART%3D1700481257%3AS%3DALNI_MZprw4zR294mb7E3ZeSjhnV_dgsUQ&correlator=107145508175&frm=23&ife=1&pv=2&ga_vid=861161258.1700481257&ga_sid=1700481260&ga_hid=1611875559&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1718&biw=1600&bih=1200&isw=336&ish=280&ifk=1385638549&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079628%2C42532524%2C44795921%2C44809317%2C31078297%2C31079757%2C44807749%2C44807763%2C44808149%2C44808285%2C44809054%2C31079757&oid=2&pvsid=3724342431652275&tmod=731767895&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.4lfycdhy4v2h&btvi=1&fsb=1&dtd=923
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Nov 2023 11:54:20 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 14C2 		0
121 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=6533425844348238379&x=1&ct=77
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1700481259&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fshi-ni-ma-bei-shi-xiong-hao-quan-ti-zao-fa-fang-11wei-xing-yun-er-zhong-5zhang-quan-shuang-na-3000.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700481258931&bpp=335&bdt=1142&idt=893&shv=r20231109&mjsv=m202311150101&ptt=5&saldr=sd&cookie=ID%3D1a41361e827bc7a2%3AT%3D1700481257%3ART%3D1700481257%3AS%3DALNI_MYFSSKGpZM-0LwDSvHsIEtPXCrmyw&gpic=UID%3D00000cceb2dbfa89%3AT%3D1700481257%3ART%3D1700481257%3AS%3DALNI_MZprw4zR294mb7E3ZeSjhnV_dgsUQ&correlator=107145508175&frm=23&ife=1&pv=2&ga_vid=861161258.1700481257&ga_sid=1700481260&ga_hid=1611875559&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1718&biw=1600&bih=1200&isw=336&ish=280&ifk=1385638549&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079628%2C42532524%2C44795921%2C44809317%2C31078297%2C31079757%2C44807749%2C44807763%2C44808149%2C44808285%2C44809054%2C31079757&oid=2&pvsid=3724342431652275&tmod=731767895&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.4lfycdhy4v2h&btvi=1&fsb=1&dtd=923
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Nov 2023 11:54:20 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 14C2 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1700481259&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fshi-ni-ma-bei-shi-xiong-hao-quan-ti-zao-fa-fang-11wei-xing-yun-er-zhong-5zhang-quan-shuang-na-3000.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700481258931&bpp=335&bdt=1142&idt=893&shv=r20231109&mjsv=m202311150101&ptt=5&saldr=sd&cookie=ID%3D1a41361e827bc7a2%3AT%3D1700481257%3ART%3D1700481257%3AS%3DALNI_MYFSSKGpZM-0LwDSvHsIEtPXCrmyw&gpic=UID%3D00000cceb2dbfa89%3AT%3D1700481257%3ART%3D1700481257%3AS%3DALNI_MZprw4zR294mb7E3ZeSjhnV_dgsUQ&correlator=107145508175&frm=23&ife=1&pv=2&ga_vid=861161258.1700481257&ga_sid=1700481260&ga_hid=1611875559&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1718&biw=1600&bih=1200&isw=336&ish=280&ifk=1385638549&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079628%2C42532524%2C44795921%2C44809317%2C31078297%2C31079757%2C44807749%2C44807763%2C44808149%2C44808285%2C44809054%2C31079757&oid=2&pvsid=3724342431652275&tmod=731767895&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.4lfycdhy4v2h&btvi=1&fsb=1&dtd=923
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 11:54:20 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31485
x-xss-protection
0
server
cafe
etag
7119415641918660631
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Mon, 20 Nov 2023 11:54:20 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 14C2 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1700481259&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fshi-ni-ma-bei-shi-xiong-hao-quan-ti-zao-fa-fang-11wei-xing-yun-er-zhong-5zhang-quan-shuang-na-3000.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700481258931&bpp=335&bdt=1142&idt=893&shv=r20231109&mjsv=m202311150101&ptt=5&saldr=sd&cookie=ID%3D1a41361e827bc7a2%3AT%3D1700481257%3ART%3D1700481257%3AS%3DALNI_MYFSSKGpZM-0LwDSvHsIEtPXCrmyw&gpic=UID%3D00000cceb2dbfa89%3AT%3D1700481257%3ART%3D1700481257%3AS%3DALNI_MZprw4zR294mb7E3ZeSjhnV_dgsUQ&correlator=107145508175&frm=23&ife=1&pv=2&ga_vid=861161258.1700481257&ga_sid=1700481260&ga_hid=1611875559&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1718&biw=1600&bih=1200&isw=336&ish=280&ifk=1385638549&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079628%2C42532524%2C44795921%2C44809317%2C31078297%2C31079757%2C44807749%2C44807763%2C44808149%2C44808285%2C44809054%2C31079757&oid=2&pvsid=3724342431652275&tmod=731767895&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.4lfycdhy4v2h&btvi=1&fsb=1&dtd=923
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f1.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 11:23:59 GMT
content-encoding
br
x-content-type-options
nosniff
age
1821
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 04 Dec 2023 11:23:59 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 14C2 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1700481259&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fshi-ni-ma-bei-shi-xiong-hao-quan-ti-zao-fa-fang-11wei-xing-yun-er-zhong-5zhang-quan-shuang-na-3000.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700481258931&bpp=335&bdt=1142&idt=893&shv=r20231109&mjsv=m202311150101&ptt=5&saldr=sd&cookie=ID%3D1a41361e827bc7a2%3AT%3D1700481257%3ART%3D1700481257%3AS%3DALNI_MYFSSKGpZM-0LwDSvHsIEtPXCrmyw&gpic=UID%3D00000cceb2dbfa89%3AT%3D1700481257%3ART%3D1700481257%3AS%3DALNI_MZprw4zR294mb7E3ZeSjhnV_dgsUQ&correlator=107145508175&frm=23&ife=1&pv=2&ga_vid=861161258.1700481257&ga_sid=1700481260&ga_hid=1611875559&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1718&biw=1600&bih=1200&isw=336&ish=280&ifk=1385638549&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079628%2C42532524%2C44795921%2C44809317%2C31078297%2C31079757%2C44807749%2C44807763%2C44808149%2C44808285%2C44809054%2C31079757&oid=2&pvsid=3724342431652275&tmod=731767895&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.4lfycdhy4v2h&btvi=1&fsb=1&dtd=923
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f1.1e100.net
Software
cafe /
Resource Hash
3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 09:24:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
8972
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8541
x-xss-protection
0
server
cafe
etag
737174102934380276
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 04 Dec 2023 09:24:48 GMT
l
www.google.com/ads/measurement/ Frame 14C2 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQHhiYl8oKf9E-yl5ptmvOuzHAEoMzL83RWO-TUAiHQl_rAeLwpKWWvootzaD9Fp5V_xGBsyhLViazPl9Taa5rDyXT6og
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1700481259&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fshi-ni-ma-bei-shi-xiong-hao-quan-ti-zao-fa-fang-11wei-xing-yun-er-zhong-5zhang-quan-shuang-na-3000.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700481258931&bpp=335&bdt=1142&idt=893&shv=r20231109&mjsv=m202311150101&ptt=5&saldr=sd&cookie=ID%3D1a41361e827bc7a2%3AT%3D1700481257%3ART%3D1700481257%3AS%3DALNI_MYFSSKGpZM-0LwDSvHsIEtPXCrmyw&gpic=UID%3D00000cceb2dbfa89%3AT%3D1700481257%3ART%3D1700481257%3AS%3DALNI_MZprw4zR294mb7E3ZeSjhnV_dgsUQ&correlator=107145508175&frm=23&ife=1&pv=2&ga_vid=861161258.1700481257&ga_sid=1700481260&ga_hid=1611875559&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1718&biw=1600&bih=1200&isw=336&ish=280&ifk=1385638549&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079628%2C42532524%2C44795921%2C44809317%2C31078297%2C31079757%2C44807749%2C44807763%2C44808149%2C44808285%2C44809054%2C31079757&oid=2&pvsid=3724342431652275&tmod=731767895&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.4lfycdhy4v2h&btvi=1&fsb=1&dtd=923
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.196 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f4.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 14C2 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1700481259&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fshi-ni-ma-bei-shi-xiong-hao-quan-ti-zao-fa-fang-11wei-xing-yun-er-zhong-5zhang-quan-shuang-na-3000.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700481258931&bpp=335&bdt=1142&idt=893&shv=r20231109&mjsv=m202311150101&ptt=5&saldr=sd&cookie=ID%3D1a41361e827bc7a2%3AT%3D1700481257%3ART%3D1700481257%3AS%3DALNI_MYFSSKGpZM-0LwDSvHsIEtPXCrmyw&gpic=UID%3D00000cceb2dbfa89%3AT%3D1700481257%3ART%3D1700481257%3AS%3DALNI_MZprw4zR294mb7E3ZeSjhnV_dgsUQ&correlator=107145508175&frm=23&ife=1&pv=2&ga_vid=861161258.1700481257&ga_sid=1700481260&ga_hid=1611875559&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1718&biw=1600&bih=1200&isw=336&ish=280&ifk=1385638549&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079628%2C42532524%2C44795921%2C44809317%2C31078297%2C31079757%2C44807749%2C44807763%2C44808149%2C44808285%2C44809054%2C31079757&oid=2&pvsid=3724342431652275&tmod=731767895&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.4lfycdhy4v2h&btvi=1&fsb=1&dtd=923
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
sffe /
Resource Hash
d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 11:54:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65070
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1700193896630564"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 20 Nov 2023 11:54:20 GMT
viewability
ad13.ad-srv.net/ Frame EC05 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ad13.ad-srv.net/viewability?s=23871800065761004452326012514013&a=c6c533e7&vb=m
Requested by
Host: ad.ad-srv.net
URL: https://ad.ad-srv.net/request.php?zone=kkcbcktdgmf7&renderingType=html&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&documentReferer=https%3A%2F%2F0cdb8e87210a0ca781607e22327923a6.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&ancestorOrigins=https%3A%2F%2F0cdb8e87210a0ca781607e22327923a6.safeframe.googlesyndication.com%2Chttps%3A%2F%2Fwww.bg3.co&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&extVar[]=AF_SSP:Doubleclick+Ad+Exchange+by+Google&extVar[]=AF_DOM_DELI:www.bg3.co&extVar[]=AF_DOM_RTB:bg3.co&subid=7105060873762785654&rnd=81098&gdpr=0&gdpr_consent=&redirectClick=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3DL%26ai%3DCboqr6UhbZfq2McOI9u8Ps6abYJGtxbxc3ebspu4CwI23ARABIABg9Y27gZgEggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDTIAQmpAhGdqMqfqIM-4AIAqAMByAMCqgT-Ak_QYZFomtiqJrUMhlSzJYpCo3dpJ6aMQ6NjStaYoz_VqQDnNoXQH045hcGtGzvGIM3EyKs3T14TGh_6Yr7smiNGAmM6tbJl_I3-80K_3wO3NrEF2MDfJJBSKMLBdCj55w6xy_7n1l_3XUKCx8nR-gGj23Defpk7NM3BUzkiFw-Wn7hqxRQxLGNu2b9kM65VbrhF3KKbWiLSsbyz1t8CpeK6fF5BaR32RmtfdZOsPxtjgAdOZIsH4SI-AOwIyrobZRDsH_RFe2Xvx7iKlXII1Ewrk9o9A6Sg64W1UJuklzaLWdw7U1urvAvJ31MmTr6WKC2EmOvD3hVR1yxB8AbtTKu0vxy_Bk9IPt0NFp6Ynd9IQjQG4WijQPMZKj_VZL7NQOI-lv4UJv_A9LEr9-uT5C_rgH9EDiodamYA7gLLHwiC0VrAd-1OEq2x6l95Lzj3Rg6YTAalCcPt4eTwode1gyBAUndFofHkLW2vH-VvtIDg94nL03Y6qimi05-5LdngBAGABseL9NrNoKyasgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE68ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgw-gsCCAGADAHiDRMIicTFqsLSggMVQ4T9Bx0z0wYM0BUBgBcB%26num%3D1%26sig%3DAOD64_2YWjfXYmAGCDegd-zUgj69ZfnlwQ%26client%3Dca-pub-8933329999391104%26adurl%3Dhttps%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D54110933%3Bcrtbwp%3DZVtI6QAMW3oH_YRDAAbTM4u0qNerTunf4RWcLA%3Bcrtbdata%3DYuRdJOSHy5zI_PcTjfGRYKpHQjT3nfjq5kFGsrj9q6lBqx9Htn_7GTl7QWIkllmtB0Zv1VhWI64La16hzRAvlXD04MqW1HEyB7tZllmO0QvmJcZbf0ko94c4M2Qhdmv8owBELcNBe-ir3AVB4Xp0aWRxbg4Rm3WRhh51UAwxVFO-LOaajMikP-t1qzlwHdUHzTsJGp5DfTWeN8uThe2kIU7jQOZYXNLwQy91pGzS71x3kw8zAOxR8BqxL2e8QLHxN0emMd0A9203rUb4zBGTN06-QClL-MxkPalRKZDz3Pp0-Uv3UM-EOl6LBR_CirIRsdwWyPT5miNB4SKZKGrNxw2%3Badfibeg%3D0%3Bcdata%3Dpu6KinkRptpydr60SavkIc5FUbYsBq2I2udXaIzXfZ8rWKWEHL6U8cSqjIXd1ONvqU3n2qjTuTQp3-HcdHOt-nwqkKpBn-_tRcphiL3x-mVczQvwPX1n2TgIs4RpP7F-2e6R22Hel9zE4_sQZGQgqA2%3B%3BCREFURL%3Dhttps%253a%252f%252fwww.bg3.co%3BC%3D1%3Bcpdir%3D&uidRedirect=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
116.202.48.214 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.214.48.202.116.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ad.ad-srv.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 20 Nov 2023 11:54:20 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
cshow.php
www.awin1.com/ Frame 64DB 		43 B
703 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.awin1.com/cshow.php?s=2965111&v=15168&q=361106&r=783431&pv=1&pref2=15168&pref1=23871800065761004452326012514013&gdpr=&gdpr_consent=
Requested by
Host: ad.ad-srv.net
URL: https://ad.ad-srv.net/request.php?zone=kkcbcktdgmf7&renderingType=html&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&documentReferer=https%3A%2F%2F0cdb8e87210a0ca781607e22327923a6.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&ancestorOrigins=https%3A%2F%2F0cdb8e87210a0ca781607e22327923a6.safeframe.googlesyndication.com%2Chttps%3A%2F%2Fwww.bg3.co&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&extVar[]=AF_SSP:Doubleclick+Ad+Exchange+by+Google&extVar[]=AF_DOM_DELI:www.bg3.co&extVar[]=AF_DOM_RTB:bg3.co&subid=7105060873762785654&rnd=81098&gdpr=0&gdpr_consent=&redirectClick=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3DL%26ai%3DCboqr6UhbZfq2McOI9u8Ps6abYJGtxbxc3ebspu4CwI23ARABIABg9Y27gZgEggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDTIAQmpAhGdqMqfqIM-4AIAqAMByAMCqgT-Ak_QYZFomtiqJrUMhlSzJYpCo3dpJ6aMQ6NjStaYoz_VqQDnNoXQH045hcGtGzvGIM3EyKs3T14TGh_6Yr7smiNGAmM6tbJl_I3-80K_3wO3NrEF2MDfJJBSKMLBdCj55w6xy_7n1l_3XUKCx8nR-gGj23Defpk7NM3BUzkiFw-Wn7hqxRQxLGNu2b9kM65VbrhF3KKbWiLSsbyz1t8CpeK6fF5BaR32RmtfdZOsPxtjgAdOZIsH4SI-AOwIyrobZRDsH_RFe2Xvx7iKlXII1Ewrk9o9A6Sg64W1UJuklzaLWdw7U1urvAvJ31MmTr6WKC2EmOvD3hVR1yxB8AbtTKu0vxy_Bk9IPt0NFp6Ynd9IQjQG4WijQPMZKj_VZL7NQOI-lv4UJv_A9LEr9-uT5C_rgH9EDiodamYA7gLLHwiC0VrAd-1OEq2x6l95Lzj3Rg6YTAalCcPt4eTwode1gyBAUndFofHkLW2vH-VvtIDg94nL03Y6qimi05-5LdngBAGABseL9NrNoKyasgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE68ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgw-gsCCAGADAHiDRMIicTFqsLSggMVQ4T9Bx0z0wYM0BUBgBcB%26num%3D1%26sig%3DAOD64_2YWjfXYmAGCDegd-zUgj69ZfnlwQ%26client%3Dca-pub-8933329999391104%26adurl%3Dhttps%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D54110933%3Bcrtbwp%3DZVtI6QAMW3oH_YRDAAbTM4u0qNerTunf4RWcLA%3Bcrtbdata%3DYuRdJOSHy5zI_PcTjfGRYKpHQjT3nfjq5kFGsrj9q6lBqx9Htn_7GTl7QWIkllmtB0Zv1VhWI64La16hzRAvlXD04MqW1HEyB7tZllmO0QvmJcZbf0ko94c4M2Qhdmv8owBELcNBe-ir3AVB4Xp0aWRxbg4Rm3WRhh51UAwxVFO-LOaajMikP-t1qzlwHdUHzTsJGp5DfTWeN8uThe2kIU7jQOZYXNLwQy91pGzS71x3kw8zAOxR8BqxL2e8QLHxN0emMd0A9203rUb4zBGTN06-QClL-MxkPalRKZDz3Pp0-Uv3UM-EOl6LBR_CirIRsdwWyPT5miNB4SKZKGrNxw2%3Badfibeg%3D0%3Bcdata%3Dpu6KinkRptpydr60SavkIc5FUbYsBq2I2udXaIzXfZ8rWKWEHL6U8cSqjIXd1ONvqU3n2qjTuTQp3-HcdHOt-nwqkKpBn-_tRcphiL3x-mVczQvwPX1n2TgIs4RpP7F-2e6R22Hel9zE4_sQZGQgqA2%3B%3BCREFURL%3Dhttps%253a%252f%252fwww.bg3.co%3BC%3D1%3Bcpdir%3D&uidRedirect=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.102.45.165 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-102-45-165.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
https://ad.ad-srv.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Awin-Akamai-Rule-Set
default
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Mon, 20 Nov 2023 11:54:20 GMT
Expires
0
Node
Helix
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Pragma
no-cache
Strict-Transport-Security
max-age=86400
/
cds.taboola.com/ 		0
82 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cds.taboola.com/?uid=80f40258-4d6d-4864-8dfc-336d46891148-tuctc54ce68&mbl=ZmFsc2U=
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 20 Nov 2023 11:54:20 GMT
cache-control
no-store
server
nginx
truncated
/ Frame EC05 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
addDoubleBorder.js
cdn.contentspread.net/cynamics/tools/js/ Frame EC05 		851 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.contentspread.net/cynamics/tools/js/addDoubleBorder.js
Requested by
Host: ad.ad-srv.net
URL: https://ad.ad-srv.net/request.php?zone=kkcbcktdgmf7&renderingType=html&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&documentReferer=https%3A%2F%2F0cdb8e87210a0ca781607e22327923a6.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&ancestorOrigins=https%3A%2F%2F0cdb8e87210a0ca781607e22327923a6.safeframe.googlesyndication.com%2Chttps%3A%2F%2Fwww.bg3.co&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&extVar[]=AF_SSP:Doubleclick+Ad+Exchange+by+Google&extVar[]=AF_DOM_DELI:www.bg3.co&extVar[]=AF_DOM_RTB:bg3.co&subid=7105060873762785654&rnd=81098&gdpr=0&gdpr_consent=&redirectClick=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3DL%26ai%3DCboqr6UhbZfq2McOI9u8Ps6abYJGtxbxc3ebspu4CwI23ARABIABg9Y27gZgEggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDTIAQmpAhGdqMqfqIM-4AIAqAMByAMCqgT-Ak_QYZFomtiqJrUMhlSzJYpCo3dpJ6aMQ6NjStaYoz_VqQDnNoXQH045hcGtGzvGIM3EyKs3T14TGh_6Yr7smiNGAmM6tbJl_I3-80K_3wO3NrEF2MDfJJBSKMLBdCj55w6xy_7n1l_3XUKCx8nR-gGj23Defpk7NM3BUzkiFw-Wn7hqxRQxLGNu2b9kM65VbrhF3KKbWiLSsbyz1t8CpeK6fF5BaR32RmtfdZOsPxtjgAdOZIsH4SI-AOwIyrobZRDsH_RFe2Xvx7iKlXII1Ewrk9o9A6Sg64W1UJuklzaLWdw7U1urvAvJ31MmTr6WKC2EmOvD3hVR1yxB8AbtTKu0vxy_Bk9IPt0NFp6Ynd9IQjQG4WijQPMZKj_VZL7NQOI-lv4UJv_A9LEr9-uT5C_rgH9EDiodamYA7gLLHwiC0VrAd-1OEq2x6l95Lzj3Rg6YTAalCcPt4eTwode1gyBAUndFofHkLW2vH-VvtIDg94nL03Y6qimi05-5LdngBAGABseL9NrNoKyasgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE68ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgw-gsCCAGADAHiDRMIicTFqsLSggMVQ4T9Bx0z0wYM0BUBgBcB%26num%3D1%26sig%3DAOD64_2YWjfXYmAGCDegd-zUgj69ZfnlwQ%26client%3Dca-pub-8933329999391104%26adurl%3Dhttps%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D54110933%3Bcrtbwp%3DZVtI6QAMW3oH_YRDAAbTM4u0qNerTunf4RWcLA%3Bcrtbdata%3DYuRdJOSHy5zI_PcTjfGRYKpHQjT3nfjq5kFGsrj9q6lBqx9Htn_7GTl7QWIkllmtB0Zv1VhWI64La16hzRAvlXD04MqW1HEyB7tZllmO0QvmJcZbf0ko94c4M2Qhdmv8owBELcNBe-ir3AVB4Xp0aWRxbg4Rm3WRhh51UAwxVFO-LOaajMikP-t1qzlwHdUHzTsJGp5DfTWeN8uThe2kIU7jQOZYXNLwQy91pGzS71x3kw8zAOxR8BqxL2e8QLHxN0emMd0A9203rUb4zBGTN06-QClL-MxkPalRKZDz3Pp0-Uv3UM-EOl6LBR_CirIRsdwWyPT5miNB4SKZKGrNxw2%3Badfibeg%3D0%3Bcdata%3Dpu6KinkRptpydr60SavkIc5FUbYsBq2I2udXaIzXfZ8rWKWEHL6U8cSqjIXd1ONvqU3n2qjTuTQp3-HcdHOt-nwqkKpBn-_tRcphiL3x-mVczQvwPX1n2TgIs4RpP7F-2e6R22Hel9zE4_sQZGQgqA2%3B%3BCREFURL%3Dhttps%253a%252f%252fwww.bg3.co%3BC%3D1%3Bcpdir%3D&uidRedirect=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
54.36.108.3 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3112796.ip-54-36-108.eu
Software
nginx /
Resource Hash
abaa484421865309a7781e540844f1b5260ed131080f8dd9f083d8f18beea107

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ad.ad-srv.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 20 Nov 2023 11:54:20 GMT
Last-Modified
Tue, 03 May 2016 20:55:13 GMT
Server
nginx
ETag
"57291031-353"
Content-Type
application/javascript
Connection
close
Accept-Ranges
bytes
Content-Length
851
pixel
googleads.g.doubleclick.net/xbbe/ Frame 4A08 		478 B
242 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxiXwojGATAB&v=APEucNWcLfkXtMG9yfK2uT9U5yCcrOBA1hPQ7i4CXtvQO6IaE8vRvzpYt4Cojc0MB_foP4vbST71AtImxl-0mJOt6Xr11L8p1w
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1700481259&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fshi-ni-ma-bei-shi-xiong-hao-quan-ti-zao-fa-fang-11wei-xing-yun-er-zhong-5zhang-quan-shuang-na-3000.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700481258931&bpp=335&bdt=1142&idt=893&shv=r20231109&mjsv=m202311150101&ptt=5&saldr=sd&cookie=ID%3D1a41361e827bc7a2%3AT%3D1700481257%3ART%3D1700481257%3AS%3DALNI_MYFSSKGpZM-0LwDSvHsIEtPXCrmyw&gpic=UID%3D00000cceb2dbfa89%3AT%3D1700481257%3ART%3D1700481257%3AS%3DALNI_MZprw4zR294mb7E3ZeSjhnV_dgsUQ&correlator=107145508175&frm=23&ife=1&pv=2&ga_vid=861161258.1700481257&ga_sid=1700481260&ga_hid=1611875559&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1718&biw=1600&bih=1200&isw=336&ish=280&ifk=1385638549&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079628%2C42532524%2C44795921%2C44809317%2C31078297%2C31079757%2C44807749%2C44807763%2C44808149%2C44808285%2C44809054%2C31079757&oid=2&pvsid=3724342431652275&tmod=731767895&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.4lfycdhy4v2h&btvi=1&fsb=1&dtd=923
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
0414d0221112224b4c926de91a6e316f9d9aba685aa8b05fd0654848d8fcdf55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1700481259&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fshi-ni-ma-bei-shi-xiong-hao-quan-ti-zao-fa-fang-11wei-xing-yun-er-zhong-5zhang-quan-shuang-na-3000.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700481258931&bpp=335&bdt=1142&idt=893&shv=r20231109&mjsv=m202311150101&ptt=5&saldr=sd&cookie=ID%3D1a41361e827bc7a2%3AT%3D1700481257%3ART%3D1700481257%3AS%3DALNI_MYFSSKGpZM-0LwDSvHsIEtPXCrmyw&gpic=UID%3D00000cceb2dbfa89%3AT%3D1700481257%3ART%3D1700481257%3AS%3DALNI_MZprw4zR294mb7E3ZeSjhnV_dgsUQ&correlator=107145508175&frm=23&ife=1&pv=2&ga_vid=861161258.1700481257&ga_sid=1700481260&ga_hid=1611875559&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1718&biw=1600&bih=1200&isw=336&ish=280&ifk=1385638549&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079628%2C42532524%2C44795921%2C44809317%2C31078297%2C31079757%2C44807749%2C44807763%2C44808149%2C44808285%2C44809054%2C31079757&oid=2&pvsid=3724342431652275&tmod=731767895&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.4lfycdhy4v2h&btvi=1&fsb=1&dtd=923
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
175
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 20 Nov 2023 11:54:20 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
publishertag.prebid.135.js
static.criteo.net/js/ld/ 		89 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.135.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
20678c305b50c0988193d64cb34f41e2dcb6f2fa48353106436ea301e07ce70a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 11:54:21 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 24 Feb 2023 07:57:32 GMT
server
nginx
etag
W/"63f86dec-16386"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 21 Nov 2023 11:54:21 GMT
js
www.googletagmanager.com/gtag/ 		273 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-700YDXWXPV
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/player/mvp/player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.136 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s46-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
d622c8e6b745047b3a60c01884c6ee7a1786d71c57154fb499eb562416adf266
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 11:54:20 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
92885
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 20 Nov 2023 11:54:20 GMT
js
www.googletagmanager.com/gtag/ 		273 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-700YDXWXPV&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JLX4K2W8JS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.136 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s46-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
823795570ca58ca3e3ff82c710acb3689e790223a3511c1c6ab6fff221f6510b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 11:54:20 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
92928
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 20 Nov 2023 11:54:20 GMT
4eabf492-5998-48a5-9526-55590cd01f96
https://www.bg3.co/ 		1 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
blob:https://www.bg3.co/4eabf492-5998-48a5-9526-55590cd01f96
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/shi-ni-ma-bei-shi-xiong-hao-quan-ti-zao-fa-fang-11wei-xing-yun-er-zhong-5zhang-quan-shuang-na-3000.html
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

Content-Range
bytes 0-1492/1493
Content-Length
1493
Content-Type
video/mp4
gen_204
pagead2.googlesyndication.com/pagead/ Frame 14C2 		0
56 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=9587644156792&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Nov 2023 11:54:20 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 14C2 		0
56 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=9587644156792&version=m202309260101&ct=77&x=1&cor=6533425844348239000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Nov 2023 11:54:20 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 14C2 		20 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DqFa_gvfCeRprrUbENVVzzV0KLpd4mJ3qghx_5qx1Ina3zijDRpgy6Oq0dIzoboXcd-h5xu5JB8MmTpeffxsBdRQg4hEUFOss_2nGeUhRQ3dZdi7_kHeMyMgPdzlq-fAOgS6oxN74-G8gx4te1iEPqmFbuUCv-UZmL_o39UCBVwThieiA&cry=1&dbm_d=AKAmf-BiTiibF586Vs2ReZ5w7arPS1rOzOmLaQv88qYUOARuBPO5G4-zCMkIiT4eyPx3lSgIiTB5_VadXfacRbA7hO-CIE2eNWxx4Xq2g6XOKPLbLrMUZa_6disiPB9VFmcP0rn5BcUOkTuxE-feUTMHnKfjMyBg5A-q9k9q_pvYGqHuHtQEkW-uzeNtY3UJYRZP2d3SnazTYdRy6qoALisQQkH7Wg5VgoxWcv0lKoA_21sXl2eVLWCPSFtrug0VOEasnGDZO8hj49ZHY1Oe4p9yjOYwuxv0GZL9sGGO2KN9xcHnWSSWDYLevGO12hxAi-1DADXhAQbtWJZu0_NXEGeWu4RcHghQ6mAO58XDj2zAkFVmbDMtRDdpUFdhFh88fG3Cy7GAzMl3vhpYucT0WGHAxcpN9uGhszUFFoPaJjU-1Ft8mx3d2Uo2e_VCza7lGIRIiScQbK6WFP0yViF_tZHRguOSNyAEDIguWd5GInvN19KDkjiKVRmgpBu_DzfG4t0WBAT65ScC5vHhung6EweGZA4LcePoHl2zdF2bejm3NstkSXktMKR-g8ZP_7tR3IW9lYo7PQ8MTNKQUyvmu92zeLuScvuIA33pMjKJ8k7cOOMG8tl6jZcOynrB5NjriY99ms9ssTaD5rVDEd17oKbsq_beld3rU99EkljrlDpEC-9ezCaKEITakRLq6hTTiaEtBYGw4pZtEo0blCdB4IJUwZMwrAkyY9VdkaddXmLVsHkr8uI_BOhjBuFYl8s_BiZZ00I_COFopL91Kzg0MLsbN-_HXoMicfse4BkC6AT5mzs6IldsCuz6kctNAQqONmh7wKYNkuHl2hAaVI_w8cKNnm43tZ3OpJawiSB4gAH93k4NlVs8jp3mBRnkHkx9zk0KuZvTOjK3sQmfyKlGUAOe5xM-dG3sJsIpSncoopiXn6hV0QTwXigNdkUI_Cm0gYJ7Ag3S52a4iRaSQ6l5ICiGXzqydvl3SQGwg3NqLHaoSWidp9z7MKfHag-8m8JmSVsKxJylxH6Jf9hRVAL9nCFFTbbJrsVSHVGPIM9GOrsszF8ao_lSn0Ic_fS1UMjg5NSoJwVb7a1Fc3bIKyGidJ1DE1Igzcnyz7z_tBPfJUbIrCAg3PO4gacD86_Zm98ucPIC0tkSCgvTGwFeS4X4Fd7mBMMY6E22Gh1DsybfGO5P3XR_3ZaSGBNM7Wjk8KC3FQuVMlLo1s6wWDlDtLv4lurRsSo6ZyKzNo6N6H_7ex5_Y4zWUF2qI0dWaVs-Wfe-7bUbFT_AV5jO1UWffLBuJflCBUiuyDqWFjKf2QT2sTSvwkPQQLuqrOXHmlQjL1Sky4tM3gV1A9xBMsNn3jqQHazIzSlZJvvHV7u2ZY22RXIdjCJy1n7_eMrOA5Rcn10r1Ej4NCxXcK99WHM9mtF4REhNUnsGtHlAPeeLwQ2G8R5K68qwxeb7kkF6lqTwB3CodU14Yk6uPMv9e0wwknaVXn_WvTNoMZogwxaKJRfc4WMMXk7v2M_VVT_PaEPdC2DyqsOKj4etdUntVAUGYuGe2M-X63QaUvS1kThYYvgNrCyCKCRTSD-pvX7ayWu0d7qisQ4a2X0k2aRscHIwI0e2vTeDz3KzQWM_5N2ctCbljYY0BT39ndCLoYoFKI2_pKjXwUQMK2mSOk6VNvMnues7mv961ISlFPn1k-UkHUYmbafxyumG9PjdUaj3y-WZgAqNRyiwdgz8EKMCh2f0gxt92hRkUAC0PhdnVBgpiix95irVus8wf1sFrr6Gpa64OOcZSkgtfUzL1f606JXb29HcE2xhWBoBW0LyMr0pXI0Fxpk8lDdbSgC_XwKGzf0c4PfqYI7OGuy7-TOUmtY43lLrfCm9ud1Peq_RwvXGUiEL7uSwZItGkbuMNYylNoAr-IbcGhmWj4WwrkCZ5NLTMUAljIBZcA6zrKGNamXrshLIvAY02kb-KtEkYpmtV2K12MVyXP_ndS_nQcr8zbgTp24aaCLUWRh996kgMO6tz-LRZ0OwoPKF9V8SjyNoZk0DTVTWKzGseB5RVW-ydIcZXTUBcPQSXunXGvAy4BTDBQmgmGDOONEytI2mudSO_vtdnLvvu0_WMJ0DjBeHyMWcw6BNKhEACDKsFbRaZg-PBQ22vPrE5i867t9yD65E-IyIvC3nMtDHUO-uL0FEQIO_8rmZRh8xNz7x0-4vl5GCxQRfWQLElcmMSst9ng20qxtkK9gzlVytojQYFYHAuDSeFVbRX7R-iBV8ZUdoVcJ3QvydzFncajDbigfUrZDzfeSrU2a_4byRTp9vP8vDakp_XZqIAE_LQeHpnR3sQU_rtlzw83qDBL_SuS_lY1Ex6NwULOidr4liHgtKZxhh7ZhofZAoj54hYC9-rUqvOG7JDDpYaUxGErFaIzfpwpWzDmxPc0V_ePF8htKutHplmn8YeCcC_acQ3Rw0XpZVHLEDOEKHUZxV0Hf0-FIRRj26D2hpKCJh2mGbH4-0ctIKyNZFvbAR6Wj_PtjJ39UMMiA2TUYrAKg52v1cELOEBIZ-smEBEhb6s-yiNO6YM6vltIGZpyh6ZfrR9E2CJ1bOgDyvmgll_fmEDUrZwIg42vZhKOo4X9MY0H3RmyDKfl1OJP_lUzy5sf6nJ6DS77poClC9Avuv6zPz-ulqRcYJGPB2xtKPD4qF7PyNPL1zGj_zoXoacdCwpAbja-VRuwG_xpmIZ0A3RXnhIkz7v5TtTcV82kF0YYhoz9lUJ0aIFwuN1uKMb21iqfgBZUzfXsE66YGSTIJOLU8b8kWMln5O719Dep3KmvIIsg1C-NanJuVtopC9U4UJwY4gpX0GxIxifCg7aaMunPYKmnhvkb3LmUIMvWqr072c8jTPUMtID2trVgV-ZmxgfGAzf0m2BsKrUt7UclX8r7Qfgmli4UbmioJVUqJPoZAo_jrQO4aGuA1MrwHS-W50fA6iFKj-j6D2V8w1Hwu5IOCpHW_-IKUQit_q0KDotFspQtxKRdIaBPlRQuV_g4FO8evurGxrxXAvZRWFHLkeojyBa0MduYXxIh_EODq30Wmm4cyLGVSpArtd68T0n1fHwmIHcyUIcknRxL-5YzMOfkh9VWVAKZRqJsSO7WSrOmWhhU0DegAvSkevBL1Vbto77FCtNFKQGxSUEzoRzU-YU7D61cpzM7EY5Pg_1M0dpGCVN_TVJ8G9_wxZIY8fWj0KutEBsf6zILtUdNY8KHlZavDLxBTrJcg84Rnc30aD3hMYI_JEhlG94E3usc6qEEx5U3QwtWYbzzNat60gkjFaS4lI2S-9DuVc47Rp6pkydCMUgQ50k6h33a5_TcxaoTUH0PxkJWXSj9WQIymHQb9hl_wggBxsdyqHW2s5BEg95vOY1-BzuOwrZTDh8ps_Upzx8bk_jx3BjvqGQTs8Pa5m2SI-Y3dzAGj16yvE_F2-9ClQqSDd9BXpNtn_Us3a2oMW1xP-1XuLh8C4-NvRgW1_es5yk_y5JDwMz7RyA32IbdXCus91cwIggpgbGHeRzw50tdLpqL75Civ6Kx1fYM_g3jPC-pkuRUL0n6a7XS0fKpoim3Uumll-7qKAj7JJsMyh2IMt_TR0xIAWMexwcNyG9AsH3X6YszKA4R9UkVxhrRplSoUgn2DKLT0hgR8BUQyy-SCPbC6Nya8kXUFPbKIXWKSekqLg9Y1Lno-Naozz8sLC01U5iwf8OV36-Da5Rdy3RrkVVLCo297jWLtk1OHxDvEtryf9P_a8PpddRqE-2a2HBxWNg6acLQo0rbvgeKJK307Yyoke1Wk9hU88WHqFP0thkqI4kXTi60qN5U0At1067W0OwBiSfpRhR68O3h8174pW8YAkh5io3i95YEdbmvgPMZt82EJSEBDnkB07uR3I_e2JMTmAZ3k-JnVuQkBEIiMfjp9eb8YbDM3r8_d_Y4U0lvUsHKaz5K4i5PEJcjC7BI-O7me808YfwyzwhGed0Na23FNVvuasvw&cid=CAQSOwDICaaNmysRusZAEu-XEo3_JuxlLDBjAI2tqMuA54kURRXVCJqyhEEtEOgDZpP2NL8pdEIGcoc8YCmfGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.bg3.co&ds=l&xdt=1&iif=1&cor=6533425844348239000&adk=3676778483&idt=107&cac=0&dtd=45
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
d44bbab775ae10d769bae142bf5204bc505a0388ee4288137f2ab613cc5f07a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1700481259&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fshi-ni-ma-bei-shi-xiong-hao-quan-ti-zao-fa-fang-11wei-xing-yun-er-zhong-5zhang-quan-shuang-na-3000.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700481258931&bpp=335&bdt=1142&idt=893&shv=r20231109&mjsv=m202311150101&ptt=5&saldr=sd&cookie=ID%3D1a41361e827bc7a2%3AT%3D1700481257%3ART%3D1700481257%3AS%3DALNI_MYFSSKGpZM-0LwDSvHsIEtPXCrmyw&gpic=UID%3D00000cceb2dbfa89%3AT%3D1700481257%3ART%3D1700481257%3AS%3DALNI_MZprw4zR294mb7E3ZeSjhnV_dgsUQ&correlator=107145508175&frm=23&ife=1&pv=2&ga_vid=861161258.1700481257&ga_sid=1700481260&ga_hid=1611875559&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1718&biw=1600&bih=1200&isw=336&ish=280&ifk=1385638549&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079628%2C42532524%2C44795921%2C44809317%2C31078297%2C31079757%2C44807749%2C44807763%2C44808149%2C44808285%2C44809054%2C31079757&oid=2&pvsid=3724342431652275&tmod=731767895&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.4lfycdhy4v2h&btvi=1&fsb=1&dtd=923
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Nov 2023 11:54:20 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13968
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
d10c8146-0e96-41d9-ad9b-b3d6c7fb5e45
https://www.bg3.co/ 		1 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
blob:https://www.bg3.co/d10c8146-0e96-41d9-ad9b-b3d6c7fb5e45
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/shi-ni-ma-bei-shi-xiong-hao-quan-ti-zao-fa-fang-11wei-xing-yun-er-zhong-5zhang-quan-shuang-na-3000.html
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

Content-Range
bytes 0-1492/1493
Content-Length
1493
Content-Type
video/mp4
sodar
pagead2.googlesyndication.com/pagead/ Frame E064 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202311090101&jk=3441359473568310&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/shi-ni-ma-bei-shi-xiong-hao-quan-ti-zao-fa-fang-11wei-xing-yun-er-zhong-5zhang-quan-shuang-na-3000.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
track
t2.teads.tv/ Frame 15E6 		23 B
134 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t2.teads.tv/track?action=hbSlotAvailable&pid=169092&pageId=154680&vid=8adde49d-de5a-4b5d-a829-faebc86d335c&pfid=68&env=js-web&ut=1&cid=1166310&gid=1103584&auctid=c9f24334-ebc2-4284-83d7-75d11f8708ac_4e1ab388-1e94-4ca3-bd0a-85357d24acb7&sid=174681&scid=7024&hb_provider=prebid&hb_ad_unit_code=STICKY_ADP_42753_728X90_d1c10a72-27b4-4931-8ce7-99a18ebbdbae&pscid=20204&psid=415253&cost=dvOfNgSNVKipRqRBUSR0FXuT&cost_curr=USD&analyticsOnly=false&brid=7119&ad_source_id=128&dsp_campaign_id=1103584&dsp_creative_id=1166310&fms=9&p=TWZ2z3j4zktdBFBZE8Z_ASFgI_OnGKArzx_ientc3r9iEKfmCl7ylahTlBof2erg-l0&cts=1700481258795&cs=-254589273580577399205&1700481258794=&slot=native&fv=1289&ts=1700481260745&plft=flv&hb_w=728&hb_h=90&referer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fshi-ni-ma-bei-shi-xiong-hao-quan-ti-zao-fa-fang-11wei-xing-yun-er-zhong-5zhang-quan-shuang-na-3000.html
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/shi-ni-ma-bei-shi-xiong-hao-quan-ti-zao-fa-fang-11wei-xing-yun-er-zhong-5zhang-quan-shuang-na-3000.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.212.89.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-212-89-35.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Sat, 26 Jul 1997 05:00:00 GMT
date
Mon, 20 Nov 2023 11:54:20 GMT
cache-control
max-age=0, no-cache, no-store
content-length
23
content-type
image/gif
track
t.teads.tv/ Frame 15E6 		23 B
134 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.teads.tv/track?action=adReceived&env=js-web&auctid=c9f24334-ebc2-4284-83d7-75d11f8708ac_4e1ab388-1e94-4ca3-bd0a-85357d24acb7&pageId=154680&pid=169092&hb_provider=prebid&vid=8adde49d-de5a-4b5d-a829-faebc86d335c&pfid=68&f=1&slot=native&fv=1289&ts=1700481260746&plft=flv&hb_w=728&hb_h=90&referer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fshi-ni-ma-bei-shi-xiong-hao-quan-ti-zao-fa-fang-11wei-xing-yun-er-zhong-5zhang-quan-shuang-na-3000.html
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/shi-ni-ma-bei-shi-xiong-hao-quan-ti-zao-fa-fang-11wei-xing-yun-er-zhong-5zhang-quan-shuang-na-3000.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.161.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-161-51.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Sat, 26 Jul 1997 05:00:00 GMT
date
Mon, 20 Nov 2023 11:54:20 GMT
cache-control
max-age=0, no-cache, no-store
content-length
23
content-type
image/gif
nurl
a.teads.tv/be-ms/ Frame 15E6 		10 KB
10 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/be-ms/nurl?payload=GISpCiDml0co4K1DMkoJAAAAAADuMT8hmpmZmZmZ6T8oyfPxtg8yGyoZChUIzZQGEgNVU0QaCmltcHJlc3Npb24YATiu5BJYBWCu5BJwxeVCeKWURZgBADgBQgNDSEZIAVAAWAByBmpzLXdlYngAgAFEkgFjCAUQ9AUYtU8g8tEKKgQxMjI3MP___________wE6BHdpZmlCFmluaXQ3IHN3aXR6ZXJsYW5kIGx0ZC5KAT9SDWV1cm9wZS96dXJpY2haC2xlcyBhY2FjaWFzYgdzY2h3ZWl6mgEKd3d3LmJnMy5jb6ABAqgBA7gBzzfCAQZwcmViaWTgAQH6ATMSLwoWCISFid7O5pD5yQEQrJGc_JG63euDARIVCKOZ0fSB8ayNThC32ZLp16ahhb0BGACAAq-p0-S-MYoCB1dpbmRvd3OSAgQxMC4wmAIAqgI8U1RJQ0tZX0FEUF80Mjc1M183MjhYOTBfZDFjMTBhNzItMjdiNC00OTMxLThjZTctOTlhMThlYmJkYmFlsgIaChYI3Zbp8t2T-e6KARDc5rTDvN3-lKgBIADYAgDgAgDxAgAAAAAAAPA_-AIBgAMAogN8aHR0cHM6Ly93d3cuYmczLmNvL2Evc2hpLW5pLW1hLWJlaS1zaGkteGlvbmctaGFvLXF1YW4tdGktemFvLWZhLWZhbmctMTF3ZWkteGluZy15dW4tZXItemhvbmctNXpoYW5nLXF1YW4tc2h1YW5nLW5hLTMwMDAuaHRtbKgDALIDAmNougMGQ2hyb21lwANZyAMA0AMA6gMnCgcIABABGP8BEgQIAhABGgQIBBAAIgQIAxAAKgQIBRAAMgQIARAA8gMNODUuMTk1LjI0MC4yOPgDAoAEAA==&auction_currency=USD&pscid=20204&scid=7024&sid=174681&auction_price=pmp0z-u2muK-0SMxfyoP69ZpFcPHa9BLG89TlXd1HeuTfA&psid=415253&checksum=-685747161
Requested by
Host: a.teads.tv
URL: https://a.teads.tv/media/flavors/native.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.21.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-21-51.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
43bab35a004bbb257ee04af8cec82a2bb8a2f5d5eb989f4b3792cf4af88ae869

Request headers

Accept
application/json; charset=UTF-8
Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Nov 2023 11:54:20 GMT
access-control-max-age
1728000
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Accept-Encoding, Accept-Language, Host, Referer, User-Agent
content-length
9969
expires
Mon, 20 Nov 2023 11:54:20 GMT
pixel
cm.g.doubleclick.net/ Frame 4A08 		170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_dbm
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxiXwojGATAB&v=APEucNWcLfkXtMG9yfK2uT9U5yCcrOBA1hPQ7i4CXtvQO6IaE8vRvzpYt4Cojc0MB_foP4vbST71AtImxl-0mJOt6Xr11L8p1w
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Nov 2023 11:54:20 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 4A08
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMRhU4Np4eIhaHaGwMZonyE&google_cver=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMRhU4Np4eIhaHaGwMZonyE&google_cver=1&C=1
43 B
342 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMRhU4Np4eIhaHaGwMZonyE&google_cver=1&C=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxiXwojGATAB&v=APEucNWcLfkXtMG9yfK2uT9U5yCcrOBA1hPQ7i4CXtvQO6IaE8vRvzpYt4Cojc0MB_foP4vbST71AtImxl-0mJOt6Xr11L8p1w
Protocol
H2
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Nov 2023 11:54:21 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Lf1ZtpPYzywQQKe6uJrJPptschA%2B6E3H%2B%2BxWx2ki19FB%2FIzZPZ1ypIRi9Qf%2FF1zfzIqnP7H0cz%2BsSfTdrb46j5msgNbAcblm2jzrs%2BYwWhPSfvBku80j0zhIWnMI8AgNmg7TMvkIbOTV7w%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
82907f697a1a0246-CDG
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 20 Nov 2023 11:54:20 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M3GfkgWyM8KDoYosdbWgDz93brIWhWxjXfRoZ9QCxIdJPRLGZCvKqzhE5HgnhChQsLYI6RJ50BndlGs%2B7QYOHRadKSJwumsPFvHkGjR4ufy9ONZmdMDtQiJb0UmabS3tSyu7Di094%2BnxuQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
/rum?cm_dsp_id=45&external_user_id=CAESEMRhU4Np4eIhaHaGwMZonyE&google_cver=1&C=1
cache-control
no-cache
cf-ray
82907f6888d60246-CDG
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
rum
dsum-sec.casalemedia.com/ Frame 4A08
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZVtI7K260X9zfc-X-dAvRwAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMRhU4Np4eIhaHaGwMZonyE&google_cver=1
43 B
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMRhU4Np4eIhaHaGwMZonyE&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxiXwojGATAB&v=APEucNWcLfkXtMG9yfK2uT9U5yCcrOBA1hPQ7i4CXtvQO6IaE8vRvzpYt4Cojc0MB_foP4vbST71AtImxl-0mJOt6Xr11L8p1w
Protocol
H2
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Nov 2023 11:54:21 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zk9HS1YVPFudwRkJja0wY2rJR0wnzzZE4FOqQywTcDR2yodFJMQzn2EL7NkpUAQkaDySII5Xk469TszSsRPm2%2F%2B9OSgRbcKEIlxQ4WWQNjDMPmM3aDC56n%2F85YzROPyy79Pix%2F55ydwDVw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
82907f6a4b4c0246-CDG
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 20 Nov 2023 11:54:21 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMRhU4Np4eIhaHaGwMZonyE&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ 		4 KB
4 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
aef991b2e0b693a95d41986576dd3901ea7ac03b379501b1caba966058753308

Request headers

Referer
Origin
https://www.bg3.co
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
application/font-woff;charset=utf-8
player_logo.svg
cdn.unibotscdn.com/ubplayer/logo/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.unibotscdn.com/ubplayer/logo/player_logo.svg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/shi-ni-ma-bei-shi-xiong-hao-quan-ti-zao-fa-fang-11wei-xing-yun-er-zhong-5zhang-quan-shuang-na-3000.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.199.37.225 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
138-199-37-225.bunnyinfra.net
Software
BunnyCDN-DE1-1055 /
Resource Hash
dd59516db2adfd91bcc2bb8080517c21e49ffd845852ac32181d8f0c4e509e4d

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 11:54:20 GMT
content-encoding
gzip
cdn-edgestorageid
1048
cdn-storageserver
DE-676
cdn-cachedat
10/31/2023 18:58:34
cdn-pullzone
873945
last-modified
Thu, 17 Aug 2023 06:20:20 GMT
server
BunnyCDN-DE1-1055
cdn-fileserver
655
cdn-requestpullcode
206
cdn-proxyver
1.04
vary
Accept-Encoding
content-type
image/svg+xml
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
cache-control
public, max-age=2592000
cdn-requestid
0c2f0105445178d89afd7a5f27b12705
cdn-requestcountrycode
CH
cdn-status
200
cdn-requestpullsuccess
True
logo_2.svg
unibots.b-cdn.net/ubplayer/logo/new/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://unibots.b-cdn.net/ubplayer/logo/new/logo_2.svg
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/mvp/css/main.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.59.220.198 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
185-59-220-198.bunnyinfra.net
Software
BunnyCDN-DE1-723 /
Resource Hash
98832b527517174f39aededb475e28656178b0877ce57737c73287c6d62137f2

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.unibotscdn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 11:54:21 GMT
content-encoding
gzip
cdn-edgestorageid
1047
cdn-storageserver
DE-676
cdn-cachedat
10/31/2023 18:58:25
cdn-pullzone
483488
last-modified
Thu, 01 Dec 2022 03:57:52 GMT
server
BunnyCDN-DE1-723
cdn-fileserver
135
cdn-requestpullcode
206
cdn-proxyver
1.04
vary
Accept-Encoding
content-type
image/svg+xml
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
cache-control
public, max-age=3600
cdn-requestid
101ee1a295678eabeb2d6a00c336c7b5
cdn-requestcountrycode
CH
cdn-status
200
cdn-requestpullsuccess
True
adview
securepubads.g.doubleclick.net/pagead/ Frame 7165 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CiID_6khbZfHyLqCV9u8P0-KMwAXNt7igdPrK3ZvhEafc_NDzBRABILqEwDNg9Y27gZgEoAHP6ruMA8gBCeACAKgDAcgDCqoEiANP0Ix7oVWwGojyPoEsglLlGRhnDTmzlxiRkpw-taje6FsrAlnA0uypasGwT8gcZKR21ONKJRuHdkkFyEI1dKKd6VjaneJwHxk9P9bTI5SU6UM5ehk7ZMlqwHLl1CsoL3K1KIGI_hybMqstJ9wcCuVsA8PeGDJKdetUoZjxbu6mJpbat742fWIyQwlKM8WvmQyTquomEr7NvZlpmqw8i3OicUz11d_7dJOXD4EAj3ln1bTrEFHxzgqjbnCcyUD2qD99LZ6UUCVFjVk0YT5Te5NKnW8Df30O9LSaUO7sC3ogIhZBxxc9ddspRifq0Kcjkkp7hW1eHkpqWcVGfVAgj-bqrcf9pASZfYXdmfESVYUDmzrQ1WncllpZzfWIVv_kEUK8f2uUWv-kOdv-hV-uAQDV23w2tJceSwjIjPgnDNNBWP_Iynt_fj2sDYOjNbt65BmI01zEcDQxkjZApJlpJS_dXXrLpNH5kAHp7VuymHS-jPxQsbvY1qzy31XTtORHg92Qp2FSMPgpG8AE9_PcspUE4AQBiAW3rJ7WRZIFBAgEGAGSBQQIBRgEoAYugAeT9MXdAqgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcA8gcEEJXMBtIIFAiAYRABGB0yAooCOgKAQEi9_cE68ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgwmgl_aHR0cHM6Ly9mZXZlcnVwLmNvbS9mci9nZW5ldmUvY2FuZGxlbGlnaHQ_dXRtX3NvdXJjZT1nb29nbGUmdXRtX21lZGl1bT1hZCZ1dG1fY2FtcGFpZ249Y2FuZGxlbGlnaHRfZ3ZhJnV0bV9jb250ZW50PTY2MTY1OTA1ODQ0OIAKA8gLAaIMGCoWChTktLEC7rWxArW4sQLktLEC7rWxAtoMEQoLEJCWkZuwuseTigESAgED4g0TCMDQ_6rC0oIDFaCK_QcdUzEDWNgTDdAVAYAXAbIXHgocCAASFHB1Yi0xMzI1MzQwNDI5ODIzNTAyGMqrHg&sigh=DxCvyRAMtG0&uach_m=[]&ase=2&nis=5&cid=CAQSOwDICaaNfcNUzOGhffng5GZCz54gjKE_jtmBeBlrnjypcdYaC3XAVjMvp_TypMmkJVgK4XhIL4XerKtXGAE&template_id=5000&cbvp=2
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/shi-ni-ma-bei-shi-xiong-hao-quan-ti-zao-fa-fang-11wei-xing-yun-er-zhong-5zhang-quan-shuang-na-3000.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
bridge3.605.0_en.html
imasdk.googleapis.com/js/core/ Frame 0BA7 		752 KB
241 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.202 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f10.1e100.net
Software
sffe /
Resource Hash
a2eacbd0a55e794d92e79a03b68c07f613a0ab710ffaffe5f1d12d67aac843a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
177994
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
246766
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Sat, 18 Nov 2023 10:27:46 GMT
expires
Sun, 17 Nov 2024 10:27:46 GMT
last-modified
Wed, 15 Nov 2023 19:11:18 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/ 		44 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f198.1e100.net
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 11:54:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 20 Nov 2023 11:54:21 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame A638 		40 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
sffe /
Resource Hash
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 10:55:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3532
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13893
x-xss-protection
0
last-modified
Wed, 09 Aug 2023 15:57:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Mon, 20 Nov 2023 11:55:28 GMT
playlist.m3u8
stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/ 		171 B
836 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/playlist.m3u8
Requested by
Host: vjs.zencdn.net
URL: https://vjs.zencdn.net/7.11.4/video.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.199.36.10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
138-199-36-10.bunnyinfra.net
Software
BunnyCDN-DE1-1053 /
Resource Hash
ca2e1012ff740149ec1d9c0710f779044c0b12c75bef9c8e05a5bcacafaec879

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 11:54:21 GMT
content-encoding
gzip
cdn-edgestorageid
1048
cdn-storageserver
NY-267
cdn-cachedat
04/11/2023 16:02:55
cdn-pullzone
829957
last-modified
Fri, 09 Dec 2022 05:44:02 GMT
server
BunnyCDN-DE1-1053
cdn-fileserver
354
cdn-requestpullcode
206
cdn-proxyver
1.03
vary
Accept-Encoding
content-type
application/vnd.apple.mpegurl
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=30
cdn-requestid
3c4b7625ff2ea8cfda8ea6e357b51b50
cdn-requestcountrycode
CH
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
track
t.teads.tv/ Frame 15E6 		23 B
134 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.teads.tv/track?action=adCall&pid=169092&pageId=154680&auctid=c9f24334-ebc2-4284-83d7-75d11f8708ac_4e1ab388-1e94-4ca3-bd0a-85357d24acb7&vid=8adde49d-de5a-4b5d-a829-faebc86d335c&hb_provider=prebid&hb_ad_unit_code=STICKY_ADP_42753_728X90_d1c10a72-27b4-4931-8ce7-99a18ebbdbae&env=js-web&gtc=1&gdpr_apply=false&gac=1&gap=1&ca=false&bsg=uncat&bsias=unsafe&pfid=68&gid=1103584&sid=174681&brid=7119&cid=1166310&rpm_reason=3&ut=1&p=VUpnQkykeBmy9oQg_j09DDjJv_Nm_O1y6DZJhYphryNbw5gSXrY071T-qu55dyLqApXm2QV_RUKVm7hN-9m19XfY&cts=1700481258795&cs=896892990760103347505&slot=native&fv=1289&ts=1700481261018&plft=flv&hb_w=728&hb_h=90&referer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fshi-ni-ma-bei-shi-xiong-hao-quan-ti-zao-fa-fang-11wei-xing-yun-er-zhong-5zhang-quan-shuang-na-3000.html
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/shi-ni-ma-bei-shi-xiong-hao-quan-ti-zao-fa-fang-11wei-xing-yun-er-zhong-5zhang-quan-shuang-na-3000.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.161.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-161-51.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Sat, 26 Jul 1997 05:00:00 GMT
date
Mon, 20 Nov 2023 11:54:21 GMT
cache-control
max-age=0, no-cache, no-store
content-length
23
content-type
image/gif
GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
pagead2.googlesyndication.com/bg/ Frame C0A7 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
sffe /
Resource Hash
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 09:18:33 GMT
content-encoding
br
x-content-type-options
nosniff
age
9348
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15296
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 16:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 19 Nov 2024 09:18:33 GMT
collect
region1.google-analytics.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-700YDXWXPV&gtm=45je3b81v9134755342&_p=1700481256110&gcd=11l1l1l1l1&dma=0&cid=861161258.1700481257&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1700481261&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fshi-ni-ma-bei-shi-xiong-hao-quan-ti-zao-fa-fang-11wei-xing-yun-er-zhong-5zhang-quan-shuang-na-3000.html&dt=%E6%98%AF%E4%BD%A0%E5%97%8E%EF%BC%9F%E5%8C%97%E5%B8%82%E7%86%8A%E5%A5%BD%E5%88%B8%E6%8F%90%E6%97%A9%E7%99%BC%E6%94%BE%E3%80%8011%E4%BD%8D%E5%B9%B8%E9%81%8B%E5%85%92%E4%B8%AD5%E5%BC%B5%E5%88%B8%E7%88%BD%E6%8B%BF3000%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&en=page_view&_fv=1&_ss=1&_ee=1&tfd=7427
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-700YDXWXPV&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.32.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Nov 2023 11:54:21 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bc0c2691-295b-455f-b4a8-adfc49545744
https://www.bg3.co/ 		5 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.bg3.co/bc0c2691-295b-455f-b4a8-adfc49545744
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/shi-ni-ma-bei-shi-xiong-hao-quan-ti-zao-fa-fang-11wei-xing-yun-er-zhong-5zhang-quan-shuang-na-3000.html
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d30b0267d0bf72b081aa7dcc95b79d9cfc1514aa50aead2d7b390abcf77883d4

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length
4896
Content-Type
application/javascript
b591af0f-ee0d-48f4-bc88-31ca5d9dcb40
https://www.bg3.co/ 		76 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.bg3.co/b591af0f-ee0d-48f4-bc88-31ca5d9dcb40
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/shi-ni-ma-bei-shi-xiong-hao-quan-ti-zao-fa-fang-11wei-xing-yun-er-zhong-5zhang-quan-shuang-na-3000.html
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
48e73bfa7149bb6f8a43bdcdf9362c23e496576431d5851f54c332f595c35fd0

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length
77931
Content-Type
application/javascript
fa10e554-6fb0-4135-b55e-d727fb8ed455
https://www.bg3.co/ 		76 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.bg3.co/fa10e554-6fb0-4135-b55e-d727fb8ed455
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/shi-ni-ma-bei-shi-xiong-hao-quan-ti-zao-fa-fang-11wei-xing-yun-er-zhong-5zhang-quan-shuang-na-3000.html
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
48e73bfa7149bb6f8a43bdcdf9362c23e496576431d5851f54c332f595c35fd0

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length
77931
Content-Type
application/javascript
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame 14C2 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DqFa_gvfCeRprrUbENVVzzV0KLpd4mJ3qghx_5qx1Ina3zijDRpgy6Oq0dIzoboXcd-h5xu5JB8MmTpeffxsBdRQg4hEUFOss_2nGeUhRQ3dZdi7_kHeMyMgPdzlq-fAOgS6oxN74-G8gx4te1iEPqmFbuUCv-UZmL_o39UCBVwThieiA&cry=1&dbm_d=AKAmf-BiTiibF586Vs2ReZ5w7arPS1rOzOmLaQv88qYUOARuBPO5G4-zCMkIiT4eyPx3lSgIiTB5_VadXfacRbA7hO-CIE2eNWxx4Xq2g6XOKPLbLrMUZa_6disiPB9VFmcP0rn5BcUOkTuxE-feUTMHnKfjMyBg5A-q9k9q_pvYGqHuHtQEkW-uzeNtY3UJYRZP2d3SnazTYdRy6qoALisQQkH7Wg5VgoxWcv0lKoA_21sXl2eVLWCPSFtrug0VOEasnGDZO8hj49ZHY1Oe4p9yjOYwuxv0GZL9sGGO2KN9xcHnWSSWDYLevGO12hxAi-1DADXhAQbtWJZu0_NXEGeWu4RcHghQ6mAO58XDj2zAkFVmbDMtRDdpUFdhFh88fG3Cy7GAzMl3vhpYucT0WGHAxcpN9uGhszUFFoPaJjU-1Ft8mx3d2Uo2e_VCza7lGIRIiScQbK6WFP0yViF_tZHRguOSNyAEDIguWd5GInvN19KDkjiKVRmgpBu_DzfG4t0WBAT65ScC5vHhung6EweGZA4LcePoHl2zdF2bejm3NstkSXktMKR-g8ZP_7tR3IW9lYo7PQ8MTNKQUyvmu92zeLuScvuIA33pMjKJ8k7cOOMG8tl6jZcOynrB5NjriY99ms9ssTaD5rVDEd17oKbsq_beld3rU99EkljrlDpEC-9ezCaKEITakRLq6hTTiaEtBYGw4pZtEo0blCdB4IJUwZMwrAkyY9VdkaddXmLVsHkr8uI_BOhjBuFYl8s_BiZZ00I_COFopL91Kzg0MLsbN-_HXoMicfse4BkC6AT5mzs6IldsCuz6kctNAQqONmh7wKYNkuHl2hAaVI_w8cKNnm43tZ3OpJawiSB4gAH93k4NlVs8jp3mBRnkHkx9zk0KuZvTOjK3sQmfyKlGUAOe5xM-dG3sJsIpSncoopiXn6hV0QTwXigNdkUI_Cm0gYJ7Ag3S52a4iRaSQ6l5ICiGXzqydvl3SQGwg3NqLHaoSWidp9z7MKfHag-8m8JmSVsKxJylxH6Jf9hRVAL9nCFFTbbJrsVSHVGPIM9GOrsszF8ao_lSn0Ic_fS1UMjg5NSoJwVb7a1Fc3bIKyGidJ1DE1Igzcnyz7z_tBPfJUbIrCAg3PO4gacD86_Zm98ucPIC0tkSCgvTGwFeS4X4Fd7mBMMY6E22Gh1DsybfGO5P3XR_3ZaSGBNM7Wjk8KC3FQuVMlLo1s6wWDlDtLv4lurRsSo6ZyKzNo6N6H_7ex5_Y4zWUF2qI0dWaVs-Wfe-7bUbFT_AV5jO1UWffLBuJflCBUiuyDqWFjKf2QT2sTSvwkPQQLuqrOXHmlQjL1Sky4tM3gV1A9xBMsNn3jqQHazIzSlZJvvHV7u2ZY22RXIdjCJy1n7_eMrOA5Rcn10r1Ej4NCxXcK99WHM9mtF4REhNUnsGtHlAPeeLwQ2G8R5K68qwxeb7kkF6lqTwB3CodU14Yk6uPMv9e0wwknaVXn_WvTNoMZogwxaKJRfc4WMMXk7v2M_VVT_PaEPdC2DyqsOKj4etdUntVAUGYuGe2M-X63QaUvS1kThYYvgNrCyCKCRTSD-pvX7ayWu0d7qisQ4a2X0k2aRscHIwI0e2vTeDz3KzQWM_5N2ctCbljYY0BT39ndCLoYoFKI2_pKjXwUQMK2mSOk6VNvMnues7mv961ISlFPn1k-UkHUYmbafxyumG9PjdUaj3y-WZgAqNRyiwdgz8EKMCh2f0gxt92hRkUAC0PhdnVBgpiix95irVus8wf1sFrr6Gpa64OOcZSkgtfUzL1f606JXb29HcE2xhWBoBW0LyMr0pXI0Fxpk8lDdbSgC_XwKGzf0c4PfqYI7OGuy7-TOUmtY43lLrfCm9ud1Peq_RwvXGUiEL7uSwZItGkbuMNYylNoAr-IbcGhmWj4WwrkCZ5NLTMUAljIBZcA6zrKGNamXrshLIvAY02kb-KtEkYpmtV2K12MVyXP_ndS_nQcr8zbgTp24aaCLUWRh996kgMO6tz-LRZ0OwoPKF9V8SjyNoZk0DTVTWKzGseB5RVW-ydIcZXTUBcPQSXunXGvAy4BTDBQmgmGDOONEytI2mudSO_vtdnLvvu0_WMJ0DjBeHyMWcw6BNKhEACDKsFbRaZg-PBQ22vPrE5i867t9yD65E-IyIvC3nMtDHUO-uL0FEQIO_8rmZRh8xNz7x0-4vl5GCxQRfWQLElcmMSst9ng20qxtkK9gzlVytojQYFYHAuDSeFVbRX7R-iBV8ZUdoVcJ3QvydzFncajDbigfUrZDzfeSrU2a_4byRTp9vP8vDakp_XZqIAE_LQeHpnR3sQU_rtlzw83qDBL_SuS_lY1Ex6NwULOidr4liHgtKZxhh7ZhofZAoj54hYC9-rUqvOG7JDDpYaUxGErFaIzfpwpWzDmxPc0V_ePF8htKutHplmn8YeCcC_acQ3Rw0XpZVHLEDOEKHUZxV0Hf0-FIRRj26D2hpKCJh2mGbH4-0ctIKyNZFvbAR6Wj_PtjJ39UMMiA2TUYrAKg52v1cELOEBIZ-smEBEhb6s-yiNO6YM6vltIGZpyh6ZfrR9E2CJ1bOgDyvmgll_fmEDUrZwIg42vZhKOo4X9MY0H3RmyDKfl1OJP_lUzy5sf6nJ6DS77poClC9Avuv6zPz-ulqRcYJGPB2xtKPD4qF7PyNPL1zGj_zoXoacdCwpAbja-VRuwG_xpmIZ0A3RXnhIkz7v5TtTcV82kF0YYhoz9lUJ0aIFwuN1uKMb21iqfgBZUzfXsE66YGSTIJOLU8b8kWMln5O719Dep3KmvIIsg1C-NanJuVtopC9U4UJwY4gpX0GxIxifCg7aaMunPYKmnhvkb3LmUIMvWqr072c8jTPUMtID2trVgV-ZmxgfGAzf0m2BsKrUt7UclX8r7Qfgmli4UbmioJVUqJPoZAo_jrQO4aGuA1MrwHS-W50fA6iFKj-j6D2V8w1Hwu5IOCpHW_-IKUQit_q0KDotFspQtxKRdIaBPlRQuV_g4FO8evurGxrxXAvZRWFHLkeojyBa0MduYXxIh_EODq30Wmm4cyLGVSpArtd68T0n1fHwmIHcyUIcknRxL-5YzMOfkh9VWVAKZRqJsSO7WSrOmWhhU0DegAvSkevBL1Vbto77FCtNFKQGxSUEzoRzU-YU7D61cpzM7EY5Pg_1M0dpGCVN_TVJ8G9_wxZIY8fWj0KutEBsf6zILtUdNY8KHlZavDLxBTrJcg84Rnc30aD3hMYI_JEhlG94E3usc6qEEx5U3QwtWYbzzNat60gkjFaS4lI2S-9DuVc47Rp6pkydCMUgQ50k6h33a5_TcxaoTUH0PxkJWXSj9WQIymHQb9hl_wggBxsdyqHW2s5BEg95vOY1-BzuOwrZTDh8ps_Upzx8bk_jx3BjvqGQTs8Pa5m2SI-Y3dzAGj16yvE_F2-9ClQqSDd9BXpNtn_Us3a2oMW1xP-1XuLh8C4-NvRgW1_es5yk_y5JDwMz7RyA32IbdXCus91cwIggpgbGHeRzw50tdLpqL75Civ6Kx1fYM_g3jPC-pkuRUL0n6a7XS0fKpoim3Uumll-7qKAj7JJsMyh2IMt_TR0xIAWMexwcNyG9AsH3X6YszKA4R9UkVxhrRplSoUgn2DKLT0hgR8BUQyy-SCPbC6Nya8kXUFPbKIXWKSekqLg9Y1Lno-Naozz8sLC01U5iwf8OV36-Da5Rdy3RrkVVLCo297jWLtk1OHxDvEtryf9P_a8PpddRqE-2a2HBxWNg6acLQo0rbvgeKJK307Yyoke1Wk9hU88WHqFP0thkqI4kXTi60qN5U0At1067W0OwBiSfpRhR68O3h8174pW8YAkh5io3i95YEdbmvgPMZt82EJSEBDnkB07uR3I_e2JMTmAZ3k-JnVuQkBEIiMfjp9eb8YbDM3r8_d_Y4U0lvUsHKaz5K4i5PEJcjC7BI-O7me808YfwyzwhGed0Na23FNVvuasvw&cid=CAQSOwDICaaNmysRusZAEu-XEo3_JuxlLDBjAI2tqMuA54kURRXVCJqyhEEtEOgDZpP2NL8pdEIGcoc8YCmfGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.bg3.co&ds=l&xdt=1&iif=1&cor=6533425844348239000&adk=3676778483&idt=107&cac=0&dtd=45
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f1.1e100.net
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 22:54:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
219611
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 16 Nov 2024 22:54:10 GMT
attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwMDQ4MTI2MDcyMjM1NQogIHNlcnZlcl9pcDogMTI2MDYxNDY5CiAgcHJvY2Vzc19pZDogMjczNTAxODc1NAp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiAxMTg2ODk0...
ad.doubleclick.net/ddm/activity/ Frame 14C2 		0
534 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/ddm/activity/attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwMDQ4MTI2MDcyMjM1NQogIHNlcnZlcl9pcDogMTI2MDYxNDY5CiAgcHJvY2Vzc19pZDogMjczNTAxODc1NAp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiAxMTg2ODk0MwphZHZlcnRpc2VyX2RvbWFpbjogImh0dHBzOi8vcmVkaW50ZWxsaWdlbmNlLm5ldCIKeGZhX2F0dHJpYnV0aW9uX2ludGVyYWN0aW9uX3R5cGU6IFZJRVcKaW1wcmVzc2lvbl9wcmlvcml0eTogMAppbXByZXNzaW9uX2V4cGlyeV9pbl9kYXlzOiAzMApldmVudF9pbXByZXNzaW9uX2lkOiAxODU5MjQxNjY4OTQwMzg5Mzg5CmRlYnVnX2tleTogNTc4MDc3NTkyMjQ2NDc2MzEyMwppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9QUk9EVUNUX1RZUEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDIKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fSU5URVJBQ1RJT05fVFlQRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMwogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9JTlRFUkFDVElPTl9EQVRFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIHN0cmluZ192YWx1ZTogIjIwMjMtMTEtMjAiCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0ZMT09ETElHSFRfQ09ORklHX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAxMTg2ODk0MwogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9DT1JFX1BMQVRGT1JNX1NFUlZJQ0UKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDAKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUExBVEZPUk1fVFlQRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMAogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9RVUVSWV9DT1VOVFJZCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIHN0cmluZ192YWx1ZTogIlVTIgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9QTEFDRU1FTlRfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDMzMjA1ODkzNQogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9EVjNfQURWRVJUSVNFUl9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogODc4MjQzNjk2CiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0RWM19MSU5FX0lURU1fSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDE2NjI2NzkwMjA5CiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0RWM19DUkVBVElWRV9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogNDE1Mzc1NjM5CiAgfQp9CmFyY2hldHlwZV9pZDogMTIKYXJjaGV0eXBlX2lkOiAxMwphcmNoZXR5cGVfaWQ6IDE0CmFyY2hldHlwZV9pZDogMTUKYWR2ZXJ0aXNlcl9jb252ZXJzaW9uX2RvbWFpbnM6ICJodHRwczovL3JlZGludGVsbGlnZW5jZS5uZXQiCmFkdmVydGlzZXJfY29udmVyc2lvbl9kb21haW5zOiAiaHR0cHM6Ly9hZC1zcnYubmV0IgphZHZlcnRpc2VyX2NvbnZlcnNpb25fZG9tYWluczogImh0dHBzOi8va2xpY2std2VsdC5kZSIKaW1wcmVzc2lvbl9ldmVudF9yZXBvcnRpbmdfd2luZG93X2RheXM6IDQKYnJvd3Nlcl9hdHRyaWJ1dGlvbl9hcGlfcmVxdWVzdF9wcm9jZXNzaW5nX2JpdHM6IDc1NDk3NDcyMAo
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1700481259&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fshi-ni-ma-bei-shi-xiong-hao-quan-ti-zao-fa-fang-11wei-xing-yun-er-zhong-5zhang-quan-shuang-na-3000.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700481258931&bpp=335&bdt=1142&idt=893&shv=r20231109&mjsv=m202311150101&ptt=5&saldr=sd&cookie=ID%3D1a41361e827bc7a2%3AT%3D1700481257%3ART%3D1700481257%3AS%3DALNI_MYFSSKGpZM-0LwDSvHsIEtPXCrmyw&gpic=UID%3D00000cceb2dbfa89%3AT%3D1700481257%3ART%3D1700481257%3AS%3DALNI_MZprw4zR294mb7E3ZeSjhnV_dgsUQ&correlator=107145508175&frm=23&ife=1&pv=2&ga_vid=861161258.1700481257&ga_sid=1700481260&ga_hid=1611875559&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1718&biw=1600&bih=1200&isw=336&ish=280&ifk=1385638549&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079628%2C42532524%2C44795921%2C44809317%2C31078297%2C31079757%2C44807749%2C44807763%2C44808149%2C44808285%2C44809054%2C31079757&oid=2&pvsid=3724342431652275&tmod=731767895&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.4lfycdhy4v2h&btvi=1&fsb=1&dtd=923
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f6.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Nov 2023 11:54:21 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"aggregation_keys":{"12":"0xda9de688f944e2040000000000000000","13":"0x4cb03e810d1941e50000000000000000","14":"0x96bd9144510d405f0000000000000000","15":"0xf7ec02a7ee5236a90000000000000000"},"debug_key":"5780775922464763123","debug_reporting":true,"destination":"https://redintelligence.net","event_report_window":"345600","expiry":"2592000","filter_data":{"14":[],"8":["11868943"]},"priority":"0","source_event_id":"1859241668940389389"}
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
image/png
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 15E6 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssQn0qR4GLMP1pfmJ-9AdHyqLg71FwlFJMxjVNNETIDroR8kUUYvn8v2r_1u7L_zjS8YD9WzdR-RxLLrlZknejSZwmGJd_-QDpF58T8hyo4fud0spDQwVe52_u-LY1wdCCBf1kNGec4eM1r_KqyFvecc6AzOugMcx1pFI1-vWFLy6Ulltk7764bs3iSFSbYdfHGlM4U3eI9BETLb8KpMO6_AsZWUHegILazATBrawqMHwpI_RsGkwK6KgRf4G-DDqDIl1GGPDuTQSRi97USQ5AbPOeHiADPR-79nN_fQ1PDaN7U9z_uXfSmQH525xufVoBqVRabtGfhHNrLNks95abXB2jIjOiR9qk&sai=AMfl-YQomnc7igsbiihz6_B8fH3XqSGe3ieXFauyRP7-qZ5bwkTVnaeTPGtebHZla5CYcqjdVcyMkDCjRMn0yNoKhaMhh5ORxBc3jkXUAOldxKqPCI6zTi0eWYWgQ7hRLQ&sig=Cg0ArKJSzEsMI4xwBWNQEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 11:54:21 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 20 Nov 2023 11:54:21 GMT
iframe
sync.teads.tv/ Frame EC6A 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.teads.tv/iframe?pid=169092&fromFormat=true&env=js-web&hb_provider=prebid&auctid=c9f24334-ebc2-4284-83d7-75d11f8708ac_4e1ab388-1e94-4ca3-bd0a-85357d24acb7&viewerId=8adde49d-de5a-4b5d-a829-faebc86d335c
Requested by
Host: a.teads.tv
URL: https://a.teads.tv/media/flavors/native.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.32.185.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-185-35.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.0 /
Resource Hash
fc0fe552950cfeac25f1bb699901c19ae355aef2bb7a8e46fb26db6814593654

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store
content-encoding
gzip
content-length
722
content-type
text/html; charset=UTF-8
date
Mon, 20 Nov 2023 11:54:21 GMT
expires
Mon, 20 Nov 2023 11:54:21 GMT
pragma
no-cache
server
pekko-http/1.0.0
vary
Accept-Encoding
track
t.teads.tv/ Frame 15E6 		23 B
134 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.teads.tv/track?action=adAvailable-success&gid=1103584&sid=174681&env=js-web&auctid=c9f24334-ebc2-4284-83d7-75d11f8708ac_4e1ab388-1e94-4ca3-bd0a-85357d24acb7&pageId=154680&pid=169092&hb_provider=prebid&vid=8adde49d-de5a-4b5d-a829-faebc86d335c&pfid=68&f=1&slot=native&fv=1289&ts=1700481261168&plft=flv&hb_w=728&hb_h=90&referer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fshi-ni-ma-bei-shi-xiong-hao-quan-ti-zao-fa-fang-11wei-xing-yun-er-zhong-5zhang-quan-shuang-na-3000.html
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/shi-ni-ma-bei-shi-xiong-hao-quan-ti-zao-fa-fang-11wei-xing-yun-er-zhong-5zhang-quan-shuang-na-3000.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.161.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-161-51.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Sat, 26 Jul 1997 05:00:00 GMT
date
Mon, 20 Nov 2023 11:54:21 GMT
cache-control
max-age=0, no-cache, no-store
content-length
23
content-type
image/gif
performance-image-dco-14648014-a7bd-4daa-918c-76e92e2cad3c.jpg
s8t.teads.tv/creative-bf4a5930-6f58-11ee-bc2b-9bbfb2e00e79/ Frame 3FAF 		125 KB
126 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s8t.teads.tv/creative-bf4a5930-6f58-11ee-bc2b-9bbfb2e00e79/performance-image-dco-14648014-a7bd-4daa-918c-76e92e2cad3c.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/shi-ni-ma-bei-shi-xiong-hao-quan-ti-zao-fa-fang-11wei-xing-yun-er-zhong-5zhang-quan-shuang-na-3000.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.97.41 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-16-97-41.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
81e6954871128dfe186d20bac99ce14914ea6097f7bc0865bbb39bd87f846fb2

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 11:54:21 GMT
x-amz-request-id
3K0NM728SC7PJB18
x-amz-server-side-encryption
AES256
content-length
128095
x-amz-id-2
E4MALR/9BOWHHC21/gTlW1amWubZ3LSnt1zFBjROoirAqOh6BzltxoU3UTRFlQZqny4l/movhvQ=
last-modified
Fri, 20 Oct 2023 14:55:47 GMT
server
AmazonS3
etag
"6ba3e77b0a16559d13e02f2502a6b44a"
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
access-control-allow-origin
*
cache-control
max-age=31540000
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
expires
Tue, 19 Nov 2024 13:01:01 GMT
dvtp_src.js
cdn.doubleverify.com/ Frame 15E6 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvtp_src.js
Requested by
Host: a.teads.tv
URL: https://a.teads.tv/media/flavors/native.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.238.14 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-238-14.deploy.static.akamaitechnologies.com
Software
UploadServer /
Resource Hash
dfee1bd52507e6079bb03907bc1e69549698bbbcd4b48ee20abffee59c3130fc

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 20 Nov 2023 11:54:21 GMT
Content-Encoding
gzip
Last-Modified
Mon, 20 Nov 2023 10:52:32 GMT
Server
UploadServer
ETag
"fff76fc0b5dacc1c5152e610c39dacdf"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
*
Cache-Control
no-transform, max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3639
Expires
Mon, 20 Nov 2023 12:09:21 GMT
track
t2.teads.tv/ Frame 15E6 		23 B
134 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t2.teads.tv/track?action=impression&vid=8adde49d-de5a-4b5d-a829-faebc86d335c&gid=1103584&studio_cid=bf4a5930-6f58-11ee-bc2b-9bbfb2e00e79&piv=100&ut=1&hb_provider=prebid&psid=415253&auctid=c9f24334-ebc2-4284-83d7-75d11f8708ac_4e1ab388-1e94-4ca3-bd0a-85357d24acb7&pscid=20204&scid=7024&pfid=68&mediaFileType=js&sid=174681&env=js-web&hb_ad_unit_code=STICKY_ADP_42753_728X90_d1c10a72-27b4-4931-8ce7-99a18ebbdbae&cts=1700481260779&cid=1166310&pid=169092&erevenue=doyCV_3aOkrbm9v_JqrlOojy&erevenue_curr=CHF&fms=9&p=eOUErQu9j7iFjcaNdLg_OYs28QHt-BvsJajQ_LKs8Y_CD__Gto2Z4JDDbUaQA5pU-stO2wr40EmTWvJkmk_4l-tXh-NToRvAZQvXSk9ScajlWdcXZ1X6lSTRxp91LtOglGYcb3k0q6s4oF_ySR832s26vvcQ4B0gED_xop2zPfFlVaKej3Hx-oEJzqMYA92RP42U8aDucBFLBVamjp0JxD2aCBjGL9s6o7Cif6osaAr_q9yLxXrNiSKWfBmlL0QQFhE5H9Mt-sT_zVnV-N1XIigQgJKXfkmpmBDGLAXXwSCXPP3L1NiioPsemHKTP3lgqZOzSyUTGUUfEv9XwDV0-eBTi_iAzpwcDnPxBEy2h-96cBWUKGQF0Ptz0AmwiMF5E7c&cs=729435483126043635605&slot=native&fv=1289&ts=1700481261191&plft=flv&hb_w=728&hb_h=90&referer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fshi-ni-ma-bei-shi-xiong-hao-quan-ti-zao-fa-fang-11wei-xing-yun-er-zhong-5zhang-quan-shuang-na-3000.html
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/shi-ni-ma-bei-shi-xiong-hao-quan-ti-zao-fa-fang-11wei-xing-yun-er-zhong-5zhang-quan-shuang-na-3000.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.212.89.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-212-89-35.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Sat, 26 Jul 1997 05:00:00 GMT
date
Mon, 20 Nov 2023 11:54:21 GMT
cache-control
max-age=0, no-cache, no-store
content-length
23
content-type
image/gif
B30857771.379386518;dc_pre=COrhmKzC0oIDFVeXgwcdrusEXA;dc_trk_aid=570606495;dc_trk_cid=203641274;ord=1700481260778;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_cons...
ad.doubleclick.net/ddm/trackimp/N1003055.279382DBMAMQDAIMLERSWI4/ Frame 15E6
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N1003055.279382DBMAMQDAIMLERSWI4/B30857771.379386518;dc_trk_aid=570606495;dc_trk_cid=203641274;ord=1700481260778;dc_lat=;dc_rdid=;tag_for_child_directed_trea...
  • https://ad.doubleclick.net/ddm/trackimp/N1003055.279382DBMAMQDAIMLERSWI4/B30857771.379386518;dc_pre=COrhmKzC0oIDFVeXgwcdrusEXA;dc_trk_aid=570606495;dc_trk_cid=203641274;ord=1700481260778;dc_lat=;dc...
42 B
118 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/ddm/trackimp/N1003055.279382DBMAMQDAIMLERSWI4/B30857771.379386518;dc_pre=COrhmKzC0oIDFVeXgwcdrusEXA;dc_trk_aid=570606495;dc_trk_cid=203641274;ord=1700481260778;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=;dc_tdv=1?
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/shi-ni-ma-bei-shi-xiong-hao-quan-ti-zao-fa-fang-11wei-xing-yun-er-zhong-5zhang-quan-shuang-na-3000.html
Protocol
H2
Server
142.250.186.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f6.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Nov 2023 11:54:21 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 20 Nov 2023 11:54:21 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ad.doubleclick.net/ddm/trackimp/N1003055.279382DBMAMQDAIMLERSWI4/B30857771.379386518;dc_pre=COrhmKzC0oIDFVeXgwcdrusEXA;dc_trk_aid=570606495;dc_trk_cid=203641274;ord=1700481260778;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=;dc_tdv=1?
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
follow-only-when-prerender-shown
1
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame 3FAF 		669 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
35463ce93e7c820faa404db98d939ff640ae78ca0e29be043861853c9e07c586

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
8w7qrx09r0fs
hal9000.redintelligence.net/zone/ Frame 14C2 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal9000.redintelligence.net/zone/8w7qrx09r0fs?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCwEnL60hbZcWyOr-r5LcPrfjQ4QaRwdCbafvwg5LcD_AuEAEg0syBGmD1jbuBmATIAQmpAiZpx6wPULI-qAMByAObBKoElgJP0NgrbOyuQ60rB_wNwTfTZR2rN_fcGEitpwoDw5hMRx7WWXTwap3VNIDtGVmgotQBFWcLgGSzuCkH40R0lFZmG_YZufczacUboBpHZTL8MJz-7Hc4g4QuyWuQ_9q8qSyNhyaX692U0F5zkOEjHd5rBLpH7MxjJwsqXDRcjIFmVQ7Qe_59odV5nBk4eLdsslRlw9HNg1HFjfi-jyhzfvCfq3ZphmABqNYTElppIsAe1P7iqZtn4M9kRP1U35LHb_g3OTafki1e3Fo3joaWdZfQdfnL1Jz0ATUUW-taci50lATnbsLg56Rs2mU5h1m-JkEWZltgIJzJ7Uzf1c7-LHwTGISpbKlRzNdtz2vaz-aTKgCJ2Fv2KsAE-saLjvwD4AQDiAXB3qL4PZAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIBhEAEYXTICigI6AoBASL39wTqACgOYCwHICwGADAGiDBgqFgoU5LSxAu61sQK1uLEC5LSxAu61sQKqDQJDSLATlbXRDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSOwDICaaNmysRusZAEu-XEo3_JuxlLDBjAI2tqMuA54kURRXVCJqyhEEtEOgDZpP2NL8pdEIGcoc8YCmfGAE%26sig%3DAOD64_1p17xf7CDN1bdGS8N-qt1IQBu1eA%26client%3Dca-pub-4485239425924787%26dbm_c%3DAKAmf-CgF3NTL-PMxINFonkbyGfWpdAzRXLj9NLzLyAcBQaIgpYU36MKZOx-aptP0xkNOMcLKTs5akKpjIrVChaAVqhyJXjaD6MlTpPttIGlJDIwDE4nwsSgU8sua5CWCVRCSkq783Ce7SgpPutgwThh18t3xOrcbfEd-EunYvbuLOAA_x-UpmY%26cry%3D1%26dbm_d%3DAKAmf-C0eAuinIXbYlms1uh0eEtCJzmlKQKGQdpCMF6DPb1qPZkwMH-4BAcKxIqP9sgHyBwlrfhEg9VD2nMmIl02h67LksZonuFGqoFsmYr20I_Ri-OdK0BDyX67sdnzNXuRUwVzRAkGc7BX0ei-StPoUoQ1lmGV4KxPfJ6aE2MuhjjZIRp2SFfI-kxPqq7APueVoXjCluXfRNXSaav5rdP-u-u0ksSqCXpwsjbu2BbEh9UpUGFNa504wZabHOA7M4hZN2uMQXkb4SqdcIsp7-0UqXEI4muqHP-hTQr6CkZLHbsfT_X67tqL9GXHWCWn8ZVnnnX4HeGiG-MeXRfoRv7krx19xNaz4g-sTsRxF4lKPUEhd_L2sPx7mfTMNem59HhFm-hP-Jk5-Rj2oFYyfShKOajsH4QuaveijlMj8vHylcC4JB42SBGQsiA52R-t8l770c5VK9bEbI1AjwokNmsIGN0dGR8Q5a_Co9tbolG9AUugVQFgTbtsyq7YVAqsEMfNYEPG1Dh3uF2rsU1EGaoN_141g9TDb8w3sajp3TL_1iUJ9SkIRNWsUd6YnSoEDJkLWkYAIgjrAAcrTQMAVs8HohSYRvo_ioIv_LpNv_bf3PGWqZFSeVs-HWb1FRx8ZKk4gcOU57ImVx32fUfXCkx0ttztvDm0LAjWe6JqQ9p4NTWKlpbi0W0%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1700481259&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fshi-ni-ma-bei-shi-xiong-hao-quan-ti-zao-fa-fang-11wei-xing-yun-er-zhong-5zhang-quan-shuang-na-3000.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700481258931&bpp=335&bdt=1142&idt=893&shv=r20231109&mjsv=m202311150101&ptt=5&saldr=sd&cookie=ID%3D1a41361e827bc7a2%3AT%3D1700481257%3ART%3D1700481257%3AS%3DALNI_MYFSSKGpZM-0LwDSvHsIEtPXCrmyw&gpic=UID%3D00000cceb2dbfa89%3AT%3D1700481257%3ART%3D1700481257%3AS%3DALNI_MZprw4zR294mb7E3ZeSjhnV_dgsUQ&correlator=107145508175&frm=23&ife=1&pv=2&ga_vid=861161258.1700481257&ga_sid=1700481260&ga_hid=1611875559&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1718&biw=1600&bih=1200&isw=336&ish=280&ifk=1385638549&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079628%2C42532524%2C44795921%2C44809317%2C31078297%2C31079757%2C44807749%2C44807763%2C44808149%2C44808285%2C44809054%2C31079757&oid=2&pvsid=3724342431652275&tmod=731767895&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.4lfycdhy4v2h&btvi=1&fsb=1&dtd=923
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.164 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.164.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
0774d72fa3e6e51cb2d73ae522548a82a7381438cf787f160ee28f01b243e149

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 20 Nov 2023 11:54:21 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
4268
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
publishertag.prebid.js
static.criteo.net/js/ld/ 		96 KB
31 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.135.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
66776998b10e583a72f8fd29391a50e2c80eb3bc9a65b0dafe97e576d7d88507
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 11:54:21 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 27 Oct 2023 06:43:26 GMT
server
nginx
etag
W/"653b5c0e-1811e"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 21 Nov 2023 11:54:21 GMT
pixel
cm.g.doubleclick.net/ Frame EC6A
Redirect Chain
  • https://sync.teads.tv/um?eid=3&fp=1&uid=&vid=8adde49d-de5a-4b5d-a829-faebc86d335c&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D&gdpr=0&_t=1700...
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=OGFkZGU0OWQtZGU1YS00YjVkLWE4MjktZmFlYmM4NmQzMzVj
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=OGFkZGU0OWQtZGU1YS00YjVkLWE4MjktZmFlYmM4NmQzMzVj
Requested by
Host: sync.teads.tv
URL: https://sync.teads.tv/iframe?pid=169092&fromFormat=true&env=js-web&hb_provider=prebid&auctid=c9f24334-ebc2-4284-83d7-75d11f8708ac_4e1ab388-1e94-4ca3-bd0a-85357d24acb7&viewerId=8adde49d-de5a-4b5d-a829-faebc86d335c
Protocol
H2
Server
142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://sync.teads.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Nov 2023 11:54:21 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 20 Nov 2023 11:54:21 GMT
server
pekko-http/1.0.0
content-type
text/html; charset=UTF-8
location
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=OGFkZGU0OWQtZGU1YS00YjVkLWE4MjktZmFlYmM4NmQzMzVj
cache-control
max-age=0, no-cache, no-store
content-length
189
expires
Mon, 20 Nov 2023 11:54:21 GMT
generic
match.adsrvr.org/track/cmf/ Frame EC6A 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=teads&ttd_tpi=1&gdpr=0&_t=1700481261342
Requested by
Host: sync.teads.tv
URL: https://sync.teads.tv/iframe?pid=169092&fromFormat=true&env=js-web&hb_provider=prebid&auctid=c9f24334-ebc2-4284-83d7-75d11f8708ac_4e1ab388-1e94-4ca3-bd0a-85357d24acb7&viewerId=8adde49d-de5a-4b5d-a829-faebc86d335c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://sync.teads.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 11:54:21 GMT
server
Kestrel
content-length
70
content-type
image/gif
um
sync.teads.tv/ Frame EC6A
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=79&p=145&cp=teads&cu=1&url=https%3A%2F%2Fsync.teads.tv%2Fum%3Ffp%3D1%26eid%3D80%26uid%3D%40%40CRITEO_USERID%40%40&gdpr=0&_t=1700481261342
  • https://sync.teads.tv/um?fp=1&eid=80&uid=cf3e3e33-bb23-4edf-a138-da3a704b9cdc&gdpr=0
23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?fp=1&eid=80&uid=cf3e3e33-bb23-4edf-a138-da3a704b9cdc&gdpr=0
Requested by
Host: sync.teads.tv
URL: https://sync.teads.tv/iframe?pid=169092&fromFormat=true&env=js-web&hb_provider=prebid&auctid=c9f24334-ebc2-4284-83d7-75d11f8708ac_4e1ab388-1e94-4ca3-bd0a-85357d24acb7&viewerId=8adde49d-de5a-4b5d-a829-faebc86d335c
Protocol
H2
Server
23.32.185.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-185-35.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.0 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://sync.teads.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Mon, 20 Nov 2023 11:54:21 GMT
pragma
no-cache
date
Mon, 20 Nov 2023 11:54:21 GMT
cache-control
max-age=0, no-cache, no-store
server
pekko-http/1.0.0
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 20 Nov 2023 11:54:21 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://sync.teads.tv/um?fp=1&eid=80&uid=cf3e3e33-bb23-4edf-a138-da3a704b9cdc&gdpr=0
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
897400
content-length
0
expires
Mon, 20 Nov 2023 00:00:00 GMT
um
sync.teads.tv/ Frame EC6A
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/teads/8adde49d-de5a-4b5d-a829-faebc86d335c?gdpr=0&_t=1700481261342
  • https://sync.teads.tv/um?eid=132&uid=y-FAjcWzlE2oQofoj_mpv_EHrO.N.ZRUVEi1M-~A
23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=132&uid=y-FAjcWzlE2oQofoj_mpv_EHrO.N.ZRUVEi1M-~A
Requested by
Host: sync.teads.tv
URL: https://sync.teads.tv/iframe?pid=169092&fromFormat=true&env=js-web&hb_provider=prebid&auctid=c9f24334-ebc2-4284-83d7-75d11f8708ac_4e1ab388-1e94-4ca3-bd0a-85357d24acb7&viewerId=8adde49d-de5a-4b5d-a829-faebc86d335c
Protocol
H2
Server
23.32.185.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-185-35.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.0 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://sync.teads.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Mon, 20 Nov 2023 11:54:21 GMT
pragma
no-cache
date
Mon, 20 Nov 2023 11:54:21 GMT
cache-control
max-age=0, no-cache, no-store
server
pekko-http/1.0.0
content-length
23
content-type
image/gif

Redirect headers

date
Mon, 20 Nov 2023 11:54:21 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://sync.teads.tv/um?eid=132&uid=y-FAjcWzlE2oQofoj_mpv_EHrO.N.ZRUVEi1M-~A
content-length
0
/
loadm.exelator.com/load/ Frame EC6A 		0
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://loadm.exelator.com/load/?p=204&g=810&j=0&buid=8adde49d-de5a-4b5d-a829-faebc86d335c_eu_ch&_t=1700481261342
Requested by
Host: sync.teads.tv
URL: https://sync.teads.tv/iframe?pid=169092&fromFormat=true&env=js-web&hb_provider=prebid&auctid=c9f24334-ebc2-4284-83d7-75d11f8708ac_4e1ab388-1e94-4ca3-bd0a-85357d24acb7&viewerId=8adde49d-de5a-4b5d-a829-faebc86d335c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.78.254.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-78-254-47.eu-west-1.compute.amazonaws.com
Software
nginx / Undertow/1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://sync.teads.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 11:54:23 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
44858
tags.bluekai.com/site/ Frame EC6A 		62 B
484 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.bluekai.com/site/44858?id=8adde49d-de5a-4b5d-a829-faebc86d335c_eu_ch&limit=1&_t=1700481261342
Requested by
Host: sync.teads.tv
URL: https://sync.teads.tv/iframe?pid=169092&fromFormat=true&env=js-web&hb_provider=prebid&auctid=c9f24334-ebc2-4284-83d7-75d11f8708ac_4e1ab388-1e94-4ca3-bd0a-85357d24acb7&viewerId=8adde49d-de5a-4b5d-a829-faebc86d335c
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.23.197.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-23-197-190.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://sync.teads.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date
Mon, 20 Nov 2023 11:54:21 GMT
content-length
62
content-type
image/gif
362358.gif
idsync.rlcdn.com/ Frame EC6A
Redirect Chain
  • https://idsync.rlcdn.com/474599.gif?partner_uid=8adde49d-de5a-4b5d-a829-faebc86d335c_ch&_t=1700481261342
  • https://idsync.rlcdn.com/1000.gif?memo=COf7HBIzCi8IARCzmAkaJzhhZGRlNDlkLWRlNWEtNGI1ZC1hODI5LWZhZWJjODZkMzM1Y19jaBAAGg0I7ZHtqgYSBQjoBxAAQgBKAA
  • https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm
  • https://idsync.rlcdn.com/362358.gif?google_gid=CAESEAaRv-E1YScBpMXo852rzmU&google_cver=1
42 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/362358.gif?google_gid=CAESEAaRv-E1YScBpMXo852rzmU&google_cver=1
Requested by
Host: sync.teads.tv
URL: https://sync.teads.tv/iframe?pid=169092&fromFormat=true&env=js-web&hb_provider=prebid&auctid=c9f24334-ebc2-4284-83d7-75d11f8708ac_4e1ab388-1e94-4ca3-bd0a-85357d24acb7&viewerId=8adde49d-de5a-4b5d-a829-faebc86d335c
Protocol
H2
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://sync.teads.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 11:54:21 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

pragma
no-cache
date
Mon, 20 Nov 2023 11:54:21 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://idsync.rlcdn.com/362358.gif?google_gid=CAESEAaRv-E1YScBpMXo852rzmU&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
289
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
g.pixel
aa.agkn.com/adscores/ Frame EC6A 		43 B
499 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aa.agkn.com/adscores/g.pixel?sid=9212301178&puid=8adde49d-de5a-4b5d-a829-faebc86d335c_ch&_tid=8adde49d-de5a-4b5d-a829-faebc86d335c&_t=1700481261342
Requested by
Host: sync.teads.tv
URL: https://sync.teads.tv/iframe?pid=169092&fromFormat=true&env=js-web&hb_provider=prebid&auctid=c9f24334-ebc2-4284-83d7-75d11f8708ac_4e1ab388-1e94-4ca3-bd0a-85357d24acb7&viewerId=8adde49d-de5a-4b5d-a829-faebc86d335c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.184.223.197 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-184-223-197.eu-central-1.compute.amazonaws.com
Software
AAWebServer /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://sync.teads.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Nov 2023 11:54:21 GMT
server
AAWebServer
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
content-length
43
expires
0
usermatch.gif
beacon.krxd.net/ Frame EC6A 		0
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=teadspartner&partner_uid=8adde49d-de5a-4b5d-a829-faebc86d335c_ch&_t=1700481261342
Requested by
Host: sync.teads.tv
URL: https://sync.teads.tv/iframe?pid=169092&fromFormat=true&env=js-web&hb_provider=prebid&auctid=c9f24334-ebc2-4284-83d7-75d11f8708ac_4e1ab388-1e94-4ca3-bd0a-85357d24acb7&viewerId=8adde49d-de5a-4b5d-a829-faebc86d335c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.228.208.22 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-228-208-22.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://sync.teads.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-served-by
beacon-n012-dub-prod.krxd.net
date
Mon, 20 Nov 2023 11:54:21 GMT
cache-control
private, no-cache, no-store
x-request-time
D=58 t=1700481261
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
usersync
sync.springserve.com/ Frame EC6A
Redirect Chain
  • https://sync.teads.tv/um?fp=1&ssb_provider_id=1&uid=&vid=8adde49d-de5a-4b5d-a829-faebc86d335c&fb=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000024%26uuid%3D%5BVID%5D&gdpr=0&_t=170048126...
  • https://sync.springserve.com/usersync?aid=1000024&uuid=8adde49d-de5a-4b5d-a829-faebc86d335c
43 B
206 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.springserve.com/usersync?aid=1000024&uuid=8adde49d-de5a-4b5d-a829-faebc86d335c
Requested by
Host: sync.teads.tv
URL: https://sync.teads.tv/iframe?pid=169092&fromFormat=true&env=js-web&hb_provider=prebid&auctid=c9f24334-ebc2-4284-83d7-75d11f8708ac_4e1ab388-1e94-4ca3-bd0a-85357d24acb7&viewerId=8adde49d-de5a-4b5d-a829-faebc86d335c
Protocol
H2
Server
34.246.188.97 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-246-188-97.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://sync.teads.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 20 Nov 2023 11:54:21 GMT
access-control-allow-credentials
true
server
nginx
content-length
43
access-control-allow-methods
GET, OPTIONS
content-type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 20 Nov 2023 11:54:21 GMT
server
pekko-http/1.0.0
content-type
text/html; charset=UTF-8
location
https://sync.springserve.com/usersync?aid=1000024&uuid=8adde49d-de5a-4b5d-a829-faebc86d335c
cache-control
max-age=0, no-cache, no-store
content-length
164
expires
Mon, 20 Nov 2023 11:54:21 GMT
report
sync.teads.tv/um/ Frame EC6A
Redirect Chain
  • https://sync.teads.tv/um?fp=1&ssb_provider_id=3&google_nid=teadstv_ab&uid=&vid=8adde49d-de5a-4b5d-a829-faebc86d335c&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_...
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=OGFkZGU0OWQtZGU1YS00YjVkLWE4MjktZmFlYmM4NmQzMzVj
  • https://sync.teads.tv/um/report?ssb_provider_id=3&google_nid=teadstv_ab&fp=1
23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um/report?ssb_provider_id=3&google_nid=teadstv_ab&fp=1
Requested by
Host: sync.teads.tv
URL: https://sync.teads.tv/iframe?pid=169092&fromFormat=true&env=js-web&hb_provider=prebid&auctid=c9f24334-ebc2-4284-83d7-75d11f8708ac_4e1ab388-1e94-4ca3-bd0a-85357d24acb7&viewerId=8adde49d-de5a-4b5d-a829-faebc86d335c
Protocol
H2
Server
23.32.185.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-185-35.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.0 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://sync.teads.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Mon, 20 Nov 2023 11:54:21 GMT
pragma
no-cache
date
Mon, 20 Nov 2023 11:54:21 GMT
cache-control
max-age=0, no-cache, no-store
server
pekko-http/1.0.0
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 20 Nov 2023 11:54:21 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um/report?ssb_provider_id=3&google_nid=teadstv_ab&fp=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 3794 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f1.1e100.net
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
335376
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 16 Nov 2023 14:44:45 GMT
expires
Fri, 15 Nov 2024 14:44:45 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
VideoBidRequestHandlerServlet
wf.taboola.com/ 		1 KB
751 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=165757&tagid=946347&crid=-1&noaop=3&sortOrderType=0&cb=1700481261503&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=2&pv=148380820&pt=557830503&tz=60&viewable=true&ddast=V8POUCLAZkVtFOZL_RtRHIrKKdyH6jaysAAABgYID-AElNTA7TxrZaiwarkVs0mNjcwsFm5FaOXCabYTWYjYwbIyCpiclh2thWa9FgNXKLBhObWzjYjNzKkctkM6wGs5FxYwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ8aDodPte9Xvf73SU-z1zj9yv8mqPTLXe61Q63xOV0a45Ot_Dpt_vcQoffrXg97G7R0y19-N0yh1vmsPvcisXu5XQLn3afW_m6u1WWt_Tot_vcqunRYfe5Fa-H3a05uh52n1vucGsGg8FcaHqb7QAAAADgwf___z8EAAAAgAgAAAAAEgAAAAAoBFT4tyBwAQAAAADD____vwaAZw4L7PIcFB6Hx-nw_AMAAAAACAAAAAASAAjohyUAYoz3Tvz_________xxigz7yR8f___3_DoAfAgw-AByEAAAAfQwTQPjbH58iwiRQUFmEEAAAAoGoYnuPIJJ2gYlHl__-_3wrAFQCAgEV2SmeQLLqDEm9hAAAABMYs0MPi95sddo3f7TL__________2b-z_yjEcIRfkwDRIxir-YXEABgzS8gAAAbdQMA8EYATtAhaMVgsDoBMTsAAAAAd_7____1gIjDNHMOVi7TYjNzOYcby8hjs3gmM99i4Rk5R6PtMRZgsGZMHSrssyEss993UFBOT4_ZZZCxXCaD-KBhWE4GwfxM2GK0mkw2y-FsuZgMhqPhaLQ_ArgcoIkYLJeTyWKyW41Wo81wN5oNFkggBhNE0aLBZDUaTRaT4Wo0Wc2Wi91ugyhatZqNNoPhajaZ7Xar4WC4HI3QhC1Gq8lksxzOlovJYDgajkZDBIODmWkwWQ3XopFt5BYNZ6O1cGTzuDWb2cg0Gy4Xi9FwLXp9TB_XaOOyDbdIMEBwL5KnRTpRmUaWkWUzWS1sholntRltHJ7dauYYLWariclkmoglmpNFOpFd9hWHaeYcrFymxWbmcg43lpHHZvFMZr7FwjNyjkb74mBmGkxWw7VoZBu5RcPZaC0c2TxuzWY2Ms2Gy8ViNFyLXh_TxzXauGzDfWM3GIyGi8lqtm_sBoPRcDFZzfYdOsN39TkblWWV5KNzGoa1pq3mNChcBov3pT6dhwVjQfv7HJ0mj-hZ1Bn9fr_f7_f7_X6_36D1HMwGhe95-Aunj-W5HM5GD2KDQRFLBBfpRPAwux2ml1vi82z8FrFEabpIJ3qFX3N0uuVOt9rhlricbs3R6RY-_XafW-jwuxWvh90terqlD79b5nDLHHafW7HYvZxu4dPucytfd7fK8pYe_XafWzU9Ouw-t-L1sLs1R9fD7nPLHW7NYDCYC01vs0UsEZwu0onoZTxd1H_UgKu5YrmaS0aDuWS4SgAAAAAAAAAAlmCa6SYAAAAATgY13AwXq3U6mMlsMtitlgvgIihLFzAIAAAAAABAscYea4CH2e0wvdwSn2fjtzIACeY8Zpt9RhBrtVrWAAAABLABAAAEcNONN4FjUdz_____OAAAADJy6AEAANDvA8I6cKXQC0fiVxCLxWC4fwAqxFqtVrcba7VaAQ1iN9pMJhP4____Dw!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=1&dtagid=3262075&dpubid=583815&abtst=adxsub-out_vA!adxsub-out_vB!lvlstst-in2_vC!lvlstst-in2_vC!lvlstst1_vC!pl148380-820_vA!t45!u2822_vA!ufm_vG&mPre=0.033&cirf=https%3A%2F%2Fwww.bg3.co&en=1&subu=3
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.5.9/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
9b88712930f2bc5fbd6b81e93c3397a65454686156e208501ded83c33ebd6ef5

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
text/plain

Response headers

x-cache-hits
0
date
Mon, 20 Nov 2023 11:54:21 GMT
content-encoding
gzip
via
1.1 varnish
machineid
1404
x-cache
MISS
x-served-by
cache-vie6362-VIE
pragma
no-cache
server
nginx
x-timer
S1700481262.516878,VS0,VE41
vary
Accept-Encoding
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
accept-ranges
bytes
expires
Sat, 26 Jul 1997 05:00:00 GMT
video.m3u8
stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/ 		4 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/video.m3u8
Requested by
Host: vjs.zencdn.net
URL: https://vjs.zencdn.net/7.11.4/video.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.199.36.10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
138-199-36-10.bunnyinfra.net
Software
BunnyCDN-DE1-1053 /
Resource Hash
4ed3c3e771a6031600a553e6fdf1856b0e8fb6a1c5d8f792b71284a209dd4aef

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 11:54:21 GMT
content-encoding
gzip
cdn-edgestorageid
864
cdn-storageserver
DE-588
cdn-cachedat
10/31/2023 19:01:47
cdn-pullzone
829957
last-modified
Fri, 09 Dec 2022 05:43:14 GMT
server
BunnyCDN-DE1-1053
cdn-fileserver
301
cdn-requestpullcode
206
cdn-proxyver
1.04
vary
Accept-Encoding
content-type
application/vnd.apple.mpegurl
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=30
cdn-requestid
0e3f433232756035cecd75e1c26c990c
cdn-requestcountrycode
CH
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
request.php
hal90008.redintelligence.net/ Frame 14C2
Redirect Chain
  • https://hal90008.redintelligence.net/request.php?zone=8w7qrx09r0fs&nw=20&renderingType=javascript&namespace=0dd2f4d6c8&subid=&uid=25a8874c5eb39f7b&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...
  • https://hal90008.redintelligence.net/request.php?zone=8w7qrx09r0fs&nw=20&renderingType=javascript&namespace=0dd2f4d6c8&subid=&uid=25a8874c5eb39f7b&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...
2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal90008.redintelligence.net/request.php?zone=8w7qrx09r0fs&nw=20&renderingType=javascript&namespace=0dd2f4d6c8&subid=&uid=25a8874c5eb39f7b&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCwEnL60hbZcWyOr-r5LcPrfjQ4QaRwdCbafvwg5LcD_AuEAEg0syBGmD1jbuBmATIAQmpAiZpx6wPULI-qAMByAObBKoElgJP0NgrbOyuQ60rB_wNwTfTZR2rN_fcGEitpwoDw5hMRx7WWXTwap3VNIDtGVmgotQBFWcLgGSzuCkH40R0lFZmG_YZufczacUboBpHZTL8MJz-7Hc4g4QuyWuQ_9q8qSyNhyaX692U0F5zkOEjHd5rBLpH7MxjJwsqXDRcjIFmVQ7Qe_59odV5nBk4eLdsslRlw9HNg1HFjfi-jyhzfvCfq3ZphmABqNYTElppIsAe1P7iqZtn4M9kRP1U35LHb_g3OTafki1e3Fo3joaWdZfQdfnL1Jz0ATUUW-taci50lATnbsLg56Rs2mU5h1m-JkEWZltgIJzJ7Uzf1c7-LHwTGISpbKlRzNdtz2vaz-aTKgCJ2Fv2KsAE-saLjvwD4AQDiAXB3qL4PZAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIBhEAEYXTICigI6AoBASL39wTqACgOYCwHICwGADAGiDBgqFgoU5LSxAu61sQK1uLEC5LSxAu61sQKqDQJDSLATlbXRDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSOwDICaaNmysRusZAEu-XEo3_JuxlLDBjAI2tqMuA54kURRXVCJqyhEEtEOgDZpP2NL8pdEIGcoc8YCmfGAE%26sig%3DAOD64_1p17xf7CDN1bdGS8N-qt1IQBu1eA%26client%3Dca-pub-4485239425924787%26dbm_c%3DAKAmf-CgF3NTL-PMxINFonkbyGfWpdAzRXLj9NLzLyAcBQaIgpYU36MKZOx-aptP0xkNOMcLKTs5akKpjIrVChaAVqhyJXjaD6MlTpPttIGlJDIwDE4nwsSgU8sua5CWCVRCSkq783Ce7SgpPutgwThh18t3xOrcbfEd-EunYvbuLOAA_x-UpmY%26cry%3D1%26dbm_d%3DAKAmf-C0eAuinIXbYlms1uh0eEtCJzmlKQKGQdpCMF6DPb1qPZkwMH-4BAcKxIqP9sgHyBwlrfhEg9VD2nMmIl02h67LksZonuFGqoFsmYr20I_Ri-OdK0BDyX67sdnzNXuRUwVzRAkGc7BX0ei-StPoUoQ1lmGV4KxPfJ6aE2MuhjjZIRp2SFfI-kxPqq7APueVoXjCluXfRNXSaav5rdP-u-u0ksSqCXpwsjbu2BbEh9UpUGFNa504wZabHOA7M4hZN2uMQXkb4SqdcIsp7-0UqXEI4muqHP-hTQr6CkZLHbsfT_X67tqL9GXHWCWn8ZVnnnX4HeGiG-MeXRfoRv7krx19xNaz4g-sTsRxF4lKPUEhd_L2sPx7mfTMNem59HhFm-hP-Jk5-Rj2oFYyfShKOajsH4QuaveijlMj8vHylcC4JB42SBGQsiA52R-t8l770c5VK9bEbI1AjwokNmsIGN0dGR8Q5a_Co9tbolG9AUugVQFgTbtsyq7YVAqsEMfNYEPG1Dh3uF2rsU1EGaoN_141g9TDb8w3sajp3TL_1iUJ9SkIRNWsUd6YnSoEDJkLWkYAIgjrAAcrTQMAVs8HohSYRvo_ioIv_LpNv_bf3PGWqZFSeVs-HWb1FRx8ZKk4gcOU57ImVx32fUfXCkx0ttztvDm0LAjWe6JqQ9p4NTWKlpbi0W0%26adurl%3D&documentReferer=https%3A%2F%2Fwww.bg3.co%2F&ancestorOrigins=https%3A%2F%2Fwww.bg3.co%2Chttps%3A%2F%2Fwww.bg3.co&random=6478889498877&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1700481259&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fshi-ni-ma-bei-shi-xiong-hao-quan-ti-zao-fa-fang-11wei-xing-yun-er-zhong-5zhang-quan-shuang-na-3000.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700481258931&bpp=335&bdt=1142&idt=893&shv=r20231109&mjsv=m202311150101&ptt=5&saldr=sd&cookie=ID%3D1a41361e827bc7a2%3AT%3D1700481257%3ART%3D1700481257%3AS%3DALNI_MYFSSKGpZM-0LwDSvHsIEtPXCrmyw&gpic=UID%3D00000cceb2dbfa89%3AT%3D1700481257%3ART%3D1700481257%3AS%3DALNI_MZprw4zR294mb7E3ZeSjhnV_dgsUQ&correlator=107145508175&frm=23&ife=1&pv=2&ga_vid=861161258.1700481257&ga_sid=1700481260&ga_hid=1611875559&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1718&biw=1600&bih=1200&isw=336&ish=280&ifk=1385638549&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079628%2C42532524%2C44795921%2C44809317%2C31078297%2C31079757%2C44807749%2C44807763%2C44808149%2C44808285%2C44809054%2C31079757&oid=2&pvsid=3724342431652275&tmod=731767895&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.4lfycdhy4v2h&btvi=1&fsb=1&dtd=923
Protocol
HTTP/1.1
Server
138.201.63.150 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.150.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
aeeb4f76b26d9f9ed27670c20d654ec9121ae02f613aa8f4fffc9fa8d3e25fcc

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 20 Nov 2023 11:54:21 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type
application/x-javascript; charset=utf-8
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId
55866900078198704438458012514008
Connection
close
Content-Length
866
Expires
Mon, 20 Nov 2023 11:54:21 +0100

Redirect headers

Pragma
no-cache
Date
Mon, 20 Nov 2023 11:54:21 GMT
Server
Apache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location
request.php?zone=8w7qrx09r0fs&nw=20&renderingType=javascript&namespace=0dd2f4d6c8&subid=&uid=25a8874c5eb39f7b&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCwEnL60hbZcWyOr-r5LcPrfjQ4QaRwdCbafvwg5LcD_AuEAEg0syBGmD1jbuBmATIAQmpAiZpx6wPULI-qAMByAObBKoElgJP0NgrbOyuQ60rB_wNwTfTZR2rN_fcGEitpwoDw5hMRx7WWXTwap3VNIDtGVmgotQBFWcLgGSzuCkH40R0lFZmG_YZufczacUboBpHZTL8MJz-7Hc4g4QuyWuQ_9q8qSyNhyaX692U0F5zkOEjHd5rBLpH7MxjJwsqXDRcjIFmVQ7Qe_59odV5nBk4eLdsslRlw9HNg1HFjfi-jyhzfvCfq3ZphmABqNYTElppIsAe1P7iqZtn4M9kRP1U35LHb_g3OTafki1e3Fo3joaWdZfQdfnL1Jz0ATUUW-taci50lATnbsLg56Rs2mU5h1m-JkEWZltgIJzJ7Uzf1c7-LHwTGISpbKlRzNdtz2vaz-aTKgCJ2Fv2KsAE-saLjvwD4AQDiAXB3qL4PZAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIBhEAEYXTICigI6AoBASL39wTqACgOYCwHICwGADAGiDBgqFgoU5LSxAu61sQK1uLEC5LSxAu61sQKqDQJDSLATlbXRDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSOwDICaaNmysRusZAEu-XEo3_JuxlLDBjAI2tqMuA54kURRXVCJqyhEEtEOgDZpP2NL8pdEIGcoc8YCmfGAE%26sig%3DAOD64_1p17xf7CDN1bdGS8N-qt1IQBu1eA%26client%3Dca-pub-4485239425924787%26dbm_c%3DAKAmf-CgF3NTL-PMxINFonkbyGfWpdAzRXLj9NLzLyAcBQaIgpYU36MKZOx-aptP0xkNOMcLKTs5akKpjIrVChaAVqhyJXjaD6MlTpPttIGlJDIwDE4nwsSgU8sua5CWCVRCSkq783Ce7SgpPutgwThh18t3xOrcbfEd-EunYvbuLOAA_x-UpmY%26cry%3D1%26dbm_d%3DAKAmf-C0eAuinIXbYlms1uh0eEtCJzmlKQKGQdpCMF6DPb1qPZkwMH-4BAcKxIqP9sgHyBwlrfhEg9VD2nMmIl02h67LksZonuFGqoFsmYr20I_Ri-OdK0BDyX67sdnzNXuRUwVzRAkGc7BX0ei-StPoUoQ1lmGV4KxPfJ6aE2MuhjjZIRp2SFfI-kxPqq7APueVoXjCluXfRNXSaav5rdP-u-u0ksSqCXpwsjbu2BbEh9UpUGFNa504wZabHOA7M4hZN2uMQXkb4SqdcIsp7-0UqXEI4muqHP-hTQr6CkZLHbsfT_X67tqL9GXHWCWn8ZVnnnX4HeGiG-MeXRfoRv7krx19xNaz4g-sTsRxF4lKPUEhd_L2sPx7mfTMNem59HhFm-hP-Jk5-Rj2oFYyfShKOajsH4QuaveijlMj8vHylcC4JB42SBGQsiA52R-t8l770c5VK9bEbI1AjwokNmsIGN0dGR8Q5a_Co9tbolG9AUugVQFgTbtsyq7YVAqsEMfNYEPG1Dh3uF2rsU1EGaoN_141g9TDb8w3sajp3TL_1iUJ9SkIRNWsUd6YnSoEDJkLWkYAIgjrAAcrTQMAVs8HohSYRvo_ioIv_LpNv_bf3PGWqZFSeVs-HWb1FRx8ZKk4gcOU57ImVx32fUfXCkx0ttztvDm0LAjWe6JqQ9p4NTWKlpbi0W0%26adurl%3D&documentReferer=https%3A%2F%2Fwww.bg3.co%2F&ancestorOrigins=https%3A%2F%2Fwww.bg3.co%2Chttps%3A%2F%2Fwww.bg3.co&random=6478889498877&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Content-Type
text/html; charset=UTF-8
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Length
0
Expires
Mon, 20 Nov 2023 11:54:21 +0100
video0.ts
stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/ 		337 KB
338 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/video0.ts
Requested by
Host: vjs.zencdn.net
URL: https://vjs.zencdn.net/7.11.4/video.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.199.36.10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
138-199-36-10.bunnyinfra.net
Software
BunnyCDN-DE1-1053 /
Resource Hash
f89c51ecaf4559bd388bbe8cf3953876f3ca730fc7680266ca6b8d6ebae481b9

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 11:54:21 GMT
cdn-edgestorageid
1076
cdn-storageserver
DE-164
cdn-cachedat
10/31/2023 19:00:16
cdn-pullzone
829957
content-length
345356
last-modified
Fri, 09 Dec 2022 05:43:17 GMT
server
BunnyCDN-DE1-1053
cdn-fileserver
510
cdn-requestpullcode
206
cdn-proxyver
1.04
content-type
video/mp2t
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=43200
cdn-requestid
4fcad3eab666d626e8da075466f0df0a
accept-ranges
bytes
cdn-requestcountrycode
CH
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
pagead2.googlesyndication.com/bg/ Frame 3794 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
sffe /
Resource Hash
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 09:18:33 GMT
content-encoding
br
x-content-type-options
nosniff
age
9348
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15296
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 16:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 19 Nov 2024 09:18:33 GMT
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.bg3.co%2F&domain=www.bg3.co&cw=1&pbt=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.bg3.co
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Mon, 20 Nov 2023 11:54:21 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
203549
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
json
gum.criteo.com/sid/ 		2 B
368 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.bg3.co%2F&domain=www.bg3.co&cw=1&pbt=1&lsw=1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Mon, 20 Nov 2023 11:54:22 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
209223
expires
0
rid
match.adsrvr.org/track/ 		63 B
418 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
e3123c7754c686dad6de439180c9c086abaee0c2a036052d203f298a0dd96642

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 20 Nov 2023 11:54:21 GMT
content-encoding
gzip
server
Kestrel
vary
Origin, Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
expires
Wed, 20 Dec 2023 11:54:21 GMT
isyn
prebid.a-mo.net/ Frame DADC 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=&gpp=&gpp_sid=
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.84.158 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
max-age=0, private, must-revalidate
date
Mon, 20 Nov 2023 11:54:21 GMT
server
envoy
vary
Accept-Encoding
x-envoy-upstream-service-time
0
/
csync.smilewanted.com/ Frame CAD0 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a2b996fdc66d9abf1696965fbb8afdcb5b7b9aea5219da13e11d11512f3a101c

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
82907f6dbe26229c-CDG
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 20 Nov 2023 11:54:21 GMT
server
cloudflare
vary
Accept-Encoding
pd
adpushup-d.openx.net/w/1.0/ Frame 50C6
Redirect Chain
  • https://adpushup-d.openx.net/w/1.0/pd
  • https://adpushup-d.openx.net/w/1.0/pd?cc=1
653 B
739 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adpushup-d.openx.net/w/1.0/pd?cc=1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
56807ae7aac78c855f7eed7005224467a9aceadd4650ed1435d159bd0ed7fd7b

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
415
content-type
text/html
date
Mon, 20 Nov 2023 11:54:21 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Mon, 20 Nov 2023 11:54:21 GMT
location
https://adpushup-d.openx.net/w/1.0/pd?cc=1
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
via
1.1 google
checksync.php
contextual.media.net/ Frame 0A4D 		24 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C2045%2C3012%2C2043%2C2040%2C244%2C2039%2C3007%2C246%2C4%2C203%2C446%2C9%2C2055%2C2099%2C173%2C294%2C251%2C175%2C450%2C132%2C374%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C459%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C461%2C222%2C345%2C468%2C10000%2C80%2C108%2C229%2C307%2C508&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.148.20 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-148-20.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
75dafddaabed947a4a53a65c28ed47eacc0776d8cc15772bb253bc01962d97c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
8529
content-type
text/html; charset=UTF-8
date
Mon, 20 Nov 2023 11:54:21 GMT
expires
Wed, 22 Nov 2023 11:54:21 GMT
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
sync
eb2.3lift.com/ Frame 81CF 		37 B
140 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
date
Mon, 20 Nov 2023 11:54:21 GMT
async_usersync.html
acdn.adnxs.com/dmp/ Frame 0794 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.184.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-184-180.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Mon, 20 Nov 2023 11:54:21 GMT
ETag
"623de86a-cf34"
Expires
Tue, 21 Nov 2023 11:54:23 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
/
onetag-sys.com/usync/ Frame A27F 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1700481258438
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
c67b487140ffa8908a362ccfe9c38c9f2f909384357774e91224a74075d78df8
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
1408
content-type
text/html
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security
max-age=15552000
ixmatch.html
js-sec.indexww.com/um/ Frame 9748 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.38.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
828
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
82907f6e9a54697d-CDG
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 20 Nov 2023 11:54:21 GMT
expires
Mon, 20 Nov 2023 15:54:21 GMT
last-modified
Mon, 25 Jul 2022 19:18:26 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
sync.html
public.servenobid.com/ Frame 210F 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://public.servenobid.com/sync.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-10.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1c20d54555b098aef8269b6fa89b316fa731aac67e6926c1203c27edf8cf9dbd

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
11235
cache-control
max-age=86400
content-encoding
gzip
content-type
text/html
date
Mon, 20 Nov 2023 08:47:07 GMT
etag
W/"ea81456e0a6e1fca0e7a864b1d3121aa"
last-modified
Mon, 02 Oct 2023 23:54:30 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 95adda0bdbd310a1a9e4f54f540543e2.cloudfront.net (CloudFront)
x-amz-cf-id
zEiTf6GUBumGdd98mjgD_uNxeFMv3EkbwyTCLu0lsyjXdUI_Ps3SjA==
x-amz-cf-pop
FRA56-C2
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:us-east-1:559734745816:build/adserver-public-prod:58584356-ee8f-4de0-abcc-b50f847fba2c
x-amz-meta-codebuild-content-md5
d3f9c0952d74faa30fada14e06b377b0
x-amz-meta-codebuild-content-sha256
8aa4841af9e8588faa6f0e126d94acab1f39eb0115dfa16eac2daccf149690d0
x-amz-server-side-encryption
AES256
x-amz-version-id
null
x-cache
Hit from cloudfront
usync.html
eus.rubiconproject.com/ Frame 810C 		281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-22-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 20 Nov 2023 11:54:21 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
usync.js
eus.rubiconproject.com/ Frame 810C 		46 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-22-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
e57ed78afee3ccb5320cc741459f82ade5883644242f3a06687086418012facd

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 20 Nov 2023 11:54:21 GMT
Content-Encoding
gzip
Last-Modified
Mon, 20 Nov 2023 04:24:50 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=59420
Connection
keep-alive
Content-Length
13229
Expires
Tue, 21 Nov 2023 04:24:41 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 7165 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsugYmPBT1mFFDmyfwzJ5jIHndIYesZkY066jEVhdw5ldMBO6_f8B6AsietrmaXqk9m2HZ7euDkWFrs90ZduOjgXM27FI5OWTNDG41627T6kuUtMANQ6huSXbhQ_3itxWpH7z-x8NW1diQ&sai=AMfl-YT3fDqS7K7EdTlwUIMp5SE14EhFPhLmoZ2oo4mccmN_tr5dBcTmS9X0jV3Yeb46xHRsoDHp_Xsqho0YUsYQseM5qE4IJdTksHPElZQvPkYejAZtaL8OHFa8U6k&sig=Cg0ArKJSzLM8_yWw0rGGEAE&cid=CAQSOwDICaaNfcNUzOGhffng5GZCz54gjKE_jtmBeBlrnjypcdYaC3XAVjMvp_TypMmkJVgK4XhIL4XerKtXGAE&id=ampim&o=236,60&d=728,250&ss=1600,1200&bs=1600,1200&mcvt=1060&mtos=0,0,1060,1060,1060&tos=0,0,1060,0,0&tfs=1144&tls=2204&g=100&h=100&tt=2205&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/shi-ni-ma-bei-shi-xiong-hao-quan-ti-zao-fa-fang-11wei-xing-yun-er-zhong-5zhang-quan-shuang-na-3000.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Nov 2023 11:54:21 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
img
sync.mathtag.com/sync/ Frame A27F 		43 B
442 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D1%26gdpr_consent%3D
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1700481258438
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.132.241 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MT3 1075 283b7e3 master zrh zrh-pixel-x3 config_version:"1369" /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 20 Nov 2023 11:54:22 GMT
Server
MT3 1075 283b7e3 master zrh zrh-pixel-x3 config_version:"1369"
Content-Type
image/gif
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
43
Expires
Mon, 20 Nov 2023 11:54:21 GMT
sync.php
pixel-eu.rubiconproject.com/exchange/ Frame A27F 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1700481258438
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
402fba8a82f093def2459220061c8d31
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
/
onetag-sys.com/match/ Frame A27F
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D1%26gdpr_consent%3D%26uid%3D$UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fonetag-sys.com%252Fmatch%252F%253Fint_id%253D98%2526gdpr%253D1%2526gdpr_consent%253D%2526uid%253D%24UID
  • https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=5727349930025682732
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=5727349930025682732
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1700481258438
Protocol
H2
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Mon, 20 Nov 2023 11:54:22 GMT
an-x-request-uuid
687bffd6-3a46-433b-83e5-91f7cec6c8e8
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=5727349930025682732
x-proxy-origin
85.195.240.28; 85.195.240.28; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
/
onetag-sys.com/match/ Frame A27F
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=3679&gdpr=1&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=3&uid=89559b98dd2b11e3937e6453dfad7ac7&gdpr_consent=&gdpr=1
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=3&uid=89559b98dd2b11e3937e6453dfad7ac7&gdpr_consent=&gdpr=1
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1700481258438
Protocol
H2
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Pragma
no-cache
Date
Mon, 20 Nov 2023 11:54:22 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://onetag-sys.com/match/?int_id=3&uid=89559b98dd2b11e3937e6453dfad7ac7&gdpr_consent=&gdpr=1
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1700481262577027-423
tap.php
pixel.rubiconproject.com/ Frame A27F 		42 B
678 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=eKBWEYpaotmCG1hZoNbYdik_XtkLPYeiwU2tMpj_SrU
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1700481258438
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame A27F
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABi-yU4UtLh8nXUE6x_QTNFjr_fnQceKenGQ
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABi-yU4UtLh8nXUE6x_QTNFjr_fnQceKenGQ
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1700481258438
Protocol
H2
Server
142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Nov 2023 11:54:22 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABi-yU4UtLh8nXUE6x_QTNFjr_fnQceKenGQ
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
sync
ssbsync-global.smartadserver.com/api/ Frame A27F 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=1&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid]
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1700481258438
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.102 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 11:54:21 GMT
content-length
0
711916.gif
id.rlcdn.com/ Frame A27F 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/711916.gif?ct=4&cv=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1700481258438
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
ecm3
s.amazon-adsystem.com/ Frame A27F
Redirect Chain
  • https://onetag-sys.com/match/?int_id=113&gdpr=1&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=eKBWEYpaotmCG1hZoNbYdik_XtkLPYeiwU2tMpj_SrU
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=eKBWEYpaotmCG1hZoNbYdik_XtkLPYeiwU2tMpj_SrU
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1700481258438
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 20 Nov 2023 11:54:22 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
KJKDK3MDHT9KJPRNGSPD
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=eKBWEYpaotmCG1hZoNbYdik_XtkLPYeiwU2tMpj_SrU
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
ImgSync
image8.pubmatic.com/AdServer/ Frame A27F 		0
39 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=1&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}%26uid%3D%23PMUID
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1700481258438
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.18 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 11:54:21 GMT
content-length
0
/
onetag-sys.com/match/ Frame A27F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm
  • https://onetag-sys.com/match/?int_id=106&google_gid=CAESEGNoWy_Cq1Epn6j2pVCflZw&google_cver=1
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEGNoWy_Cq1Epn6j2pVCflZw&google_cver=1
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1700481258438
Protocol
H2
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Mon, 20 Nov 2023 11:54:21 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEGNoWy_Cq1Epn6j2pVCflZw&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
298
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
occ
ups.analytics.yahoo.com/ups/58488/ Frame A27F 		0
38 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1700481258438
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-75-62-37.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.87 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 11:54:21 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
generic
match.adsrvr.org/track/cmf/ Frame A27F 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1700481258438
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 11:54:21 GMT
server
Kestrel
content-length
70
content-type
image/gif
sync
x.bidswitch.net/ Frame A27F 		43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=onetag&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1700481258438
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.121.8.101 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-121-8-101.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 11:54:21 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
generate_204
tpc.googlesyndication.com/ Frame C0A7 		0
41 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?k_HxzA
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/shi-ni-ma-bei-shi-xiong-hao-quan-ti-zao-fa-fang-11wei-xing-yun-er-zhong-5zhang-quan-shuang-na-3000.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f1.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 11:54:21 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
dv-measurements4951.js
cdn.doubleverify.com/ Frame 471E 		424 KB
100 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dv-measurements4951.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/shi-ni-ma-bei-shi-xiong-hao-quan-ti-zao-fa-fang-11wei-xing-yun-er-zhong-5zhang-quan-shuang-na-3000.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.238.14 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-238-14.deploy.static.akamaitechnologies.com
Software
UploadServer /
Resource Hash
987fe342842bc4545e33dddba53fc214b1b848407b78317538dcf573fa0dae82

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 20 Nov 2023 11:54:22 GMT
Content-Encoding
gzip
Last-Modified
Mon, 20 Nov 2023 10:52:29 GMT
Server
UploadServer
ETag
"b47e628f652d93d0e7ba169948af091c"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
*
Cache-Control
no-transform, max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
102052
Expires
Tue, 19 Nov 2024 11:54:22 GMT
decode_consent.js
static.smilewanted.com/js/decode_consent/ Frame CAD0 		48 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.smilewanted.com/js/decode_consent/decode_consent.js
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://csync.smilewanted.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 11:54:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
age
1576475
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Thu, 15 Apr 2021 17:11:55 GMT
server
cloudflare
etag
W/"607873db-c1ce"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
cf-ray
82907f706994229c-CDG
expires
Thu, 31 Dec 2037 23:55:55 GMT
bounce
ib.adnxs.com/ Frame 0794
Redirect Chain
  • https://ib.adnxs.com/async_usersync?cbfn=queuePixels
  • https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
0
646 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Server
185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Nov 2023 11:54:22 GMT
an-x-request-uuid
0a9f274a-b681-4652-a742-b9eac683beee
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
85.195.240.28; 85.195.240.28; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 20 Nov 2023 11:54:22 GMT
an-x-request-uuid
db8888f6-948c-4a1c-af89-a587e7490166
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
location
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
cache-control
no-store, no-cache, private
x-proxy-origin
85.195.240.28; 85.195.240.28; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 50C6
Redirect Chain
  • https://cms.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=NJbwZzaboGQvx6AwMZboMzqVoDEvm_08MpP8Kws3
43 B
171 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=NJbwZzaboGQvx6AwMZboMzqVoDEvm_08MpP8Kws3
Requested by
Host: adpushup-d.openx.net
URL: https://adpushup-d.openx.net/w/1.0/pd?cc=1
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://adpushup-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Nov 2023 11:54:22 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 20 Nov 2023 11:54:22 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=NJbwZzaboGQvx6AwMZboMzqVoDEvm_08MpP8Kws3
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame 50C6
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=22
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=4117521118395718454
43 B
97 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=4117521118395718454
Requested by
Host: adpushup-d.openx.net
URL: https://adpushup-d.openx.net/w/1.0/pd?cc=1
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://adpushup-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Nov 2023 11:54:22 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 20 Nov 2023 11:54:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=4117521118395718454
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
dcm
aax-eu.amazon-adsystem.com/s/ Frame 50C6 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=f183d7e9-05e5-8006-bdf1-45e50ab9be6d
Requested by
Host: adpushup-d.openx.net
URL: https://adpushup-d.openx.net/w/1.0/pd?cc=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.220.226.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://adpushup-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 20 Nov 2023 11:54:22 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
79GXEPPRXKNVY3H6MZMZ
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
openx
match.adsrvr.org/track/cmf/ Frame 50C6 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/openx?oxid=a955ab94-194f-3bfc-7dff-c772628a758d&gdpr=0
Requested by
Host: adpushup-d.openx.net
URL: https://adpushup-d.openx.net/w/1.0/pd?cc=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://adpushup-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 11:54:22 GMT
server
Kestrel
content-length
70
content-type
image/gif
pixel
cm.g.doubleclick.net/ Frame 50C6 		170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ODUzYTc4NWUtZDAzOC02NTU4LTY4MWYtOWRjYmE4NjhiYmVk
Requested by
Host: adpushup-d.openx.net
URL: https://adpushup-d.openx.net/w/1.0/pd?cc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://adpushup-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Nov 2023 11:54:22 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 50C6
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEBHhuCUauyIKFBtYPjCJ8uI&google_cver=1
43 B
97 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEBHhuCUauyIKFBtYPjCJ8uI&google_cver=1
Requested by
Host: adpushup-d.openx.net
URL: https://adpushup-d.openx.net/w/1.0/pd?cc=1
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://adpushup-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Nov 2023 11:54:22 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 20 Nov 2023 11:54:22 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEBHhuCUauyIKFBtYPjCJ8uI&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
13926
g2.gumgum.com/usync/ Frame DFD9 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.171.158.15 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-171-158-15.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
8d16f32e1e2707c58c3e4b4a24a77756f79c722c68b759c13b1790f994bd2f36

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Mon, 20 Nov 2023 11:54:22 GMT
etag
W/"019c1d511082def1942fa404dc0c1110d"
server
nginx
timing-allow-origin
*
/
onetag-sys.com/usync/ Frame C8AB 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
40a699c63f73838459f4896ad63f9e9d5e76fcc99dc498ec961553c2db227a2e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
1430
content-type
text/html
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security
max-age=15552000
sync
ssbsync.smartadserver.com/api/ Frame 99F6 		904 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.150 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
d9c53fd4e9b36e61902e61a094a46bc12afc3c9e05915b9c7567f424e9ea5d77

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

content-length
904
content-type
text/html
date
Mon, 20 Nov 2023 11:54:22 GMT
usermatch
ssum-sec.casalemedia.com/ Frame E141 		2 KB
761 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8f4953b30e9b07322febf7b0996a8f2959f8271f4daec7c1e09519039201b475

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
82907f70bb940246-CDG
content-encoding
br
content-type
text/html
date
Mon, 20 Nov 2023 11:54:22 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tGNFgOQKqIxUR6AG6KXHfbdty4lwXsGf7uhMjusZi7EBC8CGJXr5HYr7jtxQkY2P8jPn6Xdy6WKVycUrKVITKjfhAt1QT3mKsLwdR5eqy%2FoydliZFfiFw7HPMKwBY%2BFONocdCGhEQL8pCg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame E0AA
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-22-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 20 Nov 2023 11:54:22 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Mon, 20 Nov 2023 11:54:22 GMT
location
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
server
AkamaiGHost
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 48C6 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=128967
content-encoding
gzip
content-length
5622
content-type
text/html
date
Mon, 20 Nov 2023 11:54:22 GMT
expires
Tue, 21 Nov 2023 23:43:49 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
sync-iframe
cs-rtb.minutemedia-prebid.com/ Frame 64D5 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.67 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-67.fra56.r.cloudfront.net
Software
istio-envoy /
Resource Hash
9d9add773f436bfaa6f493d4718dbffb1d92b8b53f6399bbb5e7dc8ba494c226

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://public.servenobid.com/
content-encoding
gzip
content-type
text/html
date
Mon, 20 Nov 2023 11:54:22 GMT
server
istio-envoy
vary
Accept-Encoding
via
1.1 ee6745944298a5956e13c939ebdcf8f2.cloudfront.net (CloudFront)
x-amz-cf-id
moLM8ij-MImb3y04nm52Lj1CFpia3OCQD56W7NNGweLKhifoMXSXgA==
x-amz-cf-pop
FRA56-P5
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
2
user-sync
sync.adkernel.com/ Frame 0F43 		0
160 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adkernel.com/user-sync?zone=181225&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D152%26uid%3D%7BUID%7D&gdpr=0&gdpr_consent=&us_privacy=1YN-&
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.245.57.72 , United States, ASN36057 (WEBAIR-INTERNET-MTL, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Age
0
Cache-Control
no-store
Connection
close
Content-Length
0
Date
Mon, 20 Nov 2023 11:54:22 GMT
Pragma
no-cache
Server
nginx
sync-iframe
cs-server-s2s.yellowblue.io/ Frame B569 		557 B
1011 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
3.221.116.77 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-221-116-77.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
c9df1483efd0368918ed03e1d8596badd7042971f044654e9bbcb3a5db132606

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://public.servenobid.com/
content-length
557
content-type
text/html
date
Mon, 20 Nov 2023 11:54:22 GMT
server
istio-envoy
x-envoy-upstream-service-time
1
sync
ads.servenobid.com/ Frame 210F
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fads.servenobid.com%252Fsync%253Fpid%253D312%2526uid%253D%2524UID
  • https://ads.servenobid.com/sync?pid=312&uid=7474076783371387213
0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=312&uid=7474076783371387213
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
54.72.113.40 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-72-113-40.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 11:54:22 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

pragma
no-cache
date
Mon, 20 Nov 2023 11:54:22 GMT
an-x-request-uuid
f4a4d0d0-700d-4c25-b98a-33b5296cbada
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://ads.servenobid.com/sync?pid=312&uid=7474076783371387213
x-proxy-origin
85.195.240.28; 85.195.240.28; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
ads.servenobid.com/ Frame 210F
Redirect Chain
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1
  • https://ads.servenobid.com/sync?pid=310&uid=HsAqvRZHqZL_pNejT3SGL5gs
0
350 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=310&uid=HsAqvRZHqZL_pNejT3SGL5gs
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
54.72.113.40 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-72-113-40.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 11:54:22 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Pragma
no-cache
Date
Mon, 20 Nov 2023 11:54:22 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Location
https://ads.servenobid.com/sync?pid=310&uid=HsAqvRZHqZL_pNejT3SGL5gs
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap7ams1
Content-Length
0
Expires
Fri, 20 Mar 2009 00:00:00 GMT
pixel
ap.lijit.com/ Frame 210F 		0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.16 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 20 Nov 2023 11:54:22 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap3ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
sync
ads.servenobid.com/ Frame 210F
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&zcc=1&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D&cb=1700481262602
  • https://ad.turn.com/r/cs?pid=45&rndcb=8535608598
  • https://sync.1rx.io/usersync/turn/9008654770673040851?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-f6121b9c-7255-429e-ba89-3ba03e08ed8e-003?redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3DRX-f6121b9c-7255-429e-ba89-3ba03e08ed8e-003
  • https://ads.servenobid.com/sync?pid=321&uid=RX-f6121b9c-7255-429e-ba89-3ba03e08ed8e-003
0
361 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=321&uid=RX-f6121b9c-7255-429e-ba89-3ba03e08ed8e-003
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
54.72.113.40 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-72-113-40.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 11:54:23 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=321&uid=RX-f6121b9c-7255-429e-ba89-3ba03e08ed8e-003
date
Mon, 20 Nov 2023 11:54:23 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RXf6121b9c7255429eba893ba03e08ed8e003
content-type
text/html
sync
ads.servenobid.com/ Frame 210F
Redirect Chain
  • https://p.rfihub.com/cm?pub=44007&in=1
  • https://ads.servenobid.com/sync?pid=324&uid=5141210828243336249
0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=324&uid=5141210828243336249
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
54.72.113.40 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-72-113-40.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 11:54:24 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Location
https://ads.servenobid.com/sync?pid=324&uid=5141210828243336249
Date
Mon, 20 Nov 2023 11:54:22 GMT
Server
Jetty(9.4.51.v20230217)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
usa
sync.go.sonobi.com/ Frame 210F 		0
0
sync
ads.servenobid.com/ Frame 210F
Redirect Chain
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D
  • https://ads.servenobid.com/sync?pid=327&uid=&us_privacy=1YN-&gdpr=0
0
252 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=327&uid=&us_privacy=1YN-&gdpr=0
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
54.72.113.40 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-72-113-40.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 11:54:22 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=327&uid=&us_privacy=1YN-&gdpr=0
date
Mon, 20 Nov 2023 11:54:21 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
0
server
envoy
content-length
0
sync
ads.servenobid.com/ Frame 210F
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58559/occ
  • https://ads.servenobid.com/sync?pid=337&uid=y-GZbQZpdE2uHksfl28tIOoCDtWvyIBXHTJ63c6C8-~A
0
367 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=337&uid=y-GZbQZpdE2uHksfl28tIOoCDtWvyIBXHTJ63c6C8-~A
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
54.72.113.40 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-72-113-40.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 11:54:22 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=337&uid=y-GZbQZpdE2uHksfl28tIOoCDtWvyIBXHTJ63c6C8-~A
date
Mon, 20 Nov 2023 11:54:22 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sync
ads.servenobid.com/ Frame 210F
Redirect Chain
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID
  • https://sync.technoratimedia.com/services?srv=cs&source=disqus&uid=ua-21bf0895-e317-3c53-877e-44c5746bd37b&cb=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D34%26buyeruid%3D%5BUSER_ID%5D%26r%3DCid...
  • https://ssp.disqus.com/match?bidder=34&buyeruid=GDPR&r=Cid1YS0yMWJmMDg5NS1lMzE3LTNjNTMtODc3ZS00NGM1NzQ2YmQzN2IQ____________ASpTaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzQ2JnVpZD11YS0yMWJmMD...
  • https://bh.contextweb.com/bh/rtset?pid=562894&ev=1&us_privacy=&rurl=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D29%26buyeruid%3D%25%25VGUID%25%25%26r%3DCid1YS0yMWJmMDg5NS1lMzE3LTNjNTMtODc3ZS00N...
  • https://ssp.disqus.com/match?bidder=29&buyeruid=8S1oQI9hAMEP&r=Cid1YS0yMWJmMDg5NS1lMzE3LTNjNTMtODc3ZS00NGM1NzQ2YmQzN2IQ____________ASpTaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzQ2JnVpZD11YS...
  • https://ads.servenobid.com/sync?pid=346&uid=ua-21bf0895-e317-3c53-877e-44c5746bd37b
0
359 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=346&uid=ua-21bf0895-e317-3c53-877e-44c5746bd37b
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
54.72.113.40 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-72-113-40.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 11:54:24 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=346&uid=ua-21bf0895-e317-3c53-877e-44c5746bd37b
pragma
no-cache
date
Mon, 20 Nov 2023 11:54:24 GMT
cache-control
no-store
content-length
0
expires
0
sync
ads.servenobid.com/ Frame 210F
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58632/occ
  • https://ads.servenobid.com/sync?pid=339&uid=y-GZbQZpdE2uHksfl28tIOoCDtWvyIBXHTJ63c6C8-~A
0
367 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=339&uid=y-GZbQZpdE2uHksfl28tIOoCDtWvyIBXHTJ63c6C8-~A
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
54.72.113.40 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-72-113-40.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 11:54:22 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=339&uid=y-GZbQZpdE2uHksfl28tIOoCDtWvyIBXHTJ63c6C8-~A
date
Mon, 20 Nov 2023 11:54:22 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
v1
match.sharethrough.com/universal/ Frame 210F 		0
35 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/universal/v1?supply_id=KW3eSFMR&gdpr=0&gdpr_consent=&us_privacy=1YN-&
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.196.51.148 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-196-51-148.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 11:54:22 GMT
sync
ads.servenobid.com/ Frame 210F
Redirect Chain
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D353%26uid%3D%3Cvsid%3E
  • https://ads.servenobid.com/sync?pid=353&uid=0000EEA
0
336 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=353&uid=0000EEA
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
54.72.113.40 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-72-113-40.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 11:54:22 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

pragma
no-cache
strict-transport-security
max-age=86400 ; includeSubDomains, max-age=604800
date
Mon, 20 Nov 2023 11:54:22 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
location
https://ads.servenobid.com/sync?pid=353&uid=0000EEA
content-type
text/html
cache-control
max-age=0, no-cache, no-store
content-length
154
x-mnet-hl2
E
expires
Mon, 20 Nov 2023 11:54:22 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 2837 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd554a8804f9ebf7aa16382a25e67530cf822abbaf722157f2ad3a858151c71d

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
82907f70bb950246-CDG
content-encoding
br
content-type
text/html
date
Mon, 20 Nov 2023 11:54:22 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lXPzVUFve7b23aOsxKgxJGDENRxC7fSkC0i5CUJQv%2BAGynLppo3j%2FD1tgV4gQ2f01089KoqndWjqsIuQJrA1p608%2FZog2DTdZ2I0OIA93LfLUF1VlJTZuykgewdqQ4tX7DIMipAJik5CpQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
video1.ts
stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/ 		318 KB
318 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/video1.ts
Requested by
Host: vjs.zencdn.net
URL: https://vjs.zencdn.net/7.11.4/video.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.199.36.10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
138-199-36-10.bunnyinfra.net
Software
BunnyCDN-DE1-1053 /
Resource Hash
c29f71b69ffa3f8a4b56a70acc44d298f84a7ce3a366a5c1d288cb532344a766

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 11:54:22 GMT
cdn-edgestorageid
723
cdn-storageserver
DE-51
cdn-cachedat
10/31/2023 18:48:10
cdn-pullzone
829957
content-length
325240
last-modified
Wed, 19 Jul 2023 15:09:11 GMT
server
BunnyCDN-DE1-1053
cdn-fileserver
649
cdn-requestpullcode
206
cdn-proxyver
1.04
content-type
video/mp2t
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=43200
cdn-requestid
283c7446283e825a33104f2daae7d6f0
accept-ranges
bytes
cdn-requestcountrycode
CH
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
activeview
pagead2.googlesyndication.com/pcs/ Frame 15E6 		42 B
174 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuJJz6d7ALAa51si-mLQAx3XLmijnydJTwfLc0_oQaeqe4YLhj8mdMONrlqzU8bV6z7acngNJoRyXJ5NEOk_T8QNVtCoUhn1dvZ92ALJebo4Kz0ikUuz_NmARIcKJhuzrAXs-1e4jq5mw&sig=Cg0ArKJSzHTp6OIna3bYEAE&id=lidar2&mcvt=1033&p=1110,436,1200,1164&mtos=1033,1033,1033,1033,1033&tos=1033,0,0,0,0&v=20231116&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=2825066673&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1700481259728&rpt=1425&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Nov 2023 11:54:22 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ztpv.php
www.conrad.ch/ Frame 7896
Redirect Chain
  • https://www.awin1.com/cshow.php?s=2246412&v=11467&q=346432&r=414915&pref1=55866900078198704438458012514008&pv=1
  • https://www.conrad.ch/ztpv.php?awc=11467_414915_1700481262_8b6cd470-879b-11ee-92fe-22394270969d&insert=AW&gdpr=&gdpr_consent=
0
493 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.conrad.ch/ztpv.php?awc=11467_414915_1700481262_8b6cd470-879b-11ee-92fe-22394270969d&insert=AW&gdpr=&gdpr_consent=
Requested by
Host: hal90008.redintelligence.net
URL: https://hal90008.redintelligence.net/request.php?zone=8w7qrx09r0fs&nw=20&renderingType=javascript&namespace=0dd2f4d6c8&subid=&uid=25a8874c5eb39f7b&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCwEnL60hbZcWyOr-r5LcPrfjQ4QaRwdCbafvwg5LcD_AuEAEg0syBGmD1jbuBmATIAQmpAiZpx6wPULI-qAMByAObBKoElgJP0NgrbOyuQ60rB_wNwTfTZR2rN_fcGEitpwoDw5hMRx7WWXTwap3VNIDtGVmgotQBFWcLgGSzuCkH40R0lFZmG_YZufczacUboBpHZTL8MJz-7Hc4g4QuyWuQ_9q8qSyNhyaX692U0F5zkOEjHd5rBLpH7MxjJwsqXDRcjIFmVQ7Qe_59odV5nBk4eLdsslRlw9HNg1HFjfi-jyhzfvCfq3ZphmABqNYTElppIsAe1P7iqZtn4M9kRP1U35LHb_g3OTafki1e3Fo3joaWdZfQdfnL1Jz0ATUUW-taci50lATnbsLg56Rs2mU5h1m-JkEWZltgIJzJ7Uzf1c7-LHwTGISpbKlRzNdtz2vaz-aTKgCJ2Fv2KsAE-saLjvwD4AQDiAXB3qL4PZAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIBhEAEYXTICigI6AoBASL39wTqACgOYCwHICwGADAGiDBgqFgoU5LSxAu61sQK1uLEC5LSxAu61sQKqDQJDSLATlbXRDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSOwDICaaNmysRusZAEu-XEo3_JuxlLDBjAI2tqMuA54kURRXVCJqyhEEtEOgDZpP2NL8pdEIGcoc8YCmfGAE%26sig%3DAOD64_1p17xf7CDN1bdGS8N-qt1IQBu1eA%26client%3Dca-pub-4485239425924787%26dbm_c%3DAKAmf-CgF3NTL-PMxINFonkbyGfWpdAzRXLj9NLzLyAcBQaIgpYU36MKZOx-aptP0xkNOMcLKTs5akKpjIrVChaAVqhyJXjaD6MlTpPttIGlJDIwDE4nwsSgU8sua5CWCVRCSkq783Ce7SgpPutgwThh18t3xOrcbfEd-EunYvbuLOAA_x-UpmY%26cry%3D1%26dbm_d%3DAKAmf-C0eAuinIXbYlms1uh0eEtCJzmlKQKGQdpCMF6DPb1qPZkwMH-4BAcKxIqP9sgHyBwlrfhEg9VD2nMmIl02h67LksZonuFGqoFsmYr20I_Ri-OdK0BDyX67sdnzNXuRUwVzRAkGc7BX0ei-StPoUoQ1lmGV4KxPfJ6aE2MuhjjZIRp2SFfI-kxPqq7APueVoXjCluXfRNXSaav5rdP-u-u0ksSqCXpwsjbu2BbEh9UpUGFNa504wZabHOA7M4hZN2uMQXkb4SqdcIsp7-0UqXEI4muqHP-hTQr6CkZLHbsfT_X67tqL9GXHWCWn8ZVnnnX4HeGiG-MeXRfoRv7krx19xNaz4g-sTsRxF4lKPUEhd_L2sPx7mfTMNem59HhFm-hP-Jk5-Rj2oFYyfShKOajsH4QuaveijlMj8vHylcC4JB42SBGQsiA52R-t8l770c5VK9bEbI1AjwokNmsIGN0dGR8Q5a_Co9tbolG9AUugVQFgTbtsyq7YVAqsEMfNYEPG1Dh3uF2rsU1EGaoN_141g9TDb8w3sajp3TL_1iUJ9SkIRNWsUd6YnSoEDJkLWkYAIgjrAAcrTQMAVs8HohSYRvo_ioIv_LpNv_bf3PGWqZFSeVs-HWb1FRx8ZKk4gcOU57ImVx32fUfXCkx0ttztvDm0LAjWe6JqQ9p4NTWKlpbi0W0%26adurl%3D&documentReferer=https%3A%2F%2Fwww.bg3.co%2F&ancestorOrigins=https%3A%2F%2Fwww.bg3.co%2Chttps%3A%2F%2Fwww.bg3.co&random=6478889498877&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.186.224 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-cache
cf-ccp-worker
HTLPHandler-v1
cf-ray
82907f755e686990-CDG
content-length
0
content-type
text/html; charset=UTF-8
date
Mon, 20 Nov 2023 11:54:22 GMT
expires
-1
server
cloudflare
strict-transport-security
max-age=15552000
vary
Accept-Encoding

Redirect headers

Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
0
Date
Mon, 20 Nov 2023 11:54:22 GMT
Location
https://www.conrad.ch/ztpv.php?awc=11467_414915_1700481262_8b6cd470-879b-11ee-92fe-22394270969d&insert=AW&gdpr=&gdpr_consent=
Node
Helix
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Strict-Transport-Security
max-age=86400
cshow.php
www.awin1.com/ Frame 87DD 		43 B
703 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.awin1.com/cshow.php?s=2476255&v=15168&q=372492&r=414915&pref1=55866900078198704438458012514008&pv=1
Requested by
Host: hal90008.redintelligence.net
URL: https://hal90008.redintelligence.net/request.php?zone=8w7qrx09r0fs&nw=20&renderingType=javascript&namespace=0dd2f4d6c8&subid=&uid=25a8874c5eb39f7b&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCwEnL60hbZcWyOr-r5LcPrfjQ4QaRwdCbafvwg5LcD_AuEAEg0syBGmD1jbuBmATIAQmpAiZpx6wPULI-qAMByAObBKoElgJP0NgrbOyuQ60rB_wNwTfTZR2rN_fcGEitpwoDw5hMRx7WWXTwap3VNIDtGVmgotQBFWcLgGSzuCkH40R0lFZmG_YZufczacUboBpHZTL8MJz-7Hc4g4QuyWuQ_9q8qSyNhyaX692U0F5zkOEjHd5rBLpH7MxjJwsqXDRcjIFmVQ7Qe_59odV5nBk4eLdsslRlw9HNg1HFjfi-jyhzfvCfq3ZphmABqNYTElppIsAe1P7iqZtn4M9kRP1U35LHb_g3OTafki1e3Fo3joaWdZfQdfnL1Jz0ATUUW-taci50lATnbsLg56Rs2mU5h1m-JkEWZltgIJzJ7Uzf1c7-LHwTGISpbKlRzNdtz2vaz-aTKgCJ2Fv2KsAE-saLjvwD4AQDiAXB3qL4PZAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIBhEAEYXTICigI6AoBASL39wTqACgOYCwHICwGADAGiDBgqFgoU5LSxAu61sQK1uLEC5LSxAu61sQKqDQJDSLATlbXRDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSOwDICaaNmysRusZAEu-XEo3_JuxlLDBjAI2tqMuA54kURRXVCJqyhEEtEOgDZpP2NL8pdEIGcoc8YCmfGAE%26sig%3DAOD64_1p17xf7CDN1bdGS8N-qt1IQBu1eA%26client%3Dca-pub-4485239425924787%26dbm_c%3DAKAmf-CgF3NTL-PMxINFonkbyGfWpdAzRXLj9NLzLyAcBQaIgpYU36MKZOx-aptP0xkNOMcLKTs5akKpjIrVChaAVqhyJXjaD6MlTpPttIGlJDIwDE4nwsSgU8sua5CWCVRCSkq783Ce7SgpPutgwThh18t3xOrcbfEd-EunYvbuLOAA_x-UpmY%26cry%3D1%26dbm_d%3DAKAmf-C0eAuinIXbYlms1uh0eEtCJzmlKQKGQdpCMF6DPb1qPZkwMH-4BAcKxIqP9sgHyBwlrfhEg9VD2nMmIl02h67LksZonuFGqoFsmYr20I_Ri-OdK0BDyX67sdnzNXuRUwVzRAkGc7BX0ei-StPoUoQ1lmGV4KxPfJ6aE2MuhjjZIRp2SFfI-kxPqq7APueVoXjCluXfRNXSaav5rdP-u-u0ksSqCXpwsjbu2BbEh9UpUGFNa504wZabHOA7M4hZN2uMQXkb4SqdcIsp7-0UqXEI4muqHP-hTQr6CkZLHbsfT_X67tqL9GXHWCWn8ZVnnnX4HeGiG-MeXRfoRv7krx19xNaz4g-sTsRxF4lKPUEhd_L2sPx7mfTMNem59HhFm-hP-Jk5-Rj2oFYyfShKOajsH4QuaveijlMj8vHylcC4JB42SBGQsiA52R-t8l770c5VK9bEbI1AjwokNmsIGN0dGR8Q5a_Co9tbolG9AUugVQFgTbtsyq7YVAqsEMfNYEPG1Dh3uF2rsU1EGaoN_141g9TDb8w3sajp3TL_1iUJ9SkIRNWsUd6YnSoEDJkLWkYAIgjrAAcrTQMAVs8HohSYRvo_ioIv_LpNv_bf3PGWqZFSeVs-HWb1FRx8ZKk4gcOU57ImVx32fUfXCkx0ttztvDm0LAjWe6JqQ9p4NTWKlpbi0W0%26adurl%3D&documentReferer=https%3A%2F%2Fwww.bg3.co%2F&ancestorOrigins=https%3A%2F%2Fwww.bg3.co%2Chttps%3A%2F%2Fwww.bg3.co&random=6478889498877&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.102.45.165 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-102-45-165.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Awin-Akamai-Rule-Set
default
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Mon, 20 Nov 2023 11:54:22 GMT
Expires
0
Node
Helix
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Pragma
no-cache
Strict-Transport-Security
max-age=86400
request_content.php
hal90008.redintelligence.net/ Frame 3756 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hal90008.redintelligence.net/request_content.php?s=55866900078198704438458012514008&a=9df64119
Requested by
Host: hal90008.redintelligence.net
URL: https://hal90008.redintelligence.net/request.php?zone=8w7qrx09r0fs&nw=20&renderingType=javascript&namespace=0dd2f4d6c8&subid=&uid=25a8874c5eb39f7b&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCwEnL60hbZcWyOr-r5LcPrfjQ4QaRwdCbafvwg5LcD_AuEAEg0syBGmD1jbuBmATIAQmpAiZpx6wPULI-qAMByAObBKoElgJP0NgrbOyuQ60rB_wNwTfTZR2rN_fcGEitpwoDw5hMRx7WWXTwap3VNIDtGVmgotQBFWcLgGSzuCkH40R0lFZmG_YZufczacUboBpHZTL8MJz-7Hc4g4QuyWuQ_9q8qSyNhyaX692U0F5zkOEjHd5rBLpH7MxjJwsqXDRcjIFmVQ7Qe_59odV5nBk4eLdsslRlw9HNg1HFjfi-jyhzfvCfq3ZphmABqNYTElppIsAe1P7iqZtn4M9kRP1U35LHb_g3OTafki1e3Fo3joaWdZfQdfnL1Jz0ATUUW-taci50lATnbsLg56Rs2mU5h1m-JkEWZltgIJzJ7Uzf1c7-LHwTGISpbKlRzNdtz2vaz-aTKgCJ2Fv2KsAE-saLjvwD4AQDiAXB3qL4PZAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIBhEAEYXTICigI6AoBASL39wTqACgOYCwHICwGADAGiDBgqFgoU5LSxAu61sQK1uLEC5LSxAu61sQKqDQJDSLATlbXRDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSOwDICaaNmysRusZAEu-XEo3_JuxlLDBjAI2tqMuA54kURRXVCJqyhEEtEOgDZpP2NL8pdEIGcoc8YCmfGAE%26sig%3DAOD64_1p17xf7CDN1bdGS8N-qt1IQBu1eA%26client%3Dca-pub-4485239425924787%26dbm_c%3DAKAmf-CgF3NTL-PMxINFonkbyGfWpdAzRXLj9NLzLyAcBQaIgpYU36MKZOx-aptP0xkNOMcLKTs5akKpjIrVChaAVqhyJXjaD6MlTpPttIGlJDIwDE4nwsSgU8sua5CWCVRCSkq783Ce7SgpPutgwThh18t3xOrcbfEd-EunYvbuLOAA_x-UpmY%26cry%3D1%26dbm_d%3DAKAmf-C0eAuinIXbYlms1uh0eEtCJzmlKQKGQdpCMF6DPb1qPZkwMH-4BAcKxIqP9sgHyBwlrfhEg9VD2nMmIl02h67LksZonuFGqoFsmYr20I_Ri-OdK0BDyX67sdnzNXuRUwVzRAkGc7BX0ei-StPoUoQ1lmGV4KxPfJ6aE2MuhjjZIRp2SFfI-kxPqq7APueVoXjCluXfRNXSaav5rdP-u-u0ksSqCXpwsjbu2BbEh9UpUGFNa504wZabHOA7M4hZN2uMQXkb4SqdcIsp7-0UqXEI4muqHP-hTQr6CkZLHbsfT_X67tqL9GXHWCWn8ZVnnnX4HeGiG-MeXRfoRv7krx19xNaz4g-sTsRxF4lKPUEhd_L2sPx7mfTMNem59HhFm-hP-Jk5-Rj2oFYyfShKOajsH4QuaveijlMj8vHylcC4JB42SBGQsiA52R-t8l770c5VK9bEbI1AjwokNmsIGN0dGR8Q5a_Co9tbolG9AUugVQFgTbtsyq7YVAqsEMfNYEPG1Dh3uF2rsU1EGaoN_141g9TDb8w3sajp3TL_1iUJ9SkIRNWsUd6YnSoEDJkLWkYAIgjrAAcrTQMAVs8HohSYRvo_ioIv_LpNv_bf3PGWqZFSeVs-HWb1FRx8ZKk4gcOU57ImVx32fUfXCkx0ttztvDm0LAjWe6JqQ9p4NTWKlpbi0W0%26adurl%3D&documentReferer=https%3A%2F%2Fwww.bg3.co%2F&ancestorOrigins=https%3A%2F%2Fwww.bg3.co%2Chttps%3A%2F%2Fwww.bg3.co&random=6478889498877&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.150 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.150.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
afee4edee69477bc19f5e45c258ce67d8e79b05432d26c117ff8c100004aecc2

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Encoding
gzip
Content-Length
2197
Content-Type
text/html; charset=utf-8
Date
Mon, 20 Nov 2023 11:54:22 GMT
Expires
Mon, 20 Nov 2023 11:54:22 +0100
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma
no-cache
Server
Apache
Vary
Accept-Encoding
impression.php
t23.intelliad.de/ Frame 14C2 		43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t23.intelliad.de/impression.php?cl=2353636373136323131303&cp=101&ag=248&bm=100&bmcl=5373735313236323131303&crid=101&timestamp=1700481262&co=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1700481259&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fshi-ni-ma-bei-shi-xiong-hao-quan-ti-zao-fa-fang-11wei-xing-yun-er-zhong-5zhang-quan-shuang-na-3000.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700481258931&bpp=335&bdt=1142&idt=893&shv=r20231109&mjsv=m202311150101&ptt=5&saldr=sd&cookie=ID%3D1a41361e827bc7a2%3AT%3D1700481257%3ART%3D1700481257%3AS%3DALNI_MYFSSKGpZM-0LwDSvHsIEtPXCrmyw&gpic=UID%3D00000cceb2dbfa89%3AT%3D1700481257%3ART%3D1700481257%3AS%3DALNI_MZprw4zR294mb7E3ZeSjhnV_dgsUQ&correlator=107145508175&frm=23&ife=1&pv=2&ga_vid=861161258.1700481257&ga_sid=1700481260&ga_hid=1611875559&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1718&biw=1600&bih=1200&isw=336&ish=280&ifk=1385638549&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079628%2C42532524%2C44795921%2C44809317%2C31078297%2C31079757%2C44807749%2C44807763%2C44808149%2C44808285%2C44809054%2C31079757&oid=2&pvsid=3724342431652275&tmod=731767895&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.4lfycdhy4v2h&btvi=1&fsb=1&dtd=923
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.152.190 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-152-190.eu-central-1.compute.amazonaws.com
Software
Apache /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Nov 2023 11:54:22 GMT
server
Apache
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW NID PSAo PSDo OUR STP OTC"
content-type
image/gif
cache-control
no-store, no-cache, max-age=0, must-revalidate
content-length
43
expires
Sat, 26 Jul 1997 05:00:00 GMT
track
t2.teads.tv/ Frame 15E6 		23 B
134 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t2.teads.tv/track?action=visible-1&vid=8adde49d-de5a-4b5d-a829-faebc86d335c&gid=1103584&studio_cid=bf4a5930-6f58-11ee-bc2b-9bbfb2e00e79&piv=100&ut=1&hb_provider=prebid&psid=415253&auctid=c9f24334-ebc2-4284-83d7-75d11f8708ac_4e1ab388-1e94-4ca3-bd0a-85357d24acb7&pscid=20204&scid=7024&pfid=68&sid=174681&env=js-web&hb_ad_unit_code=STICKY_ADP_42753_728X90_d1c10a72-27b4-4931-8ce7-99a18ebbdbae&cts=1700481260779&cid=1166310&pid=169092&p=jdY4qXLRQQetghOZkjm8b4Qred3BPZXDt19fNl2SFUhiklOaq2bM8M-t8nZ0SjIaLqng54xv3AZGkKDIMD3wM2uxTeOJIsK9t4MlGg_SCHlK8Ugno_wr64IPurlec39oEOjZRtQdZ4_668NZP4-pZmv6Oaf8VCONP0qeASTsXy_XxDVuh8hH54Z8TP1Xd_MSey_nU5mQwTxymdlfvNn9Jn_ycmNGJTADW0ZldYBQT4B1cnh1bGJ7OD-i_u1Nh8GwJiu-rBnvY8jR92h_tqhHA8SixNrB83iBhpYuOFgIv7j3UBfbA0Zxse08gdV5NGLoKPsC1mk-IRK6supDrMi62jTpPRUgEPwEpptYqGQH_tuIQtABqopv5-gZUHpxEAZTaCU&cs=-207840569652601312305&slot=native&fv=1289&ts=1700481262214&plft=flv&hb_w=728&hb_h=90&referer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fshi-ni-ma-bei-shi-xiong-hao-quan-ti-zao-fa-fang-11wei-xing-yun-er-zhong-5zhang-quan-shuang-na-3000.html
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/shi-ni-ma-bei-shi-xiong-hao-quan-ti-zao-fa-fang-11wei-xing-yun-er-zhong-5zhang-quan-shuang-na-3000.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.212.89.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-212-89-35.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Sat, 26 Jul 1997 05:00:00 GMT
date
Mon, 20 Nov 2023 11:54:22 GMT
cache-control
max-age=0, no-cache, no-store
content-length
23
content-type
image/gif
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 54F7 		1 KB
738 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1700481259&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fshi-ni-ma-bei-shi-xiong-hao-quan-ti-zao-fa-fang-11wei-xing-yun-er-zhong-5zhang-quan-shuang-na-3000.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700481258931&bpp=335&bdt=1142&idt=893&shv=r20231109&mjsv=m202311150101&ptt=5&saldr=sd&cookie=ID%3D1a41361e827bc7a2%3AT%3D1700481257%3ART%3D1700481257%3AS%3DALNI_MYFSSKGpZM-0LwDSvHsIEtPXCrmyw&gpic=UID%3D00000cceb2dbfa89%3AT%3D1700481257%3ART%3D1700481257%3AS%3DALNI_MZprw4zR294mb7E3ZeSjhnV_dgsUQ&correlator=107145508175&frm=23&ife=1&pv=2&ga_vid=861161258.1700481257&ga_sid=1700481260&ga_hid=1611875559&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1718&biw=1600&bih=1200&isw=336&ish=280&ifk=1385638549&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079628%2C42532524%2C44795921%2C44809317%2C31078297%2C31079757%2C44807749%2C44807763%2C44808149%2C44808285%2C44809054%2C31079757&oid=2&pvsid=3724342431652275&tmod=731767895&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.4lfycdhy4v2h&btvi=1&fsb=1&dtd=923
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
8947
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 20 Nov 2023 09:25:15 GMT
etag
48472445140208031
expires
Tue, 21 Nov 2023 09:25:15 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 14C2 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e78c151c3067b2ba4515c931bd4c6b3facacea184113293cb542340bf630d9a6

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
drop_cookie_sw.php
csync.smilewanted.com/ Frame 805D 		0
317 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/drop_cookie_sw.php
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
82907f722bb9229c-CDG
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 20 Nov 2023 11:54:22 GMT
server
cloudflare
vary
Accept-Encoding
tap.php
pixel.rubiconproject.com/ Frame C8AB 		42 B
678 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=eKBWEYpaotmCG1hZoNbYdik_XtkLPYeiwU2tMpj_SrU
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame C8AB
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABi-yU45G_VKCNOgu4MyNmZT-OT1Q29jq7gA
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABi-yU45G_VKCNOgu4MyNmZT-OT1Q29jq7gA
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Server
142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Nov 2023 11:54:22 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABi-yU45G_VKCNOgu4MyNmZT-OT1Q29jq7gA
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
img
sync.mathtag.com/sync/ Frame C8AB 		43 B
443 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D0%26gdpr_consent%3D
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.132.241 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MT3 1075 283b7e3 master zrh zrh-pixel-x29 config_version:"1369" /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 20 Nov 2023 11:54:22 GMT
Server
MT3 1075 283b7e3 master zrh zrh-pixel-x29 config_version:"1369"
Content-Type
image/gif
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
43
Expires
Mon, 20 Nov 2023 11:54:21 GMT
/
onetag-sys.com/match/ Frame C8AB
Redirect Chain
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=2&uid=LP6UMWJB-1L-S8I&gdpr=0
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=2&uid=LP6UMWJB-1L-S8I&gdpr=0
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://onetag-sys.com/match/?int_id=2&uid=LP6UMWJB-1L-S8I&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
402fba8a82f093def2459220061c8d31
Expires
0
/
onetag-sys.com/match/ Frame C8AB
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D0%26gdpr_consent%3D%26uid%3D$UID
  • https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=7474076783371387213
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=7474076783371387213
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Mon, 20 Nov 2023 11:54:22 GMT
an-x-request-uuid
dec32231-84ea-46bb-b176-70de246ad615
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=7474076783371387213
x-proxy-origin
85.195.240.28; 85.195.240.28; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
/
onetag-sys.com/match/ Frame C8AB
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=3679&gdpr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=3&uid=28971733828fdc2105d35b02078b7c9&gdpr_consent=&gdpr=0
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=3&uid=28971733828fdc2105d35b02078b7c9&gdpr_consent=&gdpr=0
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Pragma
no-cache
Date
Mon, 20 Nov 2023 11:54:22 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://onetag-sys.com/match/?int_id=3&uid=28971733828fdc2105d35b02078b7c9&gdpr_consent=&gdpr=0
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1700481262563087-369
/
onetag-sys.com/match/ Frame C8AB
Redirect Chain
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=1YN-&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid]
  • https://onetag-sys.com/match/?int_id=107&uid=1703576616450435731
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=107&uid=1703576616450435731
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
https://onetag-sys.com/match/?int_id=107&uid=1703576616450435731
date
Mon, 20 Nov 2023 11:54:22 GMT
content-length
0
711916.gif
id.rlcdn.com/ Frame C8AB 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/711916.gif?ct=4&cv=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
ecm3
s.amazon-adsystem.com/ Frame C8AB
Redirect Chain
  • https://onetag-sys.com/match/?int_id=113&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=SUNmv8MeOZzj1OURt-HXkjbLM8kO2PZ9r3sKMEFFPnI
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=SUNmv8MeOZzj1OURt-HXkjbLM8kO2PZ9r3sKMEFFPnI
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 20 Nov 2023 11:54:22 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
R7JFC38N1CFEQSM5SX2J
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=SUNmv8MeOZzj1OURt-HXkjbLM8kO2PZ9r3sKMEFFPnI
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
/
onetag-sys.com/match/ Frame C8AB
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=1YN-&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}...
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=1YN-&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}...
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NDE4MzQ3MUEtQUU2NC00N0YwLTlCRUQtQTJFNEJFNkE2NTRF&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=4183471A-AE64-47F0-9BED-A2E4BE6A654E
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=4183471A-AE64-47F0-9BED-A2E4BE6A654E
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=4183471A-AE64-47F0-9BED-A2E4BE6A654E
date
Mon, 20 Nov 2023 11:54:22 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
157
content-type
text/html; charset=utf-8
/
onetag-sys.com/match/ Frame C8AB
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm
  • https://onetag-sys.com/match/?int_id=106&google_gid=CAESEGNoWy_Cq1Epn6j2pVCflZw&google_cver=1
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEGNoWy_Cq1Epn6j2pVCflZw&google_cver=1
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Mon, 20 Nov 2023 11:54:22 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEGNoWy_Cq1Epn6j2pVCflZw&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
298
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
onetag-sys.com/match/ Frame C8AB
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=92&uid=y-GZbQZpdE2uHksfl28tIOoCDtWvyIBXHTJ63c6C8-~A
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=92&uid=y-GZbQZpdE2uHksfl28tIOoCDtWvyIBXHTJ63c6C8-~A
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
https://onetag-sys.com/match/?int_id=92&uid=y-GZbQZpdE2uHksfl28tIOoCDtWvyIBXHTJ63c6C8-~A
date
Mon, 20 Nov 2023 11:54:22 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
generic
match.adsrvr.org/track/cmf/ Frame C8AB 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=0&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 11:54:22 GMT
server
Kestrel
content-length
70
content-type
image/gif
generic
match.adsrvr.org/track/cmf/ Frame C8AB
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=onetag&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=onetag&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=bidswitch&ttd_tpi=1&ttd_puid=onetag&gdpr=0&gdpr_consent=
70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=bidswitch&ttd_tpi=1&ttd_puid=onetag&gdpr=0&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 11:54:22 GMT
server
Kestrel
content-length
70
content-type
image/gif

Redirect headers

location
//match.adsrvr.org/track/cmf/generic?ttd_pid=bidswitch&ttd_tpi=1&ttd_puid=onetag&gdpr=0&gdpr_consent=
date
Mon, 20 Nov 2023 11:54:22 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
sync
ads.servenobid.com/ Frame C8AB 		0
364 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=318&uid=eKBWEYpaotmCG1hZoNbYdik_XtkLPYeiwU2tMpj_SrU
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.72.113.40 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-72-113-40.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 11:54:22 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
52154.gif
idsync.rlcdn.com/ Frame 2837
Redirect Chain
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZVtI7K260X9zfc-X-dAvRwAA%262205&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
  • https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZVtI7K260X9zfc-X-dAvRwAA%262205&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=f87a751a0d4c4ec99feb3fc873cbf8f1
  • https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=f87a751a-0d4c-4ec9-9feb-3fc873cbf8f1
  • https://p.rfihub.com/cm?pub=39342&in=1&userid=85718b52-9398-4014-ba2d-4404aaf88991%3A1700481263.6458466&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3D85718b52-9398-4014-ba2d-4404aaf...
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5107433831084973692&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3D85718b52-9398-4014-ba...
  • https://idsync.rlcdn.com/501709.gif?partner_uid=85718b52-9398-4014-ba2d-4404aaf88991%3A1700481263.6458466&_=1700481263.6475616
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fidsync.rlcdn.com%2F52154.gif%3Fserved_by%3Devergreen%26partner_uid%3D%24UID
  • https://idsync.rlcdn.com/52154.gif?served_by=evergreen&partner_uid=7474076783371387213
42 B
307 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/52154.gif?served_by=evergreen&partner_uid=7474076783371387213
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 11:54:24 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

pragma
no-cache
date
Mon, 20 Nov 2023 11:54:24 GMT
an-x-request-uuid
137558bb-e9c3-4a48-a117-b2a7ecd3ff9c
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://idsync.rlcdn.com/52154.gif?served_by=evergreen&partner_uid=7474076783371387213
x-proxy-origin
85.195.240.28; 85.195.240.28; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 2837
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=7474076783371387213
43 B
327 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=7474076783371387213
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Nov 2023 11:54:22 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7iIWhsHQOgjtxnSECsMPHAJUreqYL2qkYJeGhKKhg13N1E%2Foa6%2FE646aWS4m3F%2FaxHqXAOv2A9GOACt4Xljz6GRmbHg%2BZkC7Ua8hag8qj6NAyRAV1zWlGEu8aVzqtiZ9xmsLP6J5OMBiZw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
82907f73ff970246-CDG
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 20 Nov 2023 11:54:22 GMT
an-x-request-uuid
e0ef7ed6-6bca-4d4a-a636-b07bfaec9c39
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=7474076783371387213
x-proxy-origin
85.195.240.28; 85.195.240.28; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
ZVtI7K260X9zfc_X_dAvRwAACJ0AAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 2837 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/ZVtI7K260X9zfc_X_dAvRwAACJ0AAAAB?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.250.107.139 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-250-107-139.eu-west-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 11:54:22 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
ZVtI7K260X9zfc_X_dAvRwAACJ0AAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 2837
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZVtI7K260X9zfc_X_dAvRwAACJ0AAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://pr-bh.ybp.yahoo.com/sync/casale/ZVtI7K260X9zfc_X_dAvRwAACJ0AAAAB
43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/ZVtI7K260X9zfc_X_dAvRwAACJ0AAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Server
34.250.107.139 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-250-107-139.eu-west-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 11:54:22 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43

Redirect headers

location
https://pr-bh.ybp.yahoo.com/sync/casale/ZVtI7K260X9zfc_X_dAvRwAACJ0AAAAB
date
Mon, 20 Nov 2023 11:54:22 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
crum
dsum-sec.casalemedia.com/ Frame 2837
Redirect Chain
  • https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=
43 B
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Nov 2023 11:54:23 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wySDZwbpDZebyCTuxZvKHwLiEheE%2B7CTCifE43xGO4qHmHns%2FrLOW8T%2FJT%2F2vd%2B42FcmjzOd5VGmDEJxXriVJEr772RtCKhd80DkR8P60aOoyjyA7cEgYD7%2BglbLW8QFgszgt4A4ML0How%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
82907f794e930246-CDG
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=
Pragma
no-cache
Date
Mon, 20 Nov 2023 11:54:23 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Content-Length
95
Content-Type
text/html; charset=utf-8
ix
ad4m.at/ad/sim/ Frame 2837 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad4m.at/ad/sim/ix
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.74.129 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
dcm
s.amazon-adsystem.com/ Frame 2837 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZVtI7K260X9zfc_X_dAvRwAACJ0AAAAB&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 20 Nov 2023 11:54:22 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
MWMTZ8H1WNJGNTP0RE1K
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 2837
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=68
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=UnXRTK0nUb9TuntEpBAV0VXD8Bw
43 B
383 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=UnXRTK0nUb9TuntEpBAV0VXD8Bw
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Nov 2023 11:54:23 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6Y9%2FbWcFWC5AgXV%2F0Z8EnCvgGY%2F0kTso25bLtt6KVK6exNoSgLm0bsvqgfQLaVfs4fbAgZi0zRqseq1bfa9cNIfzbT%2BDuyk1a5GclCQtc4UvHBQqMm5UrXgvOu9nyqFKDqQH8t1KmdtNxg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
82907f794e920246-CDG
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=UnXRTK0nUb9TuntEpBAV0VXD8Bw
Date
Mon, 20 Nov 2023 11:54:23 GMT
Connection
keep-alive
Content-Length
122
Content-Type
text/html; charset=utf-8
htw-pixel.gif
cdn.indexww.com/ht/ Frame 2837 		43 B
252 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?ZVtI7K260X9zfc-X-dAvRwAA%262205
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.38.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 11:54:22 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
29314
etag
"902a3d-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
82907f733e8c697d-CDG
content-length
43
expires
Tue, 21 Nov 2023 11:54:22 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame E141
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZVtI7K260X9zfc_X_dAvRwAACJ0AAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESECiLWZN5L0sH2bqDTns1V_o&google_cver=1
43 B
332 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESECiLWZN5L0sH2bqDTns1V_o&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Nov 2023 11:54:22 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Lw%2Fc6xyqgw7UpO8kWLQE0%2BLrIc243KS%2F4CMeCcrLIa%2BBnwBgp8ny%2B4HIOd8nF6sC1lUHyYm6na5qjyZLYTT%2FeZseQEW1PSplkWWJvVDMUlZ0pOQl5qc3fMBvbvalnVWwqNqzEyiZjyQExw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
82907f733e940246-CDG
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 20 Nov 2023 11:54:22 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESECiLWZN5L0sH2bqDTns1V_o&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame E141 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZVtI7K260X9zfc_X_dAvRwAACJ0AAAAB&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 20 Nov 2023 11:54:22 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
GDPY84VEQ4HK2A47EAQ1
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame E141 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 11:54:22 GMT
server
Kestrel
content-length
70
content-type
image/gif
generic
match.adsrvr.org/track/cmf/ Frame E141
Redirect Chain
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZVtI7K260X9zfc-X-dAvRwAA%262205&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
  • https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZVtI7K260X9zfc-X-dAvRwAA%262205&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=f5a99019b750448fb580ed10ec55d97c
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=liveintent&ttd_tpi=1&gdpr=0
70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=liveintent&ttd_tpi=1&gdpr=0
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 11:54:23 GMT
server
Kestrel
content-length
70
content-type
image/gif

Redirect headers

Location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=liveintent&ttd_tpi=1&gdpr=0
Date
Mon, 20 Nov 2023 11:54:23 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
0
Request-Time
2
rum
dsum-sec.casalemedia.com/ Frame E141
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=8792481988559257043
43 B
342 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=8792481988559257043
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Nov 2023 11:54:23 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BN50Xod9m38m7UROPRi6q5%2Bq6VP8givk4ucTTrv3l2ejm%2Bio5t%2BCfaqoujk98rlNydXCwIfM8jlVzLPNFL8%2BzP%2B7GhMsqNkvWkxzljP977LRIIa3ULbdwPyyGxjqy9IuPNwqo7rL1Uchqw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
82907f771b800246-CDG
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=8792481988559257043
pragma
no-cache
date
Mon, 20 Nov 2023 11:54:22 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
crum
dsum-sec.casalemedia.com/ Frame E141
Redirect Chain
  • https://euexchangesync.digitaleast.mobi/usersync/index.gif?us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=
43 B
334 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Nov 2023 11:54:22 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sv1yzbGIQXQFpKceLwBAGJFmqrr%2B3OHTZCpiIE%2BZZ%2FMUaWAf%2F82l3YRafLh5y9UG89GeIeZJkHTP6MTZb%2FpQ51OJzCRw5uJYwwBgEsUOJBuh2dN%2Bw3joFfL0p4Jq4VlVmGLkXWp%2Bd75yKg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
82907f744ff00246-CDG
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=
date
Mon, 20 Nov 2023 11:54:22 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95
content-type
text/html; charset=utf-8
crum
dsum-sec.casalemedia.com/ Frame E141
Redirect Chain
  • https://trace.mediago.io/ju/cs/indexexchange
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=215&external_user_id=f34e96999ebc24ab21fxv200lp6un036
43 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=215&external_user_id=f34e96999ebc24ab21fxv200lp6un036
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Nov 2023 11:54:23 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cDegGVJl1H3gfrvfdszDSQQsEZ4PR0N5Rx0MMCt%2Fb3g6IV1Dgna6xAz%2FnF%2FcDfsJBIK1hzPq3OkuXAeJXprof3wgHHssrpu9IYj6%2F3%2Fhm8EHrtf3PwEFOhoB4QyX4t%2Fp4vCJ8Bqn7wsuqw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
82907f794e900246-CDG
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

date
Mon, 20 Nov 2023 11:54:23 GMT
via
1.1 google
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain; charset=utf-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=215&external_user_id=f34e96999ebc24ab21fxv200lp6un036
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
crum
dsum-sec.casalemedia.com/ Frame E141
Redirect Chain
  • https://p.rfihub.com/cm?in=1&pub=2079
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5107433831084973692
43 B
366 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5107433831084973692
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Nov 2023 11:54:22 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bnnxbc8W%2Fip6GMTmU%2BkJ8Eg2lhBqu3KFrAsTVo2Nfgbbuce8HoYXBiej5F4%2FD3%2Bq8uRYry8GocTCwkRua7D1UReFlZ1meryuZWUBzdLHFB7fWHAI5G7W71RymXNjrt2l5XGufzFRSNUYiA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
82907f744fef0246-CDG
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5107433831084973692
Date
Mon, 20 Nov 2023 11:54:22 GMT
Server
Jetty(9.4.51.v20230217)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
sync
ads.servenobid.com/ Frame E141 		0
356 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=333&uid=ZVtI7K260X9zfc_X_dAvRwAACJ0AAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.72.113.40 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-72-113-40.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 11:54:22 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
1703576616450435731
csync.smilewanted.com/set_partner_userid_get/smart/ Frame A4A3
Redirect Chain
  • https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]
  • https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
  • https://csync.smilewanted.com/set_partner_userid_get/smart/1703576616450435731
0
396 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/smart/1703576616450435731
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
82907f74cefc229c-CDG
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 20 Nov 2023 11:54:22 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

content-length
0
date
Mon, 20 Nov 2023 11:54:22 GMT
location
https://csync.smilewanted.com/set_partner_userid_get/smart/1703576616450435731
usync.js
eus.rubiconproject.com/ Frame E0AA 		46 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-22-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
e57ed78afee3ccb5320cc741459f82ade5883644242f3a06687086418012facd

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 20 Nov 2023 11:54:22 GMT
Content-Encoding
gzip
Last-Modified
Mon, 20 Nov 2023 04:24:50 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=59419
Connection
keep-alive
Content-Length
13229
Expires
Tue, 21 Nov 2023 04:24:41 GMT
7474076783371387213
csync.smilewanted.com/set_partner_userid_get/appnexus/ Frame EB78
Redirect Chain
  • https://secure.adnxs.com/getuid?https://csync.smilewanted.com/set_partner_userid_get/appnexus/$UID
  • https://csync.smilewanted.com/set_partner_userid_get/appnexus/7474076783371387213
0
375 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/appnexus/7474076783371387213
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
82907f73ddbb229c-CDG
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 20 Nov 2023 11:54:22 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
access-control-allow-origin
*
an-x-request-uuid
7943a850-e6ef-4082-b857-30252713a93b
cache-control
no-store, no-cache, private
content-length
0
content-type
text/html; charset=utf-8
date
Mon, 20 Nov 2023 11:54:22 GMT
expires
Sat, 15 Nov 2008 16:00:00 GMT
location
https://csync.smilewanted.com/set_partner_userid_get/appnexus/7474076783371387213
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma
no-cache
server
nginx/1.21.3
x-proxy-origin
85.195.240.28; 85.195.240.28; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
x-xss-protection
0
visit.js
tps.doubleverify.com/ Frame 471E 		978 B
902 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&flvr=0&ttmms=660&ttfrms=111&brid=3&brver=89.0.4389.72&bridua=3&bds=1&tstype=2&eparams=DC4FC%3Dl9EEADTbpTauTauHHH%5D38b%5D4%40Tau2TauD9%3A%5C%3F%3A%5C%3E2%5C36%3A%5CD9%3A%5CI%3A%40%3F8%5C92%40%5CBF2%3F%5CE%3A%5CK2%40%5C72%5C72%3F8%5C%60%60H6%3A%5CI%3A%3F8%5CJF%3F%5C6C%5CK9%40%3F8%5CdK92%3F8%5CBF2%3F%5CD9F2%3F8%5C%3F2%5Cb___%5D9E%3E%3DU2%3F4r92%3A%3Fl9EEADTbpTauTauHHH%5D38b%5D4%40Tar9EEADTbpTauTauHHH%5D38b%5D4%40U42%3FFC%3Dl9EEADTbpTauTauHHH%5D38b%5D4%40Tau2TauD9%3A%5C%3F%3A%5C%3E2%5C36%3A%5CD9%3A%5CI%3A%40%3F8%5C92%40%5CBF2%3F%5CE%3A%5CK2%40%5C72%5C72%3F8%5C%60%60H6%3A%5CI%3A%3F8%5CJF%3F%5C6C%5CK9%40%3F8%5CdK92%3F8%5CBF2%3F%5CD9F2%3F8%5C%3F2%5Cb___%5D9E%3E%3D&srcurlD=0&aUrlD=0&ssl=https:&dfs=1465&ddur=508&uid=1700481262617167&jsCallback=dvCallback_1700481262617468&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36&htmlmsging=1&chro=1&hist=3&winh=1200&winw=1600&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=4951&tgjsver=4951&lvvn=28&m1=13&refD=1&referrer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fshi-ni-ma-bei-shi-xiong-hao-quan-ti-zao-fa-fang-11wei-xing-yun-er-zhong-5zhang-quan-shuang-na-3000.html&fwc=8&fcl=860&flt=0&fec=1193&fcifrms=23&brh=3&dvp_epl=580&noc=4&nav_pltfrm=Win32&ctx=19019192&cmp=30857771&sid=6327845&plc=379386518&adsrv=1&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&dvp_rcp=2&dvp_htec=1&dvp_seem=2&dvp_tuk=1&dvp_sukv=682201457906.4944&ee_dp_sukv=682201457906.4944&dvp_tukv=462569215454.2467&ee_dp_tukv=462569215454.2467&dvp_tuid=1484251491696&jurtd=1433716008
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements4951.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
130.211.44.5 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
5.44.211.130.bc.googleusercontent.com
Software
/
Resource Hash
69a384e6903eebc49dfc11d357e9bdb516d42e458c8df8a6095242726ba45d4e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 20 Nov 2023 11:54:22 GMT
Content-Encoding
br
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=0
Connection
keep-alive
Timing-Allow-Origin
*
Expires
11/19/2023 11:54:22
LP6UMWJB-1L-S8I
csync.smilewanted.com/set_partner_userid_get/rubicon/ Frame 235C
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-smilewanted&gdpr=0&gdpr_consent=
  • https://csync.smilewanted.com/set_partner_userid_get/rubicon/LP6UMWJB-1L-S8I?gdpr=0
0
410 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/rubicon/LP6UMWJB-1L-S8I?gdpr=0
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
82907f748e86229c-CDG
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 20 Nov 2023 11:54:22 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
Expires
0
Location
https://csync.smilewanted.com/set_partner_userid_get/rubicon/LP6UMWJB-1L-S8I?gdpr=0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma
no-cache
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
content-length
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame B2F0 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=128967
content-encoding
gzip
content-length
5622
content-type
text/html
date
Mon, 20 Nov 2023 11:54:22 GMT
expires
Tue, 21 Nov 2023 23:43:49 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
sync
ads.servenobid.com/ Frame 99F6 		0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=317&uid=2900844281158740583&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.72.113.40 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-72-113-40.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 11:54:22 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
9.gif
id5-sync.com/i/102/ Frame 99F6 		43 B
921 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/i/102/9.gif?gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.116 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533567.ip-162-19-138.eu
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif;charset=UTF-8
date
Mon, 20 Nov 2023 11:54:21 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p
CP="CAO PSA OUR"
/
rtb-csync.smartadserver.com/redir/ Frame 99F6
Redirect Chain
  • https://csync.loopme.me/?redirect=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D124%26partneruserid%3D%7Bdevice_id%7D&pubid=5679&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=124&partneruserid=e0a6361e-61c3-4eac-aa8c-3123c77fc06c&gdpr_consent=null&gdpr=0
43 B
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=124&partneruserid=e0a6361e-61c3-4eac-aa8c-3123c77fc06c&gdpr_consent=null&gdpr=0
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Server
185.86.138.153 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 20 Nov 2023 11:54:22 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=124&partneruserid=e0a6361e-61c3-4eac-aa8c-3123c77fc06c&gdpr_consent=null&gdpr=0
date
Mon, 20 Nov 2023 11:54:23 GMT
server
_
content-length
0
/
rtb-csync.smartadserver.com/redir/ Frame 99F6
Redirect Chain
  • https://visitor.omnitagjs.com/visitor/bsync?uid=627080440e659fbe0f85333c665ae1de&name=SMARTADSERVER&url=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D117%26partnerus...
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=117&partneruserid=49e8f2aa0ee5f7f46ea75408df45712c&gdpr=0&gdpr_consent=0
43 B
422 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=117&partneruserid=49e8f2aa0ee5f7f46ea75408df45712c&gdpr=0&gdpr_consent=0
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Server
185.86.138.153 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 20 Nov 2023 11:54:22 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma
no-cache
date
Mon, 20 Nov 2023 11:54:22 GMT
via
kong/2.8.4
x-content-type-options
nosniff
x-kong-proxy-latency
0
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=117&partneruserid=49e8f2aa0ee5f7f46ea75408df45712c&gdpr=0&gdpr_consent=0
x-kong-upstream-latency
6
content-type
text/html; charset=UTF-8
cache-control
no-cache, no-store, must-revalidate
content-length
0
expires
0
/
rtb-csync.smartadserver.com/redir/ Frame 99F6
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=560288&ev=1&rurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D92%26partneruserid%3D%25%25VGUID%25%25&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=92&partneruserid=l7Kbz9cGdJ1a&ev=1&pid=560288&gdpr_consent=&gdpr=0
43 B
401 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=92&partneruserid=l7Kbz9cGdJ1a&ev=1&pid=560288&gdpr_consent=&gdpr=0
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Server
185.86.138.153 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 20 Nov 2023 11:54:22 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
de-CH
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=92&partneruserid=l7Kbz9cGdJ1a&ev=1&pid=560288&gdpr_consent=&gdpr=0
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-6b57df6cd5-8s4wd
expires
-1
css
fonts.googleapis.com/ Frame 3756 		5 KB
778 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Requested by
Host: hal90008.redintelligence.net
URL: https://hal90008.redintelligence.net/request_content.php?s=55866900078198704438458012514008&a=9df64119
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f10.1e100.net
Software
ESF /
Resource Hash
e334ca19f092778f57815a534078daf8e3fce269e56f7ea374ab3a117eee92ad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://hal90008.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 20 Nov 2023 11:54:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 20 Nov 2023 11:46:18 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 20 Nov 2023 11:54:22 GMT
Conrad_Logo_120x60.png
ct.conrad.ch/content-chb2c/affiliate/banner/logo1/ Frame 3756
Redirect Chain
  • https://www.awin1.com/cshow.php?s=2246412&v=11467&q=346432&r=414915&pref1=55866900078198704438458012514008&pv=0
  • https://ct.conrad.ch/content-chb2c/affiliate/banner/logo1/Conrad_Logo_120x60.png
1012 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ct.conrad.ch/content-chb2c/affiliate/banner/logo1/Conrad_Logo_120x60.png
Requested by
Host: hal90008.redintelligence.net
URL: https://hal90008.redintelligence.net/request_content.php?s=55866900078198704438458012514008&a=9df64119
Protocol
H2
Server
104.19.240.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
76621d3b2561de39d3266e42c194d7e0265989a375a2e234be586fa227573e8c
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://hal90008.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 11:54:23 GMT
via
1.1 google
cf-cache-status
HIT
strict-transport-security
max-age=15552000
age
2513
cf-polished
origFmt=png, origSize=2194
content-disposition
inline; filename="Conrad_Logo_120x60.webp"
content-length
1012
cf-bgj
imgq:85,h2pri
last-modified
Mon, 06 Feb 2023 15:01:05 GMT
server
cloudflare
etag
"892-5f4094ce178c6"
vary
Accept
content-type
image/webp
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
82907f790cde6f02-CDG
expires
Mon, 20 Nov 2023 15:54:23 GMT

Redirect headers

Date
Mon, 20 Nov 2023 11:54:22 GMT
Strict-Transport-Security
max-age=86400
Node
Helix
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location
https://ct.conrad.ch/content-chb2c/affiliate/banner/logo1/Conrad_Logo_120x60.png
Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
0
/
hal9000.redintelligence.net/scale/ Frame 3756 		25 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/11287/creativesup/NativeAd_Fruehling_1200x627.jpg
Requested by
Host: hal90008.redintelligence.net
URL: https://hal90008.redintelligence.net/request_content.php?s=55866900078198704438458012514008&a=9df64119
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.164 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.164.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
09e14c097393e01af66ae85f97662d5a245e0941f483233998f39c5024c7900d

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://hal90008.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 20 Nov 2023 11:54:22 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
24889
Vary
Accept-Encoding
Content-Type
image/png
/
hal9000.redintelligence.net/scale/ Frame 3756 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/71572/creativesup/iQ_Online-Deutschkurse_1200x627px.jpg
Requested by
Host: hal90008.redintelligence.net
URL: https://hal90008.redintelligence.net/request_content.php?s=55866900078198704438458012514008&a=9df64119
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.164 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.164.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
cba257585abb156039a5350a5c976ad49f456ae9bdc5dd358c820d95550c4e13

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://hal90008.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 20 Nov 2023 11:54:23 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
10144
Vary
Accept-Encoding
Content-Type
image/png
usersync
usersync.gumgum.com/ Frame DFD9
Redirect Chain
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID
  • https://usersync.gumgum.com/usersync?b=apn&i=7474076783371387213
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=apn&i=7474076783371387213
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 20 Nov 2023 11:54:23 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

pragma
no-cache
date
Mon, 20 Nov 2023 11:54:22 GMT
an-x-request-uuid
315dd449-d54e-47e9-8543-309154578443
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://usersync.gumgum.com/usersync?b=apn&i=7474076783371387213
x-proxy-origin
85.195.240.28; 85.195.240.28; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame DFD9
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_4ac23427-36c5-4f53-b0f5-3102736fdd19&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://u.ipw.metadsp.co.uk/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2&bsw_user_id=${BSW_USER_UD}&bsw_param=b9472c9d-d39c-4b72-aa46-b46d4f527426&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=1---
  • https://u.ipw.metadsp.co.uk/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2&bsw_user_id=${BSW_USER_UD}&bsw_param=b9472c9d-d39c-4b72-aa46-b46d4f527426&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=1---
  • https://x.bidswitch.net/sync?dsp_id=339&expires=14&gdpr=0&gdpr_consent=&user_group=1&user_id=6762e454-e412-4973-818b-489dcdb48b77&ssp=gumgum2&bsw_param=b9472c9d-d39c-4b72-aa46-b46d4f527426
  • https://usersync.gumgum.com/usersync?b=bsw&i=b9472c9d-d39c-4b72-aa46-b46d4f527426&gdpr=0&gdpr_consent=&us_privacy=
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=bsw&i=b9472c9d-d39c-4b72-aa46-b46d4f527426&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 20 Nov 2023 11:54:23 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
//usersync.gumgum.com/usersync?b=bsw&i=b9472c9d-d39c-4b72-aa46-b46d4f527426&gdpr=0&gdpr_consent=&us_privacy=
date
Mon, 20 Nov 2023 11:54:23 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
usersync
usersync.gumgum.com/ Frame DFD9
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://usersync.gumgum.com/usersync?b=opx&i=5e680fe4-315a-03aa-1a84-d79faada74cb
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=opx&i=5e680fe4-315a-03aa-1a84-d79faada74cb
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 20 Nov 2023 11:54:23 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Mon, 20 Nov 2023 11:54:22 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://usersync.gumgum.com/usersync?b=opx&i=5e680fe4-315a-03aa-1a84-d79faada74cb
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
usersync
usersync.gumgum.com/ Frame DFD9
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sta&i=0-5275d14c-ad27-51bf-53ba-7b44a41015d1$ip$85.195.240.28
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sta&i=0-5275d14c-ad27-51bf-53ba-7b44a41015d1$ip$85.195.240.28
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 20 Nov 2023 11:54:23 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=sta&i=0-5275d14c-ad27-51bf-53ba-7b44a41015d1$ip$85.195.240.28
Date
Mon, 20 Nov 2023 11:54:23 GMT
Connection
keep-alive
Content-Length
127
Content-Type
text/html; charset=utf-8
usersync
usersync.gumgum.com/ Frame DFD9
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=oth&i=y-b4Jw6gtE2pf3KPIOeUVClpVPmNwZfhJ.yNXA~A
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=oth&i=y-b4Jw6gtE2pf3KPIOeUVClpVPmNwZfhJ.yNXA~A
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 20 Nov 2023 11:54:23 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Mon, 20 Nov 2023 11:54:22 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://usersync.gumgum.com/usersync?b=oth&i=y-b4Jw6gtE2pf3KPIOeUVClpVPmNwZfhJ.yNXA~A
content-length
0
usersync
usersync.gumgum.com/ Frame DFD9
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fuser...
  • https://usersync.gumgum.com/usersync?b=vnt&i=3d623962-00d1-4f7b-9ffd-91061e88e62a
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=vnt&i=3d623962-00d1-4f7b-9ffd-91061e88e62a
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 20 Nov 2023 11:54:23 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=vnt&i=3d623962-00d1-4f7b-9ffd-91061e88e62a
Date
Mon, 20 Nov 2023 11:54:23 GMT
Connection
keep-alive
X-CI-RTID
273e3e2d-5b18-44e6-900a-e9d009e78c65
Content-Length
108
Content-Type
text/html; charset=utf-8
142
match.deepintent.com/usersync/ Frame DFD9 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.18.47.7 Miami, United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
Software
c /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 11:54:22 GMT
content-length
0
server
c
usersync
usersync.gumgum.com/ Frame DFD9
Redirect Chain
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_4ac23427-36c5-4f53-b0f5-3102736fdd19&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__
  • https://b1sync.zemanta.com/usersync/gumgum/?cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__&gdpr=0&gdpr_consent=&puid=e_4ac23427-36c5-4f53-b0f5-3102736fdd19&s=2&us_privacy=...
  • https://usersync.gumgum.com/usersync?b=zem&i=3Cdbz4nENmYghW6LyDZs&gdpr=0&us_privacy=1---
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=zem&i=3Cdbz4nENmYghW6LyDZs&gdpr=0&us_privacy=1---
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 20 Nov 2023 11:54:23 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
Date
Mon, 20 Nov 2023 11:54:23 GMT
Content-Type
text/html; charset=utf-8
Location
https://usersync.gumgum.com/usersync?b=zem&i=3Cdbz4nENmYghW6LyDZs&gdpr=0&us_privacy=1---
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
123
Expires
Thu, 01 Dec 1994 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame DFD9
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
  • https://usersync.gumgum.com/usersync?b=pln&i=8S1oQI9hAMEP&ev=1&pid=558355
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=pln&i=8S1oQI9hAMEP&ev=1&pid=558355
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 20 Nov 2023 11:54:23 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
de-CH
location
https://usersync.gumgum.com/usersync?b=pln&i=8S1oQI9hAMEP&ev=1&pid=558355
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-6b57df6cd5-fkz8b
expires
-1
usersync
usersync.gumgum.com/ Frame DFD9
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sad&i=1703576616450435731
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sad&i=1703576616450435731
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 20 Nov 2023 11:54:23 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=sad&i=1703576616450435731
date
Mon, 20 Nov 2023 11:54:22 GMT
content-length
0
sync
ads.servenobid.com/ Frame DFD9 		0
358 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=309&uid=e_4ac23427-36c5-4f53-b0f5-3102736fdd19
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.72.113.40 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-72-113-40.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 11:54:22 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
e15db571-bef7-4663-8073-3076ef359599&partner_id=1010
csync.smilewanted.com/set_partner_userid_get/improve/ Frame 9D39
Redirect Chain
  • https://ice.360yield.com/server_match?r=https://csync.smilewanted.com/set_partner_userid_get/improve/{PUB_USER_ID}&partner_id=1010
  • https://ice.360yield.com/ul_cb/server_match?r=https://csync.smilewanted.com/set_partner_userid_get/improve/%7BPUB_USER_ID%7D&partner_id=1010
  • https://csync.smilewanted.com/set_partner_userid_get/improve/e15db571-bef7-4663-8073-3076ef359599&partner_id=1010
0
550 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/improve/e15db571-bef7-4663-8073-3076ef359599&partner_id=1010
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
82907f77babc229c-CDG
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 20 Nov 2023 11:54:23 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

access-control-allow-origin
*
content-length
0
content-type
text/plain
date
Mon, 20 Nov 2023 11:54:23 GMT
location
https://csync.smilewanted.com/set_partner_userid_get/improve/e15db571-bef7-4663-8073-3076ef359599&partner_id=1010
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
0c1f6902-292a-0562-3b8a-009e1c36ddff
csync.smilewanted.com/set_partner_userid_get/openx/ Frame 49FF
Redirect Chain
  • https://u.openx.net/w/1.0/cm?id=158474f5-20ec-4fcc-8ba8-4c101c556b25&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fopenx%2F
  • https://csync.smilewanted.com/set_partner_userid_get/openx/0c1f6902-292a-0562-3b8a-009e1c36ddff
0
663 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/openx/0c1f6902-292a-0562-3b8a-009e1c36ddff
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
82907f754fc9229c-CDG
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 20 Nov 2023 11:54:22 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
0
content-type
text/html
date
Mon, 20 Nov 2023 11:54:22 GMT
location
https://csync.smilewanted.com/set_partner_userid_get/openx/0c1f6902-292a-0562-3b8a-009e1c36ddff
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
pixel
ap.lijit.com/ Frame A33D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fsovrn%2F%24UID
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.16 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Date
Mon, 20 Nov 2023 11:54:22 GMT
X-Sovrn-Pod
ad_ap3ams1
pixel
cm.g.doubleclick.net/ Frame 54F7
Redirect Chain
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEGw8GoxlAAPwID5PwBAZ5k8&google_cver=1&google_push=AXcoOmROGFasnPun4fy8ECIFmoDYQy_wWohcsS-4PM_HVtBOLnabSpyyNRzkT4SYtVuB2QInpfGrH06oMH0Z4...
  • https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEGw8GoxlAAPwID5PwBAZ5k8&google_push=AXcoOmROGFasnPun4fy8ECIFmoDYQy_wWohcsS-4PM_HVtBOLnabSpyyNRzkT4SYtVuB2QInpfGrH06oMH0Z4...
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmROGFasnPun4fy8ECIFmoDYQy_wWohcsS-4PM_HVtBOLnabSpyyNRzkT4SYtVuB2QInpfGrH06oMH0Z4Aw3lVe3sAl0C-nk1ZCSKjtCTEhOmkEyhylcdJYiSelKvWi...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmROGFasnPun4fy8ECIFmoDYQy_wWohcsS-4PM_HVtBOLnabSpyyNRzkT4SYtVuB2QInpfGrH06oMH0Z4Aw3lVe3sAl0C-nk1ZCSKjtCTEhOmkEyhylcdJYiSelKvWiSlwEV6JI_GH6VogrCuVhampdH&google_hm=M0NkYno0bkVObVlnaFc2THlEWnM=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/shi-ni-ma-bei-shi-xiong-hao-quan-ti-zao-fa-fang-11wei-xing-yun-er-zhong-5zhang-quan-shuang-na-3000.html
Protocol
H2
Server
142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Nov 2023 11:54:23 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 20 Nov 2023 11:54:23 GMT
Content-Type
text/html; charset=utf-8
Location
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmROGFasnPun4fy8ECIFmoDYQy_wWohcsS-4PM_HVtBOLnabSpyyNRzkT4SYtVuB2QInpfGrH06oMH0Z4Aw3lVe3sAl0C-nk1ZCSKjtCTEhOmkEyhylcdJYiSelKvWiSlwEV6JI_GH6VogrCuVhampdH&google_hm=M0NkYno0bkVObVlnaFc2THlEWnM=
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
292
Expires
Thu, 01 Dec 1994 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 54F7
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEJQQIvjSEwwtEm4QX0tCESk&google_cver=1&google_push=AXcoOmRHmzUS6nXmU4k08YLEAk_yizFoztOL4mLDot3OZ47kWrCrilgW-25SPXRvfhk2zeyMnwt...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFA2VU1XSkItMUwtUzhJ&google_push=AXcoOmRHmzUS6nXmU4k08YLEAk_yizFoztOL4mLDot3OZ47kWrCrilgW-25SPXRvfhk2zeyMnwtGb0wq5c0fepZfBPW--ti5vYPAkXl3I...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFA2VU1XSkItMUwtUzhJ&google_push=AXcoOmRHmzUS6nXmU4k08YLEAk_yizFoztOL4mLDot3OZ47kWrCrilgW-25SPXRvfhk2zeyMnwtGb0wq5c0fepZfBPW--ti5vYPAkXl3IvByPR_Pr5vphMCFCISUtMJ9w-VdhPadN6rp7pzqSgIvstt8pRE
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1700481259&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fshi-ni-ma-bei-shi-xiong-hao-quan-ti-zao-fa-fang-11wei-xing-yun-er-zhong-5zhang-quan-shuang-na-3000.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700481258931&bpp=335&bdt=1142&idt=893&shv=r20231109&mjsv=m202311150101&ptt=5&saldr=sd&cookie=ID%3D1a41361e827bc7a2%3AT%3D1700481257%3ART%3D1700481257%3AS%3DALNI_MYFSSKGpZM-0LwDSvHsIEtPXCrmyw&gpic=UID%3D00000cceb2dbfa89%3AT%3D1700481257%3ART%3D1700481257%3AS%3DALNI_MZprw4zR294mb7E3ZeSjhnV_dgsUQ&correlator=107145508175&frm=23&ife=1&pv=2&ga_vid=861161258.1700481257&ga_sid=1700481260&ga_hid=1611875559&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1718&biw=1600&bih=1200&isw=336&ish=280&ifk=1385638549&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079628%2C42532524%2C44795921%2C44809317%2C31078297%2C31079757%2C44807749%2C44807763%2C44808149%2C44808285%2C44809054%2C31079757&oid=2&pvsid=3724342431652275&tmod=731767895&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.4lfycdhy4v2h&btvi=1&fsb=1&dtd=923
Protocol
H2
Server
142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Nov 2023 11:54:23 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFA2VU1XSkItMUwtUzhJ&google_push=AXcoOmRHmzUS6nXmU4k08YLEAk_yizFoztOL4mLDot3OZ47kWrCrilgW-25SPXRvfhk2zeyMnwtGb0wq5c0fepZfBPW--ti5vYPAkXl3IvByPR_Pr5vphMCFCISUtMJ9w-VdhPadN6rp7pzqSgIvstt8pRE
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
Expires
0
us
sync.go.sonobi.com/ Frame 54F7 		0
0
pixel
cm.g.doubleclick.net/ Frame 54F7
Redirect Chain
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEMLRPR5gY-dSLhp1nG3zOhk&google_cver=1&google_push=AXcoOmTx5UnQwS6OGbXaPVMq3V_D5enyXffuQM-hYrJMyAsxMfcf5mMdvrAAVbIlJxJBfsWNl4V7HFW9VPZEF3OKy...
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmTx5UnQwS6OGbXaPVMq3V_D5enyXffuQM-hYrJMyAsxMfcf5mMdvrAAVbIlJxJBfsWNl4V7HFW9VPZEF3OKyp_1l4CQGYttEK0HqjnmO5REzqZLDNhYrvzpSl-oXsSys...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmTx5UnQwS6OGbXaPVMq3V_D5enyXffuQM-hYrJMyAsxMfcf5mMdvrAAVbIlJxJBfsWNl4V7HFW9VPZEF3OKyp_1l4CQGYttEK0HqjnmO5REzqZLDNhYrvzpSl-oXsSys_cgr3D2hd1f0oLBgrsDbms&google_hm=HsAqvRZHqZL_pNejT3SGL5gs
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1700481259&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fshi-ni-ma-bei-shi-xiong-hao-quan-ti-zao-fa-fang-11wei-xing-yun-er-zhong-5zhang-quan-shuang-na-3000.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700481258931&bpp=335&bdt=1142&idt=893&shv=r20231109&mjsv=m202311150101&ptt=5&saldr=sd&cookie=ID%3D1a41361e827bc7a2%3AT%3D1700481257%3ART%3D1700481257%3AS%3DALNI_MYFSSKGpZM-0LwDSvHsIEtPXCrmyw&gpic=UID%3D00000cceb2dbfa89%3AT%3D1700481257%3ART%3D1700481257%3AS%3DALNI_MZprw4zR294mb7E3ZeSjhnV_dgsUQ&correlator=107145508175&frm=23&ife=1&pv=2&ga_vid=861161258.1700481257&ga_sid=1700481260&ga_hid=1611875559&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1718&biw=1600&bih=1200&isw=336&ish=280&ifk=1385638549&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079628%2C42532524%2C44795921%2C44809317%2C31078297%2C31079757%2C44807749%2C44807763%2C44808149%2C44808285%2C44809054%2C31079757&oid=2&pvsid=3724342431652275&tmod=731767895&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.4lfycdhy4v2h&btvi=1&fsb=1&dtd=923
Protocol
H2
Server
142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Nov 2023 11:54:23 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Mon, 20 Nov 2023 11:54:22 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmTx5UnQwS6OGbXaPVMq3V_D5enyXffuQM-hYrJMyAsxMfcf5mMdvrAAVbIlJxJBfsWNl4V7HFW9VPZEF3OKyp_1l4CQGYttEK0HqjnmO5REzqZLDNhYrvzpSl-oXsSys_cgr3D2hd1f0oLBgrsDbms&google_hm=HsAqvRZHqZL_pNejT3SGL5gs
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap3ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame 54F7
Redirect Chain
  • https://ads.yieldmo.com/exptsync?google_gid=CAESENVuBgfAd9HF3s2Zpo1dvTY&google_cver=1&google_push=AXcoOmRAZmRtJAJ6Zrjo5mMOZ8Y3Hyx6qM79XzRo0PfkpnYWAZJSKbFAenLac3D4bkFQBO6CqgKMGRfP5LqKnlEGet992tf75Os...
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AXcoOmRAZmRtJAJ6Zrjo5mMOZ8Y3Hyx6qM79XzRo0PfkpnYWAZJSKbFAenLac3D4bkFQBO6CqgKMGRfP5LqKnlEGet992tf75Os99eFtI-xrzLO9dIsjQXme2EQE_zh-UBU...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AXcoOmRAZmRtJAJ6Zrjo5mMOZ8Y3Hyx6qM79XzRo0PfkpnYWAZJSKbFAenLac3D4bkFQBO6CqgKMGRfP5LqKnlEGet992tf75Os99eFtI-xrzLO9dIsjQXme2EQE_zh-UBUhT9Yw6rP9G9a4yLt3KeGKMRVo&google_hm=M0ZIWVBycldXT3JlMms0UVp5OVo=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1700481259&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fshi-ni-ma-bei-shi-xiong-hao-quan-ti-zao-fa-fang-11wei-xing-yun-er-zhong-5zhang-quan-shuang-na-3000.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700481258931&bpp=335&bdt=1142&idt=893&shv=r20231109&mjsv=m202311150101&ptt=5&saldr=sd&cookie=ID%3D1a41361e827bc7a2%3AT%3D1700481257%3ART%3D1700481257%3AS%3DALNI_MYFSSKGpZM-0LwDSvHsIEtPXCrmyw&gpic=UID%3D00000cceb2dbfa89%3AT%3D1700481257%3ART%3D1700481257%3AS%3DALNI_MZprw4zR294mb7E3ZeSjhnV_dgsUQ&correlator=107145508175&frm=23&ife=1&pv=2&ga_vid=861161258.1700481257&ga_sid=1700481260&ga_hid=1611875559&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1718&biw=1600&bih=1200&isw=336&ish=280&ifk=1385638549&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079628%2C42532524%2C44795921%2C44809317%2C31078297%2C31079757%2C44807749%2C44807763%2C44808149%2C44808285%2C44809054%2C31079757&oid=2&pvsid=3724342431652275&tmod=731767895&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.4lfycdhy4v2h&btvi=1&fsb=1&dtd=923
Protocol
H2
Server
142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Nov 2023 11:54:23 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 20 Nov 2023 11:54:23 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json;charset=utf-8
location
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AXcoOmRAZmRtJAJ6Zrjo5mMOZ8Y3Hyx6qM79XzRo0PfkpnYWAZJSKbFAenLac3D4bkFQBO6CqgKMGRfP5LqKnlEGet992tf75Os99eFtI-xrzLO9dIsjQXme2EQE_zh-UBUhT9Yw6rP9G9a4yLt3KeGKMRVo&google_hm=M0ZIWVBycldXT3JlMms0UVp5OVo=
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
0
pixel
cm.g.doubleclick.net/ Frame 54F7
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEClPjxzFl3UVpCtlGijNoFY&google_cver=1&google_push=AXcoOmSyZlpQfIc88F_gTFTkR_sf-uvPQ_W5ve-l8i_HC7xGQAgEXu1CUtc5KaeI4VOb12yD_4fWSRfkLru05xyayGokxn-xGU...
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AXcoOmSyZlpQfIc88F_gTFTkR_sf-uvPQ_W5ve-l8i_HC7xGQAgEXu1CUtc5KaeI4VOb12yD_4fWSRfkLru05xyayGokxn-xGU4...
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzEzMjI0NTg4ODI5ODA1MTQ0MDIxMQ%3D%3D&google_push=AXcoOmSyZlpQfIc88F_gTFTkR_sf-uvPQ_W5ve-l8i_HC7xGQAgEXu1C...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzEzMjI0NTg4ODI5ODA1MTQ0MDIxMQ%3D%3D&google_push=AXcoOmSyZlpQfIc88F_gTFTkR_sf-uvPQ_W5ve-l8i_HC7xGQAgEXu1CUtc5KaeI4VOb12yD_4fWSRfkLru05xyayGokxn-xGU4dBy9mc5qyU7bcyLT_Y3AvKR50kG1OkcFENQqfc7rEvtq7UHeJBA7brQ48
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1700481259&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fshi-ni-ma-bei-shi-xiong-hao-quan-ti-zao-fa-fang-11wei-xing-yun-er-zhong-5zhang-quan-shuang-na-3000.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700481258931&bpp=335&bdt=1142&idt=893&shv=r20231109&mjsv=m202311150101&ptt=5&saldr=sd&cookie=ID%3D1a41361e827bc7a2%3AT%3D1700481257%3ART%3D1700481257%3AS%3DALNI_MYFSSKGpZM-0LwDSvHsIEtPXCrmyw&gpic=UID%3D00000cceb2dbfa89%3AT%3D1700481257%3ART%3D1700481257%3AS%3DALNI_MZprw4zR294mb7E3ZeSjhnV_dgsUQ&correlator=107145508175&frm=23&ife=1&pv=2&ga_vid=861161258.1700481257&ga_sid=1700481260&ga_hid=1611875559&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1718&biw=1600&bih=1200&isw=336&ish=280&ifk=1385638549&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079628%2C42532524%2C44795921%2C44809317%2C31078297%2C31079757%2C44807749%2C44807763%2C44808149%2C44808285%2C44809054%2C31079757&oid=2&pvsid=3724342431652275&tmod=731767895&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.4lfycdhy4v2h&btvi=1&fsb=1&dtd=923
Protocol
H2
Server
142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Nov 2023 11:54:23 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzEzMjI0NTg4ODI5ODA1MTQ0MDIxMQ%3D%3D&google_push=AXcoOmSyZlpQfIc88F_gTFTkR_sf-uvPQ_W5ve-l8i_HC7xGQAgEXu1CUtc5KaeI4VOb12yD_4fWSRfkLru05xyayGokxn-xGU4dBy9mc5qyU7bcyLT_Y3AvKR50kG1OkcFENQqfc7rEvtq7UHeJBA7brQ48
date
Mon, 20 Nov 2023 11:54:23 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
pixel
cm.g.doubleclick.net/ Frame 54F7
Redirect Chain
  • https://cs.media.net/cksync?type=g&google_gid=CAESEDtIheIhcxRWk7CfTEvJb2o&google_cver=1&google_push=AXcoOmR7LNHsO7u2WEw1oLAXfFE15Jl3A26msNtXH-jGZNO_jlWLvaZEg1KL5ZCrVOps1qxidECh4SbfAmqnHmvgK1T4P63Xn...
  • https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzQzNDgyODYyMDQzNDgyNzAwMFYxMA%3d%3d&mn_hm=MzQzNDgyODYyMDQzNDgyNzAwMFYxMA%3d%3d&google_sc=1&google_push=AXcoOmR7LNHsO7u2WEw1oLAXfFE15Jl...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzQzNDgyODYyMDQzNDgyNzAwMFYxMA%3d%3d&mn_hm=MzQzNDgyODYyMDQzNDgyNzAwMFYxMA%3d%3d&google_sc=1&google_push=AXcoOmR7LNHsO7u2WEw1oLAXfFE15Jl3A26msNtXH-jGZNO_jlWLvaZEg1KL5ZCrVOps1qxidECh4SbfAmqnHmvgK1T4P63Xnb3GAhtr-lWPib5pVScoMCm82iKNwpwBelO_a3hig397_3D65ZRf41TcTaMa&gdpr=&gdpr_consent=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1700481259&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fshi-ni-ma-bei-shi-xiong-hao-quan-ti-zao-fa-fang-11wei-xing-yun-er-zhong-5zhang-quan-shuang-na-3000.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700481258931&bpp=335&bdt=1142&idt=893&shv=r20231109&mjsv=m202311150101&ptt=5&saldr=sd&cookie=ID%3D1a41361e827bc7a2%3AT%3D1700481257%3ART%3D1700481257%3AS%3DALNI_MYFSSKGpZM-0LwDSvHsIEtPXCrmyw&gpic=UID%3D00000cceb2dbfa89%3AT%3D1700481257%3ART%3D1700481257%3AS%3DALNI_MZprw4zR294mb7E3ZeSjhnV_dgsUQ&correlator=107145508175&frm=23&ife=1&pv=2&ga_vid=861161258.1700481257&ga_sid=1700481260&ga_hid=1611875559&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1718&biw=1600&bih=1200&isw=336&ish=280&ifk=1385638549&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079628%2C42532524%2C44795921%2C44809317%2C31078297%2C31079757%2C44807749%2C44807763%2C44808149%2C44808285%2C44809054%2C31079757&oid=2&pvsid=3724342431652275&tmod=731767895&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.4lfycdhy4v2h&btvi=1&fsb=1&dtd=923
Protocol
H2
Server
142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Nov 2023 11:54:23 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 20 Nov 2023 11:54:22 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
location
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzQzNDgyODYyMDQzNDgyNzAwMFYxMA%3d%3d&mn_hm=MzQzNDgyODYyMDQzNDgyNzAwMFYxMA%3d%3d&google_sc=1&google_push=AXcoOmR7LNHsO7u2WEw1oLAXfFE15Jl3A26msNtXH-jGZNO_jlWLvaZEg1KL5ZCrVOps1qxidECh4SbfAmqnHmvgK1T4P63Xnb3GAhtr-lWPib5pVScoMCm82iKNwpwBelO_a3hig397_3D65ZRf41TcTaMa&gdpr=&gdpr_consent=
content-type
text/html
cache-control
max-age=0, no-cache, no-store
content-length
154
x-mnet-hl2
E
expires
Mon, 20 Nov 2023 11:54:22 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 54F7 		0
50 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KnSZ5wA5hlsHLEtX3phAQv0Fc80nzyk-Lb_VOsnpIdDYgHU1vBEmBACu1GisB7ePHWfy59
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1700481259&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fshi-ni-ma-bei-shi-xiong-hao-quan-ti-zao-fa-fang-11wei-xing-yun-er-zhong-5zhang-quan-shuang-na-3000.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700481258931&bpp=335&bdt=1142&idt=893&shv=r20231109&mjsv=m202311150101&ptt=5&saldr=sd&cookie=ID%3D1a41361e827bc7a2%3AT%3D1700481257%3ART%3D1700481257%3AS%3DALNI_MYFSSKGpZM-0LwDSvHsIEtPXCrmyw&gpic=UID%3D00000cceb2dbfa89%3AT%3D1700481257%3ART%3D1700481257%3AS%3DALNI_MZprw4zR294mb7E3ZeSjhnV_dgsUQ&correlator=107145508175&frm=23&ife=1&pv=2&ga_vid=861161258.1700481257&ga_sid=1700481260&ga_hid=1611875559&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1718&biw=1600&bih=1200&isw=336&ish=280&ifk=1385638549&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079628%2C42532524%2C44795921%2C44809317%2C31078297%2C31079757%2C44807749%2C44807763%2C44808149%2C44808285%2C44809054%2C31079757&oid=2&pvsid=3724342431652275&tmod=731767895&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.4lfycdhy4v2h&btvi=1&fsb=1&dtd=923
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 11:54:22 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
4117521118395718454
csync.smilewanted.com/set_partner_userid_get/adform/ Frame A080
Redirect Chain
  • https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fadform%2F%24UID
  • https://csync.smilewanted.com/set_partner_userid_get/adform/4117521118395718454
0
528 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/adform/4117521118395718454
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
82907f77baba229c-CDG
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 20 Nov 2023 11:54:23 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

content-length
0
content-type
text/plain
date
Mon, 20 Nov 2023 11:54:23 GMT
location
https://csync.smilewanted.com/set_partner_userid_get/adform/4117521118395718454
server
nginx
PugMaster
image6.pubmatic.com/AdServer/ Frame 48C6 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=84453478&p=162412&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1YN-
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
f69d43dc78521b99af5688cd3074a0412de049ece8993971b02092dbbf8604f9

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Mon, 20 Nov 2023 11:54:21 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cs
cs-rtb.minutemedia-prebid.com/ Frame 64D5
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&ismms2s=1&p=161683&pu=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21482%26id%3D%23PMUID
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21482&id=4183471A-AE64-47F0-9BED-A2E4BE6A654E
0
485 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-rtb.minutemedia-prebid.com/cs?aid=21482&id=4183471A-AE64-47F0-9BED-A2E4BE6A654E
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
18.66.112.67 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-67.fra56.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 11:54:23 GMT
via
1.1 ee6745944298a5956e13c939ebdcf8f2.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
FRA56-P5
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
x-cache
Miss from cloudfront
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0
x-amz-cf-id
btQ3p1TeGIS1ArdK-r_Ll0-SAP70OmW2-yOB46N7i3Vv2YtwY65UKA==

Redirect headers

location
https://cs-rtb.minutemedia-prebid.com/cs?aid=21482&id=4183471A-AE64-47F0-9BED-A2E4BE6A654E
date
Mon, 20 Nov 2023 11:54:22 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
117
content-type
text/html; charset=utf-8
cs
cs-rtb.minutemedia-prebid.com/ Frame 64D5
Redirect Chain
  • https://visitor.omnitagjs.com/visitor/bsync?gdpr=0&gdpr_consent=&ismms2s=1&name=MinuteMedia&uid=a1aca1d7a7acd80e26595e82223f1e6f&url=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21502%2...
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21502&id=49e8f2aa0ee5f7f46ea75408df45712c
0
485 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-rtb.minutemedia-prebid.com/cs?aid=21502&id=49e8f2aa0ee5f7f46ea75408df45712c
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
18.66.112.67 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-67.fra56.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 11:54:23 GMT
via
1.1 ee6745944298a5956e13c939ebdcf8f2.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
FRA56-P5
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
x-cache
Miss from cloudfront
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0
x-amz-cf-id
Wk3xOpNYk2woCceskH1gVT-Y_dKuJDdzc3wiuRadT-8dZs8VouAzug==

Redirect headers

pragma
no-cache
date
Mon, 20 Nov 2023 11:54:22 GMT
via
kong/2.8.4
x-content-type-options
nosniff
x-kong-proxy-latency
1
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
location
https://cs-rtb.minutemedia-prebid.com/cs?aid=21502&id=49e8f2aa0ee5f7f46ea75408df45712c
x-kong-upstream-latency
5
content-type
text/html; charset=UTF-8
cache-control
no-cache, no-store, must-revalidate
content-length
0
expires
0
cs
cs-rtb.minutemedia-prebid.com/ Frame 64D5
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21476%26id%3D&ismms2s=1&s=196326
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21476&id=ZVtI7K260X9zfc-X-dAvRwAA%262205
0
487 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-rtb.minutemedia-prebid.com/cs?aid=21476&id=ZVtI7K260X9zfc-X-dAvRwAA%262205
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
18.66.112.67 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-67.fra56.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 11:54:23 GMT
via
1.1 ee6745944298a5956e13c939ebdcf8f2.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
FRA56-P5
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
x-cache
Miss from cloudfront
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0
x-amz-cf-id
sONaj8-wwX8RDTDRRSrdGALEn927cpjsgOZqjiLnPyWYVAzHoINnSA==

Redirect headers

pragma
no-cache
date
Mon, 20 Nov 2023 11:54:23 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b82LKMc6mDRzmkJu2I4qfqKhC%2FttZ%2BU5h54ojQ6P3q0nXyi%2FmbSbUPLPTXFEVKIHdWd5KXWeoNgSVDlTm3YIC0F4ll%2FSuksHzJCzGSAqASezTVdVOTsp%2FRoWkoqqklYODW001eF6CA7M4Q%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://cs-rtb.minutemedia-prebid.com/cs?aid=21476&id=ZVtI7K260X9zfc-X-dAvRwAA%262205
cache-control
no-cache
cf-ray
82907f764a740246-CDG
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
cs
cs-rtb.minutemedia-prebid.com/ Frame 64D5
Redirect Chain
  • https://u.openx.net/w/1.0/cm?gdpr=0&gdpr_consent=&id=29975467-6f1b-4e06-b545-920b22ea49b2&ismms2s=1&r=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21477%26id%3D
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21477&id=300c4990-66dd-04a8-0567-de852289ff68
0
487 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-rtb.minutemedia-prebid.com/cs?aid=21477&id=300c4990-66dd-04a8-0567-de852289ff68
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
18.66.112.67 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-67.fra56.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 11:54:23 GMT
via
1.1 ee6745944298a5956e13c939ebdcf8f2.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
FRA56-P5
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
x-cache
Miss from cloudfront
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0
x-amz-cf-id
E1Iq8oUnXBm6iVO_JA_VDAhkXuxqwMutSqUZG79qoYsKz4uBlwxkKw==

Redirect headers

date
Mon, 20 Nov 2023 11:54:23 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://cs-rtb.minutemedia-prebid.com/cs?aid=21477&id=300c4990-66dd-04a8-0567-de852289ff68
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
cs
cs-rtb.minutemedia-prebid.com/ Frame 64D5
Redirect Chain
  • https://prebid.a-mo.net/cchain/0?cb=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21492%26uid%3D&gdpr=0&gdpr_consent=&ismms2s=1
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21492&uid=&gdpr=0
0
534 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-rtb.minutemedia-prebid.com/cs?aid=21492&uid=&gdpr=0
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
18.66.112.67 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-67.fra56.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 11:54:23 GMT
via
1.1 ee6745944298a5956e13c939ebdcf8f2.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
FRA56-P5
x-reason
missing buyer cookie sync value, buyer id: '21492'
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
x-cache
Miss from cloudfront
content-type
application/javascript
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0
x-amz-cf-id
LkR0G7RE9sUuJx1nOKq_677fU2twutVbpeXIxDJPZdsIUWZVkI1AKw==

Redirect headers

location
https://cs-rtb.minutemedia-prebid.com/cs?aid=21492&uid=&gdpr=0
date
Mon, 20 Nov 2023 11:54:22 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
content-length
0
pixel
ap.lijit.com/ Frame 64D5 		0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&ismms2s=1&redir=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21488%26id%3D%24UID
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.16 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 20 Nov 2023 11:54:23 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap3ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
cs
cs-rtb.minutemedia-prebid.com/ Frame 64D5
Redirect Chain
  • https://eb2.3lift.com/getuid?cmp_cs=&gdpr=0&ismms2s=1&redir=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21480%26id%3D%24UID
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21480&id=3132245888298051440211
0
486 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-rtb.minutemedia-prebid.com/cs?aid=21480&id=3132245888298051440211
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
18.66.112.67 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-67.fra56.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 11:54:23 GMT
via
1.1 ee6745944298a5956e13c939ebdcf8f2.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
FRA56-P5
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
x-cache
Miss from cloudfront
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0
x-amz-cf-id
5oNuj7n-_Qt5OWFwMqGB1KWb6H-_dJsLAi1kYiIvGViI6tb1yCHnHA==

Redirect headers

location
https://cs-rtb.minutemedia-prebid.com/cs?aid=21480&id=3132245888298051440211
date
Mon, 20 Nov 2023 11:54:23 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
sync
ads.servenobid.com/ Frame 64D5 		0
341 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=348&uid=cjH5MJzzCp_mm
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.72.113.40 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-72-113-40.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 11:54:23 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
khaos.json
token.rubiconproject.com/ Frame E0AA 		7 B
765 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?khaos=LP6UMWJB-1L-S8I
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
28e1e7d28d06b07ec669bc9e43057b8e
Expires
0
usersync
rtb.gumgum.com/ Frame 7116
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=1301&gdpr=0&gdpr_consent=
  • https://rtb.gumgum.com/usersync?b=adf&i=4117521118395718454&gdpr=0&gdpr_consent=
35 B
208 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=adf&i=4117521118395718454&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.171.158.15 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-171-158-15.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
private, no-store, must-revalidate, max-age=0
content-length
35
content-type
image/gif;charset=UTF-8
date
Mon, 20 Nov 2023 11:54:23 GMT
expires
0
pragma
no-cache
server
nginx
timing-allow-origin
*

Redirect headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
0
date
Mon, 20 Nov 2023 11:54:22 GMT
expires
-1
location
https://rtb.gumgum.com/usersync?b=adf&i=4117521118395718454&gdpr=0&gdpr_consent=
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
pixel
cm.g.doubleclick.net/ Frame C5E2 		170 B
232 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV80YWMyMzQyNy0zNmM1LTRmNTMtYjBmNS0zMTAyNzM2ZmRkMTk=&gdpr=0&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
170
content-type
image/png
cross-origin-resource-policy
cross-origin
date
Mon, 20 Nov 2023 11:54:23 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame AC8F 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=128966
content-encoding
gzip
content-length
5622
content-type
text/html
date
Mon, 20 Nov 2023 11:54:23 GMT
expires
Tue, 21 Nov 2023 23:43:49 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
/
csync.smilewanted.com/set_partner_userid_get/outbrain/ Frame 1F0D
Redirect Chain
  • https://b1sync.zemanta.com/usersync/smilewanted?gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Foutbrain%2F__ZUID__
  • https://csync.smilewanted.com/set_partner_userid_get/outbrain/?gdpr=0
0
89 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/outbrain/?gdpr=0
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
82907f77eb0c229c-CDG
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 20 Nov 2023 11:54:23 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

Cache-Control
no-cache, no-store, must-revalidate
Content-Length
92
Content-Type
text/html; charset=utf-8
Date
Mon, 20 Nov 2023 11:54:23 GMT
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Location
https://csync.smilewanted.com/set_partner_userid_get/outbrain/?gdpr=0
Pragma
no-cache
wWw_wJL4QR1GTnGjuCxp3xZ2mdhPvA02HD-zz8nIaqM
csync.smilewanted.com/set_partner_userid_get/rtbhouse/ Frame C1EF
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=smilewanted
  • https://creativecdn.com/cm-notify?pi=smilewanted&tc=1
  • https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/wWw_wJL4QR1GTnGjuCxp3xZ2mdhPvA02HD-zz8nIaqM?pi=smilewanted&tc=1
0
561 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/wWw_wJL4QR1GTnGjuCxp3xZ2mdhPvA02HD-zz8nIaqM?pi=smilewanted&tc=1
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
82907f787bbe229c-CDG
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 20 Nov 2023 11:54:23 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Mon, 20 Nov 2023 11:54:23 GMT Mon, 20 Nov 2023 11:54:23 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/wWw_wJL4QR1GTnGjuCxp3xZ2mdhPvA02HD-zz8nIaqM?pi=smilewanted&tc=1
pragma
no-cache
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3794 		0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BzAb47EhbZbOLLJ2XjuwPgqaUmAoAAAAAOAHgBAI&bg=!0dKl0p3NAAZxrfrxUa07ADQBe5WfOPvrCH9mizhPr5h9kx52juGMFFr0zVHN7v-z17dHRpSG3vboFS3geGw_ojrJgb6_AgAAAttSAAAAC2gBB5kC6xL4w7EhyXwmo-TgKiVcDy-lIMxGuXrAXwGHa1bo7b2hnQG_X23n1gJRWR_rQb1bBStr_1CGlASGL5LjfRSOm6Qy37ZdmVg6PxhZsVqp29Eai7Sx5TL97OODzRIpAYjfjD9WAOlhvEsIQQf7nPUWhGPEBGbqZT3nYpPvadbhH9KT_yPmURbRsG6YJbRf4TVHinROMR6Kn5fJdBEHcCr9C-9QuuFRvzMRMxvSi-d-FUK0dzlqqRedntjDx71oO1vJjFKKgufcoSr0yD9iNTPnFR6KOvY-Z4o8r-T1ogQeC0umAaSgASgXryBKQ-8x-GpoVxDb-bUgvOrKlugQWlkOW70eRF_YUfPyMuPXau7s8NwYp1GtlsVlLFFNqDqm7S0MsmZU05IVeVkqXi0JeffmfgmAudxz9qagc8Sxg2bP4OB1Pkz0R7wuz5wtBqgTI2YXNHYrFIBPet23oaDBQaGeisQpqhv-aerWNXTNJZddWAYLgCCa_IAlVLhFg394ZA0UEptrXxSEhwC6VPUOCA7uDj4AsxItVOOP16Vtd6LR2ga6BCdQ1O_-GkcO60SKkBMHSIpdBjzA9g5XBMBNX3QrZrj9AZ-XL8x7ahuwgGd8BQun8vaH0VoiX-wawl--UzL76mUKYhdy4JosmC5UrEW732Fp7ebp3GC7nG-UrEW_3gOc-wIJCRgtUULfVgtCYhQXpdUtmZQSUc-CbCLjzjRJT7urJ9xufFUP_S4QoxHcLQDyLuqa1Pmb1jdgkOr9Fwo_RltD7A7b3wSODiW-mAp2IOm0L0OJsWrgJ3siVfzkCymMJizmoAEOndE0vuNlYWtTF9c6jEAafZQ1qXncUnWaFtQd1uy4EKHP7xqrcXvn27al98QvHLYr3e3eI5JTgacqwKDBfg7ifBQ72toWe9V6OK23uvyXj7E2upubuyIfgK05d-vWK8IH7WHxV_F2_tPDClake3xOpMA56C7VDq5xEt2jUhgzJIQu1KBu2g
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1700481259&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fshi-ni-ma-bei-shi-xiong-hao-quan-ti-zao-fa-fang-11wei-xing-yun-er-zhong-5zhang-quan-shuang-na-3000.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700481258931&bpp=335&bdt=1142&idt=893&shv=r20231109&mjsv=m202311150101&ptt=5&saldr=sd&cookie=ID%3D1a41361e827bc7a2%3AT%3D1700481257%3ART%3D1700481257%3AS%3DALNI_MYFSSKGpZM-0LwDSvHsIEtPXCrmyw&gpic=UID%3D00000cceb2dbfa89%3AT%3D1700481257%3ART%3D1700481257%3AS%3DALNI_MZprw4zR294mb7E3ZeSjhnV_dgsUQ&correlator=107145508175&frm=23&ife=1&pv=2&ga_vid=861161258.1700481257&ga_sid=1700481260&ga_hid=1611875559&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1718&biw=1600&bih=1200&isw=336&ish=280&ifk=1385638549&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079628%2C42532524%2C44795921%2C44809317%2C31078297%2C31079757%2C44807749%2C44807763%2C44808149%2C44808285%2C44809054%2C31079757&oid=2&pvsid=3724342431652275&tmod=731767895&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.4lfycdhy4v2h&btvi=1&fsb=1&dtd=923
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Nov 2023 11:54:23 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cs
cs.yellowblue.io/ Frame B569
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=3663&gdpr=0&gdpr_consent=
  • https://cs.yellowblue.io/cs?aid=11601&id=28971733828fdc2105d35b02078b7c9&gdpr_consent=&gdpr=0
0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.yellowblue.io/cs?aid=11601&id=28971733828fdc2105d35b02078b7c9&gdpr_consent=&gdpr=0
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
108.129.5.53 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-108-129-5-53.eu-west-1.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 11:54:23 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

Pragma
no-cache
Date
Mon, 20 Nov 2023 11:54:23 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://cs.yellowblue.io/cs?aid=11601&id=28971733828fdc2105d35b02078b7c9&gdpr_consent=&gdpr=0
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1700481263004026-416
v1
match.sharethrough.com/universal/ Frame B569 		0
34 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/universal/v1?supply_id=5926d422&gdpr=0&gdpr_consent=
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.196.51.148 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-196-51-148.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 11:54:23 GMT
cs
cs-server-s2s.yellowblue.io/ Frame B569
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160295&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11576%26id%3D%23PMUID
  • https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=4183471A-AE64-47F0-9BED-A2E4BE6A654E
0
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=4183471A-AE64-47F0-9BED-A2E4BE6A654E
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
3.221.116.77 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-221-116-77.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 11:54:23 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

location
https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=4183471A-AE64-47F0-9BED-A2E4BE6A654E
date
Mon, 20 Nov 2023 11:54:22 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
115
content-type
text/html; charset=utf-8
sync
ads.servenobid.com/ Frame B569 		0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=352&uid=-zT8MJ--kp_s
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.72.113.40 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-72-113-40.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 11:54:23 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
generic
match.adsrvr.org/track/cmf/ Frame 3BF0 		70 B
148 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

content-length
70
content-type
image/gif
date
Mon, 20 Nov 2023 11:54:23 GMT
server
Kestrel
usersync
usersync.gumgum.com/ Frame 7171
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=gumgum
  • https://usersync.gumgum.com/usersync?b=sus&i=ZVtI8MCo8XsAAATsBpAAAAAA
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=sus&i=ZVtI8MCo8XsAAATsBpAAAAAA
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Mon, 20 Nov 2023 11:54:24 GMT
Expires
0
Pragma
no-cache

Redirect headers

Cache-Control
private
Connection
keep-alive
Content-Length
0
Date
Mon, 20 Nov 2023 11:54:24 GMT
Location
https://usersync.gumgum.com/usersync?b=sus&i=ZVtI8MCo8XsAAATsBpAAAAAA
P3P
CP="See also http://www.scaleout.jp/privacy/"
Server
nginx
X-SO-Ads-Time
2
X-SO-Cluster-ID
0
X-SO-HostName
m-ad47.dc4p.scaleout.jp
X-SO-IP
85.195.240.28
X-SO-Key
ZVtI8MCo8XsAAATsBpAAAAAA
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":0,"gdpr":false,"ipv4":"85.195.240.28","key":"ZVtI8MCo8XsAAATsBpAAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"m-ad47"}
X-SO-LB-Hostname
m-tgng23.dc4p.scaleout.jp
X-SO-Upstream-ID
m-ad47
usersync
usersync.gumgum.com/ Frame B82B
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1
  • https://usersync.gumgum.com/usersync?b=rth&i=wWw_wJL4QR1GTnGjuCxp3xZ2mdhPvA02HD-zz8nIaqM&pi=gumgum&tc=1
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=rth&i=wWw_wJL4QR1GTnGjuCxp3xZ2mdhPvA02HD-zz8nIaqM&pi=gumgum&tc=1
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Mon, 20 Nov 2023 11:54:23 GMT
Expires
0
Pragma
no-cache

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Mon, 20 Nov 2023 11:54:23 GMT Mon, 20 Nov 2023 11:54:23 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://usersync.gumgum.com/usersync?b=rth&i=wWw_wJL4QR1GTnGjuCxp3xZ2mdhPvA02HD-zz8nIaqM&pi=gumgum&tc=1
pragma
no-cache
usync.html
eus.rubiconproject.com/ Frame EF6F
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
  • https://eus.rubiconproject.com/usync.html?p=gumgum
281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-22-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 20 Nov 2023 11:54:23 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Mon, 20 Nov 2023 11:54:23 GMT
location
https://eus.rubiconproject.com/usync.html?p=gumgum
server
AkamaiGHost
viewability
hal90008.redintelligence.net/ Frame 3756 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal90008.redintelligence.net/viewability?s=55866900078198704438458012514008&a=53d11818&vb=m
Requested by
Host: hal90008.redintelligence.net
URL: https://hal90008.redintelligence.net/request_content.php?s=55866900078198704438458012514008&a=9df64119
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.150 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.150.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://hal90008.redintelligence.net/request_content.php?s=55866900078198704438458012514008&a=9df64119
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 20 Nov 2023 11:54:23 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
sync
ads.servenobid.com/ Frame E0AA
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=duration_media&khaos=LP6UMWJB-1L-S8I
  • https://ads.servenobid.com/sync?pid=323&uid=LP6UMWJB-1L-S8I
0
343 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=323&uid=LP6UMWJB-1L-S8I
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol
H2
Server
54.72.113.40 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-72-113-40.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 11:54:23 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ads.servenobid.com/sync?pid=323&uid=LP6UMWJB-1L-S8I
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
03d4828e33e22cf7b4098c5a68746480
Expires
0
video2.ts
stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/ 		391 KB
392 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/video2.ts
Requested by
Host: vjs.zencdn.net
URL: https://vjs.zencdn.net/7.11.4/video.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.199.36.10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
138-199-36-10.bunnyinfra.net
Software
BunnyCDN-DE1-1053 /
Resource Hash
504862f7e737d0070168f9e7167f8c028beace904cabfd95e0d4c5105977bacc

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 11:54:23 GMT
cdn-edgestorageid
755
cdn-storageserver
DE-664
cdn-cachedat
08/02/2023 03:56:22
cdn-pullzone
829957
content-length
400064
last-modified
Fri, 09 Dec 2022 05:43:17 GMT
server
BunnyCDN-DE1-1053
cdn-fileserver
86
cdn-requestpullcode
206
cdn-proxyver
1.04
content-type
video/mp2t
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=43200
cdn-requestid
8af8243fa20b5ff0f23d2c27c3b4b028
accept-ranges
bytes
cdn-requestcountrycode
CH
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
async_usersync
ib.adnxs.com/ Frame 0794 		0
595 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Nov 2023 11:54:23 GMT
an-x-request-uuid
288c0c1b-3f58-4357-863d-7834b5bcc2a9
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
85.195.240.28; 85.195.240.28; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 36F0 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202311090101&jk=3441359473568310&bg=!i4iliMfNAAZxrfrxUa07ADQBe5WfOM244ptHWkKrhcYkNQTDUvqmbpeXH9pGprf1FSXF7gLkgsUiDgC0cVIzPEr8yBArAgAAAxtSAAAAjWgBB5kCxHdHZUDfFE38qFaQrLwghvZX-6Ja4ja3L-ZXi_LO8gANaVm6sK1fff7ZVPRcDSGTVUGH7ByoSEUYy2bXOK0lj7pa-RxdrKifYhg2fcrP48al1LAcg_dm-UhnWwX8wzxpLh36ymJpXU0dC6rCwCgOZ5oLH28ojyu6KqZ-oZcKazCY_ZHdeNbUGuR9CMpCxBH1wztWNNCC8s2TxIDqhwaByXXHIfPB2tq_tvbA2wxqvu3_pyPml1ZxODnyu4_Fp4tX2bdYkslweodnV7QECDvjWMN3Pt2DZ57ekkuMPw6FPTWmLBs8AY49DheCu6CpqRGBIfWGsCgWiXw53B8rvlL2S2cKlVaW6giXZ9ONNSrO8_I69SSW03uMAR46WFup-PHkmJsPqN3qw2uALhQ1cvE-mST2sjKo6e_kL89v5O-XJ4AyZmRqx54Ess33RaP4dYEUqWXAyhiBaEYFug2kTIBOl8UwQ37eIDlh2icqAwpWIYF2eQ2WK8y4rgv4Af6H4R80B02pKmEU3-Uyt0LunnB_LKYG4SzjIhShvWBGITcMPjsEUfw37AdhyYOjteS9p9tVEKI111_lES5MjoHAWnXnkUsVx-jCYyBX73BASmojH3UC61ESbztIEcUg7a3Zwcc9fr-pyN-yWqu1IqSdMs_o9zarNZ__WRAjVCJCGl5ja-UsHOmmcT7Ct6eQkdTvPjOiY7e1zdEDwIuQ_GnJr8Iy_l2fGQEDiL-Xp6cbnKwFhStaBSq2VhRdPu4xt7trhsuexQKbeMZbVyoseQkyFFWn0fSk_N8RrIKW680DUFFEr_srS9utkJ68J1btMajvBUbgoOi14a6iVDZT36v2wL8EodBCVN66SFrIn0NUBtmPm_QmQKh4rqy1SsSfPLvFjCHrGH62eQJjfKrdR9UBB3gHL_NC3MWnz5XV2-dhC_gKxpdyWJwLLg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/shi-ni-ma-bei-shi-xiong-hao-quan-ti-zao-fa-fang-11wei-xing-yun-er-zhong-5zhang-quan-shuang-na-3000.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ Frame 3756 		14 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f3.1e100.net
Software
sffe /
Resource Hash
ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://hal90008.redintelligence.net
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 20:50:19 GMT
x-content-type-options
nosniff
age
227044
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14824
x-xss-protection
0
last-modified
Thu, 01 Jun 2023 22:52:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 16 Nov 2024 20:50:19 GMT
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ Frame 3756 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f3.1e100.net
Software
sffe /
Resource Hash
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://hal90008.redintelligence.net
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 09:02:57 GMT
x-content-type-options
nosniff
age
269486
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14892
x-xss-protection
0
last-modified
Thu, 01 Jun 2023 22:52:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 16 Nov 2024 09:02:57 GMT
track
t2.teads.tv/ Frame 15E6 		23 B
134 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t2.teads.tv/track?action=visible-2&vid=8adde49d-de5a-4b5d-a829-faebc86d335c&gid=1103584&studio_cid=bf4a5930-6f58-11ee-bc2b-9bbfb2e00e79&piv=100&ut=1&hb_provider=prebid&psid=415253&auctid=c9f24334-ebc2-4284-83d7-75d11f8708ac_4e1ab388-1e94-4ca3-bd0a-85357d24acb7&pscid=20204&scid=7024&pfid=68&sid=174681&env=js-web&hb_ad_unit_code=STICKY_ADP_42753_728X90_d1c10a72-27b4-4931-8ce7-99a18ebbdbae&cts=1700481260779&cid=1166310&pid=169092&p=6_0IUNiQjpKg2hv9NPNKqJyDSuhVLgA8JO4LhE4RaIVATr4LBFuQF4yA5QalkUyrAXtjtgmcxQ0peSEMPWCaAZOgo7qyNmu9rBC-TbJ7escLfMIvZUxmq_EpYxw9n8u-TQFQy0C3V6vuBKk6Lm4GXudcRdaI-0ocLZo0s2xPTFQCKGqbUgKHEZE-iHHn8DrP8II2WLNCFhMvfI0WEVxo_27Y1KOwjT862lhga7iNJZjTaPb55Jq-2LIwEHQ7RvXg39_cJDYcC-Q_dCFO8pleVdt5wnsg9nvTIgmD-HLZgW-Z2oDazumcaJhWbgK2L6_rJ9oNUoCSCc1X0ZP1_slrartmgquZkQ8hHVL2ffvVxHf4GgTvKr5zFZP2zsdwIgaCing&cs=787141928113621585505&slot=native&fv=1289&ts=1700481263243&plft=flv&hb_w=728&hb_h=90&referer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fshi-ni-ma-bei-shi-xiong-hao-quan-ti-zao-fa-fang-11wei-xing-yun-er-zhong-5zhang-quan-shuang-na-3000.html
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/shi-ni-ma-bei-shi-xiong-hao-quan-ti-zao-fa-fang-11wei-xing-yun-er-zhong-5zhang-quan-shuang-na-3000.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.212.89.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-212-89-35.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Sat, 26 Jul 1997 05:00:00 GMT
date
Mon, 20 Nov 2023 11:54:23 GMT
cache-control
max-age=0, no-cache, no-store
content-length
23
content-type
image/gif
usync.js
eus.rubiconproject.com/ Frame EF6F 		46 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-22-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
e57ed78afee3ccb5320cc741459f82ade5883644242f3a06687086418012facd

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 20 Nov 2023 11:54:23 GMT
Content-Encoding
gzip
Last-Modified
Mon, 20 Nov 2023 04:24:50 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=59418
Connection
keep-alive
Content-Length
13229
Expires
Tue, 21 Nov 2023 04:24:41 GMT
img
sync.mathtag.com/sync/ Frame 687D 		43 B
443 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.132.241 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MT3 1075 283b7e3 master zrh zrh-pixel-x15 config_version:"1369" /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Mon, 20 Nov 2023 11:54:23 GMT
Expires
Mon, 20 Nov 2023 11:54:22 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 1075 283b7e3 master zrh zrh-pixel-x15 config_version:"1369"
Pug
simage2.pubmatic.com/AdServer/ Frame 9E86
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
42 B
95 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 20 Nov 2023 11:54:23 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

cache-control
no-cache
content-length
0
cross-origin-resource-policy
cross-origin
date
Mon, 20 Nov 2023 11:54:22 GMT
expires
Mon, 20 Nov 2023 00:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
733214
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
dcm
aax-eu.amazon-adsystem.com/s/ Frame 7F51 		43 B
855 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=4183471A-AE64-47F0-9BED-A2E4BE6A654E&redir=true&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.220.226.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Mon, 20 Nov 2023 11:54:23 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
4GPVY7E88H19QBPCSSR7
Pug
image2.pubmatic.com/AdServer/ Frame EA2F
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=dd1H8nfQF_FujBelcN1fpnveF6Ru0Eqpc9iBILK6
42 B
335 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=dd1H8nfQF_FujBelcN1fpnveF6Ru0Eqpc9iBILK6
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 20 Nov 2023 11:54:23 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
date
Mon, 20 Nov 2023 11:54:23 GMT
expires
Fri, 04 Aug 1978 12:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=dd1H8nfQF_FujBelcN1fpnveF6Ru0Eqpc9iBILK6
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma
no-cache
strict-transport-security
max-age=86400
Pug
simage2.pubmatic.com/AdServer/ Frame 849F
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7474076783371387213&gdpr=0&gdpr_consent=
42 B
219 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7474076783371387213&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 20 Nov 2023 11:54:23 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
access-control-allow-origin
*
an-x-request-uuid
79ddea6e-a036-417c-8e59-54e5d7a81d42
cache-control
no-store, no-cache, private
content-length
0
content-type
text/html; charset=utf-8
date
Mon, 20 Nov 2023 11:54:23 GMT
expires
Sat, 15 Nov 2008 16:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7474076783371387213&gdpr=0&gdpr_consent=
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma
no-cache
server
nginx/1.21.3
x-proxy-origin
85.195.240.28; 85.195.240.28; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
x-xss-protection
0
Pug
simage2.pubmatic.com/AdServer/ Frame 7990
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7303511412063664278&gdpr=0&gdpr_consent=
42 B
218 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7303511412063664278&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 20 Nov 2023 11:54:23 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Date
Mon, 20 Nov 2023 11:54:23 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7303511412063664278&gdpr=0&gdpr_consent=
Server
nginx
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Pug
simage2.pubmatic.com/AdServer/ Frame 494F
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=UnXRTK0nUb9TuntEpBAV0VXD8Bw&gdpr=0&gdpr_consent=
42 B
300 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=UnXRTK0nUb9TuntEpBAV0VXD8Bw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 20 Nov 2023 11:54:23 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
188
Content-Type
text/html; charset=utf-8
Date
Mon, 20 Nov 2023 11:54:23 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=UnXRTK0nUb9TuntEpBAV0VXD8Bw&gdpr=0&gdpr_consent=
Pug
simage2.pubmatic.com/AdServer/ Frame 60B7
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy=
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=b9472c9d-d39c-4b72-aa46-b46d4f527426&gdpr=0&gdpr_consent=
  • https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=b9472c9d-d39c-4b72-aa46-b46d4f527426&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=73ace345-1c47-4cb4-b6b4-120dbea4e5a8&ssp=pubmatic&expires=30&user_group=5&bsw_param=b9472c9d-d39c-4b72-aa46-b46d4f527426
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=b9472c9d-d39c-4b72-aa46-b46d4f527426&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
1 B
166 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=b9472c9d-d39c-4b72-aa46-b46d4f527426&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Mon, 20 Nov 2023 11:54:23 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Mon, 20 Nov 2023 11:54:23 GMT
location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=b9472c9d-d39c-4b72-aa46-b46d4f527426&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
Pug
image2.pubmatic.com/AdServer/ Frame 41FD
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFEYVMwN0t0cElBQUJROHpMbXE4QQ&gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_syn...
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://rtb-csync.smartadserver.com/redir?partneruserid=AADaS07KtpIAABQ8zLmq8A&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dpp%252Cpm%26bee...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=pp%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=2&userid=1703576616450435731&gdpr=0&gdpr_consent=
  • https://bh.contextweb.com/bh/rtset?ev=AADaS07KtpIAABQ8zLmq8A&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D1703576616450435731%26gdpr%3D0%26gdpr_consen...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=1703576616450435731&gdpr=0&gdpr_consent=&bee_sync_partners=pm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AADaS07...
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AADaS07KtpIAABQ8zLmq8A&gdpr=0&gdpr_consent=
42 B
222 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AADaS07KtpIAABQ8zLmq8A&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 20 Nov 2023 11:54:24 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
0
Date
Mon, 20 Nov 2023 11:54:24 GMT
Server
gunicorn
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AADaS07KtpIAABQ8zLmq8A&gdpr=0&gdpr_consent=
strict-transport-security
max-age=2592000; includeSubDomains
Pug
image2.pubmatic.com/AdServer/ Frame AC98
Redirect Chain
  • https://t.adx.opera.com/pub/sync?pubid=pub8730968190912
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU46c4162635e74bf0accfc7489ba82f87
42 B
279 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU46c4162635e74bf0accfc7489ba82f87
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 20 Nov 2023 11:54:23 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
access-control-allow-methods
POST, GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
content-length
166
content-type
text/html; charset=utf-8
date
Mon, 20 Nov 2023 11:54:23 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU46c4162635e74bf0accfc7489ba82f87
pragma
no-cache
server
Tengine
Pug
simage2.pubmatic.com/AdServer/ Frame 9FA0
Redirect Chain
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
0
93 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Mon, 20 Nov 2023 11:54:23 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
date
Mon, 20 Nov 2023 11:54:23 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
server
_
b9pj45k4
sync-tm.everesttech.net/ct/upi/pid/ Frame 3743
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_con...
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_...
85 B
236 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZVtI7wABCfk8agBd
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
85
content-type
image/png
date
Mon, 20 Nov 2023 11:54:23 GMT
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-vie6350-VIE
x-timer
S1700481264.871653,VS0,VE106

Redirect headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
0
date
Mon, 20 Nov 2023 11:54:23 GMT
location
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZVtI7wABCfk8agBd
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-vie6350-VIE
x-timer
S1700481264.710610,VS0,VE105
Pug
simage2.pubmatic.com/AdServer/ Frame 35FF
Redirect Chain
  • https://b1sync.zemanta.com/usersync/pubmatic/?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:&gdpr=0&gdpr_consent=&gdpr=0
42 B
211 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:&gdpr=0&gdpr_consent=&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 20 Nov 2023 11:54:23 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Cache-Control
no-cache, no-store, must-revalidate
Content-Length
176
Content-Type
text/html; charset=utf-8
Date
Mon, 20 Nov 2023 11:54:23 GMT
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:&gdpr=0&gdpr_consent=&gdpr=0
Pragma
no-cache
bridge
cm.adgrx.com/ Frame 9A28 		43 B
283 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.251.232.165 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
content-length
43
content-type
image/gif
date
Mon, 20 Nov 2023 11:54:23 GMT
expires
Thu, 23 Sep 2004 17:42:04 GMT
p3p
CP="NOI OTC OTP OUR NOR"
pragma
no-cache
server
Cowboy
x-realserver-nx
ams-delivery-9
cm
ipac.ctnsnet.com/int/ Frame 7DB2 		43 B
369 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.193.173 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
173.193.186.35.bc.googleusercontent.com
Software
Apache-Coyote/1.1 /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
43
content-type
image/gif
date
Mon, 20 Nov 2023 11:54:23 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
CP="NOI DSP COR NID CUR OUR NOR"
pragma
no-cache
server
Apache-Coyote/1.1
via
1.1 google
Pug
image2.pubmatic.com/AdServer/ Frame 39E5
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=6979124475729010895
42 B
274 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=6979124475729010895
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 20 Nov 2023 11:54:22 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=6979124475729010895
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
Pug
image2.pubmatic.com/AdServer/ Frame 436D
Redirect Chain
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5107433831084973692
42 B
292 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5107433831084973692
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 20 Nov 2023 11:54:23 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Content-Length
0
Date
Mon, 20 Nov 2023 11:54:23 GMT
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5107433831084973692
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server
Jetty(9.4.51.v20230217)
cookiesync
core.iprom.net/ Frame A2B0 		43 B
277 B 		Document
General
Check archive.org
Download Go to
Full URL
https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Connection
close
Content-Length
43
Content-Type
image/gif
Date
Mon, 20 Nov 2023 11:54:23 GMT
Vary
Accept-Encoding
X-adserver-worker
komodo-15174b2c3605@version_1.576
X-core-time
0ms
X-server-arch
v2
pubmatic
ad.mrtnsvr.com/sync/ Frame A4E0 		0
0
usersyncsupply
cm-supply-web.gammaplatform.com/adx/ Frame C995 		0
0
sync
ads.servenobid.com/ Frame 6CA5 		0
357 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/sync?pid=316&uid=4183471A-AE64-47F0-9BED-A2E4BE6A654E
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.72.113.40 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-72-113-40.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
amp-access-control-allow-source-origin
*
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
content-length
0
content-type
text/html;charset=ISO-8859-1
date
Mon, 20 Nov 2023 11:54:23 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 48C6
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=QYNHGq5kR_Cb7aLkvmplTg%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 11:54:23 GMT
content-encoding
gzip
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=128966
accept-ranges
bytes
content-length
5622
expires
Tue, 21 Nov 2023 23:43:49 GMT

Redirect headers

pragma
no-cache
date
Mon, 20 Nov 2023 11:54:23 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
qmap
sync.crwdcntrl.net/ Frame 48C6
Redirect Chain
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=4183471A-AE64-47F0-9BED-A2E4BE6A654E&gdpr=0&gdpr_consent=
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=4183471A-AE64-47F0-9BED-A2E4BE6A654E&gdpr=0&gdpr_consent=&ct=y
49 B
543 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=4183471A-AE64-47F0-9BED-A2E4BE6A654E&gdpr=0&gdpr_consent=&ct=y
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
52.215.24.0 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-215-24-0.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Nov 2023 11:54:23 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.8.122
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Mon, 20 Nov 2023 11:54:23 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=4183471A-AE64-47F0-9BED-A2E4BE6A654E&gdpr=0&gdpr_consent=&ct=y
cache-control
no-cache
x-server
10.45.24.222
content-length
0
expires
0
cr
cr.frontend.weborama.fr/ Frame 48C6
Redirect Chain
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=1378167832
0
45 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=1378167832
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
34.111.129.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.129.111.34.bc.googleusercontent.com
Software
Weborama Collect Frontend /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Nov 2023 11:54:23 GMT
via
1.1 google
last-modified
Mon, 20 Nov 2023 11:54:23 GMT
server
Weborama Collect Frontend
vary
Origin
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 20 Nov 2023 11:54:23 GMT
via
1.1 google
last-modified
Mon, 20 Nov 2023 11:54:23 GMT
server
Weborama Collect Frontend
vary
Origin
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
location
https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=1378167832
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Tue, 03 Jul 2001 06:00:00 GMT
p
a.audrte.com/ Frame 48C6
Redirect Chain
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=4183471A-AE64-47F0-9BED-A2E4BE6A654E
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=OWYyZXdwNGhjcmFSS0NaZlhCeGtLNEtEUQ==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL...
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent=
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent=
  • https://a.audrte.com/a?adform_uid=4117521118395718454&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D
  • https://a.audrte.com/p
68 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
HTTP/1.1
Server
54.170.171.251 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-170-171-251.eu-west-1.compute.amazonaws.com
Software
nginx/1.22.1 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 20 Nov 2023 11:54:24 GMT
Server
nginx/1.22.1
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Mon, 20 Nov 2023 11:54:24 GMT
Server
nginx/1.22.1
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Access-Control-Allow-Origin
*
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Pug
image2.pubmatic.com/AdServer/ Frame 48C6
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEHKM539-nEtZRjAXRY3UskM&google_cver=1
42 B
269 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEHKM539-nEtZRjAXRY3UskM&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Mon, 20 Nov 2023 11:54:23 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 20 Nov 2023 11:54:23 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEHKM539-nEtZRjAXRY3UskM&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 48C6
Redirect Chain
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:A379DE2D888F489CB298C763DF3EA238
42 B
527 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:A379DE2D888F489CB298C763DF3EA238
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Mon, 20 Nov 2023 11:54:24 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

date
Mon, 20 Nov 2023 11:54:23 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:A379DE2D888F489CB298C763DF3EA238
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Sun, 19 Nov 2023 11:54:23 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 48C6
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=4117521118395718454
42 B
242 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=4117521118395718454
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Mon, 20 Nov 2023 11:54:23 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 20 Nov 2023 11:54:23 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=4117521118395718454
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
generic
match.adsrvr.org/track/cmf/ Frame 48C6 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 11:54:23 GMT
server
Kestrel
content-length
70
content-type
image/gif
SPug
image4.pubmatic.com/AdServer/ Frame 48C6
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=4183471A-AE64-47F0-9BED-A2E4BE6A654E&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-U0rDybFE2uXoSDSzq3azJk0z_bcZ6is-~A&gdpr=0
0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-U0rDybFE2uXoSDSzq3azJk0z_bcZ6is-~A&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
198.47.127.20 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 11:54:23 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-U0rDybFE2uXoSDSzq3azJk0z_bcZ6is-~A&gdpr=0
date
Mon, 20 Nov 2023 11:54:23 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
4183471A-AE64-47F0-9BED-A2E4BE6A654E
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 48C6 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/4183471A-AE64-47F0-9BED-A2E4BE6A654E?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.250.107.139 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-250-107-139.eu-west-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 11:54:23 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
Pug
image2.pubmatic.com/AdServer/ Frame 48C6
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=7b35772a-07a0-48b1-a6ad-b17e27b836f3-655b48ef-4348&gdpr=0&gdpr_consent=
42 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=7b35772a-07a0-48b1-a6ad-b17e27b836f3-655b48ef-4348&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Mon, 20 Nov 2023 11:54:23 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 20 Nov 2023 11:54:23 GMT
server
A
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=7b35772a-07a0-48b1-a6ad-b17e27b836f3-655b48ef-4348&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 48C6
Redirect Chain
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=4183471A-AE64-47F0-9BED-A2E4BE6A654E&gdpr=0&gdpr_consent=
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=1fc6b934b7bf1848&is_secure=true&networkId=17100&version=1&nuid=4183471A-AE64-47F0-9BED-A2E4BE6A654E&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAItEm7Y8jAUQNrKplkAAAAAAA&expiration=1700567664&nuid=4183471A-AE64-47F0-9BED-A2E4BE6A654E&...
42 B
375 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAItEm7Y8jAUQNrKplkAAAAAAA&expiration=1700567664&nuid=4183471A-AE64-47F0-9BED-A2E4BE6A654E&is_secure=true&gdpr_consent=&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Mon, 20 Nov 2023 11:54:23 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 20 Nov 2023 11:54:24 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAItEm7Y8jAUQNrKplkAAAAAAA&expiration=1700567664&nuid=4183471A-AE64-47F0-9BED-A2E4BE6A654E&is_secure=true&gdpr_consent=&gdpr=0
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
Pug
simage2.pubmatic.com/AdServer/ Frame 48C6
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8792481988559257043&gdpr=0&gdpr_consent=&us_privacy=
1 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8792481988559257043&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Mon, 20 Nov 2023 11:54:23 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8792481988559257043&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Mon, 20 Nov 2023 11:54:22 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Pug
simage2.pubmatic.com/AdServer/ Frame 48C6
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:d80d9c84-e311-4d24-bf5e-5fa7f88f02dd&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:d80d9c84-e311-4d24-bf5e-5fa7f88f02dd&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Mon, 20 Nov 2023 11:54:23 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:d80d9c84-e311-4d24-bf5e-5fa7f88f02dd&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date
Mon, 20 Nov 2023 11:54:23 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
khaos.json
token.rubiconproject.com/ Frame EF6F 		7 B
765 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?khaos=LP6UMWJB-1L-S8I
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
28e1e7d28d06b07ec669bc9e43057b8e
Expires
0
video3.ts
stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/ 		320 KB
321 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/video3.ts
Requested by
Host: vjs.zencdn.net
URL: https://vjs.zencdn.net/7.11.4/video.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.199.36.10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
138-199-36-10.bunnyinfra.net
Software
BunnyCDN-DE1-1053 /
Resource Hash
667846557084f59038ebc398e05ef3b6c83913b3c8490150a7a9474e97f1631b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 11:54:23 GMT
cdn-edgestorageid
860
cdn-storageserver
DE-576
cdn-cachedat
07/16/2023 19:53:18
cdn-pullzone
829957
content-length
327308
last-modified
Fri, 09 Dec 2022 05:43:14 GMT
server
BunnyCDN-DE1-1053
cdn-fileserver
276
cdn-requestpullcode
206
cdn-proxyver
1.03
content-type
video/mp2t
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=43200
cdn-requestid
f2ea477de89ee089aefe0a573aa0bd01
accept-ranges
bytes
cdn-requestcountrycode
CH
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
ads
pubads.g.doubleclick.net/gampad/ Frame 0BA7 		156 B
676 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F22082859479%2C22705832136%2Fbg3_gpt2_preroll&sz=1x1%7C320x180%7C320x240%7C400x225%7C400x300%7C640x360%7C640x480&vad_type=linear&tfcd=0&npa=0&gdfp_req=1&unviewed_position_start=1&vpos=preroll&output=xml_vast4&adsafe=medium&ad_type=audio_video&env=instream&cust_params=max_ad_duration%3D900&description_url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fshi-ni-ma-bei-shi-xiong-hao-quan-ti-zao-fa-fang-11wei-xing-yun-er-zhong-5zhang-quan-shuang-na-3000.html&vpa=auto&vpmute=0&sdkv=h.3.605.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&u_so=l&ctv=0&mpt=videojs-ima&mpv=1.11.0&sdki=445&ptt=20&adk=98635085&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.605.0&sid=E8009EAB-1D4D-4C3C-BF20-613B9650F791&nel=0&eid=44752052%2C44772139%2C44777649%2C44781409%2C44802074%2C44802463%2C44804291&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fshi-ni-ma-bei-shi-xiong-hao-quan-ti-zao-fa-fang-11wei-xing-yun-er-zhong-5zhang-quan-shuang-na-3000.html&dlt=1700481256067&idt=5288&dt=1700481263537&cookie=ID%3D1a41361e827bc7a2%3AT%3D1700481257%3ART%3D1700481257%3AS%3DALNI_MYFSSKGpZM-0LwDSvHsIEtPXCrmyw&gpic=UID%3D00000cceb2dbfa89%3AT%3D1700481257%3ART%3D1700481257%3AS%3DALNI_MZprw4zR294mb7E3ZeSjhnV_dgsUQ&correlator=3320778537007076&scor=377821254127838&ged=ve4_td8_tt2_pd8_la8000_er0.0.0.0_vi0.0.1200.1600_vp0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 11:54:24 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 2B4B 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231109&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/show_ads_impl_fy2021.js?bust=31079757
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
7a9f5bfe6d4ce01ab306a411e888b9506642a1140df9aa1f6745a5b26ef47195
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 11:54:23 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12230
x-xss-protection
0
usersync
usersync.gumgum.com/ Frame EF6F
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&khaos=LP6UMWJB-1L-S8I
  • https://usersync.gumgum.com/usersync?b=mag&i=LP6UMWJB-1L-S8I
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=mag&i=LP6UMWJB-1L-S8I
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 20 Nov 2023 11:54:23 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://usersync.gumgum.com/usersync?b=mag&i=LP6UMWJB-1L-S8I
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
Expires
0
video4.ts
stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/ 		333 KB
334 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/video4.ts
Requested by
Host: vjs.zencdn.net
URL: https://vjs.zencdn.net/7.11.4/video.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.199.36.10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
138-199-36-10.bunnyinfra.net
Software
BunnyCDN-DE1-1053 /
Resource Hash
19c46df00818390e391ce09604881b892727e68b77bae009bb71fc24f4802024

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 11:54:23 GMT
cdn-edgestorageid
1076
cdn-storageserver
DE-661
cdn-cachedat
10/31/2023 19:00:04
cdn-pullzone
829957
content-length
341032
last-modified
Fri, 09 Dec 2022 05:43:16 GMT
server
BunnyCDN-DE1-1053
cdn-fileserver
510
cdn-requestpullcode
206
cdn-proxyver
1.04
content-type
video/mp2t
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=43200
cdn-requestid
57266a6c9eec697479fe4cd78591a0f5
accept-ranges
bytes
cdn-requestcountrycode
CH
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 2B4B 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/show_ads_impl_fy2021.js?bust=31079757
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f1.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 11:54:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 20 Nov 2023 11:54:23 GMT
video5.ts
stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/ 		349 KB
350 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/video5.ts
Requested by
Host: vjs.zencdn.net
URL: https://vjs.zencdn.net/7.11.4/video.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.199.36.10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
138-199-36-10.bunnyinfra.net
Software
BunnyCDN-DE1-1053 /
Resource Hash
de223650abbba43f777d92c8c430f1dc0705e3ab697ca14534c708206ebc7d5f

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 11:54:23 GMT
cdn-edgestorageid
1053
cdn-storageserver
DE-664
cdn-cachedat
10/31/2023 18:58:48
cdn-pullzone
829957
content-length
357576
last-modified
Fri, 09 Dec 2022 05:43:16 GMT
server
BunnyCDN-DE1-1053
cdn-fileserver
510
cdn-requestpullcode
206
cdn-proxyver
1.04
content-type
video/mp2t
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=43200
cdn-requestid
d5705aaeeb3b9b875c3d7d269a8a403f
accept-ranges
bytes
cdn-requestcountrycode
CH
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame CD4F 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f1.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
1823
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 20 Nov 2023 11:24:00 GMT
expires
Tue, 19 Nov 2024 11:24:00 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 18A7 		829 B
793 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.196 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f4.1e100.net
Software
GSE /
Resource Hash
7c0d02ed62f1e8c29f87bee49066c4bd25f0caea2e4e3abf05c3f6b940725a38
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-3fYgVrgSReFAxk2bTcLIOw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-3fYgVrgSReFAxk2bTcLIOw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 20 Nov 2023 11:54:23 GMT
expires
Mon, 20 Nov 2023 11:54:23 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
video6.ts
stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/ 		366 KB
367 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/video6.ts
Requested by
Host: vjs.zencdn.net
URL: https://vjs.zencdn.net/7.11.4/video.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.199.36.10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
138-199-36-10.bunnyinfra.net
Software
BunnyCDN-DE1-1053 /
Resource Hash
90e32b86171ab7a7b9d2f1568ed7f87c42172c6d934f457234533f53c015dd8d

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 11:54:23 GMT
cdn-edgestorageid
874
cdn-storageserver
DE-659
cdn-cachedat
07/19/2023 19:53:43
cdn-pullzone
829957
content-length
374496
last-modified
Wed, 19 Jul 2023 15:09:11 GMT
server
BunnyCDN-DE1-1053
cdn-fileserver
633
cdn-requestpullcode
206
cdn-proxyver
1.04
content-type
video/mp2t
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=43200
cdn-requestid
5bf3b1ed0759cabca17682282e61f9ee
accept-ranges
bytes
cdn-requestcountrycode
CH
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
sodar
pagead2.googlesyndication.com/pagead/ Frame 18A7 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231109&jk=3724342431652275&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/shi-ni-ma-bei-shi-xiong-hao-quan-ti-zao-fa-fang-11wei-xing-yun-er-zhong-5zhang-quan-shuang-na-3000.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
pagead2.googlesyndication.com/bg/ Frame CD4F 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
sffe /
Resource Hash
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 09:18:33 GMT
content-encoding
br
x-content-type-options
nosniff
age
9351
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15296
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 16:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 19 Nov 2024 09:18:33 GMT
video7.ts
stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/ 		374 KB
375 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/video7.ts
Requested by
Host: vjs.zencdn.net
URL: https://vjs.zencdn.net/7.11.4/video.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.199.36.10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
138-199-36-10.bunnyinfra.net
Software
BunnyCDN-DE1-1053 /
Resource Hash
68a6977422a9081659de2e11bcd5e291a51e81fa3ba4c617def83a54e1106bde

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 11:54:24 GMT
cdn-edgestorageid
1047
cdn-storageserver
DE-588
cdn-cachedat
10/31/2023 18:58:42
cdn-pullzone
829957
content-length
382956
last-modified
Fri, 09 Dec 2022 05:43:15 GMT
server
BunnyCDN-DE1-1053
cdn-fileserver
492
cdn-requestpullcode
206
cdn-proxyver
1.04
content-type
video/mp2t
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=43200
cdn-requestid
18e68d481463152a587d1bcdb495e945
accept-ranges
bytes
cdn-requestcountrycode
CH
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
track
t2.teads.tv/ Frame 15E6 		23 B
134 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t2.teads.tv/track?action=visible-3&vid=8adde49d-de5a-4b5d-a829-faebc86d335c&gid=1103584&studio_cid=bf4a5930-6f58-11ee-bc2b-9bbfb2e00e79&piv=100&ut=1&hb_provider=prebid&psid=415253&auctid=c9f24334-ebc2-4284-83d7-75d11f8708ac_4e1ab388-1e94-4ca3-bd0a-85357d24acb7&pscid=20204&scid=7024&pfid=68&sid=174681&env=js-web&hb_ad_unit_code=STICKY_ADP_42753_728X90_d1c10a72-27b4-4931-8ce7-99a18ebbdbae&cts=1700481260779&cid=1166310&pid=169092&p=2tD7i3KcC85r72cAmJ52brDBZCt-cGSPVtlv45d8gpCKJQrW1RIeXcgv8jdHqFzNC8wgitTo6HUVmbpEozjV5MRmunx8Wtf2j-zxZqrrfDWVUzJRK_S_U-wY0zYpiwO3JgN2odV7c21pqd0cBoEn8hnsK30vtqyndXhqx8KpZVdruOrvHLHF4iB9IvSi9b3h-X1WqKXvoJjn33CnuKuHj4N8P8YSjrSz1ju-sPX1Pxw4RQodLeUPPYX5IpFaYuWYdbIdFvg6mi_BR6GSzBklFHhvIp6NQ0SRJJLuPrbDUel1vExpIRUp1oJ6Qgs7Hh_ud0vwRdBfCPvNFNGB7dJkR3ZcZa_cVOmpgw9YFrqA66FtexOnqNbK3rn9-P5PoRI__kU&cs=478296227734545031505&slot=native&fv=1289&ts=1700481264239&plft=flv&hb_w=728&hb_h=90&referer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fshi-ni-ma-bei-shi-xiong-hao-quan-ti-zao-fa-fang-11wei-xing-yun-er-zhong-5zhang-quan-shuang-na-3000.html
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/shi-ni-ma-bei-shi-xiong-hao-quan-ti-zao-fa-fang-11wei-xing-yun-er-zhong-5zhang-quan-shuang-na-3000.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.212.89.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-212-89-35.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Sat, 26 Jul 1997 05:00:00 GMT
date
Mon, 20 Nov 2023 11:54:24 GMT
cache-control
max-age=0, no-cache, no-store
content-length
23
content-type
image/gif
video8.ts
stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/ 		330 KB
331 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/video8.ts
Requested by
Host: vjs.zencdn.net
URL: https://vjs.zencdn.net/7.11.4/video.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.199.36.10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
138-199-36-10.bunnyinfra.net
Software
BunnyCDN-DE1-1053 /
Resource Hash
4566667750e0f69a6e00802b4c1e70eeb7f673be8f98ffff189a652c4dbad2fc

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 11:54:24 GMT
cdn-edgestorageid
865
cdn-storageserver
DE-165
cdn-cachedat
10/31/2023 18:51:10
cdn-pullzone
829957
content-length
338212
last-modified
Fri, 09 Dec 2022 05:43:16 GMT
server
BunnyCDN-DE1-1053
cdn-fileserver
494
cdn-requestpullcode
206
cdn-proxyver
1.04
content-type
video/mp2t
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=43200
cdn-requestid
04b64c21d1e3aeb75cd885068f87ddcc
accept-ranges
bytes
cdn-requestcountrycode
CH
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
generate_204
tpc.googlesyndication.com/ Frame CD4F 		0
39 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?6SGT_Q
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/shi-ni-ma-bei-shi-xiong-hao-quan-ti-zao-fa-fang-11wei-xing-yun-er-zhong-5zhang-quan-shuang-na-3000.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f1.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 11:54:24 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
csi
csi.gstatic.com/ Frame 0BA7 		0
234 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~lp6umyn2&c=107145508175&slotId=53572754087.5&eee=missing-element&bi=missing-id&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f3.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Nov 2023 11:54:24 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 14C2 		0
56 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=9587644156792&version=m202309260101&ct=77&x=1&cor=6533425844348239000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Nov 2023 11:54:24 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
VideoBidRequestHandlerServlet
am-wf.taboola.com/ 		2 KB
786 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://am-wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=165757&tagid=946347&crid=-1&noaop=3&sortOrderType=0&cb=1700481264747&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=3&pv=148380820&pt=557830503&tz=60&viewable=true&ddast=V8POUCLAZkVtFOZL_RtRHIrKKdyH6jaysAAABgYID-AElNTA7TxrZaiwarkVs0mNjcwsFm5FaOXCabYTWYjYwbIyCpiclh2thWa9FgNXKLBhObWzjYjNzKkctkM6wGs5FxYwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ8aDodPte9Xvf73SU-z1zj9yv8mqPTLXe61Q63xOV0a45Ot_Dpt_vcQoffrXg97G7R0y19-N0yh1vmsPvcisXu5XQLn3afW_m6u1WWt_Tot_vcqunRYfe5Fa-H3a05uh52n1vucGsGg8FcaHqb7QAAAADgwf___z8EAAAAgAgAAAAAEgAAAAAoBFT4tyBwAQAAAADD____vwaAZw4L7PIcFB6Hx-nw_AMAAAAACAAAAAASAAjohyUAYoz3Tvz_________xxigz7yR8f___3_DoAfAgw-AByEAAAAfQwTQPjbH58iwiRQUFmEEAAAAoGoYnuPIJJ2gYlHl__-_3wrAFQCAgEV2SmeQLLqDEm9hAAAABMYs0MPi95sddo3f7TL__________2b-z_yjEcIRfkwDRIxir-YXEABgzS8gAAAbdQMA8EYATtAhaMVgsDoBMTsAAAAAd_7____1gIjDNHMOVi7TYjNzOYcby8hjs3gmM99i4Rk5R6PtMRZgsGZMHSrssyEss993UFBOT4_ZZZCxXCaD-KBhWE4GwfxM2GK0mkw2y-FsuZgMhqPhaLQ_ArgcoIkYLJeTyWKyW41Wo81wN5oNFkggBhNE0aLBZDUaTRaT4Wo0Wc2Wi91ugyhatZqNNoPhajaZ7Xar4WC4HI3QhC1Gq8lksxzOlovJYDgajkZDBIODmWkwWQ3XopFt5BYNZ6O1cGTzuDWb2cg0Gy4Xi9FwLXp9TB_XaOOyDbdIMEBwL5KnRTpRmUaWkWUzWS1sholntRltHJ7dauYYLWariclkmoglmpNFOpFd9hWHaeYcrFymxWbmcg43lpHHZvFMZr7FwjNyjkb74mBmGkxWw7VoZBu5RcPZaC0c2TxuzWY2Ms2Gy8ViNFyLXh_TxzXauGzDfWM3GIyGi8lqtm_sBoPRcDFZzfYdOsN39TkblWWV5KNzGoa1pq3mNChcBov3pT6dhwVjQfv7HJ0mj-hZ1Bn9fr_f7_f7_X6_36D1HMwGhe95-Aunj-W5HM5GD2KDQRFLBBfpRPAwux2ml1vi82z8FrFEabpIJ3qFX3N0uuVOt9rhlricbs3R6RY-_XafW-jwuxWvh90terqlD79b5nDLHHafW7HYvZxu4dPucytfd7fK8pYe_XafWzU9Ouw-t-L1sLs1R9fD7nPLHW7NYDCYC01vs0UsEZwu0onoZTxd1H_UgKu5YrmaS0aDuWS4SgAAAAAAAAAAlmCa6SYAAAAATgY13AwXq3U6mMlsMtitlgvgIihLFzAIAAAAAABAscYea4CH2e0wvdwSn2fjtzIACeY8Zpt9RhBrtVrWAAAABLABAAAEcNONN4FjUdz_____OAAAADJy6AEAANDvA8I6cKXQC0fiVxCLxWC4fwAqxFqtVrcba7VaAQ1iN9pMJhP4____Dw!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=1&dtagid=3262075&dpubid=583815&abtst=adxsub-out_vA!adxsub-out_vB!lvlstst-in2_vC!lvlstst-in2_vC!lvlstst1_vC!pl148380-820_vA!t45!u2822_vA!ufm_vG&mPre=0.033&cirf=https%3A%2F%2Fwww.bg3.co&en=1&subu=3
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.5.9/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
995db8bd8b5b94fff564161ad51dd4733b70d72d2bb2e8dfd931ecbcf5052c67

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
text/plain

Response headers

pragma
no-cache
date
Mon, 20 Nov 2023 11:54:24 GMT
content-encoding
gzip
server
nginx
machineid
1464
vary
Accept-Encoding
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
expires
Sat, 26 Jul 1997 05:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 2B4B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231109&jk=3724342431652275&bg=!xsWlxYrNAAZxrfrxUa07ADQBe5WfOOdczeTZQS7NWwZIdCz9xOyHEWFU6PAjLJsm-Y6rpzyBUpqNWEVoUReB3rN8Z-WPAgAAAUlSAAAAA2gBBwoAq7Mcu89t4nHb3w0__TIqL-fyFRgYB2VEm2eUV1mtj9S-ZXT7hy0A6p0Pr1I5p6U-t1iS3qnojRUSQPp_TvGwxM79tiI2l6vPO7wSbk6R_VH2wdDqEpf9V6Z39bc882bAx07WvvPqhxdFxaWMGKFcmDsVTUHOy00ZT7wPwqHjvW4RGr-5KrO1-AFCaDKVOhP0G2ty071uB0pPtKW0dUfJBt5_hj168cUKOAyeoJkCw7cck9HqSduOWaWSJOs-PVknYW-UITm6VdpeQUq9udgOKOTWSsKnZC-wSQ28daYnvt7ofSiSapdduZd49jYM9WDLYCmxVAaj5pdP3qimDMMyaEeSCLiGi4hkQQ5tC2nha52biHN4BtCpwatocz_yzQ2oHuUn0hn7xCHphybZ5lQQb-ThnzoiyBSs4Rey1B9oyE19obM0M96msX877MbOjzuinh3iZM-MqOpg2CjccWAhCG6wolLAa4ks8gt4Q5AF-vS7_VVPhnfRpy9n57HeDamaXKxjz8PAjgx9Npy2XaZTQ_3XO6soecY5jkdxSH8J6YuE5rrDlf25gfwL9A4N3Qc-cGWENXhTeXSCLm4sT6UMV24IilsRWQDtA4CeeoIPUDPQxOoTiMKapMYtIQTKMbo9k2jEy1jUEVFEsWnVoO17ccU1D_HXO6oHEzJfUwrbL6NJXHgFz4LhnoY-01MoGcR1RhztWiAfPqdokdl3c7FamdQThndWGb3YF1hFEaLPrttIFr7Dlf3rGaNmhkc9BphFyPq3ao75o-QbTR5pKr31kGFKDdMp_JHr0XUDHpDa17wG06DfI5oAgz_wvRPEJYNG0yXzgiVPKLV6jdkEaDgsvybq0wwE40awRf4rvstIOcTc_c8_dC4rcQ3u6WT25O-Gnm0_d7FMA9uou4Q35X5vl7QMDmfovcJ0c3Htl8p7ogq7VSKXhP_9uR82Scb3NQ5ZPRkGxwjgq6D_pWFUo44JTKAKo93fCBmNrZjQVKSRgsuPzMz_KWOG6iVbtvSoxvjTCZDUjIyua7NcC9TELBGFAs0OQjh2vOKhCO6hKTaJ1_eZMQ_Z8GXIJ1tjCcMx2almVRn5JU35aYPN7j0Xy9syJXZMIaEbVB66Ee1IS7RgVD8VORm2iVJBNlcISnQeRLTlbSPs1xVXeNg5LC-snwF36fYk
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/shi-ni-ma-bei-shi-xiong-hao-quan-ti-zao-fa-fang-11wei-xing-yun-er-zhong-5zhang-quan-shuang-na-3000.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
collect
region1.google-analytics.com/g/ 		0
45 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-Z0TZ7TDHS1&gtm=45je3b81v886690812&_p=1700481256110&gcd=11l1l1l1l1&dma=0&cid=861161258.1700481257&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1700481259&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fshi-ni-ma-bei-shi-xiong-hao-quan-ti-zao-fa-fang-11wei-xing-yun-er-zhong-5zhang-quan-shuang-na-3000.html&dt=%E6%98%AF%E4%BD%A0%E5%97%8E%EF%BC%9F%E5%8C%97%E5%B8%82%E7%86%8A%E5%A5%BD%E5%88%B8%E6%8F%90%E6%97%A9%E7%99%BC%E6%94%BE%E3%80%8011%E4%BD%8D%E5%B9%B8%E9%81%8B%E5%85%92%E4%B8%AD5%E5%BC%B5%E5%88%B8%E7%88%BD%E6%8B%BF3000%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&en=link_preview&_ee=1&epn.value=1&epn.siteid=42753&ep.error_msg=no_mapping_failed&_et=9&tfd=11278
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.32.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Nov 2023 11:54:24 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
visible
trc.taboola.com/palmate-bg3co/log/3/ 		0
291 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/palmate-bg3co/log/3/visible?tvi48=12019&tvi50=11108&route=AM%3AIL%3AV&lti=deflated
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231119-2-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
83
date
Mon, 20 Nov 2023 11:54:25 GMT
via
1.1 varnish
x-fastly-to-nlb-rtt
80344
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-vie6362-VIE
pragma
no-cache
server
nginx
x-timer
S1700481265.085647,VS0,VE83
content-type
image/gif
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
track
t2.teads.tv/ Frame 15E6 		23 B
134 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t2.teads.tv/track?action=visible-4&vid=8adde49d-de5a-4b5d-a829-faebc86d335c&gid=1103584&studio_cid=bf4a5930-6f58-11ee-bc2b-9bbfb2e00e79&piv=100&ut=1&hb_provider=prebid&psid=415253&auctid=c9f24334-ebc2-4284-83d7-75d11f8708ac_4e1ab388-1e94-4ca3-bd0a-85357d24acb7&pscid=20204&scid=7024&pfid=68&sid=174681&env=js-web&hb_ad_unit_code=STICKY_ADP_42753_728X90_d1c10a72-27b4-4931-8ce7-99a18ebbdbae&cts=1700481260779&cid=1166310&pid=169092&p=enxYxHfmK93W3iMP2qn6nwOmOQ4Fzqd-h8_4A1DME8NHhNj98OIMna-g62mmH7awtQJbX39Kv5S4cHxO8MmjQ89s4kz2tf4m3fwa_i0qb4Dyj7MZyNaD8TtalVEWmfz-bebAaiC1KOwrh6ZbYotvZt4GWZk_p6jaJZStgeBE8qtkBFx_mtWNWRQtK8mn2U-ve_lcxJwFxBo93tY2PV_BMh7RauELLgtWT_vthk3et5v2VI71he_90Pep3CUs51Jk5Yf0YT50WelQzRc-WB2gEhk5GokzlQlvuismeaYpeRAd2MpBCpGpqvpz2xqqs0RU7oKztWrnIypPfFzASKOcY6MbPOgabE-Z2MzWlbYo9sVgnK4ibPOqVEJ2QcyiuxOvNR4&cs=-97298002221357763805&slot=native&fv=1289&ts=1700481265190&plft=flv&hb_w=728&hb_h=90&referer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fshi-ni-ma-bei-shi-xiong-hao-quan-ti-zao-fa-fang-11wei-xing-yun-er-zhong-5zhang-quan-shuang-na-3000.html
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/shi-ni-ma-bei-shi-xiong-hao-quan-ti-zao-fa-fang-11wei-xing-yun-er-zhong-5zhang-quan-shuang-na-3000.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.212.89.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-212-89-35.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Sat, 26 Jul 1997 05:00:00 GMT
date
Mon, 20 Nov 2023 11:54:25 GMT
cache-control
max-age=0, no-cache, no-store
content-length
23
content-type
image/gif
ads
pubads.g.doubleclick.net/gampad/ Frame 0BA7 		156 B
186 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21928950349%2C22705832136%2Fbg3_gpt1_preroll&sz=1x1%7C320x180%7C320x240%7C400x225%7C400x300%7C640x360%7C640x480&vad_type=linear&tfcd=0&npa=0&gdfp_req=1&unviewed_position_start=1&vpos=preroll&output=xml_vast4&adsafe=medium&ad_type=audio_video&env=instream&cust_params=max_ad_duration%3D900&description_url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fshi-ni-ma-bei-shi-xiong-hao-quan-ti-zao-fa-fang-11wei-xing-yun-er-zhong-5zhang-quan-shuang-na-3000.html&vpa=auto&vpmute=0&sdkv=h.3.605.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&u_so=l&ctv=0&mpt=videojs-ima&mpv=1.11.0&sdki=445&ptt=20&adk=98635085&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.605.0&sid=E8009EAB-1D4D-4C3C-BF20-613B9650F791&nel=0&eid=44752052%2C44772139%2C44777649%2C44781409%2C44802074%2C44802463%2C44804291&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fshi-ni-ma-bei-shi-xiong-hao-quan-ti-zao-fa-fang-11wei-xing-yun-er-zhong-5zhang-quan-shuang-na-3000.html&dlt=1700481256067&idt=5288&dt=1700481265256&cookie=ID%3D1a41361e827bc7a2%3AT%3D1700481257%3ART%3D1700481257%3AS%3DALNI_MYFSSKGpZM-0LwDSvHsIEtPXCrmyw&gpic=UID%3D00000cceb2dbfa89%3AT%3D1700481257%3ART%3D1700481257%3AS%3DALNI_MZprw4zR294mb7E3ZeSjhnV_dgsUQ&correlator=75685402869935&scor=547169297766792&ged=ve4_td9_tt3_pd9_la9000_er0.0.0.0_vi0.0.1200.1600_vp0_ts1_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 11:54:26 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame 48C6 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=162412&gdpr=0&gdpr_consent=&us_privacy=1YN-
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.20 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 11:54:24 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
video9.ts
stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/ 		339 KB
340 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/video9.ts
Requested by
Host: vjs.zencdn.net
URL: https://vjs.zencdn.net/7.11.4/video.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.199.36.10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
138-199-36-10.bunnyinfra.net
Software
BunnyCDN-DE1-1053 /
Resource Hash
7aa95df1ffc63e213d6db88e7dcc4b7eff7cad0a0687ddedebbbfa4ef7be8952

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 11:54:25 GMT
cdn-edgestorageid
1077
cdn-storageserver
DE-662
cdn-cachedat
10/31/2023 18:59:54
cdn-pullzone
829957
content-length
347236
last-modified
Fri, 09 Dec 2022 05:43:17 GMT
server
BunnyCDN-DE1-1053
cdn-fileserver
275
cdn-requestpullcode
206
cdn-proxyver
1.04
content-type
video/mp2t
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=43200
cdn-requestid
3f7f4965761d977ca5b7c7bdd12ff32c
accept-ranges
bytes
cdn-requestcountrycode
CH
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
PugMaster
image6.pubmatic.com/AdServer/ Frame B2F0 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=52965217&p=158810&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
a4d2b272fca23306717f19b5e765340c841ba8e37757a4281cdf4bad513a411b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Mon, 20 Nov 2023 11:54:24 GMT
content-length
1476
content-type
text/html; charset=UTF-8
csi
csi.gstatic.com/ Frame 0BA7 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~lp6un15l&c=107145508175&slotId=53572754087.5&ghmsh_eids=44752052%2C44772139%2C44777649%2C44781409%2C44802074%2C44802463%2C44804291
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f3.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Nov 2023 11:54:26 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 48C6 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=97365538&p=162412&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1YN-
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
a4d2b272fca23306717f19b5e765340c841ba8e37757a4281cdf4bad513a411b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Mon, 20 Nov 2023 11:54:26 GMT
content-length
1476
content-type
text/html; charset=UTF-8
event.png
tpsc-ew1.doubleverify.com/ Frame 471E 		0
291 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tpsc-ew1.doubleverify.com/event.png?impid=6bad184430f34d289bffabe51576668a&flavor=0&gdpr=&gdpr_consent=&pltm=1&ee_dp_asmm=1&vdur=295&eoid=18&te_exec=4&msrjs=4951&sdf=67108868&vit=2&isvelg=1&rmi=16&tltms=508&tetms=29&msltms=436&vltms=295&sei=292&vetms=123&tuviims=773&tuviems=1191&engms=1&engisel=1&ee_dp_ddtes=2&dvp_dtcov=4&sim=3&msrcanlm=904&msrcannum=3&ee_dp_tmads=2633&ismms=217&isumms=216&nvr=6&isgmmims=217&isgmv4mims=217&elmtp=1&isbxdms=3023&b11=3057&adhgt=90&adwdth=728&norwdth=728&norhgt=90&vsos=3&dvp_vsosnmr=16&dvp_mvpw=device-width&dvp_mvpis=1&lftb=3057&sftb=3057&msrdp=0&naral=640&vct=1&vphgt=1200&vpwdth=1600&chgt=90&cwdth=728&scrhgt=1200&scrwdth=1600&strp=100&advisonl=true&isiabvms=1122&isuiabvms=1122&isgmpims=216&isgmv4dpims=1122&ispmxpms=1122&engalms=214&dvp_hdnAd=0&dvp_dpr=1&vstsz=908&ee_dp_cvcmeeid=1&metp=2&meeid=1&iscvmvms=3023&ttfurm=3533
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements4951.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
130.211.44.5 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
5.44.211.130.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://www.bg3.co
Pragma
no-cache
Date
Mon, 20 Nov 2023 11:54:26 GMT
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true, true
Connection
keep-alive
Expires
2023-11-19T11:54:26
match
c1.adform.net/serving/cookie/ Frame C75F 		35 B
600 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?party=14&cid=4183471A-AE64-47F0-9BED-A2E4BE6A654E&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Mon, 20 Nov 2023 11:54:26 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
i.match
s.tribalfusion.com/z/ Frame 0886
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...
43 B
420 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.25.173 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
82907f8d5b3c6f54-CDG
content-length
43
content-type
image/gif; charset=utf-8
date
Mon, 20 Nov 2023 11:54:26 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
302

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
82907f8c197b6f54-CDG
content-type
text/html
date
Mon, 20 Nov 2023 11:54:26 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
206
x-reuse-index
1850
Pug
image2.pubmatic.com/AdServer/ Frame 6222
Redirect Chain
  • https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent=
  • https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25...
  • https://sync.crwdcntrl.net/map/c=14544/tp=BIDB/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26red...
  • https://pixel-eu.onaudience.com/?partner=104&icm&cver&mapped=d2a4031059ec0e3e6fe317187fe9f6e0&gdpr=0&redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4OD...
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=39puKE4JabSgUXhahYTMaXgT&gdpr=0&gdpr_consent=
42 B
201 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=39puKE4JabSgUXhahYTMaXgT&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 20 Nov 2023 11:54:26 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=39puKE4JabSgUXhahYTMaXgT&gdpr=0&gdpr_consent=
pub
matching.truffle.bid/sync/ Frame 420B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.55.120.196 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.196.120.55.162.clients.your-server.de
Software
nginx/1.23.3 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Connection
keep-alive
Date
Mon, 20 Nov 2023 11:54:26 GMT
Server
nginx/1.23.3
Strict-Transport-Security
max-age=15768000
Pug
simage2.pubmatic.com/AdServer/ Frame FED6
Redirect Chain
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:A379DE2D888F489CB298C763DF3EA238&gdpr=0&gdpr_consent=
1 B
72 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:A379DE2D888F489CB298C763DF3EA238&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Mon, 20 Nov 2023 11:54:24 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
content-length
142
content-type
text/html
date
Mon, 20 Nov 2023 11:54:26 GMT
expires
Sun, 19 Nov 2023 11:54:26 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:A379DE2D888F489CB298C763DF3EA238&gdpr=0&gdpr_consent=
server
openresty
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
generic
match.adsrvr.org/track/cmf/ Frame B8C9
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=7763854331
70 B
148 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=7763854331
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

content-length
70
content-type
image/gif
date
Mon, 20 Nov 2023 11:54:26 GMT
server
Kestrel

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-type
text/html
date
Mon, 20 Nov 2023 11:54:26 GMT
etag
RXf6121b9c7255429eba893ba03e08ed8e003
expires
0
location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=7763854331
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
pragma
no-cache
4183471A-AE64-47F0-9BED-A2E4BE6A654E
csync.smilewanted.com/set_partner_userid_get/pubmatic/ Frame 235F 		0
649 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/pubmatic/4183471A-AE64-47F0-9BED-A2E4BE6A654E
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
82907f898a08229c-CDG
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 20 Nov 2023 11:54:26 GMT
server
cloudflare
vary
Accept-Encoding
mw
mwzeom.zeotap.com/ Frame B2F0 		95 B
234 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=4183471A-AE64-47F0-9BED-A2E4BE6A654E
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/shi-ni-ma-bei-shi-xiong-hao-quan-ti-zao-fa-fang-11wei-xing-yun-er-zhong-5zhang-quan-shuang-na-3000.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.24.87 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 11:54:26 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
82907f8c2be47025-CDG
access-control-allow-headers
*
content-length
95
info2
uipglob.semasio.net/pubmatic/1/ Frame B2F0
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=4183471A-AE64-47F0-9BED-A2E4BE6A654E&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=4183471A-AE64-47F0-9BED-A2E4BE6A654E&sInitiator=external&gdpr=0&gdpr_consent=
42 B
604 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=4183471A-AE64-47F0-9BED-A2E4BE6A654E&sInitiator=external&gdpr=0&gdpr_consent=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/shi-ni-ma-bei-shi-xiong-hao-quan-ti-zao-fa-fang-11wei-xing-yun-er-zhong-5zhang-quan-shuang-na-3000.html
Protocol
HTTP/1.1
Server
77.243.51.121 , Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Nov 2023 11:54:28 GMT
frontend-id
10
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
content-type
image/gif
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin
*
content-length
42
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 20 Nov 2023 11:54:28 GMT
frontend-id
8
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
location
/pubmatic/1/info2?sType=sync&sExtCookieId=4183471A-AE64-47F0-9BED-A2E4BE6A654E&sInitiator=external&gdpr=0&gdpr_consent=
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin
*
content-length
0
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT
52799
stags.bluekai.com/site/ Frame B2F0
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=4183471A-AE64-47F0-9BED-A2E4BE6A654E&gdpr=0&gdpr_consent=
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=0753012b7cfe28d6/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%...
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=d2a4031059ec0e3e6fe317187fe9f6e0&gdpr=0
  • https://pixel.onaudience.com/?partner=282&icm&cver&gdpr=0&smartmap=1&redirect=stags.bluekai.com%2Fsite%2F52799%3Fid%3D%25m
  • https://stags.bluekai.com/site/52799?id=66a9c5df6a2cdba4
62 B
218 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stags.bluekai.com/site/52799?id=66a9c5df6a2cdba4
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/shi-ni-ma-bei-shi-xiong-hao-quan-ti-zao-fa-fang-11wei-xing-yun-er-zhong-5zhang-quan-shuang-na-3000.html
Protocol
H2
Server
2.23.197.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-23-197-190.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date
Mon, 20 Nov 2023 11:54:26 GMT
content-length
62
content-type
image/gif

Redirect headers

location
https://stags.bluekai.com/site/52799?id=66a9c5df6a2cdba4
content-length
0
PugMaster
image6.pubmatic.com/AdServer/ Frame AC8F 		47 B
222 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=81151598&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
09343d3b3473e1c994b2d603c99feb8a0f63fbd3ff20be7432ff18b973dbe651

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Mon, 20 Nov 2023 11:54:26 GMT
content-length
47
content-type
text/html; charset=UTF-8
mw
mwzeom.zeotap.com/ Frame 48C6 		95 B
440 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=4183471A-AE64-47F0-9BED-A2E4BE6A654E
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.24.87 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 11:54:26 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
82907f8c2be97025-CDG
access-control-allow-headers
*
content-length
95
info2
uipglob.semasio.net/pubmatic/1/ Frame 48C6
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=4183471A-AE64-47F0-9BED-A2E4BE6A654E&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=4183471A-AE64-47F0-9BED-A2E4BE6A654E&sInitiator=external&gdpr=0&gdpr_consent=
42 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=4183471A-AE64-47F0-9BED-A2E4BE6A654E&sInitiator=external&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
HTTP/1.1
Server
77.243.51.121 , Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Nov 2023 11:54:28 GMT
frontend-id
2
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
content-type
image/gif
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin
*
content-length
42
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 20 Nov 2023 11:54:28 GMT
frontend-id
14
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
location
/pubmatic/1/info2?sType=sync&sExtCookieId=4183471A-AE64-47F0-9BED-A2E4BE6A654E&sInitiator=external&gdpr=0&gdpr_consent=
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin
*
content-length
0
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT
generic
match.adsrvr.org/track/cmf/ Frame 48C6
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=4183471A-AE64-47F0-9BED-A2E4BE6A654E&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 11:54:26 GMT
server
Kestrel
content-length
70
content-type
image/gif

Redirect headers

location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
content-length
0
match
c1.adform.net/serving/cookie/ Frame 99D3 		35 B
600 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?party=14&cid=4183471A-AE64-47F0-9BED-A2E4BE6A654E&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Mon, 20 Nov 2023 11:54:26 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
i.match
s.tribalfusion.com/z/ Frame 369A
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...
43 B
400 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.25.173 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
82907f8d5b366f54-CDG
content-length
43
content-type
image/gif; charset=utf-8
date
Mon, 20 Nov 2023 11:54:26 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
302

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
82907f8c197d6f54-CDG
content-type
text/html
date
Mon, 20 Nov 2023 11:54:26 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
206
x-reuse-index
249
Pug
image2.pubmatic.com/AdServer/ Frame 4A4B
Redirect Chain
  • https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent=
  • https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25...
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=377519b45e729d37/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%...
  • https://pixel-eu.onaudience.com/?partner=104&icm&cver&mapped=d2a4031059ec0e3e6fe317187fe9f6e0&gdpr=0&redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4OD...
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=NrGB8F9IYTTVbRhWVnTXRQYT&gdpr=0&gdpr_consent=
42 B
281 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=NrGB8F9IYTTVbRhWVnTXRQYT&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 20 Nov 2023 11:54:26 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=NrGB8F9IYTTVbRhWVnTXRQYT&gdpr=0&gdpr_consent=
pub
matching.truffle.bid/sync/ Frame 4728 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.55.120.196 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.196.120.55.162.clients.your-server.de
Software
nginx/1.23.3 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Connection
keep-alive
Date
Mon, 20 Nov 2023 11:54:26 GMT
Server
nginx/1.23.3
Strict-Transport-Security
max-age=15768000
Pug
simage2.pubmatic.com/AdServer/ Frame 0341
Redirect Chain
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:A379DE2D888F489CB298C763DF3EA238&gdpr=0&gdpr_consent=
1 B
53 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:A379DE2D888F489CB298C763DF3EA238&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Mon, 20 Nov 2023 11:54:26 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
content-length
142
content-type
text/html
date
Mon, 20 Nov 2023 11:54:26 GMT
expires
Sun, 19 Nov 2023 11:54:26 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:A379DE2D888F489CB298C763DF3EA238&gdpr=0&gdpr_consent=
server
openresty
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
generic
match.adsrvr.org/track/cmf/ Frame 25BA
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=7028293210
70 B
148 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=7028293210
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

content-length
70
content-type
image/gif
date
Mon, 20 Nov 2023 11:54:26 GMT
server
Kestrel

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-type
text/html
date
Mon, 20 Nov 2023 11:54:26 GMT
etag
RXf6121b9c7255429eba893ba03e08ed8e003
expires
0
location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=7028293210
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
pragma
no-cache
sync
ads.servenobid.com/ Frame 9A76 		0
357 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/sync?pid=316&uid=4183471A-AE64-47F0-9BED-A2E4BE6A654E
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.72.113.40 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-72-113-40.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
amp-access-control-allow-source-origin
*
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
content-length
0
content-type
text/html;charset=ISO-8859-1
date
Mon, 20 Nov 2023 11:54:26 GMT
track
t2.teads.tv/ Frame 15E6 		23 B
134 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t2.teads.tv/track?action=visible-5&vid=8adde49d-de5a-4b5d-a829-faebc86d335c&gid=1103584&studio_cid=bf4a5930-6f58-11ee-bc2b-9bbfb2e00e79&piv=100&ut=1&hb_provider=prebid&psid=415253&auctid=c9f24334-ebc2-4284-83d7-75d11f8708ac_4e1ab388-1e94-4ca3-bd0a-85357d24acb7&pscid=20204&scid=7024&pfid=68&sid=174681&env=js-web&hb_ad_unit_code=STICKY_ADP_42753_728X90_d1c10a72-27b4-4931-8ce7-99a18ebbdbae&cts=1700481260779&cid=1166310&pid=169092&p=PaYuINHh3AoBS6Mg9CqvgfQ3LPzD3MLaMdzY5umsn3OvtNHRbUrB-8WbvykG1bDZbCKwj8cbz-jRswSn2sGeaScMdJ9OF-MNSlcU1EEFXRrOeZ-3VtAkUkmhI_wH02ykQX-KCZ_thInMfaPBI97t-MGkz2vD5GicmNcSU5wAVt-JB8f-AicPmjTpKCVxcqEwi81dn2__MSC99bJhK44CdxIZV6LDKfMkHGdehdPGsWYXA47Lgk5YP2Az-Lal3YycjjHHntd6MnRIhvx83ILRBivO1bIxkOaejfVjCl8_131dLCCqfRRPzyHJSOg1YIQOWqnyLOpHgqZAXPaiM2Nei4cOz4WaSPR6QL9nI7JACKheC9_TDQitjh8N8XAWt0JagVY&cs=-822377108589954922305&slot=native&fv=1289&ts=1700481266217&plft=flv&hb_w=728&hb_h=90&referer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fshi-ni-ma-bei-shi-xiong-hao-quan-ti-zao-fa-fang-11wei-xing-yun-er-zhong-5zhang-quan-shuang-na-3000.html
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/shi-ni-ma-bei-shi-xiong-hao-quan-ti-zao-fa-fang-11wei-xing-yun-er-zhong-5zhang-quan-shuang-na-3000.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.212.89.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-212-89-35.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Sat, 26 Jul 1997 05:00:00 GMT
date
Mon, 20 Nov 2023 11:54:26 GMT
cache-control
max-age=0, no-cache, no-store
content-length
23
content-type
image/gif
usersync
usersync.gumgum.com/ Frame CEA7 		35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=pbm&i=4183471A-AE64-47F0-9BED-A2E4BE6A654E
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Mon, 20 Nov 2023 11:54:26 GMT
Expires
0
Pragma
no-cache
usersync
usersync.gumgum.com/ Frame 1B7B 		35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=pbm&i=4183471A-AE64-47F0-9BED-A2E4BE6A654E
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Mon, 20 Nov 2023 11:54:26 GMT
Expires
0
Pragma
no-cache
ads
pubads.g.doubleclick.net/gampad/ Frame 0BA7 		118 KB
19 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F22082859479%2C22705832136%2Fbg3_gpt2_preroll&sz=1x1%7C320x180%7C320x240%7C400x225%7C400x300%7C640x360%7C640x480&vad_type=linear&tfcd=0&npa=0&gdfp_req=1&unviewed_position_start=1&vpos=preroll&output=xml_vast4&adsafe=medium&ad_type=audio_video&env=instream&cust_params=max_ad_duration%3D900&description_url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fshi-ni-ma-bei-shi-xiong-hao-quan-ti-zao-fa-fang-11wei-xing-yun-er-zhong-5zhang-quan-shuang-na-3000.html&vpa=auto&vpmute=0&sdkv=h.3.605.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&u_so=l&ctv=0&mpt=videojs-ima&mpv=1.11.0&sdki=445&ptt=20&adk=98635085&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.605.0&sid=E8009EAB-1D4D-4C3C-BF20-613B9650F791&nel=0&eid=44752052%2C44772139%2C44777649%2C44781409%2C44802074%2C44802463%2C44804291&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fshi-ni-ma-bei-shi-xiong-hao-quan-ti-zao-fa-fang-11wei-xing-yun-er-zhong-5zhang-quan-shuang-na-3000.html&dlt=1700481256067&idt=5288&dt=1700481266789&cookie=ID%3D1a41361e827bc7a2%3AT%3D1700481257%3ART%3D1700481257%3AS%3DALNI_MYFSSKGpZM-0LwDSvHsIEtPXCrmyw&gpic=UID%3D00000cceb2dbfa89%3AT%3D1700481257%3ART%3D1700481257%3AS%3DALNI_MZprw4zR294mb7E3ZeSjhnV_dgsUQ&correlator=4198793260488646&scor=3723421059598590&ged=ve4_td11_tt5_pd11_la11000_er0.0.0.0_vi0.0.1200.1600_vp0_ts2_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
23cb515aa02f4d35c19a738a6076c4ff001fba5d19193a56ac630e66b3c4d445
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 11:54:27 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19370
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
video10.ts
stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/ 		323 KB
324 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/video10.ts
Requested by
Host: vjs.zencdn.net
URL: https://vjs.zencdn.net/7.11.4/video.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.199.36.10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
138-199-36-10.bunnyinfra.net
Software
BunnyCDN-DE1-1053 /
Resource Hash
c9ce49ef364cf2950aed5e50799ce8cc6ca3484f393d179a31dc7425957d549e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 11:54:27 GMT
cdn-edgestorageid
1078
cdn-storageserver
DE-199
cdn-cachedat
01/30/2023 07:35:58
cdn-pullzone
829957
content-length
330880
last-modified
Fri, 09 Dec 2022 05:43:16 GMT
server
BunnyCDN-DE1-1053
cdn-fileserver
492
cdn-requestpullcode
206
cdn-proxyver
1.03
content-type
video/mp2t
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=43200
cdn-requestid
05785fd34f28f1269640e9a0c3704482
accept-ranges
bytes
cdn-requestcountrycode
CH
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
csi
csi.gstatic.com/ Frame 0BA7 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=3~lp6un2c5&c=107145508175&slotId=53572754087.5&icc=1&icrh=0&icri=0&icrs=1&icru=0&icp=GoogleWhyThisAd&icdi=18x18&vmfc=3&vhc=0&wta=1&ytext_viu=0&ytext_hd=1&hghme=1
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f3.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Nov 2023 11:54:27 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 0BA7 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=4~lp6un3d4&c=107145508175&slotId=53572754087.5&qqid=CN_77a7C0oIDFVSR_Qcda78HYg&gqid=8khbZd3FMeOk9u8PgaKAyAQ&fb=ima_html5-lima&sdkv=h.3.605.0&ppt=videojs-ima&ppv=1.11.0&mrd=4&aab=0&itv=1&met.4=ghmsh_s.lp6un3d8~ghmsh_s.lp6un3da&ghmsh_hd=1&ghmsh_mi=22%2C18%2C&ghmsh_vi=134%2C136%2C243%2C247%2C396%2C398%2C&ghmsh_ai=139%2C140%2C250%2C&ghmsh_gvt=0&ams=1&vs=1280x720&vc=avc1.64001F&mt=video%2Fmp4&vsrc=youtube&bit=22&cpn=mnCeU5LBUJZQOFTY
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f3.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Nov 2023 11:54:27 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&top=1&puid=1~lp6umwxa&c=107145508175&slotId=53572754087.5&eee=missing-element&bi=missing-id
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f3.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Nov 2023 11:54:27 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
videoplayback
rr3---sn-1gi7znek.googlevideo.com/ 		615 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://rr3---sn-1gi7znek.googlevideo.com/videoplayback?expire=1700510067&ei=80hbZbz9Eemji9oP5s-lmAE&ip=85.195.240.28&id=8a61028aee0367a8&itag=22&source=youtube&requiressl=yes&xpc=Eghovf3BOnoBAQ==&mh=_z&mm=31&mn=sn-1gi7znek&ms=au&mv=m&mvi=3&pl=24&susc=gvp&acao=yes&ctier=L&mime=video/mp4&vprv=1&dur=424.460&lmt=1700303567675469&mt=1700480965&cpn=mnCeU5LBUJZQOFTY&txp=5532434&sparams=expire,ei,ip,id,itag,source,requiressl,xpc,susc,acao,ctier,mime,vprv,dur,lmt&sig=ANLwegAwRgIhAK7OYBO1OyBeEp6OwWwR4qPfzExng79aVG7SQDeTkUGoAiEA9hhgi93d_5y57GNFmM2eZ0I5nCX07NqvcEDFDhkJRrM=&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AM8Gb2swRAIgFInSCShTS2YZnTP68GNK3EyRHlrea6xia4RO17iXMHwCIHNWvfMmVarkseB8iBGRQhPPtUh3LThCC-WrrQi-5hj7
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/shi-ni-ma-bei-shi-xiong-hao-quan-ti-zao-fa-fang-11wei-xing-yun-er-zhong-5zhang-quan-shuang-na-3000.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
74.125.108.200 -, , ASN (),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

Date
Mon, 20 Nov 2023 11:54:27 GMT
X-Content-Type-Options
nosniff
Last-Modified
Sat, 18 Nov 2023 10:32:47 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
video/mp4
Content-Range
bytes 0-22460859/22460860
Cache-Control
private, max-age=28500
Cross-Origin-Resource-Policy
cross-origin
Connection
close
Accept-Ranges
bytes
Alt-Svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length
22460860
Expires
Mon, 20 Nov 2023 11:54:27 GMT
VideoBidRequestHandlerServlet
am-wf.taboola.com/ 		2 KB
786 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://am-wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=165757&tagid=946347&crid=-1&noaop=3&sortOrderType=0&cb=1700481267472&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=4&pv=148380820&pt=557830503&tz=60&viewable=true&ddast=V8POUCLAZkVtFOZL_RtRHIrKKdyH6jaysAAABgYID-AElNTA7TxrZaiwarkVs0mNjcwsFm5FaOXCabYTWYjYwbIyCpiclh2thWa9FgNXKLBhObWzjYjNzKkctkM6wGs5FxYwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ8aDodPte9Xvf73SU-z1zj9yv8mqPTLXe61Q63xOV0a45Ot_Dpt_vcQoffrXg97G7R0y19-N0yh1vmsPvcisXu5XQLn3afW_m6u1WWt_Tot_vcqunRYfe5Fa-H3a05uh52n1vucGsGg8FcaHqb7QAAAADgwf___z8EAAAAgAgAAAAAEgAAAAAoBFT4tyBwAQAAAADD____vwaAZw4L7PIcFB6Hx-nw_AMAAAAACAAAAAASAAjohyUAYoz3Tvz_________xxigz7yR8f___3_DoAfAgw-AByEAAAAfQwTQPjbH58iwiRQUFmEEAAAAoGoYnuPIJJ2gYlHl__-_3wrAFQCAgEV2SmeQLLqDEm9hAAAABMYs0MPi95sddo3f7TL__________2b-z_yjEcIRfkwDRIxir-YXEABgzS8gAAAbdQMA8EYATtAhaMVgsDoBMTsAAAAAd_7____1gIjDNHMOVi7TYjNzOYcby8hjs3gmM99i4Rk5R6PtMRZgsGZMHSrssyEss993UFBOT4_ZZZCxXCaD-KBhWE4GwfxM2GK0mkw2y-FsuZgMhqPhaLQ_ArgcoIkYLJeTyWKyW41Wo81wN5oNFkggBhNE0aLBZDUaTRaT4Wo0Wc2Wi91ugyhatZqNNoPhajaZ7Xar4WC4HI3QhC1Gq8lksxzOlovJYDgajkZDBIODmWkwWQ3XopFt5BYNZ6O1cGTzuDWb2cg0Gy4Xi9FwLXp9TB_XaOOyDbdIMEBwL5KnRTpRmUaWkWUzWS1sholntRltHJ7dauYYLWariclkmoglmpNFOpFd9hWHaeYcrFymxWbmcg43lpHHZvFMZr7FwjNyjkb74mBmGkxWw7VoZBu5RcPZaC0c2TxuzWY2Ms2Gy8ViNFyLXh_TxzXauGzDfWM3GIyGi8lqtm_sBoPRcDFZzfYdOsN39TkblWWV5KNzGoa1pq3mNChcBov3pT6dhwVjQfv7HJ0mj-hZ1Bn9fr_f7_f7_X6_36D1HMwGhe95-Aunj-W5HM5GD2KDQRFLBBfpRPAwux2ml1vi82z8FrFEabpIJ3qFX3N0uuVOt9rhlricbs3R6RY-_XafW-jwuxWvh90terqlD79b5nDLHHafW7HYvZxu4dPucytfd7fK8pYe_XafWzU9Ouw-t-L1sLs1R9fD7nPLHW7NYDCYC01vs0UsEZwu0onoZTxd1H_UgKu5YrmaS0aDuWS4SgAAAAAAAAAAlmCa6SYAAAAATgY13AwXq3U6mMlsMtitlgvgIihLFzAIAAAAAABAscYea4CH2e0wvdwSn2fjtzIACeY8Zpt9RhBrtVrWAAAABLABAAAEcNONN4FjUdz_____OAAAADJy6AEAANDvA8I6cKXQC0fiVxCLxWC4fwAqxFqtVrcba7VaAQ1iN9pMJhP4____Dw!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=1&dtagid=3262075&dpubid=583815&abtst=adxsub-out_vA!adxsub-out_vB!lvlstst-in2_vC!lvlstst-in2_vC!lvlstst1_vC!pl148380-820_vA!t45!u2822_vA!ufm_vG&mPre=0.033&cirf=https%3A%2F%2Fwww.bg3.co&en=1&subu=3
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.5.9/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
995db8bd8b5b94fff564161ad51dd4733b70d72d2bb2e8dfd931ecbcf5052c67

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
text/plain

Response headers

pragma
no-cache
date
Mon, 20 Nov 2023 11:54:27 GMT
content-encoding
gzip
server
nginx
machineid
1419
vary
Accept-Encoding
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
expires
Sat, 26 Jul 1997 05:00:00 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame B2F0 		0
48 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=158810&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.20 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 11:54:27 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
SPug
simage4.pubmatic.com/AdServer/ Frame 48C6 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=162412&gdpr=0&gdpr_consent=&us_privacy=1YN-
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.20 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 11:54:27 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202111/2bf882849e3465db1eb55a718fa91639.jpg
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202309/9436781df30adda9cc1ad7f81ab6f203.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202112/62e76284948495397491fd259a83a640.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202109/58d0d4e5ac25132e2b1f1cad91b26d52.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202309/28273d5d9d6990579d63c5f67caf162a.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202203/f7d23c997f931c0ea6b7cd23bd0a74cc.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202201/2bf882849e3465db1eb55a718fa91639.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202112/ee089dea41efa1cf49df83e5e893180c.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202111/cde17d7cb7036a83dddb8ced87e2eef9.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202106/33f5b5b37777a7593e07e026d1e3ac50.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202111/60dd441d9d3f3bb2c5f2879e82d4cbdb.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202310/181e1e1719a83efe37f9f1648972aab1.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202110/30b15266f952e1e27fdfff0462ab340a.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202112/5bd01fceddc112c377fe58f03ceffea8.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202111/b00ad1e581647b85b22d63f4a80162c3.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202309/ec275d6dc73e90f39946e53d0c9228d8.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202310/1e77e81eb96db75da4615d8e00368945.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202309/9acaddc229779614bccd63aa38e17f02.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202106/14ad466621d64ee27504f558ba4d2fce.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202310/e4a4daccb980b8f00615a45d476b3e2d.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202310/c1c0730bf13ee13dd8f4eb6859d356ca.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202309/ad1e9ececa31411bb33077d541532f95.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/1e1d2f5e724af6a21a29b811732a5bf7.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202110/5e0085d69a88e650cfe07b39796e70ce.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/45b27ea2ff34ce70865ae030e3c3277d.jpg?w=150&h=100&q=100
Domain
sync.go.sonobi.com
URL
https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D332%26uid%3D
Domain
sync.go.sonobi.com
URL
https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsonobi%26google_push%3DAXcoOmReY4VcSFdZLN7iMnOHGKiIoKsk_fmY6JfVUNrpo7tsl7LDMjfK9Sttc3ijVfuN-kMk-NM2Sbk20i2B1ahkqSD1mcIsEcFYhStLZlAbwUPXFhcpuP2hXPTwMMNgw_NZybQ1_UYyYWXvij2frutIbtbR%26google_hm%3D%5BUID%5D&google_gid=CAESEHVazq6dkV6YbYil4v3M3TU&google_cver=1
Domain
ad.mrtnsvr.com
URL
https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent=
Domain
cm-supply-web.gammaplatform.com
URL
https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel

Verdicts & Comments Add Verdict or Comment

213 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| documentPictureInPicture function| gtag object| dataLayer object| _taboola number| sc_project number| sc_invisible string| sc_security object| adpushup object| ucfad_async object| unibots function| _statcounter object| regeneratorRuntime object| totm object| mvPlayer boolean| UBP_DEBUG function| reactSiteCheck boolean| mobileCheck string| clientDomain string| clientActualDomain boolean| playerRun boolean| reactSite string| previousUrl function| runCMD function| unibotsLog function| insertRequriredJsToDom function| injectCustomJs function| checkBlocked function| getGeoInfo function| fetchJsonData function| fetchJsonData_new function| unibotsPlayer function| initMVPlayer function| addPlayerCssonMainWindow function| checkIframe function| generateIframe function| startFunc function| injectAdditionScriptTagsOnDOM function| movedivtotargetLocation function| checkPlDivs object| adRecover function| setImmediate function| clearImmediate function| _typeof object| TRC object| _tblConsole undefined| msg object| AMP object| AMP_CONFIG object| AMP_EXP object| __AMP_LOG function| HTMLElementOrig object| __AMP_ERRORS object| __AMP_MODE function| __AMP_REPORT_ERROR object| __AMP_TOP object| __AMP_SERVICES object| __AMP__EXPERIMENT_TOGGLES object| __AMP_URL_CACHE boolean| __AMP_TAG object| __AMP_EXTENDED_ELEMENTS function| __AMP_BASE_CE_CLASS function| __trcCopyProps function| __trcFromError function| __trcClientTimestamp function| __trcLog function| __trcError function| __trcDebug function| __trcInfo function| __trcWarn function| __trcWarnUsingBeacon function| __trcDOMWalker function| __trcJSONify function| __trcUnJSONify function| __trcTrim function| __trcGetElementsByClass function| __trcToArray function| __trcObjectCreate function| PageManager function| addHashParam number| trc_debug_level string| trc_article_id object| TRCImpl number| taboola_view_id object| google_tag_manager object| google_tag_data object| googletag object| ggeac object| google_js_reporting_queue function| onYouTubeIframeAPIReady object| gaGlobal function| checkFrameandInitStartFun function| processData function| $ undefined| jQuery function| jqAlias string| currentState object| adpGlobals object| _apPbJs object| hbAnalytics object| adpTags string| nam object| placementData undefined| google_measure_js_timing object| google_reactive_ads_global_state number| google_unique_id object| ucf object| request string| paramsString object| _qevents object| ap_link_preview_states object| apLinkPreviewUtils object| apEuCountries object| _apPbJsChunk object| mnet string| nobidVersion object| nobid object| Criteo object| cmTag function| io object| ubp_pbjsChunk object| ubp_pbjs object| _ubp_pbjsGlobals function| quantserve function| __qc object| ezt object| _qoptions object| _cm_wfCounters string| lastWfUrl function| autoDiv_or_FrameChecker object| adArray boolean| blockedPagesFlag function| loadStyles function| initFunction function| runPlayer function| shouldPlayerRun function| clientJsFunction boolean| descriptionPage object| _google_rum_ns_ object| google_persistent_state_async number| google_global_correlator function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList number| google_srt object| google object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$companion_ad_selection_settings object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ads_rendering_settings object| ima object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error_event object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_event object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ads_manager_loaded_event object| goog function| Zepto object| Backbone function| startCMTagMain string| category object| google_ad_modifications object| google_prev_clients function| OvaMediaPlayer object| vttjs function| WebVTT function| videojs function| shuffle object| entertainment object| arrToUse object| playlist object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager function| _createForOfIteratorHelper function| _unsupportedIterableToArray function| _arrayLikeToArray function| videojsContribAds object| $jscomp object| canAutoplay function| videojsPlaylist function| videojsIma function| isValidVideo string| myPlayerGabywa object| oldScript object| attr object| divWrapper object| closure_lm_866779 object| criteo_syncframe_state object| criteo_pubtag object| criteo_pubtag_prebid_135 object| Criteo_prebid_135 object| closure_lm_907545 function| prepareAdRequest

198 Cookies

Domain/Path Name / Value
i.liadm.com/s Name: _li_ss
Value: Cg8KBgiiARDFFgoFCAoQxRY
.bg3.co/ Name: sc_is_visitor_unique
Value: rx12918656.1700481256.ECD3169F087E4FA2D1591EFFDA2CF845.1.1.1.1.1.1.1.1.1
.statcounter.com/ Name: is_unique
Value: sc12918656.1700481256.0
.statcounter.com/ Name: is_visitor_unique
Value: 1700481256432001839
.bg3.co/ Name: _ga_JLX4K2W8JS
Value: GS1.1.1700481256.1.0.1700481256.0.0.0
.bg3.co/ Name: _ga
Value: GA1.1.861161258.1700481257
www.bg3.co/ Name: __AP_SESSION__
Value: 19560c6b-b3e4-4604-a43e-6fbc83e483ad
www.bg3.co/ Name: trc_cookie_storage
Value: taboola%2520global%253Auser-id%3D80f40258-4d6d-4864-8dfc-336d46891148-tuctc54ce68
www.bg3.co/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.bg3.co/ Name: _pubcid
Value: 5e0a9803-cd22-4857-b3a4-88ecef38bb56
.bg3.co/ Name: __gads
Value: ID=1a41361e827bc7a2:T=1700481257:RT=1700481257:S=ALNI_MYFSSKGpZM-0LwDSvHsIEtPXCrmyw
.bg3.co/ Name: __gpi
Value: UID=00000cceb2dbfa89:T=1700481257:RT=1700481257:S=ALNI_MZprw4zR294mb7E3ZeSjhnV_dgsUQ
.openx.net/ Name: receive-cookie-deprecation
Value: 1
.omnitagjs.com/ Name: ayl_visitor
Value: 49e8f2aa0ee5f7f46ea75408df45712c
.aralego.com/ Name: sspid
Value: 85cafe20-f5eb-38ad-8f29-8901d274b545
.teads.tv/ Name: tt_viewer
Value: 8adde49d-de5a-4b5d-a829-faebc86d335c
.teads.tv/ Name: receive-cookie-deprecation
Value: 1
.adform.net/ Name: C
Value: 1
.prebid.a-mo.net/ Name: __amc
Value: 2_1700481258_1700481258
.rubiconproject.com/ Name: khaos
Value: LP6UMWJB-1L-S8I
.aralego.com/ Name: euconsent-v2
Value:
.adform.net/ Name: uid
Value: 4117521118395718454
.adform.net/ Name: TPC
Value: 1700481258870
.quantserve.com/ Name: mc
Value: 655b48ea-de535-686e4-88900
.bg3.co/ Name: __qca
Value: P0-426779085-1700481258360
.yahoo.com/ Name: A3
Value: d=AQABBOtIW2UCENyMmNUR2BYjKGiTfRdfZIMFEgEBAQGaXGVlZQAAAAAA_eMAAA&S=AQAAAjhHom4zMz6Zbpqp931cWsM
.doubleclick.net/ Name: IDE
Value: AHWqTUnGUohfhqsW2-vWJdOw2_2qPTpdqA0EyDv8rCh1sB2u8LzJwSEldlQ7fMy-6AI
.bidr.io/ Name: bito
Value: AADaS07KtpIAABQ8zLmq8A
.bidr.io/ Name: bitoIsSecure
Value: ok
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.prebid.a-mo.net/ Name: _sv3_7
Value: 1
.bg3.co/ Name: _ga_Z0TZ7TDHS1
Value: GS1.1.1700481259.1.0.1700481259.0.0.0
.ad-srv.net/ Name: u8x7eovwf3h6_uid
Value: de9aac0ad687e01d
.amazon-adsystem.com/ Name: ad-id
Value: A8XkB1sM3EOZjQwV0NnZPqw
.connatix.com/ Name: cnx_userId
Value: 214defb25a734930abcc74c6653a94ac
.tapad.com/ Name: TapAd_TS
Value: 1700481260119
.tapad.com/ Name: TapAd_DID
Value: e20e4a63-fafb-400b-8459-ec7cab95c3b6
.linkedin.com/ Name: bcookie
Value: "v=2&e595ed82-d266-47fd-821d-535cfcec478d"
.linkedin.com/ Name: li_gc
Value: MTswOzE3MDA0ODEyNjA7MjswMjHkpmXKSoYFYiTXlkmTi18zcKE4/Pk++r2ZW04DQfmeTw==
.linkedin.com/ Name: lidc
Value: "b=OGST09:s=O:r=O:a=O:p=O:g=2646:u=1:x=1:i=1700481260:t=1700567660:v=2:sig=AQGohaqWVxMOuVpqo3LJfo9lRAHukGTH"
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value:
.primis.tech/ Name: csuuid
Value: 655b48ec5c9e5
.casalemedia.com/ Name: CMID
Value: ZVtI7K260X9zfc-X-dAvRwAA
.casalemedia.com/ Name: CMPS
Value: 2205
.casalemedia.com/ Name: CMPRO
Value: 2205
.bg3.co/ Name: _ga_700YDXWXPV
Value: GS1.1.1700481261.1.0.1700481261.0.0.0
.doubleclick.net/ Name: ar_debug
Value: 1
.teads.tv/ Name: tt_exelate
Value:
.teads.tv/ Name: tt_bluekai
Value:
.teads.tv/ Name: tt_liveramp
Value:
.teads.tv/ Name: tt_neustar
Value:
.teads.tv/ Name: tt_salesforce
Value:
.criteo.com/ Name: uid
Value: cf3e3e33-bb23-4edf-a138-da3a704b9cdc
.agkn.com/ Name: ab
Value: 0001%3AQsLbcfLOq3hJZlW2ZBJthJEorDZg1THi
.krxd.net/ Name: _kuid_
Value: P7VZrWJz
.redintelligence.net/ Name: 8lcfmzhxc8d6_uid
Value: 8a860adc9b275dd3
www.bg3.co/ Name: pbjs-unifiedid
Value: %7B%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222023-11-20T11%3A54%3A21%22%7D
.openx.net/ Name: i
Value: 7af994cd-b0c8-040b-2729-0f9a06ad4670|1700481261
.openx.net/ Name: pd
Value: v2|1700481261|gen0vNvQiygu
.bluekai.com/ Name: bku
Value: m3X99mN/VtDVB0yv
.bluekai.com/ Name: bkpa
Value: KJy9DQY+d02pSUHknpx6meDTwtkAwECCjsHkBekAnVHkBVW+Bs/NjYNCme/8nVjCjVJMmejA1p1NRN2k5P2MSYjLSVNo5e6hJk26wEWl1e96meW0BMWpBe/e99eqaIL=
.adnxs.com/ Name: uuid2
Value: 7474076783371387213
.lijit.com/ Name: ljt_reader
Value: HsAqvRZHqZL_pNejT3SGL5gs
.awin1.com/ Name: awpv11467
Value: 414915|1700481262|8b6cd470-879b-11ee-92fe-22394270969d
.awin1.com/ Name: awpv15168
Value: 414915|1700481262|8b6e0cf0-879b-11ee-98d5-22653d8c0e4c
.servenobid.com/ Name: pid_339
Value: y-GZbQZpdE2uHksfl28tIOoCDtWvyIBXHTJ63c6C8-~A
.servenobid.com/ Name: pid_337
Value: y-GZbQZpdE2uHksfl28tIOoCDtWvyIBXHTJ63c6C8-~A
.lijit.com/ Name: _ljtrtb_273657
Value: 273657
.onetag-sys.com/ Name: OTP
Value: SUNmv8MeOZzj1OURt-HXkjbLM8kO2PZ9r3sKMEFFPnI
.bidswitch.net/ Name: tuuid
Value: b9472c9d-d39c-4b72-aa46-b46d4f527426
.bidswitch.net/ Name: c
Value: 1700481262
.bidswitch.net/ Name: tuuid_lu
Value: 1700481262
.servenobid.com/ Name: pid_318
Value: eKBWEYpaotmCG1hZoNbYdik_XtkLPYeiwU2tMpj_SrU
.servenobid.com/ Name: pid_312
Value: 7474076783371387213
.smartadserver.com/ Name: pid
Value: 1703576616450435731
.servenobid.com/ Name: pid_310
Value: HsAqvRZHqZL_pNejT3SGL5gs
.t23.intelliad.de/ Name: iact
Value: 00011666EFD7C953909A0E631DF3C677C9AC
.t23.intelliad.de/ Name: iaimp_42842
Value: 1700481262:42842:100:137:101:248:101:202311201154225962017e76824068
.gumgum.com/ Name: vst
Value: e_4ac23427-36c5-4f53-b0f5-3102736fdd19
.servenobid.com/ Name: pid_333
Value: ZVtI7K260X9zfc_X_dAvRwAACJ0AAAAB
.ads.stickyadstv.com/ Name: UID
Value: 28971733828fdc2105d35b02078b7c9
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNjU0MDcxNrYwNjSwMLE0NzazNBLiM9R1N8rKCazM0Y30TYkAAKdSBQYlAAAA
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNjU0MDcxNrYwNjSwMLE0NzazNBLiM9R1N8rKCazM0Y30TYkAAKdSBQYlAAAA
.smartadserver.com/ Name: TestIfCookieP
Value: ok
.smartadserver.com/ Name: pbw
Value: %24b%3d16890%3b%24o%3d11100
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 4183471A-AE64-47F0-9BED-A2E4BE6A654E
.minutemedia-prebid.com/ Name: wrvUserID
Value: cjH5MJzzCp_mm
.servenobid.com/ Name: pid_317
Value: 2900844281158740583
.servenobid.com/ Name: pid_353
Value: 0000EEA
.awin1.com/ Name: AWSESS
Value: 346432:2246412
.yellowblue.io/ Name: wrvUserID
Value: -zT8MJ--kp_s
.disqus.com/ Name: zeta-ssp-user-id
Value: ua-21bf0895-e317-3c53-877e-44c5746bd37b
.3lift.com/ Name: tluid
Value: 3132245888298051440211
.media.net/ Name: visitor-id
Value: 3434828620434827000V10
www.conrad.ch/ Name: HTLP_timestamp
Value: 1700481262950
www.conrad.ch/ Name: CEAffHA
Value: AW
.www.conrad.ch/ Name: __cf_bm
Value: x_ib7Y7BXFSAM6JZ1x1n63OLRqUZHuFA8af1KSXa_pc-1700481262-0-AbDhJDPkHprOflrZbrGaq494jK5ObigehTf3nfUnb27j+hm30WjBqMAQaCxQkhI1ZkvGEPKPRMlJlbu4HEhsHCs=
.servenobid.com/ Name: pid_309
Value: e_4ac23427-36c5-4f53-b0f5-3102736fdd19
.360yield.com/ Name: tuuid
Value: e15db571-bef7-4663-8073-3076ef359599
.360yield.com/ Name: tuuid_lu
Value: 1700481263
.turn.com/ Name: uid
Value: 8792481988559257043
.metadsp.co.uk/ Name: ruuid
Value: 6762e454-e412-4973-818b-489dcdb48b77
.metadsp.co.uk/ Name: c
Value: 1700481263
.metadsp.co.uk/ Name: ruuid_lu
Value: 1700481263
.contextweb.com/ Name: V
Value: 8S1oQI9hAMEP
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: 065284337c6a8320
.yieldmo.com/ Name: yieldmo_id
Value: 3FHYPrrWWOre2k4QZy9Z%7C1700438400000%7C0
.servenobid.com/ Name: pid_348
Value: cjH5MJzzCp_mm
.servenobid.com/ Name: pid_352
Value: -zT8MJ--kp_s
.csync.loopme.me/ Name: viewer_token
Value: e0a6361e-61c3-4eac-aa8c-3123c77fc06c
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-5275d14c-ad27-51bf-53ba-7b44a41015d1.tXIHfuw7Q0s8vYBckwu8PWI7rfUqEc0tO80CEA9C%2F2Q
.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-5275d14c-ad27-51bf-53ba-7b44a41015d1.tXIHfuw7Q0s8vYBckwu8PWI7rfUqEc0tO80CEA9C%2F2Q
sync.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AUnXRTK0nUb9TuntEpBAV0VXD8Bw.WPhcGpoB2hyR1DkmngsAzp2J7eUMB5aLsaTxmqLE3BQ
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AUnXRTK0nUb9TuntEpBAV0VXD8Bw.WPhcGpoB2hyR1DkmngsAzp2J7eUMB5aLsaTxmqLE3BQ
.creativecdn.com/ Name: ts
Value: 1700481263
.creativecdn.com/ Name: u
Value: WJ0uIHaRmFD4EgG8WYzR
.creativecdn.com/ Name: g
Value: WJ0uIHaRmFD4EgG8WYzR_1700481263172
.liadm.com/ Name: lidid
Value: f87a751a-0d4c-4ec9-9feb-3fc873cbf8f1
.mediago.io/ Name: __mguid_
Value: f34e96999ebc24ab21fxv200lp6un036
.quantserve.com/ Name: d
Value: EM8BEQG8KvijCJiTAA
sync.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKINyQfBy-NYDJQGdckuyV0suHgPheGTSldU5f2AmvodStEHwYBCDvke2qBjABOgTwi70wQgRAP6-b.GxEN7hr4lbBuvvzIpnVatd2WxVS8jyTRWFKCXtUeIzk
.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKINyQfBy-NYDJQGdckuyV0suHgPheGTSldU5f2AmvodStEHwYBCDvke2qBjABOgTwi70wQgRAP6-b.GxEN7hr4lbBuvvzIpnVatd2WxVS8jyTRWFKCXtUeIzk
.analytics.yahoo.com/ Name: IDSYNC
Value: "18vk~2f5n:19e0~2f5n:196n~2f5n:194o~2f5n:175w~2f5n:18z8~2f5n"
.conrad.ch/ Name: __cf_bm
Value: O51ge.Q0Bi.q7UMwhBajzviesOXKNSd73rSpsxi40_Y-1700481263-0-ARurx56YGt+0oSWE4GIODlbkKsPtt7XeiJBuwwS8TOld3y9E9EUpPpFIwlr7lFP3W1oV/+3m4RjayHFtHsjE1nY=
.pubmatic.com/ Name: KRTBCOOKIE_18
Value: 22947-5107433831084973692
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-dd1H8nfQF_FujBelcN1fpnveF6Ru0Eqpc9iBILK6&KRTB&19420-dd1H8nfQF_FujBelcN1fpnveF6Ru0Eqpc9iBILK6&KRTB&22979-dd1H8nfQF_FujBelcN1fpnveF6Ru0Eqpc9iBILK6&KRTB&23462-dd1H8nfQF_FujBelcN1fpnveF6Ru0Eqpc9iBILK6
.servenobid.com/ Name: pid_316
Value: 4183471A-AE64-47F0-9BED-A2E4BE6A654E
.adfarm1.adition.com/ Name: UserID1
Value: 7303511412063664278
.ipredictive.com/ Name: cu
Value: 3d623962-00d1-4f7b-9ffd-91061e88e62a|1700481263546
.ctnsnet.com/ Name: cid_81d0b52e9ee447f5970455e50d407767
Value: 1
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESEHKM539-nEtZRjAXRY3UskM&KRTB&23025-CAESEHKM539-nEtZRjAXRY3UskM&KRTB&23386-CAESEHKM539-nEtZRjAXRY3UskM
.zemanta.com/ Name: zuid
Value: 3Cdbz4nENmYghW6LyDZs
.rubiconproject.com/ Name: audit
Value: 1|hLZGFuTafB3Y+Yb3RNCDFH4Iuj37Kefgx++Laj0E0KxqhY5XI4ednytzQEqEF9Fp0EDmZOSFlB1gEJ9oO5p1Ek7+8UWvn5lu
.adx.opera.com/ Name: UID
Value: OPU46c4162635e74bf0accfc7489ba82f87
.rezync.com/ Name: zync-uuid
Value: 85718b52-9398-4014-ba2d-4404aaf88991:1700481263.6458466
.weborama.fr/ Name: AFFICHE_W
Value: aw1pS-Sjdlpr88
.pubmatic.com/ Name: KRTBCOOKIE_1101
Value: 23040-7303511412063664278&KRTB&23369-7303511412063664278
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-8792481988559257043&KRTB&23150-8792481988559257043&KRTB&23527-8792481988559257043
.pubmatic.com/ Name: KRTBCOOKIE_860
Value: 16335-UnXRTK0nUb9TuntEpBAV0VXD8Bw&KRTB&23334-UnXRTK0nUb9TuntEpBAV0VXD8Bw&KRTB&23417-UnXRTK0nUb9TuntEpBAV0VXD8Bw&KRTB&23426-UnXRTK0nUb9TuntEpBAV0VXD8Bw
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-4117521118395718454&KRTB&23263-4117521118395718454&KRTB&23481-4117521118395718454
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-7474076783371387213&KRTB&23339-7474076783371387213
.pubmatic.com/ Name: KRTBCOOKIE_945
Value: 19558-uid:&KRTB&23513-uid:&KRTB&23537-uid:
.adsby.bidtheatre.com/ Name: __kuid
Value: d80d9c84-e311-4d24-bf5e-5fa7f88f02dd.469695263
.servenobid.com/ Name: pid_323
Value: LP6UMWJB-1L-S8I
.sitescout.com/ Name: ssi
Value: 7b35772a-07a0-48b1-a6ad-b17e27b836f3#1700481263722
.de17a.com/ Name: guid
Value: 1.6979124475729010895
.creative-serving.com/ Name: tuuid
Value: 73ace345-1c47-4cb4-b6b4-120dbea4e5a8
.creative-serving.com/ Name: c
Value: 1700481263
.creative-serving.com/ Name: tuuid_lu
Value: 1700481263
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-f6121b9c-7255-429e-ba89-3ba03e08ed8e-003%22%7D
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_13MsQ2AMAwEQDEAVeYwsp2P7bBNIsRAlJSMwHhUlESU19w9zeLMCFHLsHgGq7MdyaO4RC9KNdcgsIB6040ARmt7RK2yfsliKAGzMw2zm18_v5Il8MV6AAAA
.rfihub.com/ Name: euds
Value: H4sIAAAAAAAA_wXBwRGAMAgEwI_t4AA54LAbMhkLsXJ3v6sYZdzh0qspUIPs8SOAYuYlu-2xUgXNc92JIDJ_u_5YPzoAAAA
.pubmatic.com/ Name: KRTBCOOKIE_1323
Value: 23480-OPU46c4162635e74bf0accfc7489ba82f87&KRTB&23485-OPU46c4162635e74bf0accfc7489ba82f87&KRTB&23524-OPU46c4162635e74bf0accfc7489ba82f87
.smartadserver.com/ Name: csync
Value: 124:e0a6361e-61c3-4eac-aa8c-3123c77fc06c|127:AADaS07KtpIAABQ8zLmq8A
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZVtI7wABCfk8agBd
.audrte.com/ Name: arcki2
Value: 9f2ewp4hcraRKCZfXBxkK4KDQ!20220908!1700481263849!ip#85.195.240.28
.audrte.com/ Name: arcki2_pubmatic
Value: 4183471A-AE64-47F0-9BED-A2E4BE6A654E!20220908!1700481263849
.sitescout.com/ Name: _ssuma
Value: eyI0NSI6MTcwMDQ4MTI2Mzg1NH0
.servenobid.com/ Name: pid_321
Value: RX-f6121b9c-7255-429e-ba89-3ba03e08ed8e-003
.crwdcntrl.net/ Name: _cc_dc
Value: 1
.crwdcntrl.net/ Name: _cc_id
Value: d2a4031059ec0e3e6fe317187fe9f6e0
.technoratimedia.com/ Name: tads_uid
Value: GDPR
.pubmatic.com/ Name: KRTBCOOKIE_336
Value: 5844-6979124475729010895
.contextweb.com/ Name: pb_rtb_ev
Value: 3-1o3i|7dN.0.AADaS07KtpIAABQ8zLmq8A|7bq.0.1
.pubmatic.com/ Name: KRTBCOOKIE_188
Value: 3189-7b35772a-07a0-48b1-a6ad-b17e27b836f3-655b48ef-4348&KRTB&23418-7b35772a-07a0-48b1-a6ad-b17e27b836f3-655b48ef-4348
.pubmatic.com/ Name: KRTBCOOKIE_466
Value: 16530-b9472c9d-d39c-4b72-aa46-b46d4f527426
.dotomi.com/ Name: DotomiTest
Value: 1fc6b934b7bf1848
.audrte.com/ Name: arcki2_ddp2
Value: 9f2ewp4hcraRKCZfXBxkK4KDQ!20220908!1700481263981
.simpli.fi/ Name: suid
Value: A379DE2D888F489CB298C763DF3EA238
.pubmatic.com/ Name: KRTBCOOKIE_148
Value: 19421-uid:A379DE2D888F489CB298C763DF3EA238&KRTB&23486-uid:A379DE2D888F489CB298C763DF3EA238&KRTB&23489-uid:A379DE2D888F489CB298C763DF3EA238&KRTB&23539-uid:A379DE2D888F489CB298C763DF3EA238
.pubmatic.com/ Name: KRTBCOOKIE_699
Value: 22727-AADaS07KtpIAABQ8zLmq8A
.pubmatic.com/ Name: KRTBCOOKIE_32
Value: 11175-AAAItEm7Y8jAUQNrKplkAAAAAAA&KRTB&22713-AAAItEm7Y8jAUQNrKplkAAAAAAA&KRTB&22715-AAAItEm7Y8jAUQNrKplkAAAAAAA&KRTB&23519-AAAItEm7Y8jAUQNrKplkAAAAAAA
live.rezync.com/ Name: sd-session-id
Value: .eJwNylEOgyAMANC79FuWlhZouYzByRKy6RZxPzPefX6-5B0wfuq2lLWuO-R9-9YB7q92qUM-oLffUp-QIRAmYVYmVLHE0TycA_Tae3uvY5uvoyGRTsE7Y1MnSOKm4mcnglLKQ9WMMiVEUfKRb1GCSoxw_gGJTCS5.ZVtI8A.bFlzKl2hJGvYGlmat4kSa6fSwDg
.audrte.com/ Name: arcki2_adform
Value: 4117521118395718454!20220908!1700481264122
.servenobid.com/ Name: pid_324
Value: 5141210828243336249
.socdm.com/ Name: SOC
Value: ZVtI8MCo8XsAAATsBpAAAAAA
.rlcdn.com/ Name: rlas3
Value: xkxP1njYBkyvvsokBk4SG+8eNvdzFz7Bxd69EpLbitg=
.rlcdn.com/ Name: pxrc
Value: CO2R7aoGEgUI6AcQABIGCLbqARADEgYIuuoBEAA=
.servenobid.com/ Name: pid_346
Value: ua-21bf0895-e317-3c53-877e-44c5746bd37b
.pubmatic.com/ Name: SPugT
Value: 1700481264
.ads.pubmatic.com/ Name: KCCH
Value: YES
.pubmatic.com/ Name: DPSync3
Value: 1701648000%3A235_227_226_219_197_201_245_241
.pubmatic.com/ Name: SyncRTB3
Value: 1701734400%3A35%7C1703030400%3A203%7C1701648000%3A56_238_54_176_196_8_165_166_264_234_46_3_214_21_22_81_13_161_251_220_71_55_233_88_249_254_243_7_99%7C1701302400%3A63%7C1701043200%3A223_15_2%7C1705622400%3A69
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-f6121b9c-7255-429e-ba89-3ba03e08ed8e-003%22%2C%22zdxidn%22%3A%221508%22%2C%22nxtrdr%22%3Afalse%7D
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 4
.pubmatic.com/ Name: pi
Value: 0:4
.smilewanted.com/ Name: sw_user_params_infos
Value: 5uZA0qMoUPzxoKGAnt8ti%2BBMmb1MiYyyc71SV7fGkcOvOsuHZGfRlfxSVyGiXP80HR1cShVAY7ripKQ2DnRyWSZD14%2FbxBL3XL8JzLJTo4SoIuBclL7gMeKRMVRgty%2FwJBtJA3gcDwBK71PY0nWcfOwxzq4n0SSYF%2FbmG9OtEke9tLngSEuU5En2p0dMb5mQLKhuE%2BMQrMShhY5W4gnmgyJyFwzZ3bl02TNxO%2BsWXfPVP%2FN2n7OC5VplENH0goG%2FAPJatdKnS3SgUfCxjULDQjVOBaqKCKU92gBF5U2eDdMBip7iamoYnEZx%2Bn5DKWiKzZbAcAmlWlyRYbVD0x1xy91hL4AyUjD%2Bffr1p%2F18jfuIcH7ZqwWXtKzlhyo5b2h3dWVt2sbBglp%2FPOu5x8AJ%2Flb%2FOKq85Twq9vfvkYz%2FhI9gTYKuBEJNd2r%2BWLK87rH9f%2Bufv6SIE34Cakw0T7Vq1jQL7mVR4yPfbU6XjGRCfyhfjXdPLTLo7eFQTDi8VJ%2F2
.ads.pubmatic.com/ Name: pubsyncexp
Value: 1700502866248
.onaudience.com/ Name: done_redirects104
Value: 1
.onaudience.com/ Name: done_redirects147
Value: 1
.semasio.net/ Name: SEUNCY
Value: AE66FDB20D037F4E
.onaudience.com/ Name: done_redirects282
Value: 1
.onaudience.com/ Name: cookie
Value: 018a62b0b37f02a7
.onaudience.com/ Name: done_redirects200
Value: 1
.zeotap.com/ Name: zc
Value: 7289d091-2969-41d6-4962-67d0ffef8f9d
.pubmatic.com/ Name: PugT
Value: 1700481266
.pubmatic.com/ Name: KRTBCOOKIE_409
Value: 22966-39puKE4JabSgUXhahYTMaXgT
.tribalfusion.com/ Name: ANON_ID
Value: aOntuJSyZaRHRT8vnPIvClMgo9PZd4vx9aCyADIkSjbI2tZb9PorG1cJ33H5jcrKHN82IDZdBrkZce00SwXRrIc8DfoeJ

30 Console Messages

Source Level URL
Text
network error URL: https://static.bg3.co/imgs/202111/cde17d7cb7036a83dddb8ced87e2eef9.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202201/2bf882849e3465db1eb55a718fa91639.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202111/2bf882849e3465db1eb55a718fa91639.jpg
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202309/9436781df30adda9cc1ad7f81ab6f203.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202112/ee089dea41efa1cf49df83e5e893180c.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202203/f7d23c997f931c0ea6b7cd23bd0a74cc.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202309/28273d5d9d6990579d63c5f67caf162a.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202112/62e76284948495397491fd259a83a640.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202109/58d0d4e5ac25132e2b1f1cad91b26d52.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202106/33f5b5b37777a7593e07e026d1e3ac50.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202112/5bd01fceddc112c377fe58f03ceffea8.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202111/b00ad1e581647b85b22d63f4a80162c3.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202111/60dd441d9d3f3bb2c5f2879e82d4cbdb.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202310/181e1e1719a83efe37f9f1648972aab1.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202110/30b15266f952e1e27fdfff0462ab340a.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202310/1e77e81eb96db75da4615d8e00368945.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202310/e4a4daccb980b8f00615a45d476b3e2d.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202309/9acaddc229779614bccd63aa38e17f02.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202309/ec275d6dc73e90f39946e53d0c9228d8.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202310/c1c0730bf13ee13dd8f4eb6859d356ca.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202309/ad1e9ececa31411bb33077d541532f95.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/45b27ea2ff34ce70865ae030e3c3277d.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202110/5e0085d69a88e650cfe07b39796e70ce.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/1e1d2f5e724af6a21a29b811732a5bf7.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202106/14ad466621d64ee27504f558ba4d2fce.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://cdn.adpushup.com/42753/L2Evc2hpLW5pLW1hLWJlaS1zaGkteGlvbmctaGFvLXF1YW4tdGktemFvLWZhLWZhbmctMTF3ZWkteGluZy15dW4tZXItemhvbmctNXpoYW5nLXF1YW4tc2h1YW5nLW5hLTMwMDAuaHRtbA==.json
Message:
Failed to load resource: the server responded with a status of 404 ()
security warning URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 500)
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
other warning URL: https://a.teads.tv/media/flavors/native.js
Message:
Origin trial controlled feature not enabled: 'attribution-reporting'.
network error URL: https://id.rlcdn.com/711916.gif?ct=4&cv=
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://id.rlcdn.com/711916.gif?ct=4&cv=
Message:
Failed to load resource: the server responded with a status of 400 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0cdb8e87210a0ca781607e22327923a6.safeframe.googlesyndication.com
28b80d983001049884fdc6317880bd6b.safeframe.googlesyndication.com
a.audrte.com
a.teads.tv
a.tribalfusion.com
aa.agkn.com
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad.ad-srv.net
ad.doubleclick.net
ad.mrtnsvr.com
ad.turn.com
ad13.ad-srv.net
ad4m.at
adpushup-d.openx.net
ads.aralego.com
ads.creative-serving.com
ads.pubmatic.com
ads.servenobid.com
ads.stickyadstv.com
ads.yieldmo.com
am-match.taboola.com
am-vid-events.taboola.com
am-wf.taboola.com
ap.lijit.com
b1sync.zemanta.com
beacon.krxd.net
bh.contextweb.com
bidder.criteo.com
c.statcounter.com
c1.adform.net
capi.connatix.com
cdn.adpushup.com
cdn.ampproject.org
cdn.aralego.net
cdn.contentspread.net
cdn.doubleverify.com
cdn.indexww.com
cdn.jsdelivr.net
cdn.socket.io
cdn.taboola.com
cdn.unibotscdn.com
cds.taboola.com
ce.lijit.com
cm-supply-web.gammaplatform.com
cm.adform.net
cm.adgrx.com
cm.g.doubleclick.net
cms.quantserve.com
code.jquery.com
contextual.media.net
core.iprom.net
cr.frontend.weborama.fr
creativecdn.com
cs-rtb.minutemedia-prebid.com
cs-server-s2s.yellowblue.io
cs.media.net
cs.yellowblue.io
csi.gstatic.com
csync.loopme.me
csync.smilewanted.com
ct.conrad.ch
d5p.de17a.com
delivery.adrecover.com
dis.criteo.com
dmp.adform.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
e3.adpushup.com
eb2.3lift.com
eu-u.openx.net
euexchangesync.digitaleast.mobi
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
g2.gumgum.com
googleads.g.doubleclick.net
green.erne.co
grid.bidswitch.net
gum.criteo.com
hal9000.redintelligence.net
hal90008.redintelligence.net
hb-api.omnitagjs.com
hb.yahoo.net
hbx.media.net
htlb.casalemedia.com
http-intake.logs.datadoghq.com
i.liadm.com
ib.adnxs.com
ice.360yield.com
id.rlcdn.com
id5-sync.com
idsync.rlcdn.com
il-trc-events.taboola.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
image8.pubmatic.com
images.taboola.com
imasdk.googleapis.com
imprammp.taboola.com
ipac.ctnsnet.com
js-sec.indexww.com
live.primis.tech
live.rezync.com
loadm.exelator.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
match.sharethrough.com
matching.truffle.bid
mwzeom.zeotap.com
onetag-sys.com
p.rfihub.com
pagead2.googlesyndication.com
pips.taboola.com
pixel-eu.onaudience.com
pixel-eu.rubiconproject.com
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pixel.onaudience.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.tapad.com
pr-bh.ybp.yahoo.com
prebid-server.rubiconproject.com
prebid.a-mo.net
prebid.media.net
prebid.smilewanted.com
pro.ip-api.com
pubads.g.doubleclick.net
public.servenobid.com
pubmatic-match.dotomi.com
px.ads.linkedin.com
region1.google-analytics.com
rr3---sn-1gi7znek.googlevideo.com
rtb-csync.smartadserver.com
rtb.gumgum.com
rtb.openx.net
rules.quantcount.com
s.amazon-adsystem.com
s.tribalfusion.com
s0.2mdn.net
s1.adform.net
s8t.teads.tv
secure-assets.rubiconproject.com
secure.adnxs.com
secure.quantserve.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
smartphoto-media.com
socket.unibots.in
ssbsync-global.smartadserver.com
ssbsync.smartadserver.com
ssp.disqus.com
ssum-sec.casalemedia.com
stags.bluekai.com
static.bg3.co
static.criteo.net
static.smilewanted.com
stream.unibotscdn.com
sync-tm.everesttech.net
sync.1rx.io
sync.adkernel.com
sync.aralego.com
sync.crwdcntrl.net
sync.go.sonobi.com
sync.ipredictive.com
sync.mathtag.com
sync.smartadserver.com
sync.springserve.com
sync.srv.stackadapt.com
sync.taboola.com
sync.targeting.unrulymedia.com
sync.teads.tv
sync.technoratimedia.com
t.adx.opera.com
t.teads.tv
t2.teads.tv
t23.intelliad.de
tags.bluekai.com
tg.socdm.com
tlx.3lift.com
tm.ad-srv.net
token.rubiconproject.com
tpc.googlesyndication.com
tps.doubleverify.com
tpsc-ew1.doubleverify.com
trace.mediago.io
track.adform.net
trc.taboola.com
u.ipw.metadsp.co.uk
u.openx.net
uipglob.semasio.net
um.simpli.fi
unibots.b-cdn.net
ups.analytics.yahoo.com
us-u.openx.net
usersync.gumgum.com
vidstat.taboola.com
vidstatb.taboola.com
visitor.omnitagjs.com
vjs.zencdn.net
wf.taboola.com
www.awin1.com
www.bg3.co
www.conrad.ch
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.statcounter.com
x.bidswitch.net
ad.mrtnsvr.com
cm-supply-web.gammaplatform.com
static.bg3.co
sync.go.sonobi.com
103.231.174.251
104.102.45.165
104.16.89.20
104.18.186.224
104.18.25.173
104.18.38.76
104.18.41.104
104.19.240.24
104.20.219.77
104.22.24.87
104.22.68.131
104.26.5.103
108.129.5.53
116.202.48.214
124.146.153.170
13.107.42.14
13.32.27.10
13.32.27.99
13.32.99.61
130.211.44.5
134.122.57.34
138.199.36.10
138.199.37.225
138.201.63.150
138.201.63.164
139.144.5.218
141.226.224.32
141.226.228.48
141.94.171.215
141.94.242.206
142.250.181.226
142.250.184.193
142.250.184.196
142.250.184.227
142.250.185.106
142.250.185.130
142.250.185.194
142.250.185.202
142.250.185.66
142.250.186.102
142.250.186.130
142.250.186.35
142.250.186.97
142.250.74.194
146.59.148.16
147.75.84.158
149.126.4.39
151.101.193.44
151.101.194.137
151.101.2.49
151.101.65.44
151.101.66.217
152.199.21.70
154.54.250.151
162.19.138.116
162.210.196.208
162.55.120.196
172.217.16.193
172.217.16.198
172.64.151.101
172.67.74.129
178.250.1.11
178.250.1.3
178.250.1.8
178.250.1.9
18.184.223.197
18.195.152.190
18.196.51.148
18.197.198.113
18.198.57.253
18.200.74.130
18.209.71.169
18.66.112.67
18.66.97.111
18.66.97.31
184.30.21.51
184.30.22.30
185.106.33.48
185.184.8.90
185.29.132.241
185.59.220.198
185.64.190.78
185.64.191.210
185.86.138.150
185.86.138.153
185.86.138.155
185.86.139.102
185.89.210.153
192.96.203.13
193.0.160.130
193.122.128.135
195.5.165.20
198.47.127.18
198.47.127.20
2.16.238.14
2.16.97.41
2.18.160.23
2.18.161.51
2.19.126.72
2.23.197.190
208.93.169.131
209.54.182.161
213.155.156.185
216.239.32.36
216.52.2.16
216.52.2.39
216.58.212.136
23.201.255.110
23.212.89.35
23.32.184.180
23.32.185.35
23.35.236.201
23.97.225.52
3.121.8.101
3.221.116.77
3.233.145.170
3.33.220.150
3.69.18.37
3.75.62.37
34.111.113.62
34.111.129.221
34.120.63.153
34.233.55.153
34.246.188.97
34.247.205.196
34.250.107.139
34.95.81.168
34.98.64.218
35.186.193.173
35.186.253.211
35.208.249.213
35.210.239.72
35.214.180.70
35.236.220.17
35.244.174.68
37.157.4.29
37.157.5.73
37.157.6.232
46.228.164.11
46.228.174.117
5.9.97.245
50.31.142.255
51.77.64.70
51.89.9.252
52.16.22.123
52.215.24.0
52.30.73.115
54.163.246.158
54.165.170.24
54.170.171.251
54.171.158.15
54.228.208.22
54.36.108.3
54.72.113.40
54.78.254.47
63.251.232.165
67.220.226.234
69.173.144.137
69.173.144.138
69.173.144.139
69.173.144.140
69.173.144.165
74.125.108.200
76.223.111.18
77.243.51.121
77.245.57.72
79.125.51.132
8.18.47.7
8.43.72.97
82.145.213.8
85.114.159.93
89.207.16.140
91.228.74.168
95.101.148.20
98.98.134.241
02587860036008e67522b434daebbb32422476ba6454c6f31816951ebeade07b
031538e8246c95d3e2eb864048f65711bb61f7be59466f201dbab04b25d20c45
0407dafc112212a135d1aa4dd9b40ba0208c6bb6b1959f5535af093254189d66
0414d0221112224b4c926de91a6e316f9d9aba685aa8b05fd0654848d8fcdf55
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
06c19b767c5a4f32f0fa17bf35cd701900facfa105564cef5c61d9e89649da64
0774d72fa3e6e51cb2d73ae522548a82a7381438cf787f160ee28f01b243e149
07d05f49f77edc8afaf4851de46fb5ca37642a32365a68476080636ef4920f70
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
09343d3b3473e1c994b2d603c99feb8a0f63fbd3ff20be7432ff18b973dbe651
09e14c097393e01af66ae85f97662d5a245e0941f483233998f39c5024c7900d
0a38b62cf381eaa74d4f3ea6301f26d75b161172c480caa50da6ff8967a151ad
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bca7cef24e2ee118b5ef971943822304c6ce1d05970de2cb6aceac50a9ef3f6
0e74f29339bda35da749039ee4129d2c8f7423603c215098adb7fc2e9f4dfa67
0ee518905c8d0b61371c39d22ccbfcfc40b63248083f1fbeab8e965bef0ac1b3
12af7975664854ca36da674714083fa05297940fce71e42dabf688e2eb19a0f1
12b5eaccd8a9d81a6a12512566d2b72aa7c100b4a261a08ee6aae4679a9e36b4
132a512a7263a25b445c6c6f005e79a4b62c2e64dc1510207abc2342c7f0e660
1848c07baac491efd31919145deb2d62592de4d0f49cf51a655e5ace84186a70
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
18a36a927dac54650b18b903f8f8778219e02e13946e581d9b3e1e4995f7435b
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
18ebc36644e10f87e20812c15e329c1b25848c62cd6cdfe74427cdf8995bc3a9
19c46df00818390e391ce09604881b892727e68b77bae009bb71fc24f4802024
1a92d33f554ce1738ba8de92d34c2e82eb9aa06f4c29a530e7fe5348954dee07
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced
1c20d54555b098aef8269b6fa89b316fa731aac67e6926c1203c27edf8cf9dbd
1c268ab113a7d52033e7c4d86907523f1c4f504b82de84d67774bb7be6046833
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4
20678c305b50c0988193d64cb34f41e2dcb6f2fa48353106436ea301e07ce70a
21618801ecedac8df5d9817f96991e6490f1e45c1d110261d3f2e86edd3bddff
22103664a3e32dc362fab1501f0b56cab92ab920b7d9cd2c084704d2d44510a7
22d9dc8a34bcbffe719050b949b9872f9af036a9bbfd3ca2e99165d604acaf24
23cb515aa02f4d35c19a738a6076c4ff001fba5d19193a56ac630e66b3c4d445
25b1b4e9934aa4cb8e8bdf5fd7911f6ec67acde6b6b39f1561aec2244f7826af
26802c926a96d982462ffc09a88fc08de45bd9b8dc6e7f7ec701bbbd4883bba4
26914004d3a8d5ddde2202b642d7936eb61c9f195b5cd3c87e44ef8ad4d57c16
26f2560c76237605dea97edf1b41b5024996646515162dd9092835b1dd7803c6
28e026f161423cce78e0ca4ed0be8cd12d40d7493fa34693ccd997b6336efb5f
29996083786b7c45a679db1d2ffc53bef4ea9db2722708a3394df912e6f08bd9
29fed531947f334253a55fb9e09553524dd47f058baaf5a15058e53ae414f168
2a48abf8abb4eb4632ebb9378fa6d6b7723e18e6ff2b21fe248991d86cb3b38d
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2b4533ec5aec934be2ae10b698a5e00d83831e37d8231f9897a0770aee8809c5
2c93b3d2c96c411fb1dc225167c458da263b9247bd0f3a9409a919a31138294a
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2d7d35c3f0e3787bacb3751810f167c10d15b67d4b538403d8fab781ca93bee9
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
2f6f9b770875285347c8d91395a1beaaa3ab4d69a2cbd141e69c689662fc138f
301e6c6cf9d3992d62489f5bffc5e2b1878826640aeb427a4e56ff05e0f903f8
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
3354f123cd773f4cb98abc428c0d0b632b6c960a80daed1238b0ae84801710c3
35463ce93e7c820faa404db98d939ff640ae78ca0e29be043861853c9e07c586
36450a92fe687195cf33d0a8098dce473f832a07144be0d5e532293341c296d2
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
37517e5f3dc66819f61f5a7bb8ace1921282415f10551d2defa5c3eb0985b570
375f82806b053c4641fb7f00545ed284b173f0078672978ea09b46fc95e8e4aa
38a0c32c2c0ca83c556e0079553686f731b7a1c4c8553a65cbb7877c1605a3e4
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
3907cc5ed9d4a0cdb316d069614220b55fccd5624ac173592a7a4c2c3aae0636
397e4855767b9fd7bb269563c3c16b4316532b8530fa22bb63901767d80ce1da
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618
3aed54cf078852c46ce8fda57cd8c0d0df15f8034ebd77b165aadf01c690a85b
3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
3ff9267bd909bb07c13011982f40e3ac3cb47f047efa0481b561b749e962eb07
40a699c63f73838459f4896ad63f9e9d5e76fcc99dc498ec961553c2db227a2e
432af925fe0914739b9f31b8ac74eebeb26321b8cbef1e2884bdbac10b2842cd
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
43bab35a004bbb257ee04af8cec82a2bb8a2f5d5eb989f4b3792cf4af88ae869
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
4566667750e0f69a6e00802b4c1e70eeb7f673be8f98ffff189a652c4dbad2fc
45c0a12dc14bbca7d59f3826fc57c3491eff7042d59ba79bf4634c8bc02b01a5
463c22dc8c2d4a1be87d3c8c018d947db83778f737fc751b09786e2bb15098f6
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
47b193b0d3ac7fcb7bf22555b602c310145a0f6c1fd9acae397c121b22203f19
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48e73bfa7149bb6f8a43bdcdf9362c23e496576431d5851f54c332f595c35fd0
4b11a3cb86b8e90ee13ac577dbb1a2398373c7d7777a18066cf50b991ecae129
4d7ee587b1b2fb177db15824d9de078179371e1068c7d71a7c3941dab2806eba
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e720c484e9d70120a25dcf437b14c5d3a718f1af17c5279fc7ca15823ffed6d
4ed3c3e771a6031600a553e6fdf1856b0e8fb6a1c5d8f792b71284a209dd4aef
4f0f1ba4a556e805f1dc51a163e57d5b3ea5707f0de3ffdf3ee5644802d3c90b
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
504862f7e737d0070168f9e7167f8c028beace904cabfd95e0d4c5105977bacc
516f5e4c2dc5c69f3e1707e76695f866f8e62468aca15c1a9ddb165eb684f6f0
526e0c8275d83d3128391224ad8be0c13fc533540fd32328fdc854656e6f6822
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
54374ca9aaab918b809ba0b892ca64608d5b90016d9504963cf0086543b8b24b
545d74e5bc8d28ec765c75421af8139b15aa179816aa3db2dcf0bbf3bd951fa8
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56807ae7aac78c855f7eed7005224467a9aceadd4650ed1435d159bd0ed7fd7b
56a003d0ec375b1ddcbc1f431d75c3ad3a0a381d2034e7f3afe0ed9eceadc7e6
59c8ce09b1aaf0fbdff21b02a5b34d7caa2c1c3e2ed0e095bbb6cef17a946752
5c036eff22c2d20fc6ee4256cb05f531266317d2bae1338c06223e5e440a4bc5
5e0191866b70198f58f2f361124c6da016b6fd945f92dfb187738dae64917ec2
5e6326e5f874d98105cbde063ff5eb7134506f50687e393a0b0fde1696665699
5eeb86d477534d91cad7ead970143eb16ea7b7ff979d03622e0a45885865f3b4
5f20338b9aab2f5f33562eb3b0b23d999896ce426cacd2231b4123510571df4e
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda
6124ddbc7df84e85aa43612cba88bec643f514127f1c2274f0e7f9a3d6c8dad9
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
6356de0eb2efef06a8338e5779a7d4e0f35fb127823cf356c6e3d5495d96b230
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
66776998b10e583a72f8fd29391a50e2c80eb3bc9a65b0dafe97e576d7d88507
667846557084f59038ebc398e05ef3b6c83913b3c8490150a7a9474e97f1631b
667dbe72c15327d9395b3c168b978c56a62e33612d99e92db8bfc85edd75b25d
67db2b0c3deefc3f84f7ceaad4268e56b2220f2486c54c7b5ef34dab9f6f15b4
68a6977422a9081659de2e11bcd5e291a51e81fa3ba4c617def83a54e1106bde
68d76794d4aeb8533ea3a0ad4ac9906609394671991531f869c06a58ceea0901
694ab50b2fb7c8c158cd646e6e06e4180af068411762ccac0a999de0bfb083e2
69a384e6903eebc49dfc11d357e9bdb516d42e458c8df8a6095242726ba45d4e
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b278e48df6b2e2f917803f532a9257fbb46bf576a8dfc07f1f8eb94468b54e8
6ba2cc026d52f2538409d772333659645e50c96ad4046db8791a1362d2165992
6c8d47a6034307bb944699be960a5da5d005fd156cfd230c8ec261707e07d87e
6cbfc53259b69d29991ab5e7f1669aeff87bf0dbbe131a8c2f99772706e3dbfe
6d83b77c3d8c5c0ccc7078540a1fb0bd9fa43eeb82b89f83264d469aa100c088
71f4499efa56831796e734d4e39cbc3943f9cc94d43498ae41b4cf7a85c15583
734446e57fa652f11e4a07499e8c29e7544b55d280c661d30ea5c4559e584114
75dafddaabed947a4a53a65c28ed47eacc0776d8cc15772bb253bc01962d97c7
76621d3b2561de39d3266e42c194d7e0265989a375a2e234be586fa227573e8c
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d
77daa4388c965a3e23b5a6c800727d8025ab108f89cf5679e79136986d5b4561
7a9f5bfe6d4ce01ab306a411e888b9506642a1140df9aa1f6745a5b26ef47195
7aa95df1ffc63e213d6db88e7dcc4b7eff7cad0a0687ddedebbbfa4ef7be8952
7ac3517a3dc7faa2258f56236360201bb0f23aa702ff53300bcb4efc8e4407af
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
7c0d02ed62f1e8c29f87bee49066c4bd25f0caea2e4e3abf05c3f6b940725a38
7eddc7e40f583d7244a3f2235d6be162336c446b943ebcf7a4f4a0d02fa18030
7fe6b65765f099da8417a13bf95bada41c2c1a16cbf134893318586e66152e45
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628
81e6954871128dfe186d20bac99ce14914ea6097f7bc0865bbb39bd87f846fb2
823795570ca58ca3e3ff82c710acb3689e790223a3511c1c6ab6fff221f6510b
82559c3d323c22c9b4b3b07675201980161e66f4e2fa423526bc1db9f8a0e4ee
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
838d9a1a5d61f0848947207dd5d35761f92c39f57f192ca7091cee62c84e7b54
83ecdfb76c38605f0e3538a0a9de0f1e57a457a2dfebe0654ee2f9b13c49a2ec
868a771e36482835204be9ca38a2c2a8df0465ccea1fab53a090243f45063ef6
87960e7994f9fc5f6d2fc8c0b93be02f4b9b7cdca0dd9c726f5806d8e9092068
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8b6f510c76d49c6b1f3ce31698a30b4ae9aa10b553c3c8306de4366eb42e012c
8c76d9b55973334fee51f6e0f73610139ffaf318b3d5696787fefa86b445b014
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
8d16f32e1e2707c58c3e4b4a24a77756f79c722c68b759c13b1790f994bd2f36
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652
8e93f4d7d8e8fbe1e3433968410d9fc6b8fba3b78504243aef73c40d757ce333
8ee33ba584dec62f105c296165d6a4608ee4dc077be0a298f5e82dabd231a2b8
8f4953b30e9b07322febf7b0996a8f2959f8271f4daec7c1e09519039201b475
908a935e15d34ec51aa5d98fb7c9f11b814fac80cc7e1bc32aed903df3754558
90e32b86171ab7a7b9d2f1568ed7f87c42172c6d934f457234533f53c015dd8d
9284d948e86d2e99f31483b5f4b3a4c3e65e0a6fbca9a8d2db8c6095f82ac3f5
93e53cf7e7e1427faa0000478272623fd4ca34513d311ef2458aa83d7168e365
981e6a9b0f29bb96c91283b5d7e214a2fd1ab8dc810bc7741b7821cf3dc24245
987fe342842bc4545e33dddba53fc214b1b848407b78317538dcf573fa0dae82
98832b527517174f39aededb475e28656178b0877ce57737c73287c6d62137f2
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
995db8bd8b5b94fff564161ad51dd4733b70d72d2bb2e8dfd931ecbcf5052c67
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a38aeba19257175b7386fef7772d3955118373a352dc8fb0af8e620ec48bb59
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b6a7ca7428363767b92f9cf0ebc6dc31c5228022e2d2cb5016c0d9493021d1c
9b88712930f2bc5fbd6b81e93c3397a65454686156e208501ded83c33ebd6ef5
9d9add773f436bfaa6f493d4718dbffb1d92b8b53f6399bbb5e7dc8ba494c226
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e
a2b996fdc66d9abf1696965fbb8afdcb5b7b9aea5219da13e11d11512f3a101c
a2eacbd0a55e794d92e79a03b68c07f613a0ab710ffaffe5f1d12d67aac843a1
a446bff20e44b2ad64dc35f3eb66a297602784929e4bd33ef8440e425081d2ae
a44f5d561cd3e602e092304c1356809a206492fa189be1c11d923e8e768b06b5
a4d2b272fca23306717f19b5e765340c841ba8e37757a4281cdf4bad513a411b
a956a6fe1ee57805393bf1781b32486b4ed9ca402a04320280e59a18bc348a87
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
abaa484421865309a7781e540844f1b5260ed131080f8dd9f083d8f18beea107
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
aeeb4f76b26d9f9ed27670c20d654ec9121ae02f613aa8f4fffc9fa8d3e25fcc
aef991b2e0b693a95d41986576dd3901ea7ac03b379501b1caba966058753308
afee4edee69477bc19f5e45c258ce67d8e79b05432d26c117ff8c100004aecc2
b04dfae5d49297b8b6a514bd8bf1c7bea7ebe622232401a5abed5a92809a2b66
b059dc6605f0bb9478ea0bfe4e157ab79c9dfb3245680fef411c83f6c5ce07e6
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b3293749642a38ae63a4d29afcca7abc69250f934fd0f0585a662c6c2eff88ce
b499758f19f8908ac7f96fcb014f53fc5ab0fb1b372828c83c9c0d4f76403bcc
b4acaa15532c1ddad6fbba2c3b7c0eab6c0fdb6a7343be26353f357cca1370d3
b53b6ad23b258ce11eed97786741510819a369348afcf1260856fe3041fc33de
b79aaa51117a1951245d7ae76d7ba8b51ce157906c83274fb85c4f3c00b626f2
b87f3aad27cbbca4f420872f410bde6254aa7235d6db390730f1d9f46511dd97
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bce4b47b8fc12de49fac0a00e9039e38aa568aba0ee9154b93d20465f0289cfa
bd554a8804f9ebf7aa16382a25e67530cf822abbaf722157f2ad3a858151c71d
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c29f71b69ffa3f8a4b56a70acc44d298f84a7ce3a366a5c1d288cb532344a766
c353b95add73ee29a17ca96105740450358e2d23dc1a9b6db05fda835c2798cb
c6077711ce3174050ccebe6559eb5f0e251942c2cad21900d1c3ef316065565b
c61e16d99a89f1a95eba2829ab592e0c12e843172af659fe54adb6ea3be85ea3
c67b487140ffa8908a362ccfe9c38c9f2f909384357774e91224a74075d78df8
c77615484d98e7e270b000f3210b0297ab039196c109f27e38339ce0dcd71586
c8934c75d7b6faf5e681a0d3fc7854a70876feebd7f613f792ffe35345486b16
c9b3df2175f6b51e8c7ca74de67d096dad198f28de115078f9332fa3fb379ab5
c9ce49ef364cf2950aed5e50799ce8cc6ca3484f393d179a31dc7425957d549e
c9df1483efd0368918ed03e1d8596badd7042971f044654e9bbcb3a5db132606
ca2e1012ff740149ec1d9c0710f779044c0b12c75bef9c8e05a5bcacafaec879
ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9
cb40fcf965f3d229a5a881610d25acfa093d88e2d4f289f6a840eb77605bee2f
cba257585abb156039a5350a5c976ad49f456ae9bdc5dd358c820d95550c4e13
cc0a1cb7f121c79e5d263d4b826802abf870db94b2f85e3fe6d399190d3a428f
d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68
d09bbf5a3eedc517944746c3b161073aca9b18426de79f97c46b1f565223285b
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d30b0267d0bf72b081aa7dcc95b79d9cfc1514aa50aead2d7b390abcf77883d4
d44bbab775ae10d769bae142bf5204bc505a0388ee4288137f2ab613cc5f07a9
d622c8e6b745047b3a60c01884c6ee7a1786d71c57154fb499eb562416adf266
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d9c53fd4e9b36e61902e61a094a46bc12afc3c9e05915b9c7567f424e9ea5d77
da39d73efc7b689981eb9a0efe62dfb75630d3bc96b59cb9def7e3e8b319697b
dd59516db2adfd91bcc2bb8080517c21e49ffd845852ac32181d8f0c4e509e4d
de223650abbba43f777d92c8c430f1dc0705e3ab697ca14534c708206ebc7d5f
ded71afe368361dc6df8cd5ceb1b1487c74d3551b1ac3f6565670de91ac04093
dfa729d82a3effadab1000181cb99108f232721e3b0af74cfae4c12704b35a32
dfee1bd52507e6079bb03907bc1e69549698bbbcd4b48ee20abffee59c3130fc
e3123c7754c686dad6de439180c9c086abaee0c2a036052d203f298a0dd96642
e334ca19f092778f57815a534078daf8e3fce269e56f7ea374ab3a117eee92ad
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5535630aee81a6e646850eb23f3d587ee14f9c46ce9e47bf6ce68f15e11295e
e57ed78afee3ccb5320cc741459f82ade5883644242f3a06687086418012facd
e64d2ade9c3241f90069e1052f604316d35e3948084b463b7f04597c78bda549
e78c151c3067b2ba4515c931bd4c6b3facacea184113293cb542340bf630d9a6
e84a392c62b318acbfd3ef9454cbec30ee39ed7f078ce4824182b50760e64b90
ea8b99401dbe358a299402c6d93400c1bbaccf061c343f651950717ed4ae74bd
eb2697b60c526a1d4980e0874700e7c2b4f43bb9292770f71bb4bb972506e415
eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
eb7942f135ce5b7b6bcb9becd335aac30ed761972e48d73197a287ae13b7565b
edc30a0e05622f71d52d07a0b7b5e94e654ee06854f893be1954336730eb0db6
ee5efed459c124675f1a2445a7e0b1f57b9a4f75ef1d59f914348a69c23ef487
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef19d3570dea1c5a973fb7f6fc98c525cd8ce6d01db1937f8459975979648bdc
f258fa04db9e260e56de5cf937578644a11f91dc1c740876e01734422e014998
f281a2c9029f18139e99793cb086b71fd4eb03f9aa85539a3f0b8a993e0e2c6a
f4241f69003507c35c7127c2e0ba2ea84dd8341b56cc82dc7a5dcaac1737e0ac
f471474dd75493645ff390d1453f47391552c551c7afc66a35790d37559d3276
f49b76bcedfbd3a70cccf72017a02878dc92f9c746a7d975b01730f3f240f681
f56bc825839f62fe7b2597768b08fa433e8ad2e02db872cface67b4821ffe034
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
f69d43dc78521b99af5688cd3074a0412de049ece8993971b02092dbbf8604f9
f89c51ecaf4559bd388bbe8cf3953876f3ca730fc7680266ca6b8d6ebae481b9
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921
fc0fe552950cfeac25f1bb699901c19ae355aef2bb7a8e46fb26db6814593654
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
ff65d80be1d7ee6ad9620de618dc1bd3962d81fa505806c02038dd6acc3641b8