urlscan.io logo urlscan.io
SecurityTrails logo

www.bg3.co Open in urlscan Pro
103.231.174.251  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.bg3.co/a/xie-yan-fu-bing-shi-qi-kong-su-yi-shi-yao-tui-xiu-bi-zhuan-zhen.html
Submission: On September 11 via manual from US — Scanned from CH
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 129 IPs in 17 countries across 119 domains to perform 628 HTTP transactions. The main IP is 103.231.174.251, located in New York, United States and belongs to XLC-AS-AP XLC GLOBAL, HK. The main domain is www.bg3.co. The Cisco Umbrella rank of the primary domain is 754565.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G4 on May 22nd 2023. Valid for: a year.
This is the only time www.bg3.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 103.231.174.251 9744 (XLC-AS-AP...)
11 2a00:1450:400... 15169 (GOOGLE)
1 26 2a00:1450:400... 15169 (GOOGLE)
2 104.20.219.77 13335 (CLOUDFLAR...)
3 9 192.96.203.13 30633 (LEASEWEB-...)
4 2606:4700:20:... 13335 (CLOUDFLAR...)
2 152.199.21.70 15133 (EDGECAST)
5 2a02:26f0:480... 20940 (AKAMAI-ASN1)
32 151.101.129.44 54113 (FASTLY)
39 2a00:1450:400... 15169 (GOOGLE)
2 2001:4de0:ac1... 20446 (STACKPATH...)
1 5 2a02:2638:3::c 44788 (ASN-CRITE...)
1 141.226.228.48 200478 (TABOOLA-AS)
5 2a00:1450:400... 15169 (GOOGLE)
8 23.97.225.52 8075 (MICROSOFT...)
24 175.110.113.216 49981 (WORLDSTREAM)
1 151.101.1.44 54113 (FASTLY)
33 185.106.33.48 200478 (TABOOLA-AS)
3 5 2620:116:800d... 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
3 14 172.64.148.101 13335 (CLOUDFLAR...)
1 69.173.144.137 26667 (RUBICONPR...)
1 2602:803:c003... 26667 (RUBICONPR...)
12 104.22.69.131 13335 (CLOUDFLAR...)
3 5 147.75.84.158 54825 (PACKET)
5 104.79.89.16 16625 (AKAMAI-AS)
3 35.227.252.103 15169 (GOOGLE)
7 51.75.86.98 16276 (OVH)
1 34.107.148.139 396982 (GOOGLE-CL...)
1 3.124.92.220 16509 (AMAZON-02)
6 9 37.252.173.215 29990 (ASN-APPNEX)
1 18.193.230.43 16509 (AMAZON-02)
18 52.51.73.145 16509 (AMAZON-02)
1 2a02:2638:d::a 44788 (ASN-CRITE...)
1 185.255.84.151 200271 (IGUANE-)
3 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:20a... 16509 (AMAZON-02)
4 2a00:1450:400... 15169 (GOOGLE)
1 1 54.38.197.123 16276 (OVH)
8 8 3.78.196.102 16509 (AMAZON-02)
1 175.110.113.208 49981 (WORLDSTREAM)
1 2606:4700:e6:... 13335 (CLOUDFLAR...)
7 2404:6800:400... 15169 (GOOGLE)
37 2a00:1450:400... 15169 (GOOGLE)
9 2a00:1450:400... 15169 (GOOGLE)
1 9 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
4 4 23.201.255.110 16625 (AKAMAI-AS)
10 95.101.149.233 16625 (AKAMAI-AS)
6 9 2a05:d018:d29... 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
4 4 2a02:fa8:8806... 41041 (VCLK-EU-SE)
12 34 142.250.185.130 15169 (GOOGLE)
7 8 37.157.5.84 198622 (ADFORM)
2 2 69.166.1.35 27630 (AS-XFERNET)
2 5 209.191.163.209 32475 (SINGLEHOP...)
1 1 54.155.169.152 16509 (AMAZON-02)
4 3.77.247.132 16509 (AMAZON-02)
5 7 69.173.144.138 26667 (RUBICONPR...)
4 2001:4860:480... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
6 190.2.150.144 49981 (WORLDSTREAM)
4 4 69.173.144.139 26667 (RUBICONPR...)
2 5 67.220.226.234 16509 (AMAZON-02)
1 2620:1ec:21::14 8068 (MICROSOFT...)
2 5 52.46.130.91 16509 (AMAZON-02)
7 3.33.220.150 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
2 2600:1f18:24e... 14618 (AMAZON-AES)
2 2a00:1450:400... 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
1 185.84.60.20 198622 (ADFORM)
3 15 104.75.89.75 16625 (AKAMAI-AS)
13 2.18.161.51 16625 (AKAMAI-AS)
4 4 178.250.1.9 44788 (ASN-CRITE...)
1 18.198.69.109 16509 (AMAZON-02)
1 2 69.192.160.219 16625 (AKAMAI-AS)
1 35.244.174.68 15169 (GOOGLE)
1 108.129.25.174 16509 (AMAZON-02)
1 18.203.183.215 16509 (AMAZON-02)
1 54.154.20.43 16509 (AMAZON-02)
2 2a02:2638:d::4 44788 (ASN-CRITE...)
2 142.250.181.226 15169 (GOOGLE)
16 2a02:2638:d::2 44788 (ASN-CRITE...)
2 178.250.7.9 44788 (ASN-CRITE...)
3 3 3.120.226.29 16509 (AMAZON-02)
2 5 2606:4700::68... 13335 (CLOUDFLAR...)
2 2 154.59.122.79 174 (COGENT-174)
3 4 185.86.138.150 201081 (SMARTADSE...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
6 2a02:2638:3::10 44788 (ASN-CRITE...)
3 2a02:2638:d::11 44788 (ASN-CRITE...)
1 2a02:2638:d::c 44788 (ASN-CRITE...)
1 2a02:2638:3::9 44788 (ASN-CRITE...)
1 178.250.1.11 44788 (ASN-CRITE...)
2 3 76.223.111.18 16509 (AMAZON-02)
3 7 34.98.64.218 396982 (GOOGLE-CL...)
2 104.18.38.76 13335 (CLOUDFLAR...)
1 151.101.193.108 54113 (FASTLY)
1 184.30.20.22 16625 (AKAMAI-AS)
1 13.32.99.50 16509 (AMAZON-02)
1 54.77.46.237 16509 (AMAZON-02)
3 23.35.236.201 16625 (AKAMAI-AS)
1 2600:9000:223... 16509 (AMAZON-02)
1 77.245.57.72 36057 (WEBAIR-IN...)
2 3.234.116.116 14618 (AMAZON-AES)
1 2 216.52.2.16 30282 (AS-INAPCD...)
7 7 46.228.174.117 56396 (AMOBEE)
3 3 2001:678:cb4:... 56396 (AMOBEE)
2 2 193.0.160.131 54312 (ROCKETFUEL)
4 4 3.71.149.231 16509 (AMAZON-02)
2 2 44.199.97.70 14618 (AMAZON-AES)
1 1 2.18.160.23 16625 (AKAMAI-AS)
1 1 8.2.110.24 46636 (NATCOWEB)
2 5 185.86.139.104 201081 (SMARTADSE...)
1 1 2600:9000:211... 16509 (AMAZON-02)
2 2 185.255.84.152 200271 (IGUANE-)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
2 63.251.232.170 32475 (SINGLEHOP...)
2 3 95.101.54.235 20940 (AKAMAI-ASN1)
3 5 151.101.66.49 54113 (FASTLY)
1 1 34.95.81.168 396982 (GOOGLE-CL...)
1 2a05:d018:cc3... 16509 (AMAZON-02)
1 16 34.247.233.198 16509 (AMAZON-02)
2 2 35.210.239.72 19527 (GOOGLE-2)
2 3 70.42.32.191 22075 (AS-OUTBRAIN)
2 2 54.167.186.89 14618 (AMAZON-AES)
1 1 52.0.248.85 14618 (AMAZON-AES)
1 38.91.45.7 398989 (DEEPINTENT)
2 2 64.202.112.127 22075 (AS-OUTBRAIN)
2 2 63.35.57.217 16509 (AMAZON-02)
2 2 208.93.169.131 46244 (WEBMD-IDC...)
1 4 198.47.127.19 62713 (AS-PUBMATIC)
1 1 202.241.208.54 4694 (IDCF IDC ...)
1 80.77.87.161 46636 (NATCOWEB)
2 2 185.184.8.90 204995 (RTB-HOUSE...)
1 1 8.43.72.98 26667 (RUBICONPR...)
6 34.249.177.138 16509 (AMAZON-02)
6 7 198.47.127.18 3257 (GTT-BACKB...)
2 2 31.172.81.172 44066 (DE-FIRSTC...)
3 12 185.64.190.80 62713 (AS-PUBMATIC)
3 4 162.55.236.225 24940 (HETZNER-AS)
2 10 198.47.127.205 62713 (AS-PUBMATIC)
2 3 54.77.82.203 16509 (AMAZON-02)
1 2 34.111.129.221 396982 (GOOGLE-CL...)
3 4 44.206.88.126 14618 (AMAZON-AES)
2 2 98.98.134.242 21859 (ZEN-ECN)
1 2 35.204.158.49 396982 (GOOGLE-CL...)
1 185.64.190.81 62713 (AS-PUBMATIC)
2 2 188.42.34.65 7979 (SERVERS-COM)
2 2 8.2.108.194 46636 (NATCOWEB)
1 52.213.151.23 16509 (AMAZON-02)
1 1 37.157.3.20 198622 (ADFORM)
3 198.47.127.20 3257 (GTT-BACKB...)
1 1 85.114.159.93 24961 (MYLOC-AS ...)
1 1 35.214.209.65 15169 (GOOGLE)
5 5 52.31.253.130 16509 (AMAZON-02)
1 1 82.145.213.8 39832 (NO-OPERA)
1 1 34.102.163.6 396982 (GOOGLE-CL...)
1 3 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2 77.243.51.122 42697 (NETIC-AS)
1 1 141.94.171.215 16276 (OVH)
1 35.186.193.173 15169 (GOOGLE)
2 2 213.155.156.168 1299 (TWELVE99 ...)
1 195.5.165.20 44968 (IPROM-AS)
1 1 141.94.242.206 16276 (OVH)
2 2 141.94.171.214 16276 (OVH)
1 1 35.186.154.107 15169 (GOOGLE)
1 23.88.86.2 24940 (HETZNER-AS)
1 1 34.102.253.54 396982 (GOOGLE-CL...)
628 129
1    103.231.174.251 (New York, United States)

ASN9744 (XLC-AS-AP XLC GLOBAL, HK)
www.bg3.co
11    2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
26    2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
www.googletagservices.com
2    104.20.219.77 (None, )

ASN13335 (CLOUDFLARENET, US)
www.statcounter.com
c.statcounter.com
9    192.96.203.13 (Manassas, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
ads.aralego.com
sync.aralego.com
4    2606:4700:20::ac43:47fe (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.aralego.net
2    152.199.21.70 (United States)

ASN15133 (EDGECAST, US)
delivery.adrecover.com
5    2a02:26f0:480:f::213:7ede (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
cdn.adpushup.com
32    151.101.129.44 (United States)

ASN54113 (FASTLY, US)
cdn.taboola.com
trc.taboola.com
images.taboola.com
39    2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
2    2001:4de0:ac18::1:a:1a (Netherlands)

ASN20446 (STACKPATH-CDN, US)
code.jquery.com
5    2a02:2638:3::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
1    141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)
trc-events.taboola.com
5    2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
19be587d143de049fa82e13b2a9ca414.safeframe.googlesyndication.com
104ebd0ebba7900dd8a9c965df094f7f.safeframe.googlesyndication.com
5f46b4dda7d494b425316c7180c2bfe6.safeframe.googlesyndication.com
8    23.97.225.52 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
e3.adpushup.com
24    175.110.113.216 (Naaldwijk, Netherlands)

ASN49981 (WORLDSTREAM, NL)
PTR: 175-110-113-216.hosted-by-worldstream.net
ad.vidverto.io
1    151.101.1.44 (United States)

ASN54113 (FASTLY, US)
vidstat.taboola.com
33    185.106.33.48 (Israel)

ASN200478 (TABOOLA-AS, IL)
il-trc-events.taboola.com
5    2620:116:800d:21:b314:a0ef:ab7c:d546 (United States)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
pixel.quantserve.com
cms.quantserve.com
1    2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
d-7592421742405036487.ampproject.net
1    2606:4700::6810:5514 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
14    172.64.148.101 (United States)

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
1    69.173.144.137 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
prebid-server.rubiconproject.com
1    2602:803:c003:200::43 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
12    104.22.69.131 (None, )

ASN13335 (CLOUDFLARENET, US)
prebid.smilewanted.com
csync.smilewanted.com
static.smilewanted.com
5    147.75.84.158 (Amsterdam, Netherlands)

ASN54825 (PACKET, US)
prebid.a-mo.net
5    104.79.89.16 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-79-89-16.deploy.static.akamaitechnologies.com
a.teads.tv
3    35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com
rtb.openx.net
7    51.75.86.98 (France)

ASN16276 (OVH, FR)
PTR: ip98.ip-51-75-86.eu
onetag-sys.com
1    34.107.148.139 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 139.148.107.34.bc.googleusercontent.com
prebid.media.net
1    3.124.92.220 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-92-220.eu-central-1.compute.amazonaws.com
grid.bidswitch.net
9    37.252.173.215 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
secure.adnxs.com
1    18.193.230.43 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-193-230-43.eu-central-1.compute.amazonaws.com
tlx.3lift.com
18    52.51.73.145 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-51-73-145.eu-west-1.compute.amazonaws.com
ads.servenobid.com
1    2a02:2638:d::a (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
bidder.criteo.com
1    185.255.84.151 (France)

ASN200271 (IGUANE-, FR)
hb-api.omnitagjs.com
3    2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2600:9000:20ab:3800:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
4    2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
1    54.38.197.123 (France)

ASN16276 (OVH, FR)
PTR: app-ngx-pl-01.adpartner.pro
a4p.adpartner.pro
8    3.78.196.102 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-78-196-102.eu-central-1.compute.amazonaws.com
x.bidswitch.net
1    175.110.113.208 (Naaldwijk, Netherlands)

ASN49981 (WORLDSTREAM, NL)
PTR: 175-110-113-208.hosted-by-worldstream.net
ad.vidver.to
1    2606:4700:e6::ac40:c526 (United States)

ASN13335 (CLOUDFLARENET, US)
amp.analytics-debugger.com
7    2404:6800:4002:816::2003 (Australia)

ASN15169 (GOOGLE, US)
csi.gstatic.com
37    2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
9    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
9    2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
3    2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
4    23.201.255.110 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-201-255-110.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
10    95.101.149.233 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-149-233.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
9    2a05:d018:d29:3601:970f:dde0:5c57:1e8b (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
2    2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
4    2a02:fa8:8806:16::1400 (Singapore)

ASN41041 (VCLK-EU-SE, US)
dclk-match.dotomi.com
pubmatic-match.dotomi.com
34    142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net
cm.g.doubleclick.net
8    37.157.5.84 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
dmp.adform.net
2    69.166.1.35 (United States)

ASN27630 (AS-XFERNET, US)
sync.go.sonobi.com
5    209.191.163.209 (United States)

ASN32475 (SINGLEHOP-LLC, US)
ap.lijit.com
1    54.155.169.152 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-155-169-152.eu-west-1.compute.amazonaws.com
ads.yieldmo.com
4    3.77.247.132 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-77-247-132.eu-central-1.compute.amazonaws.com
match.sharethrough.com
7    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
4    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
1    2a00:1450:400c:c0c::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:4001:830::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
6    190.2.150.144 (Naaldwijk, Netherlands)

ASN49981 (WORLDSTREAM, NL)
PTR: 190-2-150-144.hosted-by-worldstream.net
cdn.vidverto.io
4    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
5    67.220.226.234 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
1    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
5    52.46.130.91 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
7    3.33.220.150 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
2    2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2600:1f18:24e6:b901:6050:e3cc:2cea:ee57 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
http-intake.logs.datadoghq.com
2    2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
partner.googleadservices.com
7    2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pubads.g.doubleclick.net
1    185.84.60.20 (Denmark)

ASN198622 (ADFORM, DK)
adx3.adform.net
15    104.75.89.75 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-89-75.deploy.static.akamaitechnologies.com
sync.teads.tv
s8t.teads.tv
studio-t.teads.tv
13    2.18.161.51 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-161-51.deploy.static.akamaitechnologies.com
t.teads.tv
4    178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
1    18.198.69.109 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-69-109.eu-central-1.compute.amazonaws.com
loadm.exelator.com
2    69.192.160.219 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a69-192-160-219.deploy.static.akamaitechnologies.com
tags.bluekai.com
stags.bluekai.com
1    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
idsync.rlcdn.com
1    108.129.25.174 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-108-129-25-174.eu-west-1.compute.amazonaws.com
aa.agkn.com
1    18.203.183.215 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-203-183-215.eu-west-1.compute.amazonaws.com
beacon.krxd.net
1    54.154.20.43 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-154-20-43.eu-west-1.compute.amazonaws.com
sync.springserve.com
2    2a02:2638:d::4 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
ads.eu.criteo.com
2    142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net
www.googleadservices.com
16    2a02:2638:d::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
2    178.250.7.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
cat.fr3.eu.criteo.com
3    3.120.226.29 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-226-29.eu-central-1.compute.amazonaws.com
pm.w55c.net
5    2606:4700::6812:18ad (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
2    154.59.122.79 (United States)

ASN174 (COGENT-174, US)
ums.acuityplatform.com
4    185.86.138.150 (France)

ASN201081 (SMARTADSERVER, FR)
ssbsync.smartadserver.com
2    2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
6    2a02:2638:3::10 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
imageproxy.eu.criteo.net
3    2a02:2638:d::11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
csm.eu.criteo.net
1    2a02:2638:d::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
rtb.fr3.eu.criteo.com
1    2a02:2638:3::9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
rtb.nl3.eu.criteo.com
1    178.250.1.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
3    76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
7    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
adpushup-d.openx.net
us-u.openx.net
eu-u.openx.net
u.openx.net
2    104.18.38.76 (None, )

ASN13335 (CLOUDFLARENET, US)
js-sec.indexww.com
cdn.indexww.com
1    151.101.193.108 (United States)

ASN54113 (FASTLY, US)
acdn.adnxs.com
1    184.30.20.22 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-20-22.deploy.static.akamaitechnologies.com
contextual.media.net
1    13.32.99.50 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-50.fra60.r.cloudfront.net
public.servenobid.com
1    54.77.46.237 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-77-46-237.eu-west-1.compute.amazonaws.com
g2.gumgum.com
3    23.35.236.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-201.deploy.static.akamaitechnologies.com
ads.pubmatic.com
1    2600:9000:223f:8400:1f:4c18:bd40:93a1 (United States)

ASN16509 (AMAZON-02, US)
cs-rtb.minutemedia-prebid.com
1    77.245.57.72 (United States)

ASN36057 (WEBAIR-INTERNET-MTL, US)
sync.adkernel.com
2    3.234.116.116 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-234-116-116.compute-1.amazonaws.com
cs-server-s2s.yellowblue.io
2    216.52.2.16 (United States)

ASN30282 (AS-INAPCDN-OCY, US)
ce.lijit.com
7    46.228.174.117 (United Kingdom)

ASN56396 (AMOBEE, GB)
sync.1rx.io
sync.targeting.unrulymedia.com
3    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
2    193.0.160.131 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
4    3.71.149.231 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
2    44.199.97.70 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-199-97-70.compute-1.amazonaws.com
ssp.disqus.com
1    2.18.160.23 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-160-23.deploy.static.akamaitechnologies.com
hbx.media.net
1    8.2.110.24 (United States)

ASN46636 (NATCOWEB, US)
sync.admanmedia.com
5    185.86.139.104 (France)

ASN201081 (SMARTADSERVER, FR)
rtb-csync.smartadserver.com
1    2600:9000:211e:9600:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)
s.ad.smaato.net
2    185.255.84.152 (France)

ASN200271 (IGUANE-, FR)
visitor.omnitagjs.com
1    2606:4700:20::ac43:4a81 (United States)

ASN13335 (CLOUDFLARENET, US)
ad4m.at
2    63.251.232.170 (United States)

ASN32475 (SINGLEHOP-LLC, US)
PTR: ams-mon-1.sys.adgear.com
cm.adgrx.com
3    95.101.54.235 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a95-101-54-235.deploy.static.akamaitechnologies.com
ads.stickyadstv.com
5    151.101.66.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    34.95.81.168 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 168.81.95.34.bc.googleusercontent.com
euexchangesync.digitaleast.mobi
1    2a05:d018:cc3:fe05:3a22:211:eb82:9c6b (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
d.adroll.com
16    34.247.233.198 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
usersync.gumgum.com
2    35.210.239.72 (Brussels, Belgium)

ASN19527 (GOOGLE-2, US)
PTR: 72.239.210.35.bc.googleusercontent.com
u.ipw.metadsp.co.uk
3    70.42.32.191 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com
sync.outbrain.com
2    54.167.186.89 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-167-186-89.compute-1.amazonaws.com
sync.srv.stackadapt.com
1    52.0.248.85 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-0-248-85.compute-1.amazonaws.com
sync.ipredictive.com
1    38.91.45.7 (United States)

ASN398989 (DEEPINTENT, US)
match.deepintent.com
2    64.202.112.127 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com
b1sync.zemanta.com
2    63.35.57.217 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-35-57-217.eu-west-1.compute.amazonaws.com
ad.360yield.com
2    208.93.169.131 (United States)

ASN46244 (WEBMD-IDC1-AS, US)
bh.contextweb.com
4    198.47.127.19 (United States)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
1    202.241.208.54 (Japan)

ASN4694 (IDCF IDC Frontier Inc., JP)
tg.socdm.com
1    80.77.87.161 (Clifton, United States)

ASN46636 (NATCOWEB, US)
cs.admanmedia.com
2    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
creativecdn.com
1    8.43.72.98 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel-us-east.rubiconproject.com
6    34.249.177.138 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-249-177-138.eu-west-1.compute.amazonaws.com
cs.minutemedia-prebid.com
7    198.47.127.18 (United States)

ASN3257 (GTT-BACKBONE GTT, US)
image8.pubmatic.com
2    31.172.81.172 (Germany)

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)
sync.bumlam.com
12    185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
4    162.55.236.225 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.225.236.55.162.clients.your-server.de
sync.richaudience.com
10    198.47.127.205 (United States)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
3    54.77.82.203 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-77-82-203.eu-west-1.compute.amazonaws.com
sync.crwdcntrl.net
2    34.111.129.221 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 221.129.111.34.bc.googleusercontent.com
cr.frontend.weborama.fr
4    44.206.88.126 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-206-88-126.compute-1.amazonaws.com
a.audrte.com
2    98.98.134.242 (United States)

ASN21859 (ZEN-ECN, US)
PTR: ddos.com
pixel-sync.sitescout.com
2    35.204.158.49 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.158.204.35.bc.googleusercontent.com
um.simpli.fi
1    185.64.190.81 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
2    188.42.34.65 (Luxembourg)

ASN7979 (SERVERS-COM, US)
ads.betweendigital.com
2    8.2.108.194 (United States)

ASN46636 (NATCOWEB, US)
us.ck-ie.com
1    52.213.151.23 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-213-151-23.eu-west-1.compute.amazonaws.com
cs.yellowblue.io
1    37.157.3.20 (Denmark)

ASN198622 (ADFORM, DK)
cm.adform.net
3    198.47.127.20 (United States)

ASN3257 (GTT-BACKBONE GTT, US)
simage4.pubmatic.com
1    85.114.159.93 (Weil am Rhein, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
1    35.214.209.65 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 65.209.214.35.bc.googleusercontent.com
csync.loopme.me
5    52.31.253.130 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-31-253-130.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
1    82.145.213.8 (Norway)

ASN39832 (NO-OPERA, NO)
PTR: n-sysadmin-jumpbox-03.feednews.opera.technology
t.adx.opera.com
1    34.102.163.6 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 6.163.102.34.bc.googleusercontent.com
ad.mrtnsvr.com
3    2606:4700:10::ac43:db6 (United States)

ASN13335 (CLOUDFLARENET, US)
mwzeom.zeotap.com
spl.zeotap.com
2    77.243.51.122 (Denmark)

ASN42697 (NETIC-AS, DK)
uipglob.semasio.net
1    141.94.171.215 (France)

ASN16276 (OVH, FR)
PTR: pikafka-eu-9.cloudy.ovh
pixel.onaudience.com
1    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
ipac.ctnsnet.com
2    213.155.156.168 (Sweden)

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
d5p.de17a.com
1    195.5.165.20 (Slovenia)

ASN44968 (IPROM-AS, SI)
core.iprom.net
1    141.94.242.206 (France)

ASN16276 (OVH, FR)
PTR: bixel-11.cloudy.ovh
green.erne.co
2    141.94.171.214 (France)

ASN16276 (OVH, FR)
PTR: pikafka-eu-8.cloudy.ovh
pixel-eu.onaudience.com
1    35.186.154.107 (Singapore)

ASN15169 (GOOGLE, US)
PTR: 107.154.186.35.bc.googleusercontent.com
cm-supply-web.gammaplatform.com
1    23.88.86.2 (Gunzenhausen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.2.86.88.23.clients.your-server.de
matching.truffle.bid
1    34.102.253.54 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 54.253.102.34.bc.googleusercontent.com
ads.playground.xyz
Apex Domain
Subdomains		 Transfer
81 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 115
19be587d143de049fa82e13b2a9ca414.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 160
104ebd0ebba7900dd8a9c965df094f7f.safeframe.googlesyndication.com
5f46b4dda7d494b425316c7180c2bfe6.safeframe.googlesyndication.com
774 KB
71 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 215
googleads.g.doubleclick.net — Cisco Umbrella Rank: 53
cm.g.doubleclick.net — Cisco Umbrella Rank: 259
stats.g.doubleclick.net — Cisco Umbrella Rank: 96
pubads.g.doubleclick.net — Cisco Umbrella Rank: 430
669 KB
67 taboola.com
cdn.taboola.com — Cisco Umbrella Rank: 1076
trc.taboola.com — Cisco Umbrella Rank: 674
trc-events.taboola.com — Cisco Umbrella Rank: 2161
vidstat.taboola.com — Cisco Umbrella Rank: 2913
il-trc-events.taboola.com — Cisco Umbrella Rank: 17784
images.taboola.com — Cisco Umbrella Rank: 1811
688 KB
40 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 572
image6.pubmatic.com — Cisco Umbrella Rank: 869
image8.pubmatic.com — Cisco Umbrella Rank: 746
simage2.pubmatic.com — Cisco Umbrella Rank: 896
image2.pubmatic.com — Cisco Umbrella Rank: 1056
image4.pubmatic.com — Cisco Umbrella Rank: 1271
simage4.pubmatic.com — Cisco Umbrella Rank: 1301
43 KB
33 teads.tv
a.teads.tv — Cisco Umbrella Rank: 1581
sync.teads.tv — Cisco Umbrella Rank: 1452
t.teads.tv — Cisco Umbrella Rank: 3054
s8t.teads.tv — Cisco Umbrella Rank: 6200
studio-t.teads.tv — Cisco Umbrella Rank: 8496
2 MB
30 vidverto.io
ad.vidverto.io — Cisco Umbrella Rank: 31959
cdn.vidverto.io — Cisco Umbrella Rank: 43491
425 KB
28 rubiconproject.com
prebid-server.rubiconproject.com — Cisco Umbrella Rank: 981
fastlane.rubiconproject.com — Cisco Umbrella Rank: 557
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1188
eus.rubiconproject.com — Cisco Umbrella Rank: 656
pixel.rubiconproject.com — Cisco Umbrella Rank: 385
token.rubiconproject.com — Cisco Umbrella Rank: 662
pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 1232
68 KB
25 criteo.net
static.criteo.net — Cisco Umbrella Rank: 653
imageproxy.eu.criteo.net — Cisco Umbrella Rank: 8975
csm.eu.criteo.net — Cisco Umbrella Rank: 8658
175 KB
19 servenobid.com
ads.servenobid.com — Cisco Umbrella Rank: 2661
public.servenobid.com — Cisco Umbrella Rank: 5257
10 KB
17 gumgum.com
g2.gumgum.com — Cisco Umbrella Rank: 1688
usersync.gumgum.com — Cisco Umbrella Rank: 2138
5 KB
17 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 455
bidder.criteo.com — Cisco Umbrella Rank: 866
dis.criteo.com — Cisco Umbrella Rank: 633
ads.eu.criteo.com — Cisco Umbrella Rank: 8559
cat.fr3.eu.criteo.com — Cisco Umbrella Rank: 9381
rtb.fr3.eu.criteo.com — Cisco Umbrella Rank: 15092
rtb.nl3.eu.criteo.com — Cisco Umbrella Rank: 14574
mug.criteo.com — Cisco Umbrella Rank: 2500
100 KB
14 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 645
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 505
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 629
dsum.casalemedia.com — Cisco Umbrella Rank: 1573
8 KB
13 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 490
ups.analytics.yahoo.com — Cisco Umbrella Rank: 352
7 KB
13 adpushup.com
cdn.adpushup.com — Cisco Umbrella Rank: 15734
e3.adpushup.com — Cisco Umbrella Rank: 18621
282 KB
12 gstatic.com
csi.gstatic.com
www.gstatic.com
fonts.gstatic.com
54 KB
12 smilewanted.com
prebid.smilewanted.com — Cisco Umbrella Rank: 6963
csync.smilewanted.com — Cisco Umbrella Rank: 3056
static.smilewanted.com — Cisco Umbrella Rank: 11944
18 KB
11 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 399
218 KB
10 amazon-adsystem.com
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1106
s.amazon-adsystem.com — Cisco Umbrella Rank: 335
7 KB
10 adform.net
c1.adform.net — Cisco Umbrella Rank: 660
adx3.adform.net — Cisco Umbrella Rank: 62285
dmp.adform.net — Cisco Umbrella Rank: 3578
cm.adform.net — Cisco Umbrella Rank: 1256
6 KB
10 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 279
acdn.adnxs.com — Cisco Umbrella Rank: 643
secure.adnxs.com — Cisco Umbrella Rank: 500
24 KB
10 openx.net
rtb.openx.net — Cisco Umbrella Rank: 796
adpushup-d.openx.net — Cisco Umbrella Rank: 25659
us-u.openx.net — Cisco Umbrella Rank: 518
eu-u.openx.net — Cisco Umbrella Rank: 2750
u.openx.net — Cisco Umbrella Rank: 724
2 KB
9 smartadserver.com
ssbsync.smartadserver.com — Cisco Umbrella Rank: 906
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 730
4 KB
9 google.com
www.google.com — Cisco Umbrella Rank: 2
3 KB
9 bidswitch.net
grid.bidswitch.net — Cisco Umbrella Rank: 1197
x.bidswitch.net — Cisco Umbrella Rank: 369
12 KB
9 aralego.com
ads.aralego.com — Cisco Umbrella Rank: 37628
sync.aralego.com — Cisco Umbrella Rank: 3214
4 KB
7 minutemedia-prebid.com
cs-rtb.minutemedia-prebid.com — Cisco Umbrella Rank: 5532
cs.minutemedia-prebid.com — Cisco Umbrella Rank: 4352
3 KB
7 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 379
2 KB
7 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 747
ce.lijit.com — Cisco Umbrella Rank: 1071
3 KB
7 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 58
imasdk.googleapis.com — Cisco Umbrella Rank: 521
821 KB
7 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 799
4 KB
6 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 1977
www.google-analytics.com — Cisco Umbrella Rank: 49
761 B
6 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 226
340 KB
5 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 632
3 KB
5 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 778
1 KB
5 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 624
3 KB
5 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 962
s.tribalfusion.com — Cisco Umbrella Rank: 2311
3 KB
5 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 1027
656 B
5 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 1322
pixel.quantserve.com — Cisco Umbrella Rank: 1108
cms.quantserve.com — Cisco Umbrella Rank: 933
11 KB
4 audrte.com
a.audrte.com — Cisco Umbrella Rank: 2910
3 KB
4 richaudience.com
sync.richaudience.com — Cisco Umbrella Rank: 2211
1 KB
4 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 1180
www.googleadservices.com — Cisco Umbrella Rank: 156
813 B
4 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 610
103 B
4 dotomi.com
dclk-match.dotomi.com — Cisco Umbrella Rank: 3462
pubmatic-match.dotomi.com — Cisco Umbrella Rank: 3625
2 KB
4 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 666
eb2.3lift.com — Cisco Umbrella Rank: 440
2 KB
4 aralego.net
cdn.aralego.net — Cisco Umbrella Rank: 15983
42 KB
3 onaudience.com
pixel.onaudience.com — Cisco Umbrella Rank: 3243
pixel-eu.onaudience.com — Cisco Umbrella Rank: 15699
1 KB
3 zeotap.com
mwzeom.zeotap.com — Cisco Umbrella Rank: 3456
spl.zeotap.com — Cisco Umbrella Rank: 3359
1 KB
3 crwdcntrl.net
sync.crwdcntrl.net — Cisco Umbrella Rank: 957
1 KB
3 outbrain.com
sync.outbrain.com — Cisco Umbrella Rank: 886
1005 B
3 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 605
2 KB
3 turn.com
ad.turn.com — Cisco Umbrella Rank: 991
1 KB
3 yellowblue.io
cs-server-s2s.yellowblue.io — Cisco Umbrella Rank: 2275
cs.yellowblue.io — Cisco Umbrella Rank: 2753
2 KB
3 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 1052
3 KB
3 omnitagjs.com
hb-api.omnitagjs.com — Cisco Umbrella Rank: 4269
visitor.omnitagjs.com — Cisco Umbrella Rank: 1072
1 KB
3 media.net
prebid.media.net — Cisco Umbrella Rank: 1453
contextual.media.net — Cisco Umbrella Rank: 712
hbx.media.net — Cisco Umbrella Rank: 1338
10 KB
2 de17a.com
d5p.de17a.com — Cisco Umbrella Rank: 5086
560 B
2 semasio.net
uipglob.semasio.net — Cisco Umbrella Rank: 1294
1 KB
2 ck-ie.com
us.ck-ie.com — Cisco Umbrella Rank: 3341
992 B
2 betweendigital.com
ads.betweendigital.com — Cisco Umbrella Rank: 1606
1 KB
2 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 935
1 KB
2 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 770
938 B
2 weborama.fr
cr.frontend.weborama.fr — Cisco Umbrella Rank: 20565
497 B
2 bumlam.com
sync.bumlam.com — Cisco Umbrella Rank: 3871
1 KB
2 creativecdn.com
creativecdn.com — Cisco Umbrella Rank: 596
701 B
2 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 617
2 KB
2 360yield.com
ad.360yield.com — Cisco Umbrella Rank: 743
647 B
2 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 597
1 KB
2 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 773
2 KB
2 metadsp.co.uk
u.ipw.metadsp.co.uk — Cisco Umbrella Rank: 5047
909 B
2 adgrx.com
cm.adgrx.com — Cisco Umbrella Rank: 1513
563 B
2 admanmedia.com
sync.admanmedia.com — Cisco Umbrella Rank: 3508
cs.admanmedia.com — Cisco Umbrella Rank: 1127
366 B
2 disqus.com
ssp.disqus.com — Cisco Umbrella Rank: 1432
866 B
2 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 982
2 KB
2 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1332
961 B
2 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 733
cdn.indexww.com — Cisco Umbrella Rank: 1763
2 KB
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 249
10 KB
2 acuityplatform.com
ums.acuityplatform.com — Cisco Umbrella Rank: 1373
1 KB
2 bluekai.com
tags.bluekai.com — Cisco Umbrella Rank: 701
stags.bluekai.com — Cisco Umbrella Rank: 628
963 B
2 datadoghq.com
http-intake.logs.datadoghq.com — Cisco Umbrella Rank: 9350
505 B
2 sonobi.com
sync.go.sonobi.com — Cisco Umbrella Rank: 1120
1 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 62
90 KB
2 jquery.com
code.jquery.com — Cisco Umbrella Rank: 820
60 KB
2 adrecover.com
delivery.adrecover.com — Cisco Umbrella Rank: 27806
11 KB
2 statcounter.com
www.statcounter.com — Cisco Umbrella Rank: 16086
c.statcounter.com — Cisco Umbrella Rank: 10633
15 KB
1 playground.xyz
ads.playground.xyz — Cisco Umbrella Rank: 4338
464 B
1 truffle.bid
matching.truffle.bid — Cisco Umbrella Rank: 7143
1 gammaplatform.com
cm-supply-web.gammaplatform.com — Cisco Umbrella Rank: 3221
644 B
1 erne.co
green.erne.co — Cisco Umbrella Rank: 24751
412 B
1 iprom.net
core.iprom.net — Cisco Umbrella Rank: 6242
279 B
1 ctnsnet.com
ipac.ctnsnet.com — Cisco Umbrella Rank: 5824
369 B
1 mrtnsvr.com
ad.mrtnsvr.com — Cisco Umbrella Rank: 3169
308 B
1 opera.com
t.adx.opera.com — Cisco Umbrella Rank: 1528
552 B
1 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 1063
225 B
1 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1767
524 B
1 socdm.com
tg.socdm.com — Cisco Umbrella Rank: 1207
837 B
1 deepintent.com
match.deepintent.com — Cisco Umbrella Rank: 1148
44 B
1 ipredictive.com
sync.ipredictive.com — Cisco Umbrella Rank: 1099
465 B
1 adroll.com
d.adroll.com — Cisco Umbrella Rank: 1446
181 B
1 digitaleast.mobi
euexchangesync.digitaleast.mobi — Cisco Umbrella Rank: 18174
269 B
1 ad4m.at
ad4m.at — Cisco Umbrella Rank: 10371
1 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 780
458 B
1 adkernel.com
sync.adkernel.com — Cisco Umbrella Rank: 1988
160 B
1 springserve.com
sync.springserve.com — Cisco Umbrella Rank: 3745
206 B
1 krxd.net
beacon.krxd.net — Cisco Umbrella Rank: 745
338 B
1 agkn.com
aa.agkn.com — Cisco Umbrella Rank: 558
500 B
1 rlcdn.com
idsync.rlcdn.com — Cisco Umbrella Rank: 447
1 exelator.com
loadm.exelator.com — Cisco Umbrella Rank: 1801
324 B
1 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 405
649 B
1 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 338
17 KB
1 yieldmo.com
ads.yieldmo.com — Cisco Umbrella Rank: 752
595 B
1 analytics-debugger.com
amp.analytics-debugger.com — Cisco Umbrella Rank: 23946
3 KB
1 vidver.to
ad.vidver.to — Cisco Umbrella Rank: 55771
155 B
1 adpartner.pro
a4p.adpartner.pro — Cisco Umbrella Rank: 10548
258 B
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 1255
634 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 351
2 KB
1 ampproject.net
d-7592421742405036487.ampproject.net
1 bg3.co
www.bg3.co — Cisco Umbrella Rank: 754565
static.bg3.co Failed
15 KB
0 bidtheatre.com Failed
match.adsby.bidtheatre.com Failed
0 adotmob.com Failed
sync.adotmob.com Failed
628 119
Domain Requested by
39 pagead2.googlesyndication.com cdn.ampproject.org
securepubads.g.doubleclick.net
www.bg3.co
ads.aralego.com
pagead2.googlesyndication.com
imasdk.googleapis.com
tpc.googlesyndication.com
googleads.g.doubleclick.net
www.googletagservices.com
37 tpc.googlesyndication.com www.bg3.co
19be587d143de049fa82e13b2a9ca414.safeframe.googlesyndication.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
34 cm.g.doubleclick.net 12 redirects www.bg3.co
19be587d143de049fa82e13b2a9ca414.safeframe.googlesyndication.com
eus.rubiconproject.com
sync.teads.tv
googleads.g.doubleclick.net
adpushup-d.openx.net
g2.gumgum.com
33 il-trc-events.taboola.com www.bg3.co
cdn.taboola.com
24 ad.vidverto.io www.bg3.co
ad.vidverto.io
imasdk.googleapis.com
20 securepubads.g.doubleclick.net 1 redirects www.bg3.co
securepubads.g.doubleclick.net
www.googletagservices.com
cdn.aralego.net
18 ads.servenobid.com cdn.adpushup.com
public.servenobid.com
ssbsync.smartadserver.com
ssum-sec.casalemedia.com
g2.gumgum.com
eus.rubiconproject.com
cs-rtb.minutemedia-prebid.com
ads.pubmatic.com
cs-server-s2s.yellowblue.io
16 usersync.gumgum.com 1 redirects g2.gumgum.com
eus.rubiconproject.com
ads.pubmatic.com
16 static.criteo.net ads.eu.criteo.com
cdn.adpushup.com
static.criteo.net
15 cdn.taboola.com www.bg3.co
cdn.taboola.com
14 images.taboola.com www.bg3.co
13 t.teads.tv www.bg3.co
12 simage2.pubmatic.com 3 redirects ads.pubmatic.com
public.servenobid.com
11 cdn.ampproject.org www.bg3.co
cdn.ampproject.org
10 image2.pubmatic.com 2 redirects ads.pubmatic.com
10 eus.rubiconproject.com ads.aralego.com
eus.rubiconproject.com
cdn.adpushup.com
public.servenobid.com
g2.gumgum.com
9 csync.smilewanted.com cdn.adpushup.com
public.servenobid.com
csync.smilewanted.com
9 pr-bh.ybp.yahoo.com 6 redirects ssum-sec.casalemedia.com
ads.pubmatic.com
9 www.google.com 1 redirects www.bg3.co
tpc.googlesyndication.com
19be587d143de049fa82e13b2a9ca414.safeframe.googlesyndication.com
googleads.g.doubleclick.net
9 googleads.g.doubleclick.net www.bg3.co
19be587d143de049fa82e13b2a9ca414.safeframe.googlesyndication.com
pagead2.googlesyndication.com
cdn.ampproject.org
googleads.g.doubleclick.net
8 x.bidswitch.net 8 redirects
8 e3.adpushup.com www.bg3.co
7 image8.pubmatic.com 6 redirects ads.pubmatic.com
7 s8t.teads.tv a.teads.tv
www.bg3.co
s8t.teads.tv
7 sync.teads.tv 3 redirects a.teads.tv
sync.teads.tv
7 pubads.g.doubleclick.net imasdk.googleapis.com
7 match.adsrvr.org eus.rubiconproject.com
sync.teads.tv
cdn.adpushup.com
adpushup-d.openx.net
ssum-sec.casalemedia.com
g2.gumgum.com
ads.pubmatic.com
7 pixel.rubiconproject.com 5 redirects eus.rubiconproject.com
7 c1.adform.net 6 redirects ads.pubmatic.com
7 csi.gstatic.com securepubads.g.doubleclick.net
imasdk.googleapis.com
7 onetag-sys.com cdn.adpushup.com
ad.vidverto.io
public.servenobid.com
csync.smilewanted.com
6 cs.minutemedia-prebid.com cs-rtb.minutemedia-prebid.com
6 imageproxy.eu.criteo.net ads.eu.criteo.com
6 cdn.vidverto.io www.bg3.co
6 ib.adnxs.com 3 redirects cdn.adpushup.com
acdn.adnxs.com
6 sync.aralego.com 2 redirects ads.aralego.com
www.bg3.co
eus.rubiconproject.com
6 www.googletagservices.com securepubads.g.doubleclick.net
www.bg3.co
19be587d143de049fa82e13b2a9ca414.safeframe.googlesyndication.com
googleads.g.doubleclick.net
5 match.prod.bidr.io 5 redirects
5 sync-tm.everesttech.net 3 redirects ssum-sec.casalemedia.com
ads.pubmatic.com
5 dsum-sec.casalemedia.com 1 redirects ssum-sec.casalemedia.com
5 rtb-csync.smartadserver.com 2 redirects ssbsync.smartadserver.com
5 sync.1rx.io 5 redirects
5 ssum-sec.casalemedia.com 2 redirects js-sec.indexww.com
public.servenobid.com
ssum-sec.casalemedia.com
5 s.amazon-adsystem.com 2 redirects eus.rubiconproject.com
ssbsync.smartadserver.com
ssum-sec.casalemedia.com
5 aax-eu.amazon-adsystem.com 2 redirects eus.rubiconproject.com
adpushup-d.openx.net
ads.pubmatic.com
5 ap.lijit.com 2 redirects public.servenobid.com
csync.smilewanted.com
cs-rtb.minutemedia-prebid.com
5 a.teads.tv cdn.adpushup.com
a.teads.tv
www.bg3.co
5 prebid.a-mo.net 3 redirects cdn.adpushup.com
5 gum.criteo.com 1 redirects cdn.taboola.com
static.criteo.net
cdn.adpushup.com
5 cdn.adpushup.com www.bg3.co
cdn.adpushup.com
4 a.audrte.com 3 redirects ads.pubmatic.com
4 sync.richaudience.com 3 redirects csync.smilewanted.com
4 image6.pubmatic.com 1 redirects ads.pubmatic.com
4 ups.analytics.yahoo.com 4 redirects
4 ssbsync.smartadserver.com 3 redirects public.servenobid.com
4 dis.criteo.com 4 redirects
4 token.rubiconproject.com 4 redirects
4 region1.google-analytics.com cdn.ampproject.org
www.googletagmanager.com
4 match.sharethrough.com 19be587d143de049fa82e13b2a9ca414.safeframe.googlesyndication.com
public.servenobid.com
cs-server-s2s.yellowblue.io
csync.smilewanted.com
4 secure-assets.rubiconproject.com 4 redirects
4 imasdk.googleapis.com ad.vidverto.io
imasdk.googleapis.com
4 cdn.aralego.net www.bg3.co
ads.aralego.com
3 simage4.pubmatic.com ads.pubmatic.com
3 sync.crwdcntrl.net 2 redirects ads.pubmatic.com
3 sync.outbrain.com 2 redirects g2.gumgum.com
3 secure.adnxs.com 3 redirects
3 ads.stickyadstv.com 2 redirects ssum-sec.casalemedia.com
3 us-u.openx.net 1 redirects adpushup-d.openx.net
3 cms.quantserve.com 3 redirects
3 ad.turn.com 3 redirects
3 ads.pubmatic.com public.servenobid.com
g2.gumgum.com
ads.pubmatic.com
3 eb2.3lift.com 2 redirects cdn.adpushup.com
3 csm.eu.criteo.net ads.eu.criteo.com
3 a.tribalfusion.com 2 redirects ads.pubmatic.com
3 pm.w55c.net 3 redirects
3 www.gstatic.com www.bg3.co
19be587d143de049fa82e13b2a9ca414.safeframe.googlesyndication.com
3 fonts.googleapis.com cdn.taboola.com
19be587d143de049fa82e13b2a9ca414.safeframe.googlesyndication.com
www.bg3.co
3 rtb.openx.net cdn.adpushup.com
3 htlb.casalemedia.com cdn.adpushup.com
3 19be587d143de049fa82e13b2a9ca414.safeframe.googlesyndication.com securepubads.g.doubleclick.net
3 trc.taboola.com cdn.taboola.com
3 ads.aralego.com 1 redirects ads.aralego.com
2 pixel-eu.onaudience.com 2 redirects
2 d5p.de17a.com 2 redirects
2 uipglob.semasio.net 1 redirects public.servenobid.com
2 mwzeom.zeotap.com public.servenobid.com
2 us.ck-ie.com 2 redirects
2 ads.betweendigital.com 2 redirects
2 um.simpli.fi 1 redirects ads.pubmatic.com
2 pixel-sync.sitescout.com 2 redirects
2 pubmatic-match.dotomi.com 2 redirects
2 cr.frontend.weborama.fr 1 redirects ads.pubmatic.com
2 sync.bumlam.com 2 redirects
2 creativecdn.com 2 redirects
2 bh.contextweb.com 2 redirects
2 ad.360yield.com 2 redirects
2 b1sync.zemanta.com 2 redirects
2 sync.srv.stackadapt.com 2 redirects
2 u.ipw.metadsp.co.uk 2 redirects
2 cm.adgrx.com ssum-sec.casalemedia.com
ads.pubmatic.com
2 visitor.omnitagjs.com 2 redirects
2 ssp.disqus.com 2 redirects
2 p.rfihub.com 2 redirects
2 sync.targeting.unrulymedia.com 2 redirects
2 ce.lijit.com 1 redirects public.servenobid.com
2 cs-server-s2s.yellowblue.io public.servenobid.com
cs-server-s2s.yellowblue.io
2 adpushup-d.openx.net 1 redirects cdn.adpushup.com
2 cdnjs.cloudflare.com ads.eu.criteo.com
2 ums.acuityplatform.com 2 redirects
2 s.tribalfusion.com googleads.g.doubleclick.net
2 cat.fr3.eu.criteo.com ads.eu.criteo.com
2 www.googleadservices.com www.bg3.co
2 ads.eu.criteo.com googleads.g.doubleclick.net
2 partner.googleadservices.com pagead2.googlesyndication.com
2 http-intake.logs.datadoghq.com cdn.adpushup.com
2 fonts.gstatic.com ad.vidverto.io
2 www.google-analytics.com www.bg3.co
2 sync.go.sonobi.com 2 redirects
2 dclk-match.dotomi.com 2 redirects
2 www.googletagmanager.com cdn.ampproject.org
cdn.adpushup.com
2 prebid.smilewanted.com cdn.adpushup.com
2 code.jquery.com delivery.adrecover.com
cdn.adpushup.com
2 delivery.adrecover.com www.bg3.co
1 ads.playground.xyz 1 redirects
1 matching.truffle.bid ads.pubmatic.com
1 cm-supply-web.gammaplatform.com 1 redirects
1 green.erne.co 1 redirects
1 core.iprom.net ads.pubmatic.com
1 ipac.ctnsnet.com ads.pubmatic.com
1 spl.zeotap.com 1 redirects
1 pixel.onaudience.com 1 redirects
1 ad.mrtnsvr.com 1 redirects
1 t.adx.opera.com 1 redirects
1 csync.loopme.me 1 redirects
1 dsp.adfarm1.adition.com 1 redirects
1 cm.adform.net 1 redirects
1 cs.yellowblue.io cs-server-s2s.yellowblue.io
1 image4.pubmatic.com ads.pubmatic.com
1 dmp.adform.net 1 redirects
1 u.openx.net 1 redirects
1 pixel-us-east.rubiconproject.com 1 redirects
1 cs.admanmedia.com g2.gumgum.com
1 tg.socdm.com 1 redirects
1 stags.bluekai.com 1 redirects
1 match.deepintent.com g2.gumgum.com
1 sync.ipredictive.com 1 redirects
1 d.adroll.com ssum-sec.casalemedia.com
1 euexchangesync.digitaleast.mobi 1 redirects
1 dsum.casalemedia.com ssum-sec.casalemedia.com
1 cdn.indexww.com ssum-sec.casalemedia.com
1 ad4m.at ssum-sec.casalemedia.com
1 s.ad.smaato.net 1 redirects
1 eu-u.openx.net adpushup-d.openx.net
1 sync.admanmedia.com 1 redirects
1 hbx.media.net 1 redirects
1 sync.adkernel.com public.servenobid.com
1 cs-rtb.minutemedia-prebid.com public.servenobid.com
1 g2.gumgum.com public.servenobid.com
1 static.smilewanted.com csync.smilewanted.com
1 public.servenobid.com cdn.adpushup.com
1 contextual.media.net cdn.adpushup.com
1 acdn.adnxs.com cdn.adpushup.com
1 js-sec.indexww.com cdn.adpushup.com
1 mug.criteo.com
1 rtb.nl3.eu.criteo.com googleads.g.doubleclick.net
1 rtb.fr3.eu.criteo.com googleads.g.doubleclick.net
1 studio-t.teads.tv www.bg3.co
1 sync.springserve.com sync.teads.tv
1 beacon.krxd.net sync.teads.tv
1 aa.agkn.com sync.teads.tv
1 idsync.rlcdn.com sync.teads.tv
1 tags.bluekai.com sync.teads.tv
1 loadm.exelator.com sync.teads.tv
1 adx3.adform.net imasdk.googleapis.com
1 5f46b4dda7d494b425316c7180c2bfe6.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 104ebd0ebba7900dd8a9c965df094f7f.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 px.ads.linkedin.com eus.rubiconproject.com
1 s0.2mdn.net imasdk.googleapis.com
1 stats.g.doubleclick.net cdn.ampproject.org
1 ads.yieldmo.com 1 redirects
1 pixel.quantserve.com www.bg3.co
1 amp.analytics-debugger.com cdn.ampproject.org
1 ad.vidver.to www.bg3.co
1 a4p.adpartner.pro 1 redirects
1 rules.quantcount.com secure.quantserve.com
1 hb-api.omnitagjs.com cdn.adpushup.com
1 bidder.criteo.com cdn.adpushup.com
1 tlx.3lift.com cdn.adpushup.com
1 grid.bidswitch.net cdn.adpushup.com
1 prebid.media.net cdn.adpushup.com
1 fastlane.rubiconproject.com cdn.adpushup.com
1 prebid-server.rubiconproject.com cdn.adpushup.com
1 cdn.jsdelivr.net cdn.adpushup.com
1 d-7592421742405036487.ampproject.net cdn.ampproject.org
1 secure.quantserve.com cdn.adpushup.com
1 vidstat.taboola.com cdn.taboola.com
1 trc-events.taboola.com cdn.taboola.com
1 c.statcounter.com www.statcounter.com
1 www.statcounter.com www.bg3.co
1 www.bg3.co
0 match.adsby.bidtheatre.com Failed public.servenobid.com
0 sync.adotmob.com Failed ssum-sec.casalemedia.com
0 static.bg3.co Failed www.bg3.co
628 203
Subject Issuer Validity Valid
*.bg3.co
AlphaSSL CA - SHA256 - G4		 2023-05-22 -
2024-06-22		 a year crt.sh
misc-sni.google.com
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
statcounter.com
Sectigo RSA Domain Validation Secure Server CA		 2022-11-24 -
2023-12-24		 a year crt.sh
*.adpushup.com
GeoTrust TLS RSA CA G1		 2023-08-11 -
2024-07-12		 a year crt.sh
cdn.adpushup.com
R3		 2023-08-23 -
2023-11-21		 3 months crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-12-08 -
2023-12-31		 a year crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2023-07-11 -
2024-07-14		 a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-19 -
2023-10-18		 3 months crt.sh
ad.vidverto.io
R3		 2023-07-26 -
2023-10-24		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-04-18 -
2024-04-17		 a year crt.sh
*.aralego.com
Sectigo RSA Domain Validation Secure Server CA		 2022-10-19 -
2023-11-19		 a year crt.sh
quantserve.com
R3		 2023-08-29 -
2023-11-27		 3 months crt.sh
casalemedia.com
Cloudflare Inc ECC CA-3		 2023-05-21 -
2024-05-20		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-05 -
2024-04-03		 a year crt.sh
*.a-mo.net
R3		 2023-08-07 -
2023-11-05		 3 months crt.sh
teads.tv
R3		 2023-06-26 -
2023-09-24		 3 months crt.sh
*.openx.net
RapidSSL TLS RSA CA G1		 2023-08-18 -
2024-08-18		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-28 -
2024-01-28		 a year crt.sh
prebid.media.net
GTS CA 1D4		 2023-08-31 -
2023-11-29		 3 months crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2023-03-23 -
2024-03-23		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
*.3lift.com
Amazon RSA 2048 M02		 2023-04-13 -
2024-05-11		 a year crt.sh
ads.servenobid.com
Amazon RSA 2048 M01		 2023-04-29 -
2024-05-27		 a year crt.sh
omnitagjs.com
Sectigo RSA Domain Validation Secure Server CA		 2023-06-23 -
2024-07-22		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
analytics-debugger.com
GTS CA 1P5		 2023-07-18 -
2023-10-16		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
*.sharethrough.com
Amazon RSA 2048 M01		 2023-06-14 -
2024-07-12		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
cdn.vidverto.io
R3		 2023-07-25 -
2023-10-23		 3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
*.logs.datadoghq.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-03-22 -
2024-03-22		 a year crt.sh
*.googleadservices.com
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
*.adform.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-05-25 -
2024-06-18		 a year crt.sh
*.google.com
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
*.exelator.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-05-29 -
2024-06-11		 a year crt.sh
odc-pixel-prod-01.oracle.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-07 -
2024-02-08		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2023-02-02 -
2024-03-03		 a year crt.sh
*.agkn.com
RapidSSL Global TLS RSA4096 SHA256 2022 CA1		 2023-09-07 -
2024-09-29		 a year crt.sh
beacon.krxd.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-04-14 -
2024-04-12		 a year crt.sh
*.eu.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-19 -
2023-10-21		 3 months crt.sh
www.googleadservices.com
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-08-05 -
2023-10-31		 3 months crt.sh
*.fr3.eu.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-08-05 -
2023-10-29		 3 months crt.sh
*.eu.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-08-08 -
2023-11-08		 3 months crt.sh
*.nl3.eu.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-27 -
2023-10-22		 3 months crt.sh
indexww.com
Cloudflare Inc ECC CA-3		 2023-09-05 -
2024-09-03		 a year crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1		 2023-03-27 -
2024-04-26		 a year crt.sh
*.media.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-10 -
2024-02-18		 a year crt.sh
*.servenobid.com
Amazon RSA 2048 M02		 2023-02-21 -
2024-02-05		 a year crt.sh
gumgum.com
Amazon RSA 2048 M02		 2023-08-07 -
2024-09-05		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-21 -
2024-01-23		 a year crt.sh
*.pubmatic.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-25 -
2024-01-24		 a year crt.sh
*.minutemedia-prebid.com
Amazon RSA 2048 M01		 2023-05-01 -
2024-05-29		 a year crt.sh
*.adkernel.com
AlphaSSL CA - SHA256 - G4		 2023-01-03 -
2024-02-04		 a year crt.sh
*.yellowblue.io
Amazon ECDSA 256 M02		 2023-04-18 -
2024-05-16		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2023-05-06 -
2024-05-04		 a year crt.sh
aax-eu.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-06-21 -
2024-03-02		 8 months crt.sh
s.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-03 -
2024-02-19		 a year crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA		 2023-03-03 -
2024-03-31		 a year crt.sh
*.ads.stickyadstv.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-04-16 -
2024-04-16		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-08-29 -
2024-02-21		 6 months crt.sh
d.adroll.com
Amazon RSA 2048 M01		 2022-11-08 -
2023-12-07		 a year crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2022-11-30 -
2024-01-01		 a year crt.sh
*.ad-server.k8s.ie.ggops.com
Amazon RSA 2048 M02		 2023-02-08 -
2024-02-15		 a year crt.sh
*.admanmedia.com
Go Daddy Secure Certificate Authority - G2		 2023-04-20 -
2024-05-21		 a year crt.sh
*.richaudience.com
RapidSSL Global TLS RSA4096 SHA256 2022 CA1		 2023-02-27 -
2024-02-26		 a year crt.sh
*.simpli.fi
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-07 -
2023-12-08		 a year crt.sh
track.adform.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-06 -
2024-09-19		 a year crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-08-11 -
2024-09-11		 a year crt.sh
*.ctnsnet.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-04 -
2023-11-06		 10 months crt.sh
*.iprom.net
R3		 2023-08-16 -
2023-11-14		 3 months crt.sh
truffle.bid
R3		 2023-08-10 -
2023-11-08		 3 months crt.sh

This page contains 113 frames:

Primary Page: https://www.bg3.co/a/xie-yan-fu-bing-shi-qi-kong-su-yi-shi-yao-tui-xiu-bi-zhuan-zhen.html
Frame ID: DB68296820C6FD43F4505C19D6A32BB0
Requests: 215 HTTP requests in this frame

Frame: https://19be587d143de049fa82e13b2a9ca414.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: E3BC2D08AC1626643D119EEE88BAB22F
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssZd_KNF25ja7GrAzCaXPa61-1lyWviHoCiFMVvm14t0OXaPxWrYiXy-dxrYSC-C-AYiSqj3cxrqtSZdFsP4alnypCgHrpk9nSo-a3keraqewTei99ebnTq_ksZn_e_5iYUpjipMXW5lNhoHpJITseWLwfXG5f4kos7tnTLP9b2LPi3HzXN1BH1LZ-nNB3XoqNnH8BjDhFsu-kG9eZXif3Q5uGHj6n-0pvJb3xVc12CENruwniO-l7CXL_HqMRmQxDweQl_AHCG5pkE7h12SKgiPlpC3kZL4T8NPOjLyn_duqRHMnG1HPOWti7UeVeaaqq67w&sai=AMfl-YR9DLzopXI0IMXr3-Df7SYfwJ8G3meku_NDHT0AHlRzWRtH0Y_aXl7O_qJ0gQzYB9Wm4xjMTyVmDLRSTyOatRZunIsyB7BffmJ5PHyr92_qUha90SbXoG4x-bJ-ZL7B273pILviFOOgByQGPqQ&sig=Cg0ArKJSzEuJQap0MQouEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 2D552E5DCD47F1A35AEE27DCD20AAE81
Requests: 7 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=
Frame ID: 24705C9EB2C8A726BB8921B0A52E9246
Requests: 1 HTTP requests in this frame

Frame: https://19be587d143de049fa82e13b2a9ca414.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: C00E0F8EA7E300DA246927BF7A6BB7E7
Requests: 5 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: B943D273C10FDB92A69417A844EF79EE
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: EC4BC20827BB466F41D65B4AC020A770
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: FCC0394039868D5887ACFD1B91201ABA
Requests: 9 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Frame ID: 472C5957A49622CC8A38F1FB15AAEB41
Requests: 7 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=adiiix
Frame ID: 77F5FA84A31D9248F5F32379E43C0FDD
Requests: 2 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Frame ID: 0FDA360D0CC8726E4FA3EA930A7A9368
Requests: 7 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=adiiix
Frame ID: 60F2B0BC84AD97AE03E9D717E3BA5885
Requests: 11 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: 931230EA273013EA5B2B8F32F6099CC0
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: B287FD5200B17D4005360D95E4FA51FA
Requests: 7 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.588.0_en.html
Frame ID: 5C271A313DEFF358F8630AF2FD42A662
Requests: 20 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 63EE84B0AC0C3A9BE2D6AAFF409DBD30
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230906/r20190131/zrt_lookup.html
Frame ID: 2582C913E21894488F5A86D175CC5BCD
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/GMNNf8dPzMFRWE2GFsJAeeYNxVBqAV2Fx36SZG50-nU.js
Frame ID: D15CB4FA8A8ABC0A3359B7316356B8AA
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.588.0_en.html
Frame ID: A95DA2CD917B8DB64B693DBE7D41A080
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: DC323594F2C7FE88E058C063F84FE6EF
Requests: 1 HTTP requests in this frame

Frame: https://104ebd0ebba7900dd8a9c965df094f7f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 73DEBEA982F1D71E8B7BB2522DA212AB
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301106&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1694428455&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxie-yan-fu-bing-shi-qi-kong-su-yi-shi-yao-tui-xiu-bi-zhuan-zhen.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694435654340&bpp=270&bdt=780&idt=734&shv=r20230906&mjsv=m202309060101&ptt=5&saldr=sd&cookie=ID%3D050c352e40c34459%3AT%3D1694435653%3ART%3D1694435653%3AS%3DALNI_MaMqZh8i9RnVEXbYAdt4sdhuIqPhg&gpic=UID%3D00000c71d2ea5162%3AT%3D1694435653%3ART%3D1694435653%3AS%3DALNI_MYT6Vh6T4H89y6jhRrUY6HZHhIwDg&correlator=1234989831690&frm=23&ife=1&pv=2&ga_vid=2034881998.1694435655&ga_sid=1694435655&ga_hid=1127634491&ga_fc=0&ga_cid=amp-ZZfTcNPgaU4XzHAosBFIYw&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2335&biw=1600&bih=1200&isw=336&ish=280&ifk=4206194273&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31076838%2C31077330%2C31077559%2C42532334%2C44792013&oid=2&pvsid=1976443460035150&tmod=441640564&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.w3234lx7lhfr&btvi=1&fsb=1&dtd=751
Frame ID: ABB73C2E07DD45A80B7F12242D309846
Requests: 7 HTTP requests in this frame

Frame: https://5f46b4dda7d494b425316c7180c2bfe6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 31C00E96B61B3FAC6AB771D831826C0F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=400x250&w=400&h=250&ptt=12&adk=90073500&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-37491243461962603652&dff=sans-serif&prev_fmts=1600x96%2C1600x250&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=3&pfx=0&pwprc=1037897477&adf=16789255&nhd=0&adx=1000&ady=3278&oid=2&is_amp=5&amp_v=2308242321000&d_imp=1&c=4007446&ga_cid=amp-ZZfTcNPgaU4XzHAosBFIYw&ga_hid=1819538051&dt=1694435654786&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=120&u_his=3&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxie-yan-fu-bing-shi-qi-kong-su-yi-shi-yao-tui-xiu-bi-zhuan-zhen.html&bdt=2182&dtd=120&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Frame ID: 8FF329D76D7CBAA5A0ADD3367E48F5B8
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301107&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1694428455&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxie-yan-fu-bing-shi-qi-kong-su-yi-shi-yao-tui-xiu-bi-zhuan-zhen.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694435654342&bpp=539&bdt=789&idt=931&shv=r20230906&mjsv=m202309060101&ptt=5&saldr=sd&cookie=ID%3D050c352e40c34459%3AT%3D1694435653%3ART%3D1694435653%3AS%3DALNI_MaMqZh8i9RnVEXbYAdt4sdhuIqPhg&gpic=UID%3D00000c71d2ea5162%3AT%3D1694435653%3ART%3D1694435653%3AS%3DALNI_MYT6Vh6T4H89y6jhRrUY6HZHhIwDg&correlator=1234989831690&frm=23&ife=1&pv=1&ga_vid=2033806290.1694435655&ga_sid=1694435655&ga_hid=47684765&ga_fc=0&ga_cid=amp-ZZfTcNPgaU4XzHAosBFIYw&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=2780182601&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C44798934&oid=2&pvsid=562622493605378&tmod=187379184&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.tw4huzh369ut&fsb=1&dtd=948
Frame ID: 102A46E97CEE2EA81DBA2BD484D62CFD
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 66B2D0252EA046E4E6B5EC0CF97AF8E0
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 7520ED05A78ADA46527442BCC5DA2177
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuPP5w0_ytunZx0p5wSfcGKoRF6UTFXygcxB-FF6QSrZsCGtni7-nGmPd7TfroqpNQiRn1IFfLV8_5saIVdfq3HjydyrMux1Br25j4TVg5m7aCf0b2MxmJ0kDiTwl4zUWenAWO2Zg1_f8uUamuInG75MW1DwCOg3i28_pHEUNm8jklWTUNYdIDYlz37_iOV81TArVVeg-LspW-tpA6po7q49XwSaU3wo5K4MJp044i4UQRFvI8WcPIY6EVqwCGXE5O7valLgUujLm-uUNuBm4cH0ctbSBO4zFBi5PkzbXB3ed3diROwnioyx8w1OLJ0im7l&sai=AMfl-YQ7Z-GdOiOrPtQDJiiZgQ8isbjl99W7jFQIIvopash8AQIzWaOBM4hgji846Mg-jcFdW09_T8jXIPMelGM9pok2b5MYwb-tNg91rrxUnkL-AclLvtVJ8TDzq0MBDQ&sig=Cg0ArKJSzG1QKa-qI0PgEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: AFFD03984037C9C2F2526076E6B2E163
Requests: 23 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: A075483D21E78452DFE098CF5BCDC472
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 253B660D6CB7054359B75666823CE8EE
Requests: 2 HTTP requests in this frame

Frame: https://19be587d143de049fa82e13b2a9ca414.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 73C174949866AB06A05AA7799FA05044
Requests: 9 HTTP requests in this frame

Frame: https://sync.teads.tv/iframe?pid=169092&gdprIab={%22reason%22:240,%22status%22:24,%22consent%22:%22%22,%22apiVersion%22:null,%22cmpId%22:null}&fromFormat=true&env=js-web&hb_provider=prebid&auctid=6cb247c3-d4af-47d8-af5b-93402999ab0f_50b45b42-c1ea-4c9e-9f86-d8579626f5b9&vid=dda1694e-37ca-4de0-b5a1-6d30c645324e&1694435655641
Frame ID: 484F78E1C74FD98E6F5CB09F8789838B
Requests: 12 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7132700366679474911/index.html
Frame ID: A1A719CC226851891E47AD56F8B6F910
Requests: 11 HTTP requests in this frame

Frame: data://truncated
Frame ID: FDCEEC56815B72C621FAC18CB9B2E4FB
Requests: 2 HTTP requests in this frame

Frame: https://s8t.teads.tv/vpaid-builder/performance-single-video?1232
Frame ID: 0F9A6412663F0FAD3A4EA960D9BB7AB1
Requests: 6 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.588.0_en.html
Frame ID: C5573C4FA4C06BB457F63CD2750D56F5
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 25F3777959B477A13ECECE2E3B4A1E69
Requests: 1 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZP8JRwAC7ZkEws-YAAnYNK_Rvdbw6A3rk4RXdA&u=%7C7986pjaTk5YjvYxH8g2UIflWwdIND8LKNA8ieL3ryIo%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdhoxLfz-cNqzFiF5C1iIi-No5dsH_gGJ612oS23GCZbDG9-Jcw020wuh3fZaV5E5SsgfVE6kyN1UvGKTou5wsTULlF2dG6nzs5PKE-5vrOg1FsaYmKRAfRJogjhObTA8e4UOkj3_fI0gVE2EdEGFBZqrhvgblifP4J_eCyCtRv4jDnGdyZp2nx-C96sDRNzNPlCJgvOYRlaxwMq3vhRX5Hae-sbXcXItMzS8oDT-KcnTdqdPeq_2ZeJB3BLtwUqwhY-4OmuEeJA-wDEhV8DjdhXCabOShbHvq5ZXug6U7yQNiFQX1Udrb3K5v-PnUo2Fd2j-6m-XTd989Ph2yUqsply4jNzveBAKV2w60p_f8n_mp8ERyzuhamERsyP6m9Ttr5Vs4QBgpRQgndaMEJbautuA_kajzBEePFDXdETDg4mvBawd_3oEo4VZi-530SzPZlfX7kKYDIwpfpLrNGyxgoF1ppOtIHNGTa5FYsyujBzGR0k1hsBI4EMS8STJi2mhef0rURPXOB8Dqkp_JYb0OuvFihMeRVYRFv4rz6QL0Oz20qosFnhmky17ugpbGEb6_gVqCKyPbnie_QYRGX9WSPh6nFmIHpisBmZawua_7Af8F7yY_Lt4NhG1540VYClTD_2b9NGQEXMqzFlhDAH76JwS_wT6OTsuMIbRxu-4wnMbfVLnezUd73KmOdFUwbd0CGHDS6GJyy6e7A5g4Je3JD&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQd9QRwn_ZJnbC5ifi9YPtLCnYMme0rFc1Z2R93DAjbcBEAEgAGD1lc6B4ASCARdjYS1wdWItNDQ4NTIzOTQyNTkyNDc4N8gBCakC9j0qZY8Csj6oAwHIAwKqBKwCT9AhyZOFqcqqvKCkPcmvCzGw_gPl6JTczkUaZlhG49_ZWQSQ4BkpgkvIOOUM5FtNjvbC3vokxA_Q-VV_mXdKVn0dPjb_WRylIOeP52aj3m9J49yBWdG_gW5xytSjKs6By-ugQQfs2R0Ule7m-uvzBWt2kD0Z-rGrmj-utlSYas7MZc3iiDdecij0dxer050PY5tGXlm8ZP59JKB14reM1XAv2cPPBQ7lsUzloPwj6hfUS863BSqIGFAkC-lrkYfoEs9qmCf6MRUyueX6kyinB9HHBP6P9tt99svwC1fjKWJrFF72I-SpzZCaGOOo3pEsRPNhAspVvPpX0P7N2etMM9mWIxvI08OhokxMJBbjs0sBA2Z_atooGBhZ6SgsduL6I3Ahau2VIpvzzP8IgAbupIOpr9Xfr1mgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2BTuq4EUzkUXY6v5LEOhLM1IJkyQ%26client%3Dca-pub-4485239425924787%26adurl%3D
Frame ID: 24663D1CF3243447A7F8875B1E88E7B3
Requests: 14 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 6F21B2F7F978E9DF1B4BAD0EB1D0BE6C
Requests: 7 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZP8JRwAGGbMEwtBXAAKM2XQFzJ89oRjm8wW57A&u=%7C7986pjaTk5bKDdYvow31XtW5mXBQNx1y0xT0l5y4rlQ%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdhoxLfz-cNqzFiF5C1iIi-No5dsH_gGJ612oS23GCZbDG9-Jcw020wuh3fZaV5E5SsgfVE6kyN1dHenPxHoxWxpsS9TrFIAD7Pk3t4SD6FX2elV3AWLexpWEnMttjdNdRrnvoJ-mjfXQj0VdsQIyXAMZuf36wroCtmDyIZtDfft0dNaV-V9hmkJxVx8lxTwZVy_y1_ADx9Ar-_Ei-6gT_jrx3O9kht9cqZtnUSA4xr493VizFwCyymKTR_7OX8ziG31mCm3D2-3ObqFMGyKcp0uxL-XYmkUscyBQh9HBZOh3wB3YA7q-86o8Er50EVIrJvRUBfqopuT6WmINMqe2-L76CG-RtYdN-RXsBHQbcWBh6TY8lEyXi6vtSOgMf2TSMDRrRIvqyQ1Igrx9bQQG4wzeo4CRBOWuWnmjoVBLD-RGSyj1T8l37Wqe8oSmQo6fnRzm1sCnWinecfnqy2eZETh62zRQn-rqEzd4iuZGAmNQv2SfmhILQSTfMyFuudMTt8pnroT-nODKVEIWhZcSAtgjWa4sv_YYHQPlXCQi3Is4P1OZFdgKk5cUdJiYi9TD_-LWOsWMosydbneyjRaz8nDXia5DQS7Bdu2kQcQ6aP4sAf856kyEn4UyXAca5qJtF0zCpk0_wSWxZUtA6-2dZLjlitwqiR8xrN-91BqZ7qQstI0M3Jt3LPrPZfbauku7CFmeP5x6ATGS4h8xkaPBEw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCRwV0Rwn_ZLOzGNegi9YP2ZmKoAbJntKxXNWdkfdwwI23ARABIABg9ZXOgeAEggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpArmvXfDW_7E-qAMByAMCqgSmAk_Qp2AR8pQUQclIptlDolgLizSaTVtEjot56kucIj6rfVdLHcEteWVwn5PxHVoQ8y0ZJRHqouskacXBOETF6lcCr8itTMwqd1WgU5odgXF3NOxvUpmmThO4Yfvd1jUJHrEUU5Fvbz1aHGk9KEyw-v9M_9SG6rgHoR_vK4qtPqpq0SvogC39aT7d6E66zK8VNXey0pax3uCB8KcbaFRigKAcShz19UW3pUAmdR8pdKGVSNF-yJsV-B5s9QKBVddWoiqEJcaLI58PxQ6uElrodZuSlpUNE_LOTjebZAj6hnIVAlrr13Ew6dLQJBrYMr1LWfUKbJEDSUNmCBviU-drDg7uHaE9EQjZIjhFa1JEnHrndeNyje37emwh4Q8y58SuXsrIiZWVi4AG7qSDqa_V369ZoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0baRgu6aIY4Ta0a8WTPnHM6ys4Eg%26client%3Dca-pub-4485239425924787%26adurl%3D
Frame ID: C39CB0F7A79FB8B81A876A895824E534
Requests: 15 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: C1602B503C6D1AF14FE760CDE0D9BCB8
Requests: 7 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.bg3.co
Frame ID: 5243F39C1777C25CDA1D0CDCB7BE97F8
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 449412B6365F606AA889CE07A0AF367F
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 9A6374AF9BF1789863C2B3EFC4B0A7FB
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 8059FF622E6B9801614FBAD640E21F5E
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 67DCED078F27807A9BB34D4C73617E8A
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 253264EFD4BA785C8C973D52266F05C2
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 10D70C6AF0F5FCD50032B48D5F95DC64
Requests: 2 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: 20217573F95CF88F7E5020A3C7C90F77
Requests: 1 HTTP requests in this frame

Frame: https://adpushup-d.openx.net/w/1.0/pd?cc=1
Frame ID: D0C8675BB8C9AAFAE56D6A120AEA6563
Requests: 7 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 7D7CDE99839E1081C915236A785AB335
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/
Frame ID: 101542CBF447D0E6848D30C773ABFEA2
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: C4BD8F36282A1098BD0095392C9E0B55
Requests: 3 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1694435653886
Frame ID: 891294BB4787F6B2BEC39C938E420ECF
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 8EA8A57AA4DA945897B03C6DF8FB6C3B
Requests: 2 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C2045%2C3012%2C2043%2C2040%2C244%2C2039%2C3007%2C246%2C4%2C203%2C446%2C9%2C2055%2C2099%2C173%2C294%2C251%2C175%2C450%2C132%2C374%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C459%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C461%2C222%2C345%2C468%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Frame ID: B3992E7248BCCBA214F0D141A2A6799A
Requests: 1 HTTP requests in this frame

Frame: https://prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=&gpp=&gpp_sid=
Frame ID: C28C3A348A7951B1AF9BA7E391322B18
Requests: 1 HTTP requests in this frame

Frame: https://public.servenobid.com/sync.html
Frame ID: 086506DC44633CEBC1B5E53BEEEB1A80
Requests: 14 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: DA367B38FDF8987EC977F63467C9B875
Requests: 10 HTTP requests in this frame

Frame: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Frame ID: 065251883973C50A649DD3548ADCCEF5
Requests: 14 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Frame ID: CB7D5BA889F3C63E3E36C20B7BBA75B6
Requests: 1 HTTP requests in this frame

Frame: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Frame ID: BF073CDCC819E318C40F21D013DC820F
Requests: 6 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Frame ID: 030CCD2AF8376DFED5EF6C3179D604A4
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Frame ID: 333F45FBB3389137D2998FDA2D2F8463
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Frame ID: EAFE9A56B6E43101953BDCEF5AEF3736
Requests: 20 HTTP requests in this frame

Frame: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Frame ID: 47E94EC0D952F3867DC09BC05D43349D
Requests: 9 HTTP requests in this frame

Frame: https://sync.adkernel.com/user-sync?zone=181225&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D152%26uid%3D%7BUID%7D&gdpr=0&gdpr_consent=&us_privacy=1YN-&
Frame ID: 26891ECC8BEAF4C4277E22D99DE15AC9
Requests: 1 HTTP requests in this frame

Frame: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Frame ID: 5B616100007375BB32AE8F1A38D800C9
Requests: 5 HTTP requests in this frame

Frame: https://csync.smilewanted.com/drop_cookie_sw.php
Frame ID: DF7C57D0DF1BFB5438D10E26A9D61DD5
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Frame ID: 49CDCECE944D25159A3D1C17C313A2BB
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=atm&i=ZP8JSgAPdnzS7QAN&gdpr=0&gdpr_consent=&_test=ZP8JSgAPdnzS7QAN
Frame ID: 085A0503EB8EA9EF18E28E109F7520E0
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV8yZjAzNWMxMC1lNjNiLTRhZmQtOGQ3MS03YzcxMGQyODNkNDQ=&gdpr=0&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Frame ID: 8D9CC6F318F62A194E4287B9998535D2
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Frame ID: 9AB5E85206145FBD6929FA56F42E1C60
Requests: 4 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
Frame ID: F2A8F48DFBB0233AD8C36E36C14CD70E
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=sus&i=ZP8JSsCo5tAAALhaufgAAAAA
Frame ID: E39660C1C397C9277CCB33807D6263B9
Requests: 1 HTTP requests in this frame

Frame: https://cs.admanmedia.com/sync/gumgum?puid=e_2f035c10-e63b-4afd-8d71-7c710d283d44&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Daad%26i%3D%5BDSP_USER_ID%5D&gdpr=0&gdpr_consent=&ccpa=1---
Frame ID: 6F80FF3B79C4FA8F13CEF7F42284E88F
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=rth&i=osix3W7DkZuBqGTUiPiu&pi=gumgum&tc=1
Frame ID: 5F240D0FE8D288AE68CB7CC74D987F69
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: 1A7012E20E09EC7A12E7982C6EDD30BB
Requests: 3 HTTP requests in this frame

Frame: https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fsovrn%2F%24UID
Frame ID: 7E7F987F9BC8538F909E3BF86F2C3383
Requests: 1 HTTP requests in this frame

Frame: https://sync.richaudience.com/697a8452aebbe5875da0878cfaf3d0d0/?uid=41d2615c-4204-49d0-87f5-f4cd3d0e3ac4&gdpr=0&gdpr_consent=&us_ps=
Frame ID: FD0B07E9F8971A886D7FB808430487FA
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/unruly/RX-ec50676d-f298-4393-981b-4891db2fa7c3-003
Frame ID: C144E398C3FD1B44F54728475387942E
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Frame ID: 3DB54FC320B658FE224F9773F0CAD311
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=53BC0C8B-6C9E-42B6-8F3B-DFDEDFA20CB1&redir=true&gdpr=0&gdpr_consent=
Frame ID: CC21763C03587F9C61C97AED5E9BF4F3
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=AjqK5gQ32LYZPN-3BWjBtAA72rYZPNu0BGxqoYIN
Frame ID: D3C13BBB0D46FAA294D04D97CF6C8700
Requests: 1 HTTP requests in this frame

Frame: https://ads.servenobid.com/sync?pid=316&uid=53BC0C8B-6C9E-42B6-8F3B-DFDEDFA20CB1
Frame ID: D67D86E7D37DFBE96220D3C1DC1925D2
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/betweenx/08ac9396-bbfc-52fe-9732-98e0f3cd91ab
Frame ID: 8FCCF1528BF49B12C49468AB945684B6
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/bizzclick/5836908490248cbb9c1e0869632dc36e2e9f24108fe3974f95361aa2f40fe23b
Frame ID: 5F7F3EC8CF85C66DD3C1C272C2799CB0
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/adform/3967674464741924942
Frame ID: A0FA92F2FF71B4E4AADFA254061EE1CB
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/freewheel/752eecf13974878c386c923ba072665d?gdpr_consent=&gdpr=0
Frame ID: 693901F23C01BA297D32D88B5D8607D9
Requests: 1 HTTP requests in this frame

Frame: https://match.sharethrough.com/universal/v1?supply_id=GmfSCHMu&gdpr=0&gdpr_consent=
Frame ID: D6C29FB7A5974A96C94ABD442767C73D
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/smartyads/ab1f81d4d83d79149d5ab8b30b479378eb02bf2689b0b5cec7ef8b9878eefcfb
Frame ID: 321560AF16D35F8A76ECD638A65CB67E
Requests: 1 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=53BC0C8B-6C9E-42B6-8F3B-DFDEDFA20CB1&gdpr=0&gdpr_consent=
Frame ID: F4D31CCA3AD350FD0F2AED9455D01D7F
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5233787502523251788&gdpr=0&gdpr_consent=
Frame ID: 6DFC58A462103824585CA4B89704A3B6
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=c_nnShwtVAh8MbEa5ZaC-C0M3qw&gdpr=0&gdpr_consent=
Frame ID: 72A95302E5B2EAB9EF0C6C6CD6F238B8
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7277545749176252559&gdpr=0&gdpr_consent=
Frame ID: D8A60F666B25A0C36E52922FBE5DE2D9
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: 53FCD8F2B885306CA0C7743D8EA56648
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=
Frame ID: 7514B437B8EC1F4406A1F2630BC1F6C2
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Frame ID: 3DEC5CCD15E1FBF108C29E12EC69DCE7
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAEFjU7J_hMAACWcZkVqLg&gdpr=0&gdpr_consent=
Frame ID: 9B4EA79D9F8DE6EFC25E181968BA7F5B
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU75d3fb94fc184e0e8f41c19f04ab1166
Frame ID: 369E9DEA849553A81F01DCB2074A6C05
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=53BC0C8B-6C9E-42B6-8F3B-DFDEDFA20CB1&gdpr=0&gdpr_consent=
Frame ID: 9ED170CE88538617D359927BC47C58D8
Requests: 1 HTTP requests in this frame

Frame: https://ads.servenobid.com/sync?pid=316&uid=53BC0C8B-6C9E-42B6-8F3B-DFDEDFA20CB1
Frame ID: C9C1C313098797073B46AB3538EE4E50
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5144588526324084040
Frame ID: 0AAAF3461FD40125334E2828443DD010
Requests: 1 HTTP requests in this frame

Frame: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Frame ID: A8CFDF54E3599EE9993AF3713E215F7B
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=557907400668329831
Frame ID: 67A56D8A3B75C9CC9CE064E5674DC979
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Frame ID: 4BAADAC56A89F9B44C5A26B38DCC79E7
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=kODCF8PznjRWRXUVnnMSTMQj&gdpr=0&gdpr_consent=
Frame ID: 3EB20BD99B95843C7C520342AC58734D
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=o28wl4nm9rjs
Frame ID: E44DDF8B097C430649DC04CBE40B918C
Requests: 1 HTTP requests in this frame

Frame: https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 42373FFD6DAB7D9776A5A6CEB9C9B876
Requests: 1 HTTP requests in this frame

Frame: https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Frame ID: A9BDFD06D185E5444A556C805F176638
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:50BD6F1CB66849598C0773C882236912&gdpr=0&gdpr_consent=
Frame ID: 891BE2FE6D289B0C6F07EFD01AB7A8E7
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=pbm&i=53BC0C8B-6C9E-42B6-8F3B-DFDEDFA20CB1
Frame ID: 9CD9B0151937DD5CB3DEBDDB675A12C7
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=1600x250&w=1600&h=250&ptt=12&adk=2733026255&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-2613695223671390398&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=470780615&nhd=0&adx=0&ady=3921&oid=2&is_amp=5&amp_v=2308242321000&d_imp=1&c=4007446&ga_hid=1819538051&dt=1694435654264&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=120&u_his=3&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxie-yan-fu-bing-shi-qi-kong-su-yi-shi-yao-tui-xiu-bi-zhuan-zhen.html&bdt=1660&dtd=53&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Frame ID: 3CAF1416CA364AAEF9D93D4AEDA690D7
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

血癌夫病逝 妻控訴醫師要退休逼轉診 - 天天要聞

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/pagead/show_ads\.js
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • lightbox(?:-plus-jquery)?.{0,32}\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • /prebid\.js
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • statcounter\.com/counter/counter
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

628
Requests

81 %
HTTPS

28 %
IPv6

119
Domains

203
Subdomains

129
IPs

17
Countries

7535 kB
Transfer

21415 kB
Size

188
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5
  • https://ads.aralego.com/sdk HTTP 301
  • https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Request Chain 161
  • https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fad.vidverto.io%2Fdelivery%2Fv2%2Fsync%3Fuserid%3D750e6d7a-a347-4c62-ad15-f9ef4ad23f9b%26p_id%3D23 HTTP 302
  • https://ad.vidverto.io/delivery/v2/sync?userid=750e6d7a-a347-4c62-ad15-f9ef4ad23f9b&p_id=23
Request Chain 162
  • https://x.bidswitch.net/sync?ssp=prodoohmox&user_id=750e6d7a-a347-4c62-ad15-f9ef4ad23f9b&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=prodoohmox&user_id=750e6d7a-a347-4c62-ad15-f9ef4ad23f9b&gdpr=0&gdpr_consent= HTTP 302
  • https://ad.vidver.to/delivery/v2/sync?userid=41d2615c-4204-49d0-87f5-f4cd3d0e3ac4&p_id=15
Request Chain 191
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adiiix HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=adiiix
Request Chain 192
  • https://sync.aralego.com/idsync?euconsent-v2=${GDPR_CONSENT_607}& HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/ucfunnel/a8e44f0a-5198-33c7-8fd9-6f3707dae864?gdpr=0&euconsent= HTTP 302
  • https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-507AozhE2oWxWZuSO2CdU3pmDsbo7pa0CluqmYI-~A&redirect=
Request Chain 194
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adiiix HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=adiiix
Request Chain 202
  • https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEHY9yg0wrfvPMAX3W8zK80Y&google_cver=1&google_push=AXcoOmS8mdEwZiJfbl0MCqbSYy_YIkyiQsoiqXiOzzsHv4FHJGWiAthZwEJvFZVvSIQZ4gIHrT-cIAe-PB5-aUL1yrlwWeXs_hyk HTTP 302
  • https://dclk-match.dotomi.com/match/bounce/current?DotomiTest=3da238ca6ca4195a&is_secure=true&networkId=14000&version=1&google_gid=CAESEHY9yg0wrfvPMAX3W8zK80Y&google_cver=1&google_push=AXcoOmS8mdEwZiJfbl0MCqbSYy_YIkyiQsoiqXiOzzsHv4FHJGWiAthZwEJvFZVvSIQZ4gIHrT-cIAe-PB5-aUL1yrlwWeXs_hyk HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAH8ONuibQ9YgMHpG_MAAAAAAA&expiration=1694522054&google_cver=1&is_secure=true&google_gid=CAESEHY9yg0wrfvPMAX3W8zK80Y&google_push=AXcoOmS8mdEwZiJfbl0MCqbSYy_YIkyiQsoiqXiOzzsHv4FHJGWiAthZwEJvFZVvSIQZ4gIHrT-cIAe-PB5-aUL1yrlwWeXs_hyk
Request Chain 203
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEDTpsAWRCAB7G1I8MP3dGI4&google_cver=1&google_push=AXcoOmSVaPHpI7QdkCtHhyqxDIAGiQxLLX-rWXZELrla1E3TPXATKzatS5QrbbkYDHt4rCGOaYOQSRKbTDyI8j_4GGqFQrnKI5Xo HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSVaPHpI7QdkCtHhyqxDIAGiQxLLX-rWXZELrla1E3TPXATKzatS5QrbbkYDHt4rCGOaYOQSRKbTDyI8j_4GGqFQrnKI5Xo&google_hm=eS1EQ1hicXNSRTJwRW5tc2t3c2VybEh0eEpHSXpCallpNX5B
Request Chain 204
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEFduTIuX4ZEy1klET8fGFK8&google_cver=1&google_push=AXcoOmQZEr5CdXiBWjt5Vcg2fLGgtFW8BZBWhaoOqf6BZ9VQF7vrujjQla_TR3dUj3P7-6YIgu2Xb18kuREg1E-2vraRTLAfpKw HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEFduTIuX4ZEy1klET8fGFK8&google_cver=1&google_push=AXcoOmQZEr5CdXiBWjt5Vcg2fLGgtFW8BZBWhaoOqf6BZ9VQF7vrujjQla_TR3dUj3P7-6YIgu2Xb18kuREg1E-2vraRTLAfpKw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Mzk2NzY3NDQ2NDc0MTkyNDk0Mg&google_push=AXcoOmQZEr5CdXiBWjt5Vcg2fLGgtFW8BZBWhaoOqf6BZ9VQF7vrujjQla_TR3dUj3P7-6YIgu2Xb18kuREg1E-2vraRTLAfpKw
Request Chain 205
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsonobi%26google_push%3DAXcoOmTn_K7-evu5o_bckN--cfGp8p7kh0NWo_1yKN9JyWI54L9zprU6h1NfyOEuh5UzLzGYHMKAZiwS4mtZVYPxH8fjbjp0Zm8%26google_hm%3D%5BUID%5D&google_gid=CAESENnrjGAU_Puu7tXxctcH0gI&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AXcoOmTn_K7-evu5o_bckN--cfGp8p7kh0NWo_1yKN9JyWI54L9zprU6h1NfyOEuh5UzLzGYHMKAZiwS4mtZVYPxH8fjbjp0Zm8&google_hm=cca87155-71f9-4bc6-8f6f-05bf8e7a8467
Request Chain 206
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEHbeeH4I0P5g_3_93V4L4E4&google_cver=1&google_push=AXcoOmQ2gAviXFMVWxpGzYvRuAENkdpYO0umcD5c1fOb_BWm7oeM5RedCT6com74NKc5_I8t13gctrG2G8RsOhCiNcTS3TFZC6AZ HTTP 307
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEHbeeH4I0P5g_3_93V4L4E4&google_cver=1&google_push=AXcoOmQ2gAviXFMVWxpGzYvRuAENkdpYO0umcD5c1fOb_BWm7oeM5RedCT6com74NKc5_I8t13gctrG2G8RsOhCiNcTS3TFZC6AZ&sovrn_retry=true HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmQ2gAviXFMVWxpGzYvRuAENkdpYO0umcD5c1fOb_BWm7oeM5RedCT6com74NKc5_I8t13gctrG2G8RsOhCiNcTS3TFZC6AZ&google_hm=HTaSDGZHE4wnbW0ERWeKz3eo
Request Chain 207
  • https://ads.yieldmo.com/exptsync?google_gid=CAESEGm4igMM_aEZ0mEhKcU3nEM&google_cver=1&google_push=AXcoOmSUHdMMjqJpkuCjeY0UgOtVKorA5Eb9XfiXAQgnEaoXGUMKGnXSIO7sH4Xoxj0SaeUvkvVVoFr-iglr5F3jz5k_Ef8MmzA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AXcoOmSUHdMMjqJpkuCjeY0UgOtVKorA5Eb9XfiXAQgnEaoXGUMKGnXSIO7sH4Xoxj0SaeUvkvVVoFr-iglr5F3jz5k_Ef8MmzA&google_hm=M1JGbVZlZWtreGVfWmVDc3lmXzA=
Request Chain 213
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 215
  • https://pixel.rubiconproject.com/exchange/sync.php?p=adiiix&khaos=LMEV8M4R-1U-JSRL HTTP 302
  • https://sync.aralego.com/idsync?ucf_nid=dsp-34BA74DB2DB8A36B0867EE4A76799A2&ucf_user_id=LMEV8M4R-1U-JSRL HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/ucfunnel/a8e44f0a-5198-33c7-8fd9-6f3707dae864?gdpr=0&euconsent= HTTP 302
  • https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-507AozhE2oWxWZuSO2CdU3pmDsbo7pa0CluqmYI-~A&redirect=
Request Chain 229
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TE1FVjhNNFItMVUtSlNSTA== HTTP 302
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEIX4XDtDetZCSL2sZ7cKJ9k&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE1FVjhNNFItMVUtSlNSTA==&google_push=
Request Chain 230
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/vq-3hYfEB_Q_gH3wR6A79cn5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-lOdPysZE2oIAGr9xkALf2UURHUY3pY9n3HwN_g--~A
Request Chain 231
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=rvCaxdi7TOOikFuYEEfcJw&rk=usync-other HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=rvCaxdi7TOOikFuYEEfcJw
Request Chain 232
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LMEV8M4R-1U-JSRL
Request Chain 233
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=FeVniFgETx6mMjgRadgu8Q&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=FeVniFgETx6mMjgRadgu8Q
Request Chain 234
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YTVkOTlhYTNmYmJhZTc3N2Q2YjNlZWM3YzQwYjQxNTA0YmU1Y2YyMA
Request Chain 235
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEMVL2kxFsCz9xx7YoIH7pFQ&google_cver=1
Request Chain 317
  • https://sync.teads.tv/um?eid=3&fp=1&uid=&vid=dda1694e-37ca-4de0-b5a1-6d30c645324e&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D&gdpr=0&gdpr_consent=&_t=1694435655792 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=ZGRhMTY5NGUtMzdjYS00ZGUwLWI1YTEtNmQzMGM2NDUzMjRl
Request Chain 319
  • https://dis.criteo.com/dis/usersync.aspx?r=79&p=145&cp=teads&cu=1&url=https%3A%2F%2Fsync.teads.tv%2Fum%3Ffp%3D1%26eid%3D80%26uid%3D%40%40CRITEO_USERID%40%40&gdpr=0&gdpr_consent=&_t=1694435655792 HTTP 302
  • https://sync.teads.tv/um?fp=1&eid=80&uid=306636ff-5852-4183-8b4a-f84dcf9faf77&gdpr=0&gdpr_consent=
Request Chain 320
  • https://pr-bh.ybp.yahoo.com/sync/teads/dda1694e-37ca-4de0-b5a1-6d30c645324e?gdpr=0&gdpr_consent=&_t=1694435655792 HTTP 302
  • https://sync.teads.tv/um?eid=132&uid=y-_lNNhCtE2oSG4ybdf7viNSTPZVRHSb5L5FI-~A
Request Chain 326
  • https://sync.teads.tv/um?fp=1&ssb_provider_id=1&uid=&vid=dda1694e-37ca-4de0-b5a1-6d30c645324e&fb=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000024%26uuid%3D%5BVID%5D&gdpr=0&gdpr_consent=&_t=1694435655792 HTTP 302
  • https://sync.springserve.com/usersync?aid=1000024&uuid=dda1694e-37ca-4de0-b5a1-6d30c645324e
Request Chain 327
  • https://sync.teads.tv/um?fp=1&ssb_provider_id=3&google_nid=teadstv_ab&uid=&vid=dda1694e-37ca-4de0-b5a1-6d30c645324e&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&gdpr=0&gdpr_consent=&_t=1694435655792 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=ZGRhMTY5NGUtMzdjYS00ZGUwLWI1YTEtNmQzMGM2NDUzMjRl HTTP 302
  • https://sync.teads.tv/um/report?ssb_provider_id=3&google_nid=teadstv_ab&fp=1
Request Chain 355
  • https://securepubads.g.doubleclick.net/pagead/adview?ai=Cu_htRwn_ZOLUDbGJ1PIPipOemASz8rngcY-LuYTZEciLhZ4LEAEguoTAM2D1lc6B4ASgAajh7KIDyAEJqQJJ9CHsiNmyPuACAKgDAcgDSKoE3QJP0KNI-82jEdN1aKagxd8hoRfytPd2q1j7Wj0yVzwK0H1Yaa8W8WNAY7-71gyvmOtKwkW87me1odXJHqemFqJgFBBBnU3obUZAlaZmgZZqA6ZKhlZYdH_TwTI551sic9Kx0u5GD8tr4d2IYszcOD1kBX3-c910__YWmhyjAg4miBMLSrET6Wwly6HebQpUZEDWC-7A4Vi6mo4ySZIom51_qeL9czOv0vMLYX8wXMZ1SUrkewWaTQfA-DNDdBthhH0pRpnecA1omF5waOQcZTIKbdRNd3sUQE1LlGGO9sgQ9tzhqUlObittTyfjjzORBMve-3lT7U_YiUgvN40WOBq2x4Mgh2Mt92WsFF16zTOl-UeFm26Q8u6ehMBsIo8G_tB_IPTxIfRCRuE1u22iMZe57PaJ84rpbFXgmJKJR_kOjYkQyRaVPa5Mpj4lIeMNAcxX3dpgipNUuDqXOYeswASrsdn1qwTgBAGIBdyuw9JKkgUECAQYAZIFBAgFGASgBi6AB8Cek12oB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBDa3RbSCBQIgGEQARgdMgKKAjoCgEBIvf3BOvIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MJoJLWh0dHBzOi8vd3d3LmlsbWFjLmNoL2VuL2Jhc2VsL3Zpc2l0L2NhbXBhaWduL4AKA8gLAdoMEQoLEKCfxZT8sLDltgESAgED2BMK0BUBmBYBgBcBshceChwIABIUcHViLTEzMjUzNDA0Mjk4MjM1MDIYyqse&sigh=KdC6N-viG2Q&uach_m=[UACH]&ase=2&cid=CAQSOwBpAlJW3aVz6k-DOUADUxcKtWGHLUfdSPKG5RSdDuzhXoYp8blOuuPcyMYuzjzmqVY9jcnZ9yU9rcE7GAE&template_id=419&cbvp=2&vis=1 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x4f42bc62f6c7a0780000000000000000%22,%222%22:%220xe074b6e847d661b60000000000000000%22,%223%22:%220x77d792cd05be6fd50000000000000000%22,%224%22:%220xec09973066c779700000000000000000%22,%225%22:%220xd363a04b26b7c0220000000000000000%22},%22debug_key%22:%229155305784230816682%22,%22debug_reporting%22:true,%22destination%22:%22https://ilmac.ch%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22878391464%22],%224%22:[%2209-11%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%221187606285425782721%22}&andc=true
Request Chain 368
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEPfOl1hm4CI34Ui5bmBoBa8&google_cver=1&google_push=AXcoOmQ6nzGL-beta5H3YfjpUaXJhV4s5vKw3VcBoEcoqSN4gS7jnJOWCszziJQf56GR1WOj9evDcWvKsWv1sAhGimknWpLRbBbQ HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEPfOl1hm4CI34Ui5bmBoBa8&google_cver=1&google_push=AXcoOmQ6nzGL-beta5H3YfjpUaXJhV4s5vKw3VcBoEcoqSN4gS7jnJOWCszziJQf56GR1WOj9evDcWvKsWv1sAhGimknWpLRbBbQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=M3lIb2lEdnYxUUZHN201&google_gid=CAESEPfOl1hm4CI34Ui5bmBoBa8&google_cver=1&google_push=AXcoOmQ6nzGL-beta5H3YfjpUaXJhV4s5vKw3VcBoEcoqSN4gS7jnJOWCszziJQf56GR1WOj9evDcWvKsWv1sAhGimknWpLRbBbQ
Request Chain 369
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEDc2nLbVJXS8T2tE2ICwbK4&google_cver=1&google_push=AXcoOmT8ElVHG5aUiM1kXwZvp2dzl4aTzaiBqunBHXP9vYBiyMq_Gxb4dZX1sKG3p_QLugpKikDE5Sch1st76ej6onXgdfmL_9LO&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmT8ElVHG5aUiM1kXwZvp2dzl4aTzaiBqunBHXP9vYBiyMq_Gxb4dZX1sKG3p_QLugpKikDE5Sch1st76ej6onXgdfmL_9LO%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEDc2nLbVJXS8T2tE2ICwbK4&google_cver=1&google_push=AXcoOmT8ElVHG5aUiM1kXwZvp2dzl4aTzaiBqunBHXP9vYBiyMq_Gxb4dZX1sKG3p_QLugpKikDE5Sch1st76ej6onXgdfmL_9LO&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmT8ElVHG5aUiM1kXwZvp2dzl4aTzaiBqunBHXP9vYBiyMq_Gxb4dZX1sKG3p_QLugpKikDE5Sch1st76ej6onXgdfmL_9LO%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 370
  • https://ums.acuityplatform.com/tum?umid=4&uid=CAESELuMQOabAOMo4tMFZVdAY5E&google_cver=1&google_push=AXcoOmRW2U0Me8V4xioJZ8YN945D2BjKGB4c9JJEAvZoBhzp0dmmY8U7qxX7jM7cwciU2ylpGIzerniAJByCEGiZZsB4KUdG5Neg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=826005494477
Request Chain 371
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEFduTIuX4ZEy1klET8fGFK8&google_cver=1&google_push=AXcoOmTAsM2l_wJFPnOHHE-EcidtK6GF3IZJU5dGEjNRtzjmCNpXZQE8evWh2q4kbfPOXojkR0QlvXf1Cx_ow6_8Hla9sjTzI54 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Mzk2NzY3NDQ2NDc0MTkyNDk0Mg&google_push=AXcoOmTAsM2l_wJFPnOHHE-EcidtK6GF3IZJU5dGEjNRtzjmCNpXZQE8evWh2q4kbfPOXojkR0QlvXf1Cx_ow6_8Hla9sjTzI54
Request Chain 372
  • https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEPx65T5jvdeR08WW4YRIoc8&google_cver=1&google_push=AXcoOmRr0SbHW5o-GLkyq0opAooVTEGhiItmQkwIOBPzh-H6_U1pjGeUVtLZ07tUnNuYxOLhl8qK4tPqx8pKlVsgD5XxjwqIol0W HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AXcoOmRr0SbHW5o-GLkyq0opAooVTEGhiItmQkwIOBPzh-H6_U1pjGeUVtLZ07tUnNuYxOLhl8qK4tPqx8pKlVsgD5XxjwqIol0W&google_hm=NjAyODU0MjM5MDY3NjQyNzM5Ng%3D%3D
Request Chain 385
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEPfOl1hm4CI34Ui5bmBoBa8&google_cver=1&google_push=AXcoOmS0CxfPUMK1LkfTM3tTENjhmW6uz7d4O2E_ntGBeEKtqrYsvnSAdBp6hDAivcLcPiHQntcqd-VdtAB7KGao2-VTAcqRj56o HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=M3lIb2lEdnYxUUZHN201&google_gid=CAESEPfOl1hm4CI34Ui5bmBoBa8&google_cver=1&google_push=AXcoOmS0CxfPUMK1LkfTM3tTENjhmW6uz7d4O2E_ntGBeEKtqrYsvnSAdBp6hDAivcLcPiHQntcqd-VdtAB7KGao2-VTAcqRj56o
Request Chain 386
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEDc2nLbVJXS8T2tE2ICwbK4&google_cver=1&google_push=AXcoOmRp1VP47H4GYUnlEAeDcBgc8KWOaAxiGal3Gy-v687O_oE-H2sqmX0pP_9XDCXm9iHUeV8aCmukNQ-WGBrPZ-7xlvFjQcA&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmRp1VP47H4GYUnlEAeDcBgc8KWOaAxiGal3Gy-v687O_oE-H2sqmX0pP_9XDCXm9iHUeV8aCmukNQ-WGBrPZ-7xlvFjQcA%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEDc2nLbVJXS8T2tE2ICwbK4&google_cver=1&google_push=AXcoOmRp1VP47H4GYUnlEAeDcBgc8KWOaAxiGal3Gy-v687O_oE-H2sqmX0pP_9XDCXm9iHUeV8aCmukNQ-WGBrPZ-7xlvFjQcA&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmRp1VP47H4GYUnlEAeDcBgc8KWOaAxiGal3Gy-v687O_oE-H2sqmX0pP_9XDCXm9iHUeV8aCmukNQ-WGBrPZ-7xlvFjQcA%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 387
  • https://ums.acuityplatform.com/tum?umid=4&uid=CAESELuMQOabAOMo4tMFZVdAY5E&google_cver=1&google_push=AXcoOmQDqEkwXyI98yhpz9Wm1K9RVSUyLUI1bAQ5BRjsnTRNVw6WfAsvyDEXYynXXi3QZqLKDULObZfBgTLyQ3Yc5exvc_hIr0kr HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=826005494477
Request Chain 388
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEFduTIuX4ZEy1klET8fGFK8&google_cver=1&google_push=AXcoOmRAD50EoWYSkN9ifKGsPBSK5QQUgvMzWjdB7lK9-lIizKIQLagbOCaPSbLAmDFvAs8XxwwakINVCWA7Jl75tkvnfelG2PM HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Mzk2NzY3NDQ2NDc0MTkyNDk0Mg&google_push=AXcoOmRAD50EoWYSkN9ifKGsPBSK5QQUgvMzWjdB7lK9-lIizKIQLagbOCaPSbLAmDFvAs8XxwwakINVCWA7Jl75tkvnfelG2PM
Request Chain 389
  • https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEPx65T5jvdeR08WW4YRIoc8&google_cver=1&google_push=AXcoOmRyvgrqbBehiMJjYhauFSvcAjBymiAM4G1dwc9MFg9GrOdRTEk4YaR9SZqkZhDeRWFTc7ZW_WGSDCBoLl29Ws3073jk3_A HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AXcoOmRyvgrqbBehiMJjYhauFSvcAjBymiAM4G1dwc9MFg9GrOdRTEk4YaR9SZqkZhDeRWFTc7ZW_WGSDCBoLl29Ws3073jk3_A&google_hm=NjYyNjIxNjkyMjc1NzY2NTI4OA%3D%3D
Request Chain 432
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=bg3.co&sn=ChromeSyncframe&so=0&topUrl=www.bg3.co&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=u7FaLXxBNXFiVnU2Sk5SU1l5cmhtVFRzbzVwQnVZUVk4enp5bm4wdnZtVGlYL2RobEdUOTRJYmI2UVlTVW9ZaXY1L3M5U2ZtTWlzSUN4cmNrRC9GUGFhcHZjdE16bUxkRUJBdjM1OWZWcG1jQ0Y4RlhsMkNGdFZ2MCtlcEJ2Y3RhaExDcTlFQVhUR25mNzAvekpBWEJaUHFlaHQ1d0JTNDJ5MVI4SmxFUFd5cUE2clN4a20wVkE0d2phZ1grU0FHZlhFaVJZWDBIMjAvc2hGYlpuMUt2L3JVYkZneXlUb0ZmNUQzcUYvQ3NLWTVpN0l1aUs5d2dEcnducUpUcng1WEtMWm1qUXhSYXhtWnZiQ2JsRVlnNzVYejdrUT09fA&cppv=2
Request Chain 461
  • https://adpushup-d.openx.net/w/1.0/pd HTTP 302
  • https://adpushup-d.openx.net/w/1.0/pd?cc=1
Request Chain 472
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Request Chain 477
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Request Chain 482
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID HTTP 302
  • https://ads.servenobid.com/sync?pid=312&uid=5233787502523251788
Request Chain 483
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D HTTP 302
  • https://ads.servenobid.com/sync?pid=310&uid=HTaSDGZHE4wnbW0ERWeKz3eo
Request Chain 485
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&zcc=1&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D&cb=1694435657890 HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=5741112020 HTTP 302
  • https://sync.1rx.io/usersync/turn/9001601252464162412?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-ec50676d-f298-4393-981b-4891db2fa7c3-003?redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Funruly%2FRX-ec50676d-f298-4393-981b-4891db2fa7c3-003 HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/unruly/RX-ec50676d-f298-4393-981b-4891db2fa7c3-003
Request Chain 486
  • https://p.rfihub.com/cm?pub=44007&in=1 HTTP 302
  • https://ads.servenobid.com/sync?pid=324&uid=5144588526324084040
Request Chain 487
  • https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D332%26uid%3D HTTP 302
  • https://ads.servenobid.com/sync?pid=332&uid=cca87155-71f9-4bc6-8f6f-05bf8e7a8467
Request Chain 488
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D HTTP 302
  • https://ads.servenobid.com/sync?pid=327&uid=&us_privacy=1YN-&gdpr=0
Request Chain 489
  • https://ups.analytics.yahoo.com/ups/58559/occ HTTP 302
  • https://ads.servenobid.com/sync?pid=337&uid=y-zU7a.SlE2uEvQFJ1XzbiH1hDv0BPLYvYCXxGM9I-~A
Request Chain 490
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID HTTP 302
  • https://prebid.a-mo.net/cchain/0?gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D6%26r%3DCid1YS1jNjY5NjQxZi04ZTA4LTMxYjYtYWM2MC1mODlhNjQ3YzU3ZWMQ____________ASpTaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzQ2JnVpZD11YS1jNjY5NjQxZi04ZTA4LTMxYjYtYWM2MC1mODlhNjQ3YzU3ZWMyAgYMOAE=%26buyeruid%3D HTTP 302
  • https://ssp.disqus.com/match?bidder=6&r=Cid1YS1jNjY5NjQxZi04ZTA4LTMxYjYtYWM2MC1mODlhNjQ3YzU3ZWMQ____________ASpTaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzQ2JnVpZD11YS1jNjY5NjQxZi04ZTA4LTMxYjYtYWM2MC1mODlhNjQ3YzU3ZWMyAgYMOAE=&buyeruid= HTTP 302
  • https://ce.lijit.com/merge?pid=279534&3pid=ua-c669641f-8e08-31b6-ac60-f89a647c57ec&gdpr=&gdpr_consent=&us_privacy=&location=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D12%26buyeruid%3D%5BSOVRNID%5D%26r%3DCid1YS1jNjY5NjQxZi04ZTA4LTMxYjYtYWM2MC1mODlhNjQ3YzU3ZWMQ____________ASpTaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzQ2JnVpZD11YS1jNjY5NjQxZi04ZTA4LTMxYjYtYWM2MC1mODlhNjQ3YzU3ZWMyAgYMOAI=
Request Chain 491
  • https://ups.analytics.yahoo.com/ups/58632/occ HTTP 302
  • https://ads.servenobid.com/sync?pid=339&uid=y-zU7a.SlE2uEvQFJ1XzbiH1hDv0BPLYvYCXxGM9I-~A
Request Chain 493
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D353%26uid%3D%3Cvsid%3E HTTP 302
  • https://ads.servenobid.com/sync?pid=353&uid=0000EEA
Request Chain 494
  • https://sync.admanmedia.com/pbs.gif?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D328%26uid%3D%5BUID%5D HTTP 302
  • https://ads.servenobid.com/sync?pid=328&uid=99d34ffe-6936-4f50-a951-df488c2b5870
Request Chain 495
  • https://cms.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=-o_be_yCiSvhiY4q_d2QKfiOiyvhiYop_Nnn0ZtY
Request Chain 496
  • https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=3967674464741924942
Request Chain 500
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKRIZaCqLPdQtSz5K2Rz_8k&google_cver=1
Request Chain 502
  • https://dis.criteo.com/dis/usersync.aspx?r=30&p=273&cp=smartortb&cu=1&url=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D79%26partneruserid%3D%40%40CRITEO_USERID%40%40&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=79&partneruserid=306636ff-5852-4183-8b4a-f84dcf9faf77&gdpr=0&gdpr_consent=
Request Chain 503
  • https://s.ad.smaato.net/c/?adExInit=sas&redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D133%26partneruserid%3D$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=133&partneruserid=3d10188f64
Request Chain 504
  • https://visitor.omnitagjs.com/visitor/bsync?uid=627080440e659fbe0f85333c665ae1de&name=SMARTADSERVER&url=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D117%26partneruserid%3DPARTNER_USER_ID%26gdpr%3DGDPR%26gdpr_consent%3DGDPR_CONSENT&gdpr=0&gdpr_consent= HTTP 307
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=117&partneruserid=313c806812dd1064840e01e9d6644e4a&gdpr=0&gdpr_consent=0
Request Chain 505
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=135&partneruserid=TAM_OK&redirurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fdcm%3Fpid%3D72348060-38ad-4586-8e4f-f1e2a8e789b3%26id%3DSMART_USER_ID&gdpr=0&gdpr_consent= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=72348060-38ad-4586-8e4f-f1e2a8e789b3&id=6626216922757665288&gdpr=0&gdpr_consent=
Request Chain 507
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZP8JSb9F2Gk.yDTXMxwhQgAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEHOG7cbi4_L_gjVuRxytQ1k&google_cver=1&google_hm=2
Request Chain 510
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZP8JSb9F2Gk-yDTXMxwhQgAAFIoAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEO99dCffnNgVpY9Vf59-O9s&google_cver=1
Request Chain 513
  • https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=UrYrzlS7eZ5JsH6fVeRgnFC3e55JsHqcVOCbkid-
Request Chain 516
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=5233787502523251788
Request Chain 518
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZP8JSb9F2Gk-yDTXMxwhQgAAFIoAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/casale/ZP8JSb9F2Gk-yDTXMxwhQgAAFIoAAAAB
Request Chain 519
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&_test=ZP8JSgAPe-ChpQA_
Request Chain 520
  • https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID HTTP 302
  • https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=5233787502523251788
Request Chain 521
  • https://euexchangesync.digitaleast.mobi/usersync/index.gif?us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=462b9ba9-e327-4b9c-a6e7-95abbc192185
Request Chain 528
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID HTTP 302
  • https://usersync.gumgum.com/usersync?b=apn&i=5233787502523251788
Request Chain 529
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_2f035c10-e63b-4afd-8d71-7c710d283d44&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://u.ipw.metadsp.co.uk/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2&bsw_user_id=${BSW_USER_UD}&bsw_param=41d2615c-4204-49d0-87f5-f4cd3d0e3ac4&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=1--- HTTP 302
  • https://u.ipw.metadsp.co.uk/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2&bsw_user_id=${BSW_USER_UD}&bsw_param=41d2615c-4204-49d0-87f5-f4cd3d0e3ac4&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=1--- HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=339&expires=14&gdpr=0&gdpr_consent=&user_group=1&user_id=d377ac1b-129f-4658-9447-feed8008c559&ssp=gumgum2&bsw_param=41d2615c-4204-49d0-87f5-f4cd3d0e3ac4 HTTP 302
  • https://usersync.gumgum.com/usersync?b=bsw&i=41d2615c-4204-49d0-87f5-f4cd3d0e3ac4&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 530
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%280tVQ3cWzgwyb0-pJskFXOB98T00kAhc-LjsF7Bq8Hr5SkkjKJHj8-EStnsw-IBo3%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%280tVQ3cWzgwyb0-pJskFXOB98T00kAhc-LjsF7Bq8Hr5SkkjKJHj8-EStnsw-IBo3%29%26gdpr%3D0 HTTP 302
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_2f035c10-e63b-4afd-8d71-7c710d283d44&obuid=ENC(0tVQ3cWzgwyb0-pJskFXOB98T00kAhc-LjsF7Bq8Hr5SkkjKJHj8-EStnsw-IBo3)&gdpr=0 HTTP 302
  • https://sync.outbrain.com/syncPlatform?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0
Request Chain 531
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=opx&i=e73b47f2-8780-07ea-0df5-f8cc2a869b00
Request Chain 532
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sta&i=0-73f9e74a-1c2d-5408-7c31-b11ae59682f8$ip$45.12.222.172
Request Chain 533
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=oth&i=y-g6s9gBRE2pfc0S0FHHpYi5ij41C7LHIyRpXU~A
Request Chain 534
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=vnt&i=d6b8d5df-b882-4872-9d92-f42e34d0c7a3
Request Chain 536
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_2f035c10-e63b-4afd-8d71-7c710d283d44&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__ HTTP 302
  • https://stags.bluekai.com/site/23178?id=Vu556JS18JTqeIP0j08S&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2VTVGU2TMSSTGE4EUVDRMVEVAMDKGA4FGJTVONPXA4TJOZQWG6J5GEWS2LI&gdpr=0&us_privacy=1--- HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2VTVGU2TMSSTGE4EUVDRMVEVAMDKGA4FGJTVONPXA4TJOZQWG6J5GEWS2LI HTTP 302
  • https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=Vu556JS18JTqeIP0j08S&us_privacy=1---
Request Chain 537
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=idi&i=bfa793fe-5bd6-4e4a-aead-b2202346f7a4
Request Chain 538
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
  • https://usersync.gumgum.com/usersync?b=pln&i=pAbGTa6N6sPG&ev=1&pid=558355
Request Chain 539
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sad&i=6626216922757665288
Request Chain 542
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=ZP8JSgAPdnzS7QAN HTTP 302
  • https://usersync.gumgum.com/usersync?b=atm&i=ZP8JSgAPdnzS7QAN&gdpr=0&gdpr_consent=&_test=ZP8JSgAPdnzS7QAN
Request Chain 546
  • https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
  • https://usersync.gumgum.com/usersync?b=sus&i=ZP8JSsCo5tAAALhaufgAAAAA
Request Chain 548
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1 HTTP 302
  • https://usersync.gumgum.com/usersync?b=rth&i=osix3W7DkZuBqGTUiPiu&pi=gumgum&tc=1
Request Chain 549
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=gumgum
Request Chain 550
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=duration_media&khaos=LMEV8M4R-1U-JSRL HTTP 302
  • https://ads.servenobid.com/sync?pid=323&uid=LMEV8M4R-1U-JSRL
Request Chain 552
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&cb=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21492%26uid%3D%26ismms2s%3D1 HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21492&uid=&ismms2s=1&gdpr=0
Request Chain 554
  • https://eb2.3lift.com/getuid?gdpr=0&cmp_cs=&redir=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21480%26id%3D$UID%26ismms2s%3D1 HTTP 302
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21480%26id%3D%24UID%26ismms2s%3D1 HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21480&id=742876909853207093297&ismms2s=1
Request Chain 555
  • https://image8.pubmatic.com/AdServer/ImgSync?p=161683&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21482%26id%3D%23PMUID%26ismms2s%3D1 HTTP 302
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.bumlam.com/?src=bsw2&bsw_ssp=pubmatic&bsw_param=41d2615c-4204-49d0-87f5-f4cd3d0e3ac4&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.bumlam.com/?src=bsw2&s_data=CAIQARjKkvynBloJCgRnZHByEgEwWg4KDGdkcHJfY29uc2VudKIBEIaRpgxQnxHuhuAAJZDAZHyqAQhwdWJtYXRpY7IBJDQxZDI2MTVjLTQyMDQtNDlkMC04N2Y1LWY0Y2QzZDBlM2FjNA** HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=476&user_id=8691a60c-509f-11ee-86e0-002590c0647c&expires=90&ssp=pubmatic&bsw_param=41d2615c-4204-49d0-87f5-f4cd3d0e3ac4 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=41d2615c-4204-49d0-87f5-f4cd3d0e3ac4&gdpr=&gdpr_consent=&gdpr_pd= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21482&id=53BC0C8B-6C9E-42B6-8F3B-DFDEDFA20CB1&ismms2s=1
Request Chain 556
  • https://visitor.omnitagjs.com/visitor/bsync?uid=a1aca1d7a7acd80e26595e82223f1e6f&name=MinuteMedia&gdpr=0&gdpr_consent=&url=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21502%26id%3D%5BBUYER_ID%5D%26ismms2s%3D1 HTTP 307
  • https://cs.minutemedia-prebid.com/cs?aid=21502&id=313c806812dd1064840e01e9d6644e4a&ismms2s=1
Request Chain 557
  • https://ssum-sec.casalemedia.com/usermatchredir?s=196326&cb=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21476%26id%3D%26ismms2s%3D1 HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21476&id=&ismms2s=1ZP8JSb9F2Gk.yDTXMxwhQgAA%265258
Request Chain 558
  • https://u.openx.net/w/1.0/cm?id=29975467-6f1b-4e06-b545-920b22ea49b2&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21477%26id%3D%26ismms2s%3D1 HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21477&id=&ismms2s=1895f0186-d007-00e8-1216-f1d6a2d510a3
Request Chain 560
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=ns9qrKJLKD&consentString=&r=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Frichaudience%2F%5BPDID%5D HTTP 302
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcsync.smilewanted.com%2F HTTP 302
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcsync.smilewanted.com%2F&rd=1 HTTP 303
  • https://x.bidswitch.net/sync?ssp=richaudience&gdpr=0&gdpr_consent=&user_id=0d572816-e041-450a-93cc-1zz1694435647 HTTP 302
  • https://dis.criteo.com/dis/usersync.aspx?r=25&p=52&dis=0&gdpr=0&gdpr_consent=&url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D462%26ssp%3Drichaudience%26user_id%3D%40%40CRITEO_USERID%40%40 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=462&ssp=richaudience&user_id=k-14BU6dnQOJKoo5BPBPlyS6wVxs1KvYOkTqdA9w&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.richaudience.com/697a8452aebbe5875da0878cfaf3d0d0/?uid=41d2615c-4204-49d0-87f5-f4cd3d0e3ac4&gdpr=0&gdpr_consent=&us_ps=
Request Chain 566
  • https://sync.1rx.io/usersync2/rmpssp?sub=smilewanted HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=550956088 HTTP 302
  • https://sync.1rx.io/usersync/turn/3021665372246275692?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-ec50676d-f298-4393-981b-4891db2fa7c3-003?redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Funruly%2FRX-ec50676d-f298-4393-981b-4891db2fa7c3-003 HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/unruly/RX-ec50676d-f298-4393-981b-4891db2fa7c3-003
Request Chain 567
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Request Chain 569
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=AjqK5gQ32LYZPN-3BWjBtAA72rYZPNu0BGxqoYIN
Request Chain 571
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=U7wMi2yeQraPO9_e36IMsQ%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 572
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=53BC0C8B-6C9E-42B6-8F3B-DFDEDFA20CB1&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=53BC0C8B-6C9E-42B6-8F3B-DFDEDFA20CB1&gdpr=0&gdpr_consent=&ct=y
Request Chain 573
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent= HTTP 307
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=1302039167
Request Chain 574
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=53BC0C8B-6C9E-42B6-8F3B-DFDEDFA20CB1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=YTVhREdIYTYwZklSb3FFb3lKUDl0ZzZ6UQ==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%253D%253D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/a?adform_uid=3967674464741924942&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D HTTP 302
  • https://a.audrte.com/p
Request Chain 575
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NTNCQzBDOEItNkM5RS00MkI2LThGM0ItREZERURGQTIwQ0Ix&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 576
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEPFEg4qjtijcgqOLcA3tS8g&google_cver=1 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=53BC0C8B-6C9E-42B6-8F3B-DFDEDFA20CB1&gdpr=0&gdpr_consent= HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=631515c94a0a16e5&is_secure=true&networkId=17100&version=1&nuid=53BC0C8B-6C9E-42B6-8F3B-DFDEDFA20CB1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAIIkVofGBZvwM8yb47AAAAAAA&expiration=1694522058&nuid=53BC0C8B-6C9E-42B6-8F3B-DFDEDFA20CB1&is_secure=true&gdpr_consent=&gdpr=0 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3021665372246275692&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=c77113ac-87f2-409b-8e20-bd9869d8554d-64ff094a-4348&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Request Chain 578
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=3967674464741924942
Request Chain 581
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=53BC0C8B-6C9E-42B6-8F3B-DFDEDFA20CB1&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-UYF4sf9E2uVUNTMOtAdWGjtdG.o7sOA-~A&gdpr=0
Request Chain 582
  • https://ads.betweendigital.com/match?bidder_id=45128&callback_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbetweenx%2F${USER_ID} HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=45128&callback_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbetweenx%2F${USER_ID}&crf=1&rts=577376535648684461 HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/betweenx/08ac9396-bbfc-52fe-9732-98e0f3cd91ab
Request Chain 583
  • https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&khaos=LMEV8M4R-1U-JSRL HTTP 302
  • https://usersync.gumgum.com/usersync?b=mag&i=LMEV8M4R-1U-JSRL
Request Chain 584
  • https://us.ck-ie.com/smwt256.gif?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbizzclick%2F%7B%24PARTNER_UID%7D HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/bizzclick/5836908490248cbb9c1e0869632dc36e2e9f24108fe3974f95361aa2f40fe23b
Request Chain 585
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160295&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11576%26id%3D%23PMUID HTTP 302
  • https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=53BC0C8B-6C9E-42B6-8F3B-DFDEDFA20CB1
Request Chain 587
  • https://ads.stickyadstv.com/user-matching?id=3663&gdpr=0&gdpr_consent= HTTP 302
  • https://cs.yellowblue.io/cs?aid=11601&id=8cf949d9eb42688341a39649a18acb0&gdpr_consent=&gdpr=0
Request Chain 589
  • https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fadform%2F%24UID HTTP 303
  • https://csync.smilewanted.com/set_partner_userid_get/adform/3967674464741924942
Request Chain 590
  • https://ads.stickyadstv.com/user-matching?id=3602&gdpr=0&gdpr_consent= HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/freewheel/752eecf13974878c386c923ba072665d?gdpr_consent=&gdpr=0
Request Chain 592
  • https://us.ck-ie.com/smw888.gif?gdpr=0&gdpr_consent=&us_privacy={$USPrivacy}&coppa={$COPPA}&puid={$PARTNER_UID} HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/smartyads/ab1f81d4d83d79149d5ab8b30b479378eb02bf2689b0b5cec7ef8b9878eefcfb
Request Chain 602
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5233787502523251788&gdpr=0&gdpr_consent=
Request Chain 603
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=c_nnShwtVAh8MbEa5ZaC-C0M3qw&gdpr=0&gdpr_consent=
Request Chain 604
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7277545749176252559&gdpr=0&gdpr_consent=
Request Chain 607
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token} HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Request Chain 608
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFFRmpVN0pfaE1BQUNXY1prVnFMZw&gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://bh.contextweb.com/bh/rtset?ev=AAEFjU7J_hMAACWcZkVqLg&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsas%252Cpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=sas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AAEFjU7J_hMAACWcZkVqLg&pid=558502&do=add&gdpr=0 HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partneruserid=AAEFjU7J_hMAACWcZkVqLg&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr%3D0%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&gdpr=0&bee_sync_partners=pm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=6626216922757665288&gdpr=0&gdpr_consent= HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAEFjU7J_hMAACWcZkVqLg&gdpr=0&gdpr_consent=
Request Chain 609
  • https://t.adx.opera.com/pub/sync?pubid=pub8730968190912 HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU75d3fb94fc184e0e8f41c19f04ab1166
Request Chain 610
  • https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent= HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw%26piggybackCookie%3D%23PM_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=53BC0C8B-6C9E-42B6-8F3B-DFDEDFA20CB1&gdpr=0&gdpr_consent=
Request Chain 613
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=53BC0C8B-6C9E-42B6-8F3B-DFDEDFA20CB1&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=53BC0C8B-6C9E-42B6-8F3B-DFDEDFA20CB1&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 614
  • https://pixel.onaudience.com/?partner=214&mapped=53BC0C8B-6C9E-42B6-8F3B-DFDEDFA20CB1&gdpr=0&gdpr_consent= HTTP 302
  • https://spl.zeotap.com/?zdid=1332&zcluid=ec949265eef87fdc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=62de7bc1-0a00-4bcd-419e-a899a2e0b775&reqId=4440f7a6-0c07-4a58-5e92-4654027c71e7&zcluid=ec949265eef87fdc&zdid=1332 HTTP 302
  • https://mwzeom.zeotap.com/mw?google_gid=CAESEAqV2I73ouwVfisZnt7Xe5U&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=62de7bc1-0a00-4bcd-419e-a899a2e0b775&reqId=4440f7a6-0c07-4a58-5e92-4654027c71e7&zcluid=ec949265eef87fdc&zdid=1332
Request Chain 617
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5144588526324084040
Request Chain 619
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=557907400668329831
Request Chain 621
  • https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent= HTTP 302
  • https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25_rid%26gdpr%3D0%26gdpr_consent%3D%25_gdpr_consent HTTP 302
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=ec949265eef87fdc/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253DkODCF8PznjRWRXUVnnMSTMQj%2526gdpr%253D0%2526gdpr_consent%253D HTTP 302
  • https://pixel-eu.onaudience.com/?partner=104&icm&cver&mapped=a689fc08d5b338ae9beabc1d75779a03&gdpr=0&redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3DkODCF8PznjRWRXUVnnMSTMQj%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=kODCF8PznjRWRXUVnnMSTMQj&gdpr=0&gdpr_consent=
Request Chain 622
  • https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=o28wl4nm9rjs
Request Chain 625
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:50BD6F1CB66849598C0773C882236912&gdpr=0&gdpr_consent=
Request Chain 627
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=5233787502523251788

628 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request xie-yan-fu-bing-shi-qi-kong-su-yi-shi-yao-tui-xiu-bi-zhuan-zhen.html
www.bg3.co/a/ 		53 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.bg3.co/a/xie-yan-fu-bing-shi-qi-kong-su-yi-shi-yao-tui-xiu-bi-zhuan-zhen.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.231.174.251 New York, United States, ASN9744 (XLC-AS-AP XLC GLOBAL, HK),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
f549f5c3d5b80e94a9d2c447050f666dca0211f5f793db60f35984194cc1b8e9

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
max-age=60
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Mon, 11 Sep 2023 12:34:12 GMT
etag
"d21b-IK54k07XmjxXyq/RoTiL6RfbASI"
expires
Mon, 11 Sep 2023 12:35:12 GMT
server
nginx/1.18.0 (Ubuntu)
vary
Accept-Encoding
v0.js
cdn.ampproject.org/ 		277 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xie-yan-fu-bing-shi-qi-kong-su-yi-shi-yao-tui-xiu-bi-zhuan-zhen.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7bc9a725bf6c833672ef4dcba2d2519271918b9dc6a1025de78abaa552152ffd
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Mon, 11 Sep 2023 12:34:12 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
72941
x-xss-protection
0
server
sffe
etag
"1fd4dd9eff57c430"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3000, stale-while-revalidate=1206600
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Mon, 11 Sep 2023 12:34:12 GMT
amp-sidebar-0.1.js
cdn.ampproject.org/v0/ 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-sidebar-0.1.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xie-yan-fu-bing-shi-qi-kong-su-yi-shi-yao-tui-xiu-bi-zhuan-zhen.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
74ef1dc879279b310d54c27709e0b28aa7d18b1f7c23b4f1733b03047d538f2c
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Mon, 11 Sep 2023 12:34:12 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9642
x-xss-protection
0
server
sffe
etag
"02dd63e520ffd2e6"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Mon, 11 Sep 2023 12:34:12 GMT
amp-auto-ads-0.1.js
cdn.ampproject.org/v0/ 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-auto-ads-0.1.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xie-yan-fu-bing-shi-qi-kong-su-yi-shi-yao-tui-xiu-bi-zhuan-zhen.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5302bfe1d93dd4e0efef96171eda6cc8a0a07b18d1ed21d428db1e49c397d33b
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Mon, 11 Sep 2023 12:34:12 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7559
x-xss-protection
0
server
sffe
etag
"7e5f99ff05e5cd4c"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Mon, 11 Sep 2023 12:34:12 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		99 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xie-yan-fu-bing-shi-qi-kong-su-yi-shi-yao-tui-xiu-bi-zhuan-zhen.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
133faba4c8e39ef75f5ddb4ad69bad8fdeb17f194b37864c26fbdd37adfcd7dd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 12:34:12 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29272
x-xss-protection
0
server
cafe
etag
708 / 19611 / 31077596 / config-hash: 173420558501686155
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 11 Sep 2023 12:34:12 GMT
counter.js
www.statcounter.com/counter/ 		40 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.statcounter.com/counter/counter.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xie-yan-fu-bing-shi-qi-kong-su-yi-shi-yao-tui-xiu-bi-zhuan-zhen.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.219.77 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
18ccd9972995ccfdf1c4ce53d0195550e2b44e9acbd5c0cf826088149fa7e7c6

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 12:34:12 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 08 Sep 2023 16:30:31 GMT
server
cloudflare
age
37073
etag
W/"64fb4c27-a067"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
cf-ray
804ff18d6b071e4e-FRA
expires
Mon, 11 Sep 2023 14:16:19 GMT
sdk
cdn.aralego.net/ucfad/sdk/us-east/
Redirect Chain
  • https://ads.aralego.com/sdk
  • https://cdn.aralego.net/ucfad/sdk/us-east/sdk
39 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xie-yan-fu-bing-shi-qi-kong-su-yi-shi-yao-tui-xiu-bi-zhuan-zhen.html
Protocol
H2
Server
2606:4700:20::ac43:47fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb7942f135ce5b7b6bcb9becd335aac30ed761972e48d73197a287ae13b7565b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 12:34:13 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
8475
alt-svc
h3=":443"; ma=86400
content-length
40188
last-modified
Mon, 28 Aug 2023 06:02:11 GMT
server
cloudflare
etag
"64ec3863-9cfc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ylU2OUMkphWok47Vepc%2BRnAyUBAw%2FQP2r4Fc9Fkr287rqKg0r40qxVy%2FfaRMiD9JyQ%2BmwQ27rp58WfV0cRLy0aPDiiYDI0NtDBRLD8LFycNPTA5UL%2FcMVcCgOsIKoFnY3TDjubsi4ZWVlfx%2FyQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
max-age=14400
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
804ff190f99b5b2c-FRA

Redirect headers

Location
https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Connection
close
Content-length
0
adRecover.js
delivery.adrecover.com/43519/ 		37 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://delivery.adrecover.com/43519/adRecover.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xie-yan-fu-bing-shi-qi-kong-su-yi-shi-yao-tui-xiu-bi-zhuan-zhen.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/48D0) /
Resource Hash
5accc9a22df4c88cdf9020ba6f9337abd3cd788cdb0f30c29ebb27877e9712d1

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-client-geo
CH
date
Mon, 11 Sep 2023 12:34:12 GMT
content-encoding
gzip
age
19856
x-cache
HIT
x-client-device
desktop
content-length
10581
x-ap-device
MOBILE
last-modified
Mon, 11 Sep 2023 07:00:39 GMT
server
ECAcc (ama/48D0)
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
x-ap-geo
KG
expires
Mon, 11 Sep 2023 13:34:12 GMT
adpushup.js
cdn.adpushup.com/42753/ 		662 KB
140 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/42753/adpushup.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xie-yan-fu-bing-shi-qi-kong-su-yi-shi-yao-tui-xiu-bi-zhuan-zhen.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ede Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
5b118e1496dca781d14a6f7e0dee34cc5cdb3d5b78f26d77b54089da8dbe7a1c

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
CH
date
Mon, 11 Sep 2023 12:34:12 GMT
x-ap-device
DESKTOP
content-encoding
br
last-modified
Fri, 08 Sep 2023 14:04:50 GMT
server
nginx/1.18.0
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=3600
x-ap-geo
CH
server-timing
cdn-cache; desc=HIT, edge; dur=8, origin; dur=0, ak_p; desc="1694435652720_34831774_514003784_726_1216_29_63_146";dur=1
content-length
142572
expires
Mon, 11 Sep 2023 13:34:12 GMT
loader.js
cdn.taboola.com/libtrc/palmate-bg3co/ 		524 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xie-yan-fu-bing-shi-qi-kong-su-yi-shi-yao-tui-xiu-bi-zhuan-zhen.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
a3aca8af72189114056225945936badf3dcc8c9d0752f5111170529cdd801c84

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
JtUQH8kQ8JPVuFC99uZIqvMjt2F0gFvU
content-encoding
gzip
via
1.1 varnish
date
Mon, 11 Sep 2023 12:34:12 GMT
x-amz-request-id
FC7E6PCNG52SWXWE
age
152
x-amz-server-side-encryption
AES256
x-cache
HIT
x-from-cache
1
x-envoy-upstream-service-time
18
x-amz-replication-status
FAILED
content-length
55096
x-amz-id-2
IXFpkzEntYB3HoHYRKEPVCPkTDRMxRkFkh3Ufdd24MSgQuQiAiRgjLYp0ONR+rKmuABYtnrBIUg=
x-served-by
cache-fra-eddf8230134-FRA
last-modified
Mon, 11 Sep 2023 12:31:40 UTC
server
nginx
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1694435653.694461,VS0,VE1
etag
"ff1945910570a19bf3ea613f5d3af99b057cda51"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
abp
30
cache-control
private,max-age=14400
accept-ranges
bytes
x-cache-hits
1
t.php
c.statcounter.com/ 		192 B
568 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.statcounter.com/t.php?sc_project=12918656&u1=ECD9D7C3DC214F0AD63A802E6007B2B4&java=1&security=dd738f34&sc_snum=1&sess=c49b29&p=0&rcat=d&rdom=d&rdomg=new&bb=1&jg=new&rr=1.1.1.1.1.1.1.1.1&resolution=1600&h=1200&camefrom=&u=https%3A//www.bg3.co/a/xie-yan-fu-bing-shi-qi-kong-su-yi-shi-yao-tui-xiu-bi-zhuan-zhen.html&t=%E8%A1%80%E7%99%8C%E5%A4%AB%E7%97%85%E9%80%9D%E3%80%80%E5%A6%BB%E6%8E%A7%E8%A8%B4%E9%86%AB%E5%B8%AB%E8%A6%81%E9%80%80%E4%BC%91%E9%80%BC%E8%BD%89%E8%A8%BA%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&invisible=1&sc_rum_e_s=1595&sc_rum_e_e=1612&sc_rum_f_s=0&sc_rum_f_e=1591&get_config=true
Requested by
Host: www.statcounter.com
URL: https://www.statcounter.com/counter/counter.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.219.77 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb2697b60c526a1d4980e0874700e7c2b4f43bb9292770f71bb4bb972506e415

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 12:34:12 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
content-type
application/json
access-control-allow-origin
https://www.bg3.co
p3p
policyref="http://www.statcounter.com/w3c/p3p.xml", CP="ADMa OUR COM NAV NID DSP NOI COR"
access-control-allow-credentials
true
cf-ray
804ff18debaa1e4e-FRA
expires
Mon, 26 Jul 1997 05:00:00 GMT
impl.20230910-15-RELEASE.js
cdn.taboola.com/libtrc/ 		805 KB
167 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/impl.20230910-15-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
c422945f8889365957851e4719699bfcaf357d50e3091beddc0819f76100ae9c

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
1Zpt0M8ls0eVsg0Y8R71y3TgUSj4Ng3X
content-encoding
br
via
1.1 varnish
date
Mon, 11 Sep 2023 12:34:12 GMT
x-amz-request-id
J179SEGARMJRDRBY
age
23015
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
170321
x-amz-id-2
JFXjxHNyztH4OlrUY54ukrqRBBLbnuqYhb8tuN3Ei9L9nFUHNxWpeN/LujV7AWonQSvUZj44kQg=
x-served-by
cache-fra-eddf8230134-FRA
last-modified
Sun, 10 Sep 2023 14:00:09 GMT
server
AmazonS3-br
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1694435653.831887,VS0,VE0
etag
"ce240666ac5977bf5b6c7a243ef9b67f"
vary
Accept-Encoding
content-type
application/javascript
abp
60
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
80313
d0d50f2eef588c4b9a433f26592537f2.jpg
static.bg3.co/imgs/202105/ 		0
0
1add04a6fe476698cd73325251b15f1e.jpg
static.bg3.co/imgs/202105/ 		0
0
f69c8bfe947b1bc3984872f5c92016b7.jpg
static.bg3.co/imgs/202107/ 		0
0
2a7161d2f157c7a8ec00d078b00b1d89.jpg
static.bg3.co/imgs/202105/ 		0
0
0536e31da02df323003e02f68b69bfe7.jpg
static.bg3.co/imgs/202105/ 		0
0
d78d08ed78dfb3d8bc7ee7433bb5fa9d.jpg
static.bg3.co/imgs/202105/ 		0
0
8394544561144e0503acd2d50a4b0931.jpg
static.bg3.co/imgs/202105/ 		0
0
88f470df1c544a47fa7d12d30ab7d883.jpg
static.bg3.co/imgs/202105/ 		0
0
4a314cb55d2d5974176462a38409bb28.jpg
static.bg3.co/imgs/202105/ 		0
0
12d9663745c4581d70256aaabb2268e6.jpg
static.bg3.co/imgs/202109/ 		0
0
2220e2c3ede1d25530f042fd31a6f726.jpg
static.bg3.co/imgs/202105/ 		0
0
21b2dd4831e86c96fdc3bd9e72b962b4.jpg
static.bg3.co/imgs/202105/ 		0
0
9a7d61c717966dc5601e5d5e77d53693.jpg
static.bg3.co/imgs/202105/ 		0
0
5931caa0994aae64008d8f18ad864d71.jpg
static.bg3.co/imgs/202309/ 		0
0
7937c34a45aa6905c07e45a6c1d917ac.jpg
static.bg3.co/imgs/202105/ 		0
0
4b8828759f8f622bd604225092ff65d4.jpg
static.bg3.co/imgs/202105/ 		0
0
ef5ab6562b0a05e563f9c64dc511050a.jpg
static.bg3.co/imgs/202106/ 		0
0
8025df046afa88b34db69816e27377e0.jpg
static.bg3.co/imgs/202105/ 		0
0
b6a233fb1069223c040fd5946ca18bf3.jpg
static.bg3.co/imgs/202105/ 		0
0
ec7df35cbdd3110c95d48e18cc80a375.jpg
static.bg3.co/imgs/202106/ 		0
0
aff4ed067fc9d4a6b0c925b4148644ff.jpg
static.bg3.co/imgs/202105/ 		0
0
535ee60ad8d855408997af3c7ee3b89c.jpg
static.bg3.co/imgs/202106/ 		0
0
5e6c68a457e7945f6603ac5ebb31381c.jpg
static.bg3.co/imgs/202105/ 		0
0
amp-auto-lightbox-0.1.js
cdn.ampproject.org/rtv/012308242321000/v0/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012308242321000/v0/amp-auto-lightbox-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d2c826e69e9064b3bbaf8c82fca27f76762936cab8d3704388c5f560b56f82fc
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sat, 09 Sep 2023 08:32:09 GMT
age
187323
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2968
x-xss-protection
0
server
sffe
etag
"20a8808a3fce3085"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 08 Sep 2024 08:32:09 GMT
amp-ad-0.1.js
cdn.ampproject.org/rtv/012308242321000/v0/ 		82 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012308242321000/v0/amp-ad-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
42972833f3cd3e67adf2a2d107f2982a6901d6ed8b5b379d8822d18ca67b036e
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 05 Sep 2023 17:46:40 GMT
age
499652
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23124
x-xss-protection
0
server
sffe
etag
"91fba5c7cd59114d"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 04 Sep 2024 17:46:40 GMT
ama
pagead2.googlesyndication.com/getconfig/ 		4 KB
880 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/ama?client=ca-pub-3216231935713038&plah=www.bg3.co&ama_t=amp&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxie-yan-fu-bing-shi-qi-kong-su-yi-shi-yao-tui-xiu-bi-zhuan-zhen.html&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9fc5f6350a6f92431733fff87bca2fdf3bc2edd81df186f361fb37716f141a26
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 12:34:13 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
532
x-xss-protection
0
jquery-2.2.2.min.js
code.jquery.com/ 		84 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-2.2.2.min.js
Requested by
Host: delivery.adrecover.com
URL: https://delivery.adrecover.com/43519/adRecover.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:1a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
dfa729d82a3effadab1000181cb99108f232721e3b0af74cfae4c12704b35a32

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 12:34:13 GMT
content-encoding
gzip
last-modified
Fri, 12 Aug 2022 13:47:02 GMT
server
nginx
etag
W/"62f659d6-14e98"
vary
Accept-Encoding
x-hw
1694435653.dop241.fr8.t,1694435653.cds241.fr8.hn,1694435653.cds235.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
29880
amp-loader-0.1.js
cdn.ampproject.org/rtv/012308242321000/v0/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012308242321000/v0/amp-loader-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
83080dd98c9b6f663826528f01fbdb912fcfc91e709dc0628650d9f3cd7d0b42
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 05 Sep 2023 17:46:40 GMT
age
499652
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3948
x-xss-protection
0
server
sffe
etag
"a02df160e36bd176"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 04 Sep 2024 17:46:40 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240102/ 		404 KB
127 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240102/pubads_impl.js?cb=31077596
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d592777a6d54b69a8e48ad9ef2b7abeb4c3fec5e8d88935956423d3dc8f069b8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 08:43:59 GMT
content-encoding
br
x-content-type-options
nosniff
age
13813
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
129934
x-xss-protection
0
server
cafe
etag
5804524590501581973
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Tue, 10 Sep 2024 08:43:59 GMT
jquery-3.6.0.min.js
code.jquery.com/ 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.6.0.min.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:1a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 12:34:13 GMT
content-encoding
gzip
last-modified
Fri, 20 Aug 2021 17:47:53 GMT
server
nginx
etag
W/"611feac9-15d9d"
vary
Accept-Encoding
x-hw
1694435653.dop241.fr8.t,1694435653.cds241.fr8.hn,1694435653.cds144.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
30875
sync
gum.criteo.com/ 		46 B
288 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230910-15-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 12:34:12 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
251843
expires
60
json
trc.taboola.com/palmate-bg3co/trc/3/ 		44 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/palmate-bg3co/trc/3/json?tim=14%3A34%3A13.034&lti=deflated&data=%7B%22id%22%3A884%2C%22ii%22%3A%22%2Fa%2Fxie-yan-fu-bing-shi-qi-kong-su-yi-shi-yao-tui-xiu-bi-zhuan-zhen.html%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1694356120872%2C%22vi%22%3A1694435653030%2C%22cv%22%3A%2220230910-15-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2Fxie-yan-fu-bing-shi-qi-kong-su-yi-shi-yao-tui-xiu-bi-zhuan-zhen.html%22%2C%22bv%22%3A%220%22%2C%22wc%22%3Atrue%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bu%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2Fxie-yan-fu-bing-shi-qi-kong-su-yi-shi-yao-tui-xiu-bi-zhuan-zhen.html%22%2C%22vpi%22%3A%22%2Fa%2Fxie-yan-fu-bing-shi-qi-kong-su-yi-shi-yao-tui-xiu-bi-zhuan-zhen.html%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A3378%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A6%2C%22uim%22%3A%22alternating-thumbnails-a%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Article%20Feed%22%2C%22orig_uip%22%3A%22Below%20Article%20Feed%22%2C%22cd%22%3A1330%2C%22mw%22%3A760%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Fa%2Fxie-yan-fu-bing-shi-qi-kong-su-yi-shi-yao-tui-xiu-bi-zhuan-zhen.html%2CBelow%20Article%20Feed%3Dalternating-thumbnails-a%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230910-15-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
1f623fbcd025dc4b793b7c0a9d7fd86376ce1dcca6c74a57e334829fa0405fe6

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
246
date
Mon, 11 Sep 2023 12:34:13 GMT
content-encoding
gzip
via
1.1 varnish
cpu
1.5625
x-fastly-to-nlb-rtt
59227
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-fra-eddf8230134-FRA
x-log-content-encoding
gzip
server
nginx
x-timer
S1694435653.140893,VS0,VE246
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
https://www.bg3.co
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
bulk-metrics
trc-events.taboola.com/palmate-bg3co/log/3/ 		0
244 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc-events.taboola.com/palmate-bg3co/log/3/bulk-metrics?lti=deflated&bulkSize=1
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230910-15-RELEASE.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://www.bg3.co
pragma
no-cache
date
Mon, 11 Sep 2023 12:34:13 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
ads
securepubads.g.doubleclick.net/gampad/ 		32 KB
13 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2213891146708900&correlator=113208212905796&eid=31077771%2C31077596%2C31077232%2C31076771&output=ldjh&gdfp_req=1&vrg=202308240102&ptt=17&impl=fif&iu_parts=22574853003%2CADU-BG3-VIDEO&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&sfv=1-0-40&sc=1&cookie_enabled=1&arp=1&abxe=1&dt=1694435653181&lmt=1694428453&adxs=220&adys=184&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxie-yan-fu-bing-shi-qi-kong-su-yi-shi-yao-tui-xiu-bi-zhuan-zhen.html&vis=1&psz=760x0&msz=760x0&fws=4&ohw=1600&ga_vid=1931317642.1694435653&ga_sid=1694435653&ga_hid=1819538051&ga_fc=false&dlt=1694435652604&idt=519&adks=3605545259&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240102/pubads_impl.js?cb=31077596
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
933904306040097fbbd5d463503bf2b932cbfe5bf93f873c1ddf77681517045f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 12:34:13 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13502
x-xss-protection
0
google-lineitem-id
6344488284
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138440076868
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
19be587d143de049fa82e13b2a9ca414.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame E3BC 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://19be587d143de049fa82e13b2a9ca414.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240102/pubads_impl.js?cb=31077596
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 11 Sep 2023 12:34:13 GMT
expires
Tue, 10 Sep 2024 12:34:13 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
amp-sticky-ad-1.0.js
cdn.ampproject.org/rtv/012308242321000/v0/ 		40 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012308242321000/v0/amp-sticky-ad-1.0.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
59c0eee45d147d68a40864deb144f07fe8f427b8b17691b8b1e1c32c6f2eeb42
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 05 Sep 2023 17:46:40 GMT
age
499653
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10339
x-xss-protection
0
server
sffe
etag
"6b0a8d436e5c7ad3"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 04 Sep 2024 17:46:40 GMT
amp-ad-network-adsense-impl-0.1.js
cdn.ampproject.org/rtv/012308242321000/v0/ 		213 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012308242321000/v0/amp-ad-network-adsense-impl-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
851e04ab30d3036701fa3d2b2a3db761579f1319cda0819efb17a2d7cf3a2862
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 05 Sep 2023 17:46:40 GMT
age
499653
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57751
x-xss-protection
0
server
sffe
etag
"df3f5bf96724b1a9"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 04 Sep 2024 17:46:40 GMT
block.jpg
delivery.adrecover.com/ 		631 B
799 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://delivery.adrecover.com/block.jpg?ts=1694435653229
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xie-yan-fu-bing-shi-qi-kong-su-yi-shi-yao-tui-xiu-bi-zhuan-zhen.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/48F4) /
Resource Hash
9284d948e86d2e99f31483b5f4b3a4c3e65e0a6fbca9a8d2db8c6095f82ac3f5

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Tue, 10 Sep 2024 12:34:13 GMT
date
Mon, 11 Sep 2023 12:34:13 GMT
last-modified
Wed, 23 Jun 2021 06:37:54 GMT
server
ECAcc (ama/48F4)
age
2165329
etag
"60d2d6c2-277"
x-cache
HIT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-client-device
desktop
content-length
631
x-client-geo
CH
pb.42753.1685716554093.js
cdn.adpushup.com/prebid/ 		409 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ede Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
2e1c308b644d5be0cb3ca8d1ed6ca9caf2f559a2db097ce23040bb7e6f352d6e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
CH
date
Mon, 11 Sep 2023 12:34:13 GMT
content-encoding
br
last-modified
Wed, 19 Jul 2023 17:13:32 GMT
server
nginx/1.18.0
etag
W/"64b819bc-66521"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=31536000
server-timing
cdn-cache; desc=HIT, edge; dur=7, origin; dur=0, ak_p; desc="1694435653283_34831774_514006098_765_910_30_70_146";dur=1
content-length
122286
expires
Tue, 10 Sep 2024 12:34:13 GMT
quantcast.js
cdn.adpushup.com/pbuseridscripts/ 		450 B
559 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ede Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
26914004d3a8d5ddde2202b642d7936eb61c9f195b5cd3c87e44ef8ad4d57c16

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
CH
date
Mon, 11 Sep 2023 12:34:13 GMT
content-encoding
br
last-modified
Mon, 28 Jun 2021 04:15:23 GMT
server
nginx/1.18.0
etag
W/"60d94cdb-1c2"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=31536000
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1694435653355_34831774_514006102_31_819_30_0_146";dur=1
content-length
211
expires
Tue, 10 Sep 2024 12:34:13 GMT
linkPreview.js
cdn.adpushup.com/42753/ 		75 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/42753/linkPreview.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xie-yan-fu-bing-shi-qi-kong-su-yi-shi-yao-tui-xiu-bi-zhuan-zhen.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ede Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
6b278e48df6b2e2f917803f532a9257fbb46bf576a8dfc07f1f8eb94468b54e8

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
CH
date
Mon, 11 Sep 2023 12:34:13 GMT
content-encoding
br
last-modified
Tue, 13 Dec 2022 07:20:55 GMT
server
nginx/1.18.0
etag
W/"639827d7-12dc3"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=3600
server-timing
cdn-cache; desc=HIT, edge; dur=7, origin; dur=0, ak_p; desc="1694435653355_34831774_514006101_694_1122_30_0_146";dur=1
content-length
18371
expires
Mon, 11 Sep 2023 13:34:13 GMT
testmode
e3.adpushup.com/AdPushupFeedbackWebService/feedback/ 		70 B
318 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/testmode?data=eyJjcmVhdGVkVFMiOjE2OTQ0MzU2NTMyODMsInBhY2tldElkIjoiMDAwMEE3MDEtZmJkYmE3MWQtMzViMy00Yzc3LWFiNWEtYjQ0MzFjMDQyNzljIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL3hpZS15YW4tZnUtYmluZy1zaGktcWkta29uZy1zdS15aS1zaGkteWFvLXR1aS14aXUtYmktemh1YW4temhlbi5odG1sIiwibW9kZSI6NCwiZXJyb3JDb2RlIjowLCJyZWZlcnJlciI6IiIsInBsYXRmb3JtIjoiREVTS1RPUCIsImlzR2VuaWVlIjpmYWxzZSwic2VjdGlvbnMiOm51bGwsImNvdW50cnkiOiJDSCJ9&c_b=2135
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xie-yan-fu-bing-shi-qi-kong-su-yi-shi-yao-tui-xiu-bi-zhuan-zhen.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 11 Sep 2023 12:34:13 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
sync
e3.adpushup.com/AdPushupFeedbackWebService/user/ 		70 B
364 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/user/sync
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xie-yan-fu-bing-shi-qi-kong-su-yi-shi-yao-tui-xiu-bi-zhuan-zhen.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 11 Sep 2023 12:34:13 GMT
server
nginx/1.18.0 (Ubuntu)
ap-cookie-status
cookies ap_uid and ap_usid not set due to GDPR
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
view
securepubads.g.doubleclick.net/pcs/ Frame 2D55 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssZd_KNF25ja7GrAzCaXPa61-1lyWviHoCiFMVvm14t0OXaPxWrYiXy-dxrYSC-C-AYiSqj3cxrqtSZdFsP4alnypCgHrpk9nSo-a3keraqewTei99ebnTq_ksZn_e_5iYUpjipMXW5lNhoHpJITseWLwfXG5f4kos7tnTLP9b2LPi3HzXN1BH1LZ-nNB3XoqNnH8BjDhFsu-kG9eZXif3Q5uGHj6n-0pvJb3xVc12CENruwniO-l7CXL_HqMRmQxDweQl_AHCG5pkE7h12SKgiPlpC3kZL4T8NPOjLyn_duqRHMnG1HPOWti7UeVeaaqq67w&sai=AMfl-YR9DLzopXI0IMXr3-Df7SYfwJ8G3meku_NDHT0AHlRzWRtH0Y_aXl7O_qJ0gQzYB9Wm4xjMTyVmDLRSTyOatRZunIsyB7BffmJ5PHyr92_qUha90SbXoG4x-bJ-ZL7B273pILviFOOgByQGPqQ&sig=Cg0ArKJSzEuJQap0MQouEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xie-yan-fu-bing-shi-qi-kong-su-yi-shi-yao-tui-xiu-bi-zhuan-zhen.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 12:34:13 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 11 Sep 2023 12:34:13 GMT
invocation.js
ad.vidverto.io/vidverto/js/aries/v1/ 		26 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xie-yan-fu-bing-shi-qi-kong-su-yi-shi-yao-tui-xiu-bi-zhuan-zhen.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
175.110.113.216 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
175-110-113-216.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
ff50078d964456e33584659af659a53f936058b98b356bd1da012867330abff0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 12:34:13 GMT
content-encoding
gzip
last-modified
Fri, 18 Aug 2023 14:03:06 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"64df7a1a-66bb"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600, public, max-age=3600
expires
Mon, 11 Sep 2023 13:34:13 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 2D55 		181 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240102/pubads_impl.js?cb=31077596
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c620084286d4e8ac0ebd4811a782920ac935265c8cdbf0010ea7243bd81a6e6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 12:34:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57841
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1694001950986259"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 11 Sep 2023 12:34:13 GMT
feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2OTQ0MzU2NTM0MTgsInBhY2tldElkIjoiMDAwMEE3MDEtZmJkYmE3MWQtMzViMy00Yzc3LWFiNWEtYjQ0MzFjMDQyNzljIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL3hpZS15YW4tZnUtYmluZy1zaGktcWkta29uZy1zdS15aS1zaGkteWFvLXR1aS14aXUtYmktemh1YW4temhlbi5odG1sIiwibW9kZSI6MSwiZXJyb3JDb2RlIjoxLCJyZWZlcnJlciI6IiIsInBsYXRmb3JtIjoiREVTS1RPUCIsImlzR2VuaWVlIjpmYWxzZSwic2VjdGlvbnMiOlt7InNlY3Rpb25JZCI6Ijc3YTljMjJmLWFjMDItNDVkZC05NmJjLWIwODk2YThhN2Q1YSIsInNlY3Rpb25OYW1lIjoiQVBfTF9EX0FSVElDTEVfNzI4WDI1MF83N2E5YyIsInN0YXR1cyI6MSwibmV0d29yayI6ImFkcFRhZ3MiLCJuZXR3b3JrQWRVbml0SWQiOiJBRFBfNDI3NTNfNzI4WDI1MF83N2E5YzIyZi1hYzAyLTQ1ZGQtOTZiYy1iMDg5NmE4YTdkNWEiLCJzZXJ2aWNlcyI6WzEsM10sImFkVW5pdFR5cGUiOjF9XSwicGFnZUdyb3VwIjoiQVJUSUNMRSIsInBhZ2VWYXJpYXRpb25JZCI6Ijk2NzUwMTI1LWI5MGMtNDk3YS04Njk5LTczMTcxZjdiNDkzNSIsInBhZ2VWYXJpYXRpb25OYW1lIjoiQWRQdXNodXAiLCJwYWdlVmFyaWF0aW9uVHlwZSI6MSwiY291bnRyeSI6IkNIIn0%3D&c_b=2269
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xie-yan-fu-bing-shi-qi-kong-su-yi-shi-yao-tui-xiu-bi-zhuan-zhen.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 11 Sep 2023 12:34:13 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2OTQ0MzU2NTM0MjIsInBhY2tldElkIjoiMDAwMEE3MDEtZmJkYmE3MWQtMzViMy00Yzc3LWFiNWEtYjQ0MzFjMDQyNzljIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL3hpZS15YW4tZnUtYmluZy1zaGktcWkta29uZy1zdS15aS1zaGkteWFvLXR1aS14aXUtYmktemh1YW4temhlbi5odG1sIiwibW9kZSI6MSwiZXJyb3JDb2RlIjoxLCJyZWZlcnJlciI6IiIsInBsYXRmb3JtIjoiREVTS1RPUCIsImlzR2VuaWVlIjpmYWxzZSwic2VjdGlvbnMiOlt7InNlY3Rpb25JZCI6ImQxYzEwYTcyLTI3YjQtNDkzMS04Y2U3LTk5YTE4ZWJiZGJhZSIsInNlY3Rpb25OYW1lIjoiQVBfSV9EX0FSVElDTEVfNzI4WDkwX2QxYzEwIiwic3RhdHVzIjoxLCJuZXR3b3JrIjoiYWRwVGFncyIsIm5ldHdvcmtBZFVuaXRJZCI6IlNUSUNLWV9BRFBfNDI3NTNfNzI4WDkwX2QxYzEwYTcyLTI3YjQtNDkzMS04Y2U3LTk5YTE4ZWJiZGJhZSIsInNlcnZpY2VzIjpbNSwzXSwiYWRVbml0VHlwZSI6M31dLCJwYWdlR3JvdXAiOiJBUlRJQ0xFIiwicGFnZVZhcmlhdGlvbklkIjoiOTY3NTAxMjUtYjkwYy00OTdhLTg2OTktNzMxNzFmN2I0OTM1IiwicGFnZVZhcmlhdGlvbk5hbWUiOiJBZFB1c2h1cCIsInBhZ2VWYXJpYXRpb25UeXBlIjoxLCJjb3VudHJ5IjoiQ0gifQ%3D%3D&c_b=2273
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xie-yan-fu-bing-shi-qi-kong-su-yi-shi-yao-tui-xiu-bi-zhuan-zhen.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 11 Sep 2023 12:34:13 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2OTQ0MzU2NTM0MjUsInBhY2tldElkIjoiMDAwMEE3MDEtZmJkYmE3MWQtMzViMy00Yzc3LWFiNWEtYjQ0MzFjMDQyNzljIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL3hpZS15YW4tZnUtYmluZy1zaGktcWkta29uZy1zdS15aS1zaGkteWFvLXR1aS14aXUtYmktemh1YW4temhlbi5odG1sIiwibW9kZSI6MSwiZXJyb3JDb2RlIjoxLCJyZWZlcnJlciI6IiIsInBsYXRmb3JtIjoiREVTS1RPUCIsImlzR2VuaWVlIjpmYWxzZSwic2VjdGlvbnMiOlt7InNlY3Rpb25JZCI6Ijg2MWUwZjVlLTE0ZjAtNGZlMC1iMWY2LTM1YTI4ZjMzZDIyOCIsInNlY3Rpb25OYW1lIjoiQVBfSV9EXzMzNlgyODBfODYxZTAiLCJzdGF0dXMiOjEsIm5ldHdvcmsiOiJhZHBUYWdzIiwibmV0d29ya0FkVW5pdElkIjoiQURQXzQyNzUzXzMzNlgyODBfODYxZTBmNWUtMTRmMC00ZmUwLWIxZjYtMzVhMjhmMzNkMjI4Iiwic2VydmljZXMiOls1XSwiYWRVbml0VHlwZSI6OH1dLCJwYWdlR3JvdXAiOiJBUlRJQ0xFIiwicGFnZVZhcmlhdGlvbklkIjoiOTY3NTAxMjUtYjkwYy00OTdhLTg2OTktNzMxNzFmN2I0OTM1IiwicGFnZVZhcmlhdGlvbk5hbWUiOiJBZFB1c2h1cCIsInBhZ2VWYXJpYXRpb25UeXBlIjoxLCJjb3VudHJ5IjoiQ0gifQ%3D%3D&c_b=2275.5
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xie-yan-fu-bing-shi-qi-kong-su-yi-shi-yao-tui-xiu-bi-zhuan-zhen.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 11 Sep 2023 12:34:13 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
ads
securepubads.g.doubleclick.net/gampad/ 		175 KB
51 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2213891146708900&correlator=1348922592676175&eid=31077771%2C31077596%2C31077232%2C31076771&output=ldjh&gdfp_req=1&vrg=202308240102&ptt=17&impl=fif&iu_parts=103512698%3A22574853003%2C22967173653&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=2&sfv=1-0-40&ists=1&fas=8&eri=1&sc=1&cookie=ID%3D050c352e40c34459%3AT%3D1694435653%3ART%3D1694435653%3AS%3DALNI_MaMqZh8i9RnVEXbYAdt4sdhuIqPhg&gpic=UID%3D00000c71d2ea5162%3AT%3D1694435653%3ART%3D1694435653%3AS%3DALNI_MYT6Vh6T4H89y6jhRrUY6HZHhIwDg&arp=1&abxe=1&dt=1694435653431&lmt=1694428453&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxie-yan-fu-bing-shi-qi-kong-su-yi-shi-yao-tui-xiu-bi-zhuan-zhen.html&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1931317642.1694435653&ga_sid=1694435653&ga_hid=1819538051&ga_fc=false&dlt=1694435652604&idt=519&prev_scp=stopUnfilledRefresh3%3Dd_g0_u0%26adpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D0%26fluid%3D0%26vacant_variation%3Dcontrol_bp_0%26vacant_RCA%3DC_0%26refreshcount%3D0%26refreshrate%3D30%26control_reporting%3Dchrome_DESKTOP_5_0_pv%26cluster_reporting%3Dchrome_DESKTOP_5_1_active_0_pv%26fcEnabled%3D0&cust_params=da%3Dadx%26outbrain%3Dtrue%26ap_product%3Dadpushup%26pubmatic_eb_disable%3Dfalse%26faid%3Dfalse%26deduct_ad_fee%3Dtrue%26adro%3Dv5_c&adks=3412779558&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240102/pubads_impl.js?cb=31077596
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ead11bbf7f0e7230c63549eef766ad22f689dbda649ad51cf388c02ca1856eb5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 12:34:13 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51811
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl_page_level_ads.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240102/ 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240102/pubads_impl_page_level_ads.js?cb=31077596
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240102/pubads_impl.js?cb=31077596
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9aabc95877405be6d241a9c2aac270eb9f0da56062d1cbc78c922eaf9004c8b5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 10 Sep 2023 18:38:33 GMT
content-encoding
br
x-content-type-options
nosniff
age
64540
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13172
x-xss-protection
0
server
cafe
etag
7949494514302333357
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Mon, 09 Sep 2024 18:38:33 GMT
em-dividers.js
cdn.taboola.com/ui-ab-tests/em-dividers/ 		525 B
726 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/ui-ab-tests/em-dividers/em-dividers.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230910-15-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
eef130cd4b5772a252c5c9feda8c7910b5e1e52cfa27887886043ab266421fc6

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
sjeR0QHxVVhmbXj4Ta24d3lgzrgkEVFb
content-encoding
gzip
via
1.1 varnish
date
Mon, 11 Sep 2023 12:34:13 GMT
x-amz-request-id
YQ4TQ7VSSE224A1W
age
25825
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
302
x-amz-id-2
fOQjiSpyw2Sl+1OFyh8EZCfLoaz4ZjwdJa5cuxXDGThxVKwbb/DwIZWvYcML3LSikHiATx/l+Hk=
x-served-by
cache-fra-eddf8230134-FRA
last-modified
Thu, 07 Sep 2023 13:04:44 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1694435653.461516,VS0,VE0
etag
"b61500489eba4791761a166933bed4be"
vary
Accept-Encoding
content-type
application/x-javascript
abp
3
access-control-allow-origin
*
cache-control
private,max-age=14400
accept-ranges
bytes
x-cache-hits
18021
em-dividers.css
cdn.taboola.com/ui-ab-tests/em-dividers/ 		227 B
434 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/ui-ab-tests/em-dividers/em-dividers.css
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230910-15-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
033718a2aa071240f6adb758d23ca70c8be35d1b2e94fa7c954e3fea0f784214

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
5AkA33kr1wqaJzT5Gdn21Ilur1WaPXkm
content-encoding
gzip
via
1.1 varnish
date
Mon, 11 Sep 2023 12:34:13 GMT
x-amz-request-id
YQ4QDF5A67NEYBCA
age
25825
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
121
x-amz-id-2
mqQfmRzKK9x0m5OwkJ2yndcIFPspD02KmjSt/DsqkmSHZZqNfL97c3as8JjrRUO1wm7lakBoKY0=
x-served-by
cache-fra-eddf8230134-FRA
last-modified
Thu, 07 Sep 2023 13:04:43 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1694435653.461561,VS0,VE0
etag
"ddefcd559750f79096b30cfed7078537"
vary
Accept-Encoding
content-type
text/css
abp
32
access-control-allow-origin
*
cache-control
private,max-age=14400
accept-ranges
bytes
x-cache-hits
18041
floating-unit.20230910-15-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/floating-unit.20230910-15-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d68cebc954d5960fba081e29d978407b2557ddff0d6373feb7d28da17f7cfb17

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
_5s94pGBFPhRcJWk6ddiRCO9jDwkf8Zn
content-encoding
gzip
via
1.1 varnish
date
Mon, 11 Sep 2023 12:34:13 GMT
x-amz-request-id
5DABXBQCNEHEFBQ2
age
79214
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
2474
x-amz-id-2
R6ffFHbBkFqK+6e/QhQXuB14tbOFFSfi0ixPyyscGxdFRRRvELzhDTc7yjYmJ19E3WX9Wni33Pk=
x-served-by
cache-fra-eddf8230134-FRA
last-modified
Sun, 10 Sep 2023 14:34:00 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1694435653.463706,VS0,VE0
etag
"730845a05db05e2f76f18801e91b8fe4"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
20
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
16783
taboola-vignette-new-scanning.20230910-15-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		27 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/taboola-vignette-new-scanning.20230910-15-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5fe1f319490542fde8daf7c62ca628c32f7206d06f7dd27471eb82946014ff9e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
L2cU8YvUo5Hjt14zc8H0M8lXo4QXeNx.
content-encoding
gzip
via
1.1 varnish
date
Mon, 11 Sep 2023 12:34:13 GMT
x-amz-request-id
E1BRVVD0MNS5ZFCT
age
79196
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
8020
x-amz-id-2
IBS/zm1lJDJmseVLXo0jNCp6fJvzAmLhfYRloq/3rn7prhpyY0BYOIQbt8RNvWH8ryXp75Y8aus=
x-served-by
cache-fra-eddf8230134-FRA
last-modified
Sun, 10 Sep 2023 14:34:17 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1694435653.464246,VS0,VE0
etag
"9781dc905c3e486c37494390d2aa43b0"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
62
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
12027
distance-from-article.20230910-15-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/distance-from-article.20230910-15-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9f199f10481768fbdfa8bfd7d46bad0debdc50ff26c2ada4cbaa9048162a3d5b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
DIFcoE_Bnkx1Xv7geau35ZENeBQ5bd1T
content-encoding
gzip
via
1.1 varnish
date
Mon, 11 Sep 2023 12:34:13 GMT
x-amz-request-id
74HC634HQE6G9457
age
79224
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1133
x-amz-id-2
J0EEjn25zSoX2cjuuhXCOiLtqQOh3Vij/OIdPzUY4wSDrf1RxK5XhohcsRyevySQ+bq6AM2dXIY=
x-served-by
cache-fra-eddf8230134-FRA
last-modified
Sun, 10 Sep 2023 14:33:50 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1694435654.505941,VS0,VE0
etag
"aec499cc77d238444594c7f0effa66bd"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
67
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
154600
article-detection.20230910-15-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/article-detection.20230910-15-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
92e497f0152ef60a1741b07a2a3630882a6e28770386aa1a68c5c07c2b23e656

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
0y8Fj8sCUdot9LHQbh6PMqksPg9QsE44
content-encoding
gzip
via
1.1 varnish
date
Mon, 11 Sep 2023 12:34:13 GMT
x-amz-request-id
Y4A56RQJ1S4KAWNX
age
79230
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1292
x-amz-id-2
/pX0rcuHDOdTMJ8q67bzCDRfU1TMe/HlxWf2wnteWMcX6mk+FjAOcW+h4WAfMggDrXd5bncQvK4=
x-served-by
cache-fra-eddf8230134-FRA
last-modified
Sun, 10 Sep 2023 14:33:44 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1694435654.506118,VS0,VE0
etag
"f40176feba4fb6bb58a3279285cae62c"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
61
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
154552
UnitFeedManagerDesktop.min.js
vidstat.taboola.com/lite-unit/1.4.0/ 		80 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/lite-unit/1.4.0/UnitFeedManagerDesktop.min.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230910-15-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6e2297899242fa4c800ff7320c93d3cd0bbb89770cf0a1d5614b0f183c94dc70

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 12:34:13 GMT
via
1.1 d7433132a7c6595c9aab2dc2272e7060.cloudfront.net (CloudFront), 1.1 varnish
content-encoding
gzip
x-amz-cf-pop
FRA60-P1
age
2373356
x-cache
Hit from cloudfront, HIT
content-length
23966
x-served-by
cache-fra-eddf8230096-FRA
last-modified
Tue, 31 Mar 2020 13:14:35 GMT
server
AmazonS3
x-timer
S1694435654.565429,VS0,VE0
etag
"9284c0ece401137f8f576e2e3ba9e6c1"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
Dtod3sTfgjpjAsp2cMCARQiVPj1k5D9SeR2rAqN5tZnuF6_weaSnPw==
x-cache-hits
14355
feed-card-placeholder.20230910-15-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/feed-card-placeholder.20230910-15-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
93141b5b9b73f6534458bd5e5171890448842ecdcfea5301af7599243e1f9c0d

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
d6nM8W.QAC3RgsaUAnMT_xtHAxUSwiSu
content-encoding
gzip
via
1.1 varnish
date
Mon, 11 Sep 2023 12:34:13 GMT
x-amz-request-id
8J1FTC641WTV6V1J
age
79218
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1263
x-amz-id-2
5mUDCIAQ5FAswVv2JjzDszsyca11Kgs+CxnYudBdommaqiHDujvkBuI8t/LOQ9Ft2lI0ZqZSMdg=
x-served-by
cache-fra-eddf8230134-FRA
last-modified
Sun, 10 Sep 2023 14:33:55 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1694435654.508856,VS0,VE0
etag
"de7ea519eb60e4aea3ffe0473ddb8b53"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
75
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
141595
f89e1763-220d-4e09-ba69-9e040548fb7a.svg
cdn.taboola.com/static/f8/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/static/f8/f89e1763-220d-4e09-ba69-9e040548fb7a.svg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xie-yan-fu-bing-shi-qi-kong-su-yi-shi-yao-tui-xiu-bi-zhuan-zhen.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
cMrDKn.emLmm9kiiOOF64ulDT4DRy6LK
content-encoding
gzip
via
1.1 varnish
date
Mon, 11 Sep 2023 12:34:13 GMT
x-amz-request-id
CCG7A4WVWN5WJAVZ
age
83
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1758
x-amz-id-2
TBmCggLO8/GElgFPb5rvRR7gHff4xRNz3fdHVeMViDUfwUB4CbODSlFFpnwJ77ZBlNCMfCXQR04=
x-served-by
cache-fra-eddf8230134-FRA
last-modified
Wed, 07 Feb 2018 11:15:52 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1694435654.512817,VS0,VE0
etag
"b8b410e4b18d45aa2f3d9bc09cd335fb"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
abp
80
cache-control
private,max-age=31536000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
159
userx.20230910-15-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/userx.20230910-15-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a4af9abc3fa88d52e95d283bed70947d365a53d40ce5dc6eca3c3db355480783

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
KFZwAI0.1zEI_7oTKaG7EoYdWKav0cQo
content-encoding
gzip
via
1.1 varnish
date
Mon, 11 Sep 2023 12:34:13 GMT
x-amz-request-id
DBVCPJ6FGQRXCGFX
age
79193
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
5398
x-amz-id-2
T2UMhYw8xMyWLVmi8Tyf3bmHwmeEQSnAa/pHAkvOifURIkPPKRj6R1L41UnyxVgWz/BI7oewQVA=
x-served-by
cache-fra-eddf8230134-FRA
last-modified
Sun, 10 Sep 2023 14:34:20 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1694435654.515193,VS0,VE0
etag
"8484166166eb49335eed7b1d6f34626f"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
55
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
33218
explore-more.20230910-15-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		30 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/explore-more.20230910-15-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
26d83a4a52389972e9fe31e51d4dcac339466a803c2033e84e3798891891aff9

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
95Kwm2.YiiaLZV_fc9CYzMx6hbmFuLgG
content-encoding
gzip
via
1.1 varnish
date
Mon, 11 Sep 2023 12:34:13 GMT
x-amz-request-id
651PJEPEXREMTH9H
age
79220
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
8804
x-amz-id-2
CFLhsjy+DkQs5eLUxC3UE9XkR9Xz01gaCy8N3dl27XkSFp6JYE3bxghuT+LNf2S4Ak/7rYQAEZk=
x-served-by
cache-fra-eddf8230134-FRA
last-modified
Sun, 10 Sep 2023 14:33:53 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1694435654.533379,VS0,VE0
etag
"010362595e862427d1407c63ccad9995"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
65
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
74823
supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&tvi48=11593&tvi50=11906&lti=deflated&ri=122da37de212363949984dde6b7ca103&sd=v2_8714c76d47f2d954323aafd87683517f_11b8c136-8c59-435c-b09d-036f962df0f5-tuctbf88ec5_1694435653_1694435653_CNawjgYQ2YJdGKbr8KGoMSABKAEwKziy0A1Aw4gQSPep2gNQ____________AVgAYABosa_ptcr9986tAXAA&ui=11b8c136-8c59-435c-b09d-036f962df0f5-tuctbf88ec5&pi=/a/xie-yan-fu-bing-shi-qi-kong-su-yi-shi-yao-tui-xiu-bi-zhuan-zhen.html&wi=-8818725787103224760&pt=text&vi=1694435653030&d=%7B%22event_type%22%3A%22next_up%22%2C%22event_state%22%3A%22RENDERED%22%2C%22event_value%22%3Anull%2C%22event_msg%22%3Anull%7D&tim=14%3A34%3A13.452&id=8371&llvl=2&cv=20230910-15-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xie-yan-fu-bing-shi-qi-kong-su-yi-shi-yao-tui-xiu-bi-zhuan-zhen.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Mon, 11 Sep 2023 12:34:13 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&tvi48=11593&tvi50=11906&lti=deflated&ri=122da37de212363949984dde6b7ca103&sd=v2_8714c76d47f2d954323aafd87683517f_11b8c136-8c59-435c-b09d-036f962df0f5-tuctbf88ec5_1694435653_1694435653_CNawjgYQ2YJdGKbr8KGoMSABKAEwKziy0A1Aw4gQSPep2gNQ____________AVgAYABosa_ptcr9986tAXAA&ui=11b8c136-8c59-435c-b09d-036f962df0f5-tuctbf88ec5&pi=/a/xie-yan-fu-bing-shi-qi-kong-su-yi-shi-yao-tui-xiu-bi-zhuan-zhen.html&wi=-8818725787103224760&pt=text&vi=1694435653030&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22taboola-vignette-before-load%22%2C%22eventTime%22%3A1694435653453%7D&tim=14%3A34%3A13.453&id=9181&llvl=2&cv=20230910-15-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xie-yan-fu-bing-shi-qi-kong-su-yi-shi-yao-tui-xiu-bi-zhuan-zhen.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Mon, 11 Sep 2023 12:34:13 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&tvi48=11593&tvi50=11906&lti=deflated&ri=122da37de212363949984dde6b7ca103&sd=v2_8714c76d47f2d954323aafd87683517f_11b8c136-8c59-435c-b09d-036f962df0f5-tuctbf88ec5_1694435653_1694435653_CNawjgYQ2YJdGKbr8KGoMSABKAEwKziy0A1Aw4gQSPep2gNQ____________AVgAYABosa_ptcr9986tAXAA&ui=11b8c136-8c59-435c-b09d-036f962df0f5-tuctbf88ec5&pi=/a/xie-yan-fu-bing-shi-qi-kong-su-yi-shi-yao-tui-xiu-bi-zhuan-zhen.html&wi=-8818725787103224760&pt=text&vi=1694435653030&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22block_clicks_init%22%2C%22type%22%3A%22block-clicks-manager%22%2C%22eventTime%22%3A1694435653461%7D&tim=14%3A34%3A13.461&id=933&llvl=2&cv=20230910-15-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xie-yan-fu-bing-shi-qi-kong-su-yi-shi-yao-tui-xiu-bi-zhuan-zhen.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Mon, 11 Sep 2023 12:34:13 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&tvi48=11593&tvi50=11906&lti=deflated&ri=122da37de212363949984dde6b7ca103&sd=v2_8714c76d47f2d954323aafd87683517f_11b8c136-8c59-435c-b09d-036f962df0f5-tuctbf88ec5_1694435653_1694435653_CNawjgYQ2YJdGKbr8KGoMSABKAEwKziy0A1Aw4gQSPep2gNQ____________AVgAYABosa_ptcr9986tAXAA&ui=11b8c136-8c59-435c-b09d-036f962df0f5-tuctbf88ec5&pi=/a/xie-yan-fu-bing-shi-qi-kong-su-yi-shi-yao-tui-xiu-bi-zhuan-zhen.html&wi=-8818725787103224760&pt=text&vi=1694435653030&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22ADOPTED%22%2C%22event_value%22%3A%22%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=14%3A34%3A13.523&id=5492&llvl=2&cv=20230910-15-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xie-yan-fu-bing-shi-qi-kong-su-yi-shi-yao-tui-xiu-bi-zhuan-zhen.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Mon, 11 Sep 2023 12:34:13 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=14%3A34%3A13.525&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-rec-reel-01-x-delta&llvl=2&id=5774&cv=20230910-15-RELEASE&lt=deflated&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xie-yan-fu-bing-shi-qi-kong-su-yi-shi-yao-tui-xiu-bi-zhuan-zhen.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 12:34:13 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
67100
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=14%3A34%3A13.526&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-01-x-delta&llvl=2&id=9018&cv=20230910-15-RELEASE&lt=deflated&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xie-yan-fu-bing-shi-qi-kong-su-yi-shi-yao-tui-xiu-bi-zhuan-zhen.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 12:34:13 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
67100
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=14%3A34%3A13.534&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-01-b-em-delta&llvl=2&id=8986&cv=20230910-15-RELEASE&lt=deflated&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xie-yan-fu-bing-shi-qi-kong-su-yi-shi-yao-tui-xiu-bi-zhuan-zhen.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 12:34:13 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
67100
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=14%3A34%3A13.535&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-y-em-delta&llvl=2&id=642&cv=20230910-15-RELEASE&lt=deflated&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xie-yan-fu-bing-shi-qi-kong-su-yi-shi-yao-tui-xiu-bi-zhuan-zhen.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 12:34:13 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
67100
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=14%3A34%3A13.540&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-y-em-delta&llvl=2&id=9566&cv=20230910-15-RELEASE&lt=deflated&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xie-yan-fu-bing-shi-qi-kong-su-yi-shi-yao-tui-xiu-bi-zhuan-zhen.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 12:34:13 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
67100
testmode
e3.adpushup.com/AdPushupFeedbackWebService/feedback/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/testmode?data=eyJjcmVhdGVkVFMiOjE2OTQ0MzU2NTM0MTgsInBhY2tldElkIjoiMDAwMEE3MDEtZmJkYmE3MWQtMzViMy00Yzc3LWFiNWEtYjQ0MzFjMDQyNzljIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL3hpZS15YW4tZnUtYmluZy1zaGktcWkta29uZy1zdS15aS1zaGkteWFvLXR1aS14aXUtYmktemh1YW4temhlbi5odG1sIiwibW9kZSI6NSwiZXJyb3JDb2RlIjoxLCJyZWZlcnJlciI6IiIsInBsYXRmb3JtIjoiREVTS1RPUCIsImlzR2VuaWVlIjpmYWxzZSwic2VjdGlvbnMiOm51bGwsInBhZ2VHcm91cCI6IkFSVElDTEUiLCJwYWdlVmFyaWF0aW9uSWQiOiI5Njc1MDEyNS1iOTBjLTQ5N2EtODY5OS03MzE3MWY3YjQ5MzUiLCJwYWdlVmFyaWF0aW9uTmFtZSI6IkFkUHVzaHVwIiwicGFnZVZhcmlhdGlvblR5cGUiOjEsImNvdW50cnkiOiJDSCJ9&c_b=2398.1000022888184
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xie-yan-fu-bing-shi-qi-kong-su-yi-shi-yao-tui-xiu-bi-zhuan-zhen.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 11 Sep 2023 12:34:13 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
ucfad-formats.css
cdn.aralego.net/css/dev/ 		975 B
629 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:47fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 12:34:13 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
10943
cf-polished
origSize=1191
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 16 Mar 2018 07:19:46 GMT
server
cloudflare
etag
W/"5aab7012-4a7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OIV3LxmA9gpkYnoLoTXydxohFy5NcZKoEC4gx2Iir87pzq555vDxP5YLX6EBWtssyexmuVUYfwx%2FZ3DPJW0oaijaFGD5kfr%2FdmNrd13uGC6fabGZwlw9KlmTUqK8Wdphfeko7aSt%2FQrMkcLPbA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
access-control-allow-credentials
true
cf-ray
804ff192baed5b2c-FRA
idRequest
sync.aralego.com/ 		46 B
488 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.96.203.13 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
5a4a0b2d357363e3c4dcc8cef8dbb67b273ba61bad258a84d298968055bdce42

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 11 Sep 2023 12:34:13 GMT
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://www.bg3.co
Access-Control-Allow-Credentials
true
Connection
close
Content-Length
46
idRequest
sync.aralego.com/ 		46 B
488 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.96.203.13 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
5a4a0b2d357363e3c4dcc8cef8dbb67b273ba61bad258a84d298968055bdce42

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 11 Sep 2023 12:34:13 GMT
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://www.bg3.co
Access-Control-Allow-Credentials
true
Connection
close
Content-Length
46
quant.js
secure.quantserve.com/ 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:b314:a0ef:ab7c:d546 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
7c1b0b0523c8cd715c6a906f13a121cd27392d8e61d58c38c7ceb32ec22e59f4

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 12:34:13 GMT
content-encoding
gzip
etag
"6ioqmyHWSWLYz5hkRjy8Uw=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Mon, 18 Sep 2023 12:34:13 GMT
amp-analytics-0.1.js
cdn.ampproject.org/rtv/012308242321000/v0/ 		110 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012308242321000/v0/amp-analytics-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
71367f94c1b70e405665a960650d544ac4eda6ff628ae206d5826766dc674e96
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 11 Sep 2023 07:42:48 GMT
age
17485
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32129
x-xss-protection
0
server
sffe
etag
"d5ab003501cb3fb7"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 10 Sep 2024 07:42:48 GMT
nameframe.html
d-7592421742405036487.ampproject.net/2308242321000/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://d-7592421742405036487.ampproject.net/2308242321000/nameframe.html
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
bulk-metrics
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
244 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/bulk-metrics?tvi48=11593&tvi50=11906&route=AM%3AIL%3AV&lti=deflated&bulkSize=7
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230910-15-RELEASE.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://www.bg3.co
pragma
no-cache
date
Mon, 11 Sep 2023 12:34:13 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=14%3A34%3A13.587&type=usage&msg=New_CTA-event-1694435653587&llvl=2&id=4639&cv=20230910-15-RELEASE&lt=deflated&file=new-cta-manager&method=&position=&extraData=%7B%22eventName%22%3A%22event-has_cta%22%2C%22itemId%22%3A%22~~V1~~5771588577840195867~~osifCf3ootYLM%22%7D
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xie-yan-fu-bing-shi-qi-kong-su-yi-shi-yao-tui-xiu-bi-zhuan-zhen.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 12:34:13 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
67100
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=14%3A34%3A13.588&type=usage&msg=New_CTA-event-1694435653588&llvl=2&id=376&cv=20230910-15-RELEASE&lt=deflated&file=new-cta-manager&method=&position=&extraData=%7B%22eventName%22%3A%22event-available%22%2C%22itemId%22%3A%22~~V1~~5771588577840195867~~osifCf3ootYLM%22%7D
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xie-yan-fu-bing-shi-qi-kong-su-yi-shi-yao-tui-xiu-bi-zhuan-zhen.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 12:34:13 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
67100
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=14%3A34%3A13.591&type=usage&msg=New_CTA-event-1694435653591&llvl=2&id=4955&cv=20230910-15-RELEASE&lt=deflated&file=new-cta-manager&method=&position=&extraData=%7B%22eventName%22%3A%22event-has_cta%22%2C%22itemId%22%3A%22~~V1~~8199236835066820088~~ZiixgXk2oZrfc%22%7D
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xie-yan-fu-bing-shi-qi-kong-su-yi-shi-yao-tui-xiu-bi-zhuan-zhen.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 12:34:13 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
67100
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=14%3A34%3A13.592&type=usage&msg=New_CTA-event-1694435653592&llvl=2&id=3186&cv=20230910-15-RELEASE&lt=deflated&file=new-cta-manager&method=&position=&extraData=%7B%22eventName%22%3A%22event-available%22%2C%22itemId%22%3A%22~~V1~~8199236835066820088~~ZiixgXk2oZrfc%22%7D
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xie-yan-fu-bing-shi-qi-kong-su-yi-shi-yao-tui-xiu-bi-zhuan-zhen.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 12:34:13 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
67100
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=14%3A34%3A13.594&type=usage&msg=New_CTA-event-1694435653594&llvl=2&id=902&cv=20230910-15-RELEASE&lt=deflated&file=new-cta-manager&method=&position=&extraData=%7B%22eventName%22%3A%22event-has_cta%22%2C%22itemId%22%3A%22~~V1~~-1249319269701564390~~EAtYcHrSXXtH%22%7D
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xie-yan-fu-bing-shi-qi-kong-su-yi-shi-yao-tui-xiu-bi-zhuan-zhen.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 12:34:13 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
67100
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=14%3A34%3A13.594&type=usage&msg=New_CTA-event-1694435653594&llvl=2&id=3273&cv=20230910-15-RELEASE&lt=deflated&file=new-cta-manager&method=&position=&extraData=%7B%22eventName%22%3A%22event-available%22%2C%22itemId%22%3A%22~~V1~~-1249319269701564390~~EAtYcHrSXXtH%22%7D
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xie-yan-fu-bing-shi-qi-kong-su-yi-shi-yao-tui-xiu-bi-zhuan-zhen.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 12:34:13 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
67100
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=14%3A34%3A13.595&type=usage&msg=New_CTA-event-1694435653595&llvl=2&id=7525&cv=20230910-15-RELEASE&lt=deflated&file=new-cta-manager&method=&position=&extraData=%7B%22eventName%22%3A%22event-available%22%2C%22itemId%22%3A%22~~V1~~495871564383141912~~IuNfVCsht2vnYT%22%7D
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xie-yan-fu-bing-shi-qi-kong-su-yi-shi-yao-tui-xiu-bi-zhuan-zhen.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 12:34:13 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
67100
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=14%3A34%3A13.599&type=usage&msg=New_CTA-event-1694435653599&llvl=2&id=7439&cv=20230910-15-RELEASE&lt=deflated&file=new-cta-manager&method=&position=&extraData=%7B%22eventName%22%3A%22event-has_cta%22%2C%22itemId%22%3A%22~~V1~~8199236835066820088~~ZiixgXk2oZrfc%22%7D
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xie-yan-fu-bing-shi-qi-kong-su-yi-shi-yao-tui-xiu-bi-zhuan-zhen.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 12:34:13 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
67100
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=14%3A34%3A13.600&type=usage&msg=New_CTA-event-1694435653600&llvl=2&id=5932&cv=20230910-15-RELEASE&lt=deflated&file=new-cta-manager&method=&position=&extraData=%7B%22eventName%22%3A%22event-available%22%2C%22itemId%22%3A%22~~V1~~8199236835066820088~~ZiixgXk2oZrfc%22%7D
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xie-yan-fu-bing-shi-qi-kong-su-yi-shi-yao-tui-xiu-bi-zhuan-zhen.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 12:34:13 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
67100
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=14%3A34%3A13.603&type=usage&msg=New_CTA-event-1694435653603&llvl=2&id=8661&cv=20230910-15-RELEASE&lt=deflated&file=new-cta-manager&method=&position=&extraData=%7B%22eventName%22%3A%22event-has_cta%22%2C%22itemId%22%3A%22~~V1~~5771588577840195867~~osifCf3ootYLM%22%7D
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xie-yan-fu-bing-shi-qi-kong-su-yi-shi-yao-tui-xiu-bi-zhuan-zhen.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 12:34:13 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
67100
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=14%3A34%3A13.604&type=usage&msg=New_CTA-event-1694435653604&llvl=2&id=1106&cv=20230910-15-RELEASE&lt=deflated&file=new-cta-manager&method=&position=&extraData=%7B%22eventName%22%3A%22event-available%22%2C%22itemId%22%3A%22~~V1~~5771588577840195867~~osifCf3ootYLM%22%7D
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xie-yan-fu-bing-shi-qi-kong-su-yi-shi-yao-tui-xiu-bi-zhuan-zhen.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 12:34:13 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
67100
1068a0b8db2889bbb58ebf484cbc304a.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_840%2Cw_1120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		57 KB
58 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_840%2Cw_1120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/1068a0b8db2889bbb58ebf484cbc304a.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xie-yan-fu-bing-shi-qi-kong-su-yi-shi-yao-tui-xiu-bi-zhuan-zhen.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
df73dbd6faa1466097426eedc7525c9fc1d5267245741ae3a04f7f8787f3c853

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
2
date
Mon, 11 Sep 2023 12:34:13 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_840%2Cw_1120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/1068a0b8db2889bbb58ebf484cbc304a.png
age
1115659
edge-cache-tag
395072785641538501151066532473712737005,300725542225319019678437132620861179772,29ecf9b93bbf306179626feeda1fab70
cache-tag
395072785641538501151066532473712737005,300725542225319019678437132620861179772,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
537
req-referer
https://medlexi.de/
content-length
58646
x-request-id
f6279d18fa6fcabca77a364d11cd8b34
x-backend-name
LA_nlb204
x-served-by
cache-iad-kcgs7200158-IAD, cache-iad-kiad7000043-IAD, cache-sna10747-LGB, cache-iad-kcgs7200127-IAD, cache-fra-eddf8230134-FRA
last-modified
Sat, 19 Aug 2023 00:07:48 GMT
server
nginx
x-timer
S1694435654.626336,VS0,VE2
etag
"507f6b3939780525fcc07824eeb2743d"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 13, 1, 2, 1
1068a0b8db2889bbb58ebf484cbc304a.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		37 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/1068a0b8db2889bbb58ebf484cbc304a.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xie-yan-fu-bing-shi-qi-kong-su-yi-shi-yao-tui-xiu-bi-zhuan-zhen.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
c52d31a2b13d7026c00ef7d99c26cb134e9beb46339c0b80a1664f299e785732

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Mon, 11 Sep 2023 12:34:13 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/1068a0b8db2889bbb58ebf484cbc304a.png
age
4763179
edge-cache-tag
395072785641538501151066532473712737005,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag
395072785641538501151066532473712737005,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
289
expiration
expiry-date="Tue, 18 Jul 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://mejorconsalud.as.com/
content-length
38266
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
x-served-by
cache-iad-kjyo7100117-IAD, cache-iad-kiad7000120-IAD, cache-chi-kigq8000071-CHI, cache-iad-kcgs7200078-IAD, cache-fra-eddf8230134-FRA
last-modified
Sat, 17 Jun 2023 13:14:59 GMT
server
nginx
x-timer
S1694435654.626241,VS0,VE1
etag
"a780e74ed72b5f0cafc21df0c886df8a"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1, 82, 1
59dc2ff7d57394a42f2e1770eccf577d.jpg
images.taboola.com/taboola/image/fetch/h_256,w_460,c_fill,g_xy_center,x_526,y_397/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/h_256,w_460,c_fill,g_xy_center,x_526,y_397/http%3A//cdn.taboola.com/libtrc/static/thumbnails/59dc2ff7d57394a42f2e1770eccf577d.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xie-yan-fu-bing-shi-qi-kong-su-yi-shi-yao-tui-xiu-bi-zhuan-zhen.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
c1046a7b5f56b3c23e1162005cfc50b1f0af39546ed1f194f63a1613acf2dea4

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Mon, 11 Sep 2023 12:34:13 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/h_256,w_460,c_fill,g_xy_center,x_526,y_397/http%3A//cdn.taboola.com/libtrc/static/thumbnails/59dc2ff7d57394a42f2e1770eccf577d.jpg
age
1822612
edge-cache-tag
553345370031307653688610699912439950752,547259280119040429728062571465126378377,29ecf9b93bbf306179626feeda1fab70
cache-tag
553345370031307653688610699912439950752,547259280119040429728062571465126378377,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
169
expiration
expiry-date="Fri, 01 Sep 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.staradvertiser.com/
content-length
10060
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
x-served-by
cache-iad-kiad7000160-IAD, cache-iad-kiad7000087-IAD, cache-iad-kcgs7200057-IAD, cache-fra-eddf8230134-FRA
last-modified
Tue, 01 Aug 2023 05:55:16 GMT
server
nginx
x-timer
S1694435654.631202,VS0,VE1
etag
"d5f7a809c5582096c3cb0ce65205e40b"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 200, 1
c3e8dc9bdd1f1e255c7b88f857df8e85.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/c3e8dc9bdd1f1e255c7b88f857df8e85.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xie-yan-fu-bing-shi-qi-kong-su-yi-shi-yao-tui-xiu-bi-zhuan-zhen.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
22e2ee38158caadd6a30d82785074ab9e9f87901e10fefda50dfbd4dd7bb73d3

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Mon, 11 Sep 2023 12:34:13 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/c3e8dc9bdd1f1e255c7b88f857df8e85.png
age
278372
edge-cache-tag
365948808144701794991562949906739460044,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
cache-tag
365948808144701794991562949906739460044,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
498
req-referer
https://www.diariodepontevedra.es/
content-length
22132
x-request-id
b6403538eb36b17acb5b3d8f19620e78
x-backend-name
US_nlb106
x-served-by
cache-iad-kjyo7100040-IAD, cache-iad-kjyo7100084-IAD, cache-iad-kiad7000130-IAD, cache-fra-eddf8230134-FRA
last-modified
Thu, 07 Sep 2023 13:08:32 GMT
server
nginx
x-timer
S1694435654.653462,VS0,VE1
etag
"786328596eb803d040617276c65b1b97"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 9, 1
2c74e4a19034a987fbf003b0c53d300b.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		35 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2c74e4a19034a987fbf003b0c53d300b.jpeg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xie-yan-fu-bing-shi-qi-kong-su-yi-shi-yao-tui-xiu-bi-zhuan-zhen.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
c8f05ce8e9e55e7ed5cc5fb1e23b601e3420086b65e8e6d561bc2b54abe09dfe

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Mon, 11 Sep 2023 12:34:13 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2c74e4a19034a987fbf003b0c53d300b.jpeg
age
602766
edge-cache-tag
357061261035143886034513095855348286159,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag
357061261035143886034513095855348286159,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
183
expiration
expiry-date="Thu, 05 Oct 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.pianetamountainbike.it/
content-length
36080
x-backend-name
US_nlb104
x-served-by
cache-iad-kjyo7100023-IAD, cache-iad-kiad7000080-IAD, cache-lga21939-LGA, cache-iad-kcgs7200033-IAD, cache-fra-eddf8230134-FRA
last-modified
Mon, 04 Sep 2023 12:55:06 GMT
server
nginx
x-timer
S1694435654.657205,VS0,VE1
etag
"183eef53b34027cfb63d5f64850a6043"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 1, 1, 1
5bed6d75ca0c7b8007f72f73ac5f5451.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5bed6d75ca0c7b8007f72f73ac5f5451.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xie-yan-fu-bing-shi-qi-kong-su-yi-shi-yao-tui-xiu-bi-zhuan-zhen.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
1b4acc25c424b09c47ac70f9c121ebb73deb5e3dbdcdcf96c00399d79fdd1b34

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Mon, 11 Sep 2023 12:34:13 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5bed6d75ca0c7b8007f72f73ac5f5451.png
age
2035791
edge-cache-tag
608330632766545199157274674631276038268,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
cache-tag
608330632766545199157274674631276038268,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
104
expiration
expiry-date="Mon, 28 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.englishforum.ch/
content-length
17630
x-backend-name
CH_nlb803
x-served-by
cache-iad-kiad7000155-IAD, cache-iad-kjyo7100164-IAD, cache-iad-kcgs7200132-IAD, cache-fra-eddf8230134-FRA
last-modified
Fri, 28 Jul 2023 22:27:49 GMT
server
nginx
x-timer
S1694435654.657346,VS0,VE1
etag
"8d3abb7f1eadc36ff03fe128b4f262a7"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 14, 1
c6239d26c1081015da8050230fbf269b.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		30 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/c6239d26c1081015da8050230fbf269b.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xie-yan-fu-bing-shi-qi-kong-su-yi-shi-yao-tui-xiu-bi-zhuan-zhen.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
06cad48c2acc8db6b29fb6d99765a9bc5bfa6d61ea4690a484612cd4d4265e3c

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Mon, 11 Sep 2023 12:34:13 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/c6239d26c1081015da8050230fbf269b.jpg
age
5942164
edge-cache-tag
587356268005097457686237049894664356422,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
587356268005097457686237049894664356422,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
128
expiration
expiry-date="Fri, 14 Jul 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.jamaicaobserver.com/
content-length
30980
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
x-served-by
cache-iad-kiad7000074-IAD, cache-iad-kiad7000057-IAD, cache-chi-klot8100044-CHI, cache-iad-kcgs7200033-IAD, cache-fra-eddf8230134-FRA
last-modified
Tue, 13 Jun 2023 05:44:52 GMT
server
nginx
x-timer
S1694435654.676523,VS0,VE1
etag
"8664d86dacc63024c3a286ec8f3736ea"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 1, 214, 1
1068a0b8db2889bbb58ebf484cbc304a.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		40 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/1068a0b8db2889bbb58ebf484cbc304a.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xie-yan-fu-bing-shi-qi-kong-su-yi-shi-yao-tui-xiu-bi-zhuan-zhen.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
454c6d9cf5018a51f584cb0ca628112d72f8df9ebd635b065f091b39a970be5e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
2
date
Mon, 11 Sep 2023 12:34:13 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/1068a0b8db2889bbb58ebf484cbc304a.png
age
5405180
edge-cache-tag
395072785641538501151066532473712737005,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
395072785641538501151066532473712737005,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
260
expiration
expiry-date="Wed, 19 Jul 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.tag24.de/
content-length
40650
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
x-served-by
cache-iad-kjyo7100069-IAD, cache-iad-kiad7000168-IAD, cache-lax10657-LGB, cache-iad-kcgs7200099-IAD, cache-fra-eddf8230134-FRA
last-modified
Sun, 18 Jun 2023 06:16:46 GMT
server
nginx
x-timer
S1694435654.678904,VS0,VE2
etag
"c71373d70f7b2f5ec2595103e800a11a"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 3, 1, 184, 1
2c74e4a19034a987fbf003b0c53d300b.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		41 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2c74e4a19034a987fbf003b0c53d300b.jpeg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xie-yan-fu-bing-shi-qi-kong-su-yi-shi-yao-tui-xiu-bi-zhuan-zhen.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
1bc1c7800cbcc074e2856050c3f00058326a8fd7facb6fb363f9d5233b91caac

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Mon, 11 Sep 2023 12:34:13 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2c74e4a19034a987fbf003b0c53d300b.jpeg
age
602828
edge-cache-tag
357061261035143886034513095855348286159,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
357061261035143886034513095855348286159,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, MISS, HIT
x-envoy-upstream-service-time
257
expiration
expiry-date="Thu, 05 Oct 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.t-online.de/
content-length
42402
x-backend-name
CH_nlb804
x-served-by
cache-iad-kiad7000042-IAD, cache-iad-kiad7000089-IAD, cache-iad-kjyo7100152-IAD, cache-fra-eddf8230134-FRA
last-modified
Mon, 04 Sep 2023 13:05:01 GMT
server
nginx
x-timer
S1694435654.684018,VS0,VE1
etag
"57a3cc65eec070c47dba69be3cc31bd0"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 0, 1
59dc2ff7d57394a42f2e1770eccf577d.jpg
images.taboola.com/taboola/image/fetch/h_523,w_940,c_fill,g_xy_center,x_526,y_397/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/h_523,w_940,c_fill,g_xy_center,x_526,y_397/http%3A//cdn.taboola.com/libtrc/static/thumbnails/59dc2ff7d57394a42f2e1770eccf577d.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xie-yan-fu-bing-shi-qi-kong-su-yi-shi-yao-tui-xiu-bi-zhuan-zhen.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
b8b237d6b17c68a05bc377ae355cdadc36ecc1cc37a1053bc79c2aa0e307b169

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
6
date
Mon, 11 Sep 2023 12:34:13 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/h_523,w_940,c_fill,g_xy_center,x_526,y_397/http%3A//cdn.taboola.com/libtrc/static/thumbnails/59dc2ff7d57394a42f2e1770eccf577d.jpg
age
2859815
edge-cache-tag
553345370031307653688610699912439950752,402479757437519981525365986995415241909,29ecf9b93bbf306179626feeda1fab70
cache-tag
553345370031307653688610699912439950752,402479757437519981525365986995415241909,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
261
expiration
expiry-date="Fri, 01 Sep 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.t-online.de/
content-length
29394
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
x-served-by
cache-iad-kcgs7200136-IAD, cache-iad-kcgs7200115-IAD, cache-lax10660-LGB, cache-iad-kcgs7200071-IAD, cache-fra-eddf8230134-FRA
last-modified
Tue, 01 Aug 2023 07:44:45 GMT
server
nginx
x-timer
S1694435654.684167,VS0,VE6
etag
"a8139c2d2ea8fa23ad77f4b509ad1b5b"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 4, 1, 31, 1
c3e8dc9bdd1f1e255c7b88f857df8e85.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		43 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/c3e8dc9bdd1f1e255c7b88f857df8e85.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xie-yan-fu-bing-shi-qi-kong-su-yi-shi-yao-tui-xiu-bi-zhuan-zhen.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
77f35b9900910082f6ac05980e44068cf859f31a364fa54e1158f3501c4679b0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Mon, 11 Sep 2023 12:34:13 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/c3e8dc9bdd1f1e255c7b88f857df8e85.png
age
343542
edge-cache-tag
365948808144701794991562949906739460044,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
365948808144701794991562949906739460044,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
169
req-referer
https://hollywood-tale.com/
content-length
44244
x-request-id
1a9e4f5b3e5f2d9ba38af838da3f7d59
x-backend-name
LA_nlb204
x-served-by
cache-iad-kiad7000079-IAD, cache-iad-kiad7000079-IAD, cache-lax10645-LGB, cache-iad-kjyo7100159-IAD, cache-fra-eddf8230134-FRA
last-modified
Thu, 07 Sep 2023 13:08:32 GMT
server
nginx
x-timer
S1694435654.700800,VS0,VE1
etag
"e83836347e3c107a3120246fa0b29e1a"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 3, 1, 9, 1
ad_request
ads.aralego.com/ 		564 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=0&bl=en-US&je=1&dnt=0&host=www.bg3.co&u=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxie-yan-fu-bing-shi-qi-kong-su-yi-shi-yao-tui-xiu-bi-zhuan-zhen.html&adid=ad-34BA6B783D78883D133AD3AD3D6293B9&w=300&h=250&ver=UCX_WEB-20200113&pos=1&seq=0&cb=0.9121112707004486&gdpr=%24%7BGDPR%7D&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&format=300%2C250%3B336%2C280%3B&lang=en-US%2Cen&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&uaMobile=%3F0
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.96.203.13 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
7eddc7e40f583d7244a3f2235d6be162336c446b943ebcf7a4f4a0d02fa18030

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 11 Sep 2023 12:34:14 GMT
X-Width
336
X-Height
280
X-AdStyle
banner
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://www.bg3.co
Access-Control-Expose-Headers
X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
Vary
Accept-Encoding
Access-Control-Allow-Credentials
true
X-AdSource
PSA
X-Adtype
html
Connection
close
Content-Length
564
ad_request
ads.aralego.com/ 		564 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=0&bl=en-US&je=1&dnt=0&host=www.bg3.co&u=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxie-yan-fu-bing-shi-qi-kong-su-yi-shi-yao-tui-xiu-bi-zhuan-zhen.html&adid=ad-34BA6B783D78883D133AD3AD3D6293B9&w=300&h=250&ver=UCX_WEB-20200113&pos=1&seq=1&cb=0.9268094402112395&gdpr=%24%7BGDPR%7D&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&format=300%2C250%3B336%2C280%3B&lang=en-US%2Cen&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&uaMobile=%3F0
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.96.203.13 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
7eddc7e40f583d7244a3f2235d6be162336c446b943ebcf7a4f4a0d02fa18030

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 11 Sep 2023 12:34:14 GMT
X-Width
336
X-Height
280
X-AdStyle
banner
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://www.bg3.co
Access-Control-Expose-Headers
X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
Vary
Accept-Encoding
Access-Control-Allow-Credentials
true
X-AdSource
PSA
X-Adtype
html
Connection
close
Content-Length
564
bulk-metrics
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
243 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/bulk-metrics?tvi48=11593&tvi50=11906&route=AM%3AIL%3AV&lti=deflated&bulkSize=12
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230910-15-RELEASE.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://www.bg3.co
pragma
no-cache
date
Mon, 11 Sep 2023 12:34:13 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
truncated
/ Frame 2D55 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f7688f39110658a71414733eba35c1e7aabe50becd0e3ed9bf500703ef5808c9

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 2D55 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst1jT2wISsY7CTEiaLmeCvOa-g3f1sycnduowtwhY6cj5zl-OIzcgPewapj84sBLeLkVqV8VmJHYtgIGjt9NN46RuFvbe_kzFKEAgb2POaAwjT0zilDsEcuMxRDROEQIVawi6nEfdKIPkp6593Qs1pvPSN3U_XQHKt5hSNX5cqbLb0WpkDpeBOB2uQpQhpbmtC8A1TUc01whqfAWogzIfyyyi7pLTGboGpK4FwxR68vR33rn4HikhNR3ZaqnyrQfmP3Chajk3oqJLlv4-AnVlt3ZjljqKTlvRDyhBf_IkItLAhCARfz90HTjBOXViajrh4IEH3N&sai=AMfl-YSJumNXRh-c2sQXQA-8JL-PSdtYqnWx2dVrK_qRUiyIA-XInBPpyIgJQlUN1TkpiIrC-CtQK3TsP39hlcyKYpgA78-TTrI5ZMjTfF88T_d6BNoXjMs62Aq_cu-bOAORgIytZ8hdQv_HmHzKJqg&sig=Cg0ArKJSzK4Kc_VXjH4gEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 12:34:13 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 11 Sep 2023 12:34:13 GMT
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20230911
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f86a8291e8d7ff29f1c4694e6c501ebdb003c609a1f87816a8fac084bf5c1915
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 11 Sep 2023 12:34:13 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
30804
x-jsd-version
1.0.1809
content-encoding
br
x-cache
HIT, MISS
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230103-FRA, cache-yyz4583-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"63c-gvCkkqA54Wo40LF+7CXKp1IYtfk"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rrrrv8qVfJ3XYAl2UDQg5f1XW%2F2zAKBT4p9uWbOtwJaIgVcBcm4YW2C3K%2BZZxfF7JyMM9HQa1MJ5LNHHqHUfUJblEzUQmMmtByeiuQZtr4Qxpa%2FK8MCMutXlS4qGT1hRoiZfoLTqlo5S0ryOujU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
804ff1942fde526a-MXP
pbjs
htlb.casalemedia.com/openrtb/ 		36 B
307 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=693656
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.148.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e93384474e15b7a6181c78296f972d828c1d15862cf09ee9fcf783906fad1528

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 11 Sep 2023 12:34:13 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NyQMjOzALotQ460eMznTgpi2a349xmB3vhXKJiuVckXNP%2BXzqVvQrZD1pSBGtMyzHm4bcghupp2n3DOUtZep6MxxkaeiUBGgtLtV0JDGmGeBq4zDebEX5PTakdl%2Ferq84kRPt1%2B8"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
804ff1944d9a01e3-ZRH
alt-svc
h3=":443"; ma=86400
content-length
36
expires
0
pbjs
htlb.casalemedia.com/openrtb/ 		36 B
309 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=693656
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.148.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e93384474e15b7a6181c78296f972d828c1d15862cf09ee9fcf783906fad1528

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 11 Sep 2023 12:34:13 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xy%2BIhz1gLz0z9ewIpsHg7Q1e8GMxXjgS4e25m%2B2ajWlrKKo5%2FxcwJyuAxUEI0nfOPamyptcNhk6Br5pz2xXPXCkmMdAXU4e46PF0tEydckK6wcqdQYfVBSAyNZlZGo2Wl%2F3RwypZ"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
804ff1944d9b01e3-ZRH
alt-svc
h3=":443"; ma=86400
content-length
36
expires
0
pbjs
htlb.casalemedia.com/openrtb/ 		36 B
543 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=693656
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.148.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e93384474e15b7a6181c78296f972d828c1d15862cf09ee9fcf783906fad1528

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 11 Sep 2023 12:34:13 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TEUSxizEhxpT3hqZQYxfXl%2FwE2ARhzU6PiCuyWfLXqK0mQBziFRatjS51kdpAMbWdnxdsnBV762fdWYGqTOOOgdw2oyMpXK28NIQecqyn8MWru41oCzPCRlI8WUW%2B3W8VIxkO%2BbY"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
804ff1944d9c01e3-ZRH
alt-svc
h3=":443"; ma=86400
content-length
36
expires
0
auction
prebid-server.rubiconproject.com/openrtb2/ 		186 B
469 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.173.144.137 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
f6e673f4d4e0b867662115384ef15fad415a522bb2a85684bb9c2b411a1d1efe

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
content-encoding
gzip
x-prebid
pbs-java/1.128.0
Content-Type
application/json
access-control-allow-origin
https://www.bg3.co
Cache-Control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
174
Expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		9 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20616&site_id=395958&zone_id=2209398&size_id=15%3B2&alt_size_ids=2%2C1%2C13%2C14%2C19%2C43%2C44%2C117%3B1%2C43%2C44%2C55&rp_schain=1.0,1!adpushup.com,062d9a21f747ddee7c25d4297776e0aa,1,,,&eid_pubcid.org=a2d2d63e-0c15-4ae6-bcfc-093d094a8f63%5E1&rf=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxie-yan-fu-bing-shi-qi-kong-su-yi-shi-yao-tui-xiu-bi-zhuan-zhen.html&kw=%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E%EF%BC%8C%E8%A1%80%E7%99%8C%E5%A4%AB%E7%97%85%E9%80%9D%E5%A6%BB%E6%8E%A7%E8%A8%B4%E9%86%AB%E5%B8%AB%E8%A6%81%E9%80%80%E4%BC%91%E9%80%BC%E8%BD%89%E8%A8%BA&tg_i.domain=bg3.co&tg_i.page=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxie-yan-fu-bing-shi-qi-kong-su-yi-shi-yao-tui-xiu-bi-zhuan-zhen.html&tk_flint=pbjs_lite_v7.48.0&x_source.tid=6cb247c3-d4af-47d8-af5b-93402999ab0f%3B8c50a9ee-c620-4ab7-867c-de434e61183c&l_pb_bid_id=14c4e5d9fd3c66f%3B15108af11d19591&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=6cb247c3-d4af-47d8-af5b-93402999ab0f%3B8c50a9ee-c620-4ab7-867c-de434e61183c&rp_maxbids=1&slots=2&rand=0.6464545956557675
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::43 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
6b4c3fdf8e5853f997854c3c2fe788edc4c09019dde92417b2b6e91a8a457187

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 11 Sep 2023 12:34:14 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
/
prebid.smilewanted.com/ 		0
306 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 11 Sep 2023 12:34:13 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
804ff1948b459966-FRA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
/
prebid.smilewanted.com/ 		0
35 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 11 Sep 2023 12:34:13 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
804ff1948b479966-FRA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
c
prebid.a-mo.net/a/ 		0
274 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.84.158 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.bg3.co
date
Mon, 11 Sep 2023 12:34:12 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
11
server
envoy
vary
origin, Accept-Encoding
bid-request
a.teads.tv/hb/ 		2 KB
942 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.79.89.16 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-89-16.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
de025bc75a330e6d74e088090a9933cb795259ff5501bbe07c4aba7ed7588f00

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 11 Sep 2023 12:34:14 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
490
expires
Mon, 11 Sep 2023 12:34:14 GMT
prebidjs
rtb.openx.net/openrtbb/ 		53 B
153 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
/
Resource Hash
b1cf9638e3196b95852ed6d2d8dc3ee05fd457c99bb41b03062e38fed5ed2547

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 11 Sep 2023 12:34:13 GMT
content-encoding
gzip
via
1.1 google
vary
Origin
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77
prebidjs
rtb.openx.net/openrtbb/ 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.bg3.co
date
Mon, 11 Sep 2023 12:34:13 GMT
via
1.1 google
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
vary
Origin
prebidjs
rtb.openx.net/openrtbb/ 		0
41 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.bg3.co
date
Mon, 11 Sep 2023 12:34:13 GMT
via
1.1 google
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
vary
Origin
prebid-request
onetag-sys.com/ 		15 B
358 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://www.bg3.co
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
prebid
prebid.media.net/rtb/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUPEPKI9
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
7775ce60e8457f95afac3a696facf65693243b80c76d7b86c71785424e4767a2

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 11 Sep 2023 12:34:14 GMT
content-encoding
gzip
via
1.1 google
server
nginx
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
expires
Mon, 11 Sep 2023 12:34:13 GMT
hbjson
grid.bidswitch.net/ 		18 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://grid.bidswitch.net/hbjson
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.124.92.220 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-92-220.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
5122c708c7c3b9670a5ebb4ee8f20ee2061a089456b3d808b955a213f6b5642b

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 11 Sep 2023 12:34:14 GMT
Content-Encoding
gzip
Server
nginx
Content-Type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
9419
prebid
ib.adnxs.com/ut/v3/ 		262 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
6596a3922cc32172b7a24b8bcb05dcb63aeda73ae6747768a574b2422cf760df
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 11 Sep 2023 12:34:13 GMT
an-x-request-uuid
b6d3da75-5ac1-4be7-957f-1675c41a368f
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
45.12.222.172; 45.12.222.172; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
262
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
auction
tlx.3lift.com/header/ 		19 B
684 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=7.48.0&referrer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxie-yan-fu-bing-shi-qi-kong-su-yi-shi-yao-tui-xiu-bi-zhuan-zhen.html&tmax=3000
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.193.230.43 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-193-230-43.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 11 Sep 2023 12:34:13 GMT
accept-ch
sec-ch-ua-full-version,sec-ch-ua-arch,sec-ch-rtt,sec-ch-ua-mobile,sec-ch-viewport-width,sec-ch-downlink,sec-ch-ua-full-version-list,sec-ch-prefers-color-scheme,sec-ch-ua-platform,sec-ch-dpr,user-agent,sec-ch-width,sec-ch-viewport-height,sec-ch-save-data,sec-ch-ect,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-device-memory,sec-ch-ua-bitness,sec-ch-ua
x-auction-status
29, 29, 29, 29, 29, 29, 29, 29, 29, 29
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
adreq
ads.servenobid.com/ 		723 B
711 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/adreq?cb=5091
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.51.73.145 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-51-73-145.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
0b10180887c43fe8adf9e0042338deafea681a662ef6f561799fd3677ea489df

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 11 Sep 2023 12:34:13 GMT
content-encoding
gzip
amp-access-control-allow-source-origin
*
vary
accept-encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
cdb
bidder.criteo.com/ 		0
189 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=35&wv=7.48.0&cb=33794516581&lsavail=0
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.bg3.co
date
Mon, 11 Sep 2023 12:34:13 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
v1
hb-api.omnitagjs.com/hb-api/prebid/ 		3 B
455 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxie-yan-fu-bing-shi-qi-kong-su-yi-shi-yao-tui-xiu-bi-zhuan-zhen.html&PageUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxie-yan-fu-bing-shi-qi-kong-su-yi-shi-yao-tui-xiu-bi-zhuan-zhen.html&PageReferrer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxie-yan-fu-bing-shi-qi-kong-su-yi-shi-yao-tui-xiu-bi-zhuan-zhen.html&CanonicalUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxie-yan-fu-bing-shi-qi-kong-su-yi-shi-yao-tui-xiu-bi-zhuan-zhen.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.255.84.151 , France, ASN200271 (IGUANE-, FR),
Reverse DNS
Software
ayl-lb-fra02 /
Resource Hash
37517e5f3dc66819f61f5a7bb8ace1921282415f10551d2defa5c3eb0985b570
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 11 Sep 2023 12:34:14 GMT
x-content-type-options
nosniff
p3p
CP="CAO PSA OUR"
x-envoy-upstream-service-time
633
content-length
3
pragma
no-cache
server
ayl-lb-fra02
access-control-max-age
3600
access-control-allow-methods
OPTIONS, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Accept-Encoding
access-control-allow-headers
Accept-Encoding, Content-Type
expires
0
impress
ad.vidverto.io/delivery/ 		52 KB
18 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/delivery/impress?ctype=div&width=720&height=405&tld=www.bg3.co&pzoneid=9799&in_iframe=&position=atf&screen_width=1600&screen_height=1200&top_domain=www.bg3.co&top_url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxie-yan-fu-bing-shi-qi-kong-su-yi-shi-yao-tui-xiu-bi-zhuan-zhen.html&domain=www.bg3.co&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxie-yan-fu-bing-shi-qi-kong-su-yi-shi-yao-tui-xiu-bi-zhuan-zhen.html&referrer=&async=1&uid=902791283&gdpr=0&gdpr_consent=
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
175.110.113.216 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
175-110-113-216.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
8628c88637dd7936491735b4b49b51e5015222fe86f5ea5ae334fa22eca66c53

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://www.bg3.co
date
Mon, 11 Sep 2023 12:34:13 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
application/json; charset=utf-8
rum.js
securepubads.g.doubleclick.net/pagead/js/ Frame 2D55 		61 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/js/rum.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xie-yan-fu-bing-shi-qi-kong-su-yi-shi-yao-tui-xiu-bi-zhuan-zhen.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fc02820c70407aa60fd7b6a413da60eba9445bacd0932414bba89404cdd2cdc9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 12:16:57 GMT
content-encoding
br
x-content-type-options
nosniff
age
1036
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23165
x-xss-protection
0
server
cafe
etag
3653802842111768446
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
timing-allow-origin
*
expires
Mon, 11 Sep 2023 13:16:57 GMT
next-up-widget.20230910-15-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/next-up-widget.20230910-15-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7f72778a618de493fe2f538cd70411f4b519fb511aac6dc7bb7e326531f32013

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
IMDS55X1u82eO4CeGdZQjVWaA6cfcaKi
content-encoding
gzip
via
1.1 varnish
date
Mon, 11 Sep 2023 12:34:13 GMT
x-amz-request-id
WTKSQMHS8HMBG1GX
age
79211
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
4623
x-amz-id-2
4gEoF1cmnw0a08Im9MZLUJ8ZC43m6OKuwZzVzLoB6vcRkuQYswrvdRlFVSES95pjAt3IBK4CZgU=
x-served-by
cache-fra-eddf8230134-FRA
last-modified
Sun, 10 Sep 2023 14:34:03 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1694435654.835529,VS0,VE0
etag
"dc03fe7a6d318e642be88af86739b177"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
88
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
16400
abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&tvi48=11593&tvi50=11906&lti=deflated&ri=122da37de212363949984dde6b7ca103&sd=v2_8714c76d47f2d954323aafd87683517f_11b8c136-8c59-435c-b09d-036f962df0f5-tuctbf88ec5_1694435653_1694435653_CNawjgYQ2YJdGKbr8KGoMSABKAEwKziy0A1Aw4gQSPep2gNQ____________AVgAYABosa_ptcr9986tAXAA&ui=11b8c136-8c59-435c-b09d-036f962df0f5-tuctbf88ec5&pi=/a/xie-yan-fu-bing-shi-qi-kong-su-yi-shi-yao-tui-xiu-bi-zhuan-zhen.html&wi=-8818725787103224760&pt=text&vi=1694435653030&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22taboola-vignette-script-loaded%22%2C%22type%22%3A%22%7B%5C%22timeFromLoad%5C%22%3A1224%7D%22%2C%22eventTime%22%3A1694435653826%7D&tim=14%3A34%3A13.826&id=2424&llvl=2&cv=20230910-15-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xie-yan-fu-bing-shi-qi-kong-su-yi-shi-yao-tui-xiu-bi-zhuan-zhen.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Mon, 11 Sep 2023 12:34:13 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=14%3A34%3A13.844&type=warn&msg=TRC.TranslationsManager%20-%20missing%20feature%20in%20translationMap%3A%20userx.&llvl=2&id=1625&cv=20230910-15-RELEASE&lt=deflated&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xie-yan-fu-bing-shi-qi-kong-su-yi-shi-yao-tui-xiu-bi-zhuan-zhen.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 12:34:13 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
67100
css2
fonts.googleapis.com/ 		20 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230910-15-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a44f5d561cd3e602e092304c1356809a206492fa189be1c11d923e8e768b06b5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 11 Sep 2023 12:34:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 11 Sep 2023 11:50:49 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 11 Sep 2023 12:34:13 GMT
spa-detector.20230910-15-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/spa-detector.20230910-15-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5dd78f90f733b7a6d3808b55b1d8560772bc68f0b9b55af1052c4b3f441f0222

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
QXCRs0cXYGjEchqiYPRINe.VuIwInoh8
content-encoding
gzip
via
1.1 varnish
date
Mon, 11 Sep 2023 12:34:13 GMT
x-amz-request-id
C4JTR0KE9FEZ4BYA
age
79205
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
780
x-amz-id-2
6Fz9w5God2P3+s18gdCIjvJRFAhrQa3GA4LtgX09IFHTqdE+xWkG4ET5kPFJ3oqCibODWE/5DO8=
x-served-by
cache-fra-eddf8230134-FRA
last-modified
Sun, 10 Sep 2023 14:34:09 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1694435654.869737,VS0,VE0
etag
"8b01e5c75119c0f192ee0e9fc877e58b"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
80
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
76636
supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&tvi48=11593&tvi50=11906&lti=deflated&ri=122da37de212363949984dde6b7ca103&sd=v2_8714c76d47f2d954323aafd87683517f_11b8c136-8c59-435c-b09d-036f962df0f5-tuctbf88ec5_1694435653_1694435653_CNawjgYQ2YJdGKbr8KGoMSABKAEwKziy0A1Aw4gQSPep2gNQ____________AVgAYABosa_ptcr9986tAXAA&ui=11b8c136-8c59-435c-b09d-036f962df0f5-tuctbf88ec5&pi=/a/xie-yan-fu-bing-shi-qi-kong-su-yi-shi-yao-tui-xiu-bi-zhuan-zhen.html&wi=-8818725787103224760&pt=text&vi=1694435653030&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22AVAILABLE%22%2C%22event_value%22%3A%22%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=14%3A34%3A13.846&id=7820&llvl=2&cv=20230910-15-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xie-yan-fu-bing-shi-qi-kong-su-yi-shi-yao-tui-xiu-bi-zhuan-zhen.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Mon, 11 Sep 2023 12:34:13 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&tvi48=11593&tvi50=11906&lti=deflated&ri=122da37de212363949984dde6b7ca103&sd=v2_8714c76d47f2d954323aafd87683517f_11b8c136-8c59-435c-b09d-036f962df0f5-tuctbf88ec5_1694435653_1694435653_CNawjgYQ2YJdGKbr8KGoMSABKAEwKziy0A1Aw4gQSPep2gNQ____________AVgAYABosa_ptcr9986tAXAA&ui=11b8c136-8c59-435c-b09d-036f962df0f5-tuctbf88ec5&pi=/a/xie-yan-fu-bing-shi-qi-kong-su-yi-shi-yao-tui-xiu-bi-zhuan-zhen.html&wi=-8818725787103224760&pt=text&vi=1694435653030&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22explore-more%22%2C%22type%22%3A%22header%20found%22%2C%22eventTime%22%3A1694435653854%7D&tim=14%3A34%3A13.854&id=5247&llvl=2&cv=20230910-15-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xie-yan-fu-bing-shi-qi-kong-su-yi-shi-yao-tui-xiu-bi-zhuan-zhen.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Mon, 11 Sep 2023 12:34:13 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&tvi48=11593&tvi50=11906&lti=deflated&ri=122da37de212363949984dde6b7ca103&sd=v2_8714c76d47f2d954323aafd87683517f_11b8c136-8c59-435c-b09d-036f962df0f5-tuctbf88ec5_1694435653_1694435653_CNawjgYQ2YJdGKbr8KGoMSABKAEwKziy0A1Aw4gQSPep2gNQ____________AVgAYABosa_ptcr9986tAXAA&ui=11b8c136-8c59-435c-b09d-036f962df0f5-tuctbf88ec5&pi=/a/xie-yan-fu-bing-shi-qi-kong-su-yi-shi-yao-tui-xiu-bi-zhuan-zhen.html&wi=-8818725787103224760&pt=text&vi=1694435653030&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22CLICKABLE%22%2C%22event_value%22%3A%22tblOriginalState%3A%20true%22%2C%22event_msg%22%3A%22back%20button%20enabled%2C%20history%20changed.%22%2C%22event_key%22%3A%22%22%7D&tim=14%3A34%3A13.856&id=2196&llvl=2&cv=20230910-15-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xie-yan-fu-bing-shi-qi-kong-su-yi-shi-yao-tui-xiu-bi-zhuan-zhen.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Mon, 11 Sep 2023 12:34:13 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&tvi48=11593&tvi50=11906&lti=deflated&ri=122da37de212363949984dde6b7ca103&sd=v2_8714c76d47f2d954323aafd87683517f_11b8c136-8c59-435c-b09d-036f962df0f5-tuctbf88ec5_1694435653_1694435653_CNawjgYQ2YJdGKbr8KGoMSABKAEwKziy0A1Aw4gQSPep2gNQ____________AVgAYABosa_ptcr9986tAXAA&ui=11b8c136-8c59-435c-b09d-036f962df0f5-tuctbf88ec5&pi=/a/xie-yan-fu-bing-shi-qi-kong-su-yi-shi-yao-tui-xiu-bi-zhuan-zhen.html&wi=-8818725787103224760&pt=text&vi=1694435653030&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22explore-more%22%2C%22type%22%3A%22explore-more-available%22%2C%22eventTime%22%3A1694435653858%7D&tim=14%3A34%3A13.858&id=5533&llvl=2&cv=20230910-15-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xie-yan-fu-bing-shi-qi-kong-su-yi-shi-yao-tui-xiu-bi-zhuan-zhen.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Mon, 11 Sep 2023 12:34:13 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&tvi48=11593&tvi50=11906&lti=deflated&ri=122da37de212363949984dde6b7ca103&sd=v2_8714c76d47f2d954323aafd87683517f_11b8c136-8c59-435c-b09d-036f962df0f5-tuctbf88ec5_1694435653_1694435653_CNawjgYQ2YJdGKbr8KGoMSABKAEwKziy0A1Aw4gQSPep2gNQ____________AVgAYABosa_ptcr9986tAXAA&ui=11b8c136-8c59-435c-b09d-036f962df0f5-tuctbf88ec5&pi=/a/xie-yan-fu-bing-shi-qi-kong-su-yi-shi-yao-tui-xiu-bi-zhuan-zhen.html&wi=-8818725787103224760&pt=text&vi=1694435653030&d=%7B%22event_type%22%3A%22distance_from_article%22%2C%22event_state%22%3A%22reported%22%2C%22event_value%22%3A%2218%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=14%3A34%3A13.868&id=654&llvl=2&cv=20230910-15-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xie-yan-fu-bing-shi-qi-kong-su-yi-shi-yao-tui-xiu-bi-zhuan-zhen.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Mon, 11 Sep 2023 12:34:13 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
rules-p-54Nt-1NAaEEe0.js
rules.quantcount.com/ 		160 B
634 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-54Nt-1NAaEEe0.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ab:3800:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
edc30a0e05622f71d52d07a0b7b5e94e654ee06854f893be1954336730eb0db6

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 11:54:37 GMT
via
1.1 eb91f7d4f380e2793c00431a8fc93fe0.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS58-P3
age
2377
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
160
last-modified
Thu, 13 Oct 2022 15:29:19 GMT
server
AmazonS3
etag
"05b131079c67d484167fd1b1f6c79577"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
Ks8TILl3cW4SVW5125BfGVMzBLlQdq2fvgL2e8rT1JTmpfq3hSnLyA==
bulk-metrics
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
243 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/bulk-metrics?tvi48=11593&tvi50=11906&route=AM%3AIL%3AV&lti=deflated&bulkSize=1
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230910-15-RELEASE.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://www.bg3.co
pragma
no-cache
date
Mon, 11 Sep 2023 12:34:13 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
/
onetag-sys.com/usync/ Frame 2470 		2 KB
814 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
moxplayer.css
ad.vidverto.io/js/moxplayer/ 		51 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/js/moxplayer/moxplayer.css
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
175.110.113.216 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
175-110-113-216.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
a1fc449201f61ca3ea21d70a29c7539f8bcb19be28423a4e1258e7e1e994b042

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 12:34:13 GMT
content-encoding
gzip
last-modified
Wed, 10 Jun 2020 14:52:51 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"5ee0f3c3-cbf7"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=3600, public, max-age=3600
expires
Mon, 11 Sep 2023 13:34:13 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ 		358 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9848fd9c8e8d1002001cd245c2218c1c51d6e0aa9f543a0163e19bf6899af172
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 12:34:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
126091
x-xss-protection
0
expires
Mon, 11 Sep 2023 12:34:13 GMT
inview.min.js
ad.vidverto.io/js/ima2/2/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/js/ima2/2/inview.min.js
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
175.110.113.216 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
175-110-113-216.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
2ebcdc45625d8bd6eb8cea62780c1128df28c86ef0e10a6369ec23c97d61d92c

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 12:34:13 GMT
content-encoding
gzip
last-modified
Wed, 10 Jun 2020 14:52:51 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"5ee0f3c3-1389"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600, public, max-age=3600
expires
Mon, 11 Sep 2023 13:34:13 GMT
vast-client.min.js
ad.vidverto.io/js/ima2/2/ 		59 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/js/ima2/2/vast-client.min.js
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
175.110.113.216 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
175-110-113-216.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
b682ef87b0ee4f3631fb1d297c2ad373d1e423ab2d1c14dc10a3fb1dd59a1466

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 12:34:13 GMT
content-encoding
gzip
last-modified
Fri, 21 Apr 2023 17:10:25 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"6442c381-edf4"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600, public, max-age=3600
expires
Mon, 11 Sep 2023 13:34:13 GMT
ima.min.js
ad.vidverto.io/js/ima2/2/ 		87 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/js/ima2/2/ima.min.js?08092023
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
175.110.113.216 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
175-110-113-216.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
dae0b88c1732815e47cb0d2d0d7e270b9225d316216ee4ba20ab74eea6d8525c

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 12:34:13 GMT
content-encoding
gzip
last-modified
Fri, 08 Sep 2023 10:57:53 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"64fafe31-15d8c"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600, public, max-age=3600
expires
Mon, 11 Sep 2023 13:34:13 GMT
vidvertoplayer.js
ad.vidverto.io/vidverto/player/ 		129 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/vidverto/player/vidvertoplayer.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xie-yan-fu-bing-shi-qi-kong-su-yi-shi-yao-tui-xiu-bi-zhuan-zhen.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
175.110.113.216 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
175-110-113-216.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
8387013ae7c0a3cb9f15765f5b7693e4011a26d041b9109781d554ee93031bcc

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 12:34:13 GMT
content-encoding
gzip
last-modified
Thu, 18 Aug 2022 07:44:44 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"62fdedec-205ff"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600, public, max-age=3600
expires
Mon, 11 Sep 2023 13:34:13 GMT
prebid.js
ad.vidverto.io/js/achernar/ 		284 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/js/achernar/prebid.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xie-yan-fu-bing-shi-qi-kong-su-yi-shi-yao-tui-xiu-bi-zhuan-zhen.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
175.110.113.216 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
175-110-113-216.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
8fecae017ff4a1627943e6e72c2ef67923c0c808529c56f47a5a9f611364da55

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 12:34:13 GMT
content-encoding
gzip
last-modified
Mon, 11 Sep 2023 11:42:20 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"64fefd1c-47038"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600, public, max-age=3600
expires
Mon, 11 Sep 2023 13:34:13 GMT
invocation.min.css
ad.vidverto.io/vidverto/ 		3 KB
850 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/vidverto/invocation.min.css
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
175.110.113.216 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
175-110-113-216.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
60f74110267d386c033ca330fc5bbd7d2472c972b63b33fa8000e87c8f815de6

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 12:34:13 GMT
content-encoding
gzip
last-modified
Wed, 11 Nov 2020 16:53:37 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"5fac1711-a0a"
vary
Accept-Encoding
content-type
text/css
sync
ad.vidverto.io/delivery/v2/
Redirect Chain
  • https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fad.vidverto.io%2Fdelivery%2Fv2%2Fsync%3Fuserid%3D750e6d7a-a347-4c62-ad15-f9ef4ad23f9b%26p_id%3D23
  • https://ad.vidverto.io/delivery/v2/sync?userid=750e6d7a-a347-4c62-ad15-f9ef4ad23f9b&p_id=23
0
151 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.vidverto.io/delivery/v2/sync?userid=750e6d7a-a347-4c62-ad15-f9ef4ad23f9b&p_id=23
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xie-yan-fu-bing-shi-qi-kong-su-yi-shi-yao-tui-xiu-bi-zhuan-zhen.html
Protocol
H2
Server
175.110.113.216 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
175-110-113-216.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 12:34:14 GMT
content-length
0
server
nginx/1.14.0 (Ubuntu)

Redirect headers

location
https://ad.vidverto.io/delivery/v2/sync?userid=750e6d7a-a347-4c62-ad15-f9ef4ad23f9b&p_id=23
date
Mon, 11 Sep 2023 12:34:14 GMT
cache-control
no-store no-transform
server
nginx
content-length
161
content-type
text/html; charset=utf-8
sync
ad.vidver.to/delivery/v2/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=prodoohmox&user_id=750e6d7a-a347-4c62-ad15-f9ef4ad23f9b&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=prodoohmox&user_id=750e6d7a-a347-4c62-ad15-f9ef4ad23f9b&gdpr=0&gdpr_consent=
  • https://ad.vidver.to/delivery/v2/sync?userid=41d2615c-4204-49d0-87f5-f4cd3d0e3ac4&p_id=15
0
155 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.vidver.to/delivery/v2/sync?userid=41d2615c-4204-49d0-87f5-f4cd3d0e3ac4&p_id=15
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xie-yan-fu-bing-shi-qi-kong-su-yi-shi-yao-tui-xiu-bi-zhuan-zhen.html
Protocol
H2
Server
175.110.113.208 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
175-110-113-208.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 12:34:14 GMT
content-length
0
server
nginx/1.14.0 (Ubuntu)

Redirect headers

location
//ad.vidver.to/delivery/v2/sync?userid=41d2615c-4204-49d0-87f5-f4cd3d0e3ac4&p_id=15
date
Mon, 11 Sep 2023 12:34:14 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
favicon-16px.png
ad.vidverto.io/images/ 		900 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.vidverto.io/images/favicon-16px.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xie-yan-fu-bing-shi-qi-kong-su-yi-shi-yao-tui-xiu-bi-zhuan-zhen.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
175.110.113.216 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
175-110-113-216.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
42fe10d8382d3fb7f84308b95ae83c5959838f0aeff2cb1733bab9d394c5a2d7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 12:34:13 GMT
last-modified
Wed, 10 Jun 2020 14:52:51 GMT
server
nginx/1.14.0 (Ubuntu)
etag
"5ee0f3c3-384"
content-type
image/png
cache-control
max-age=604800, public, max-age=604800
accept-ranges
bytes
content-length
900
expires
Mon, 18 Sep 2023 12:34:13 GMT
container.html
19be587d143de049fa82e13b2a9ca414.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame C00E 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://19be587d143de049fa82e13b2a9ca414.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240102/pubads_impl.js?cb=31077596
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 11 Sep 2023 12:34:13 GMT
expires
Tue, 10 Sep 2024 12:34:13 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 2D55 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=urind
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 11 Sep 2023 12:34:14 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
googleanalytics.json
cdn.ampproject.org/rtv/012308242321000/v0/analytics-vendors/ 		2 KB
886 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012308242321000/v0/analytics-vendors/googleanalytics.json
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6c00736e58728d82754e3e5ced15af509097d091819b27a9b72129b91d8bff3b
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 05 Sep 2023 17:46:49 GMT
age
499645
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
856
x-xss-protection
0
server
sffe
etag
"13417016125ec007"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 04 Sep 2024 17:46:49 GMT
ga4.json
amp.analytics-debugger.com/ 		7 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://amp.analytics-debugger.com/ga4.json?__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e6::ac40:c526 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4fcde06d3963713e552d9d46936109ce6d3d389318c4c053217dd0a8b12e7b85

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 12:34:14 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
62202
alt-svc
h3=":443"; ma=86400
last-modified
Sun, 10 Sep 2023 19:17:32 GMT
server
cloudflare
vary
Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pO8RJUuEJsBRI5Gw6DrlNO%2FJwwv24AQkLnTd2Xvq3XxTS6tTJ1Gc3UIHkNQtz5PcPuN6EmK69%2B2BO5vQ8scTTml%2BCsXDyq%2Fc0vWJG4yom8wMbaAfVkfW30wpAZqXztvNJi7Ww1c5VGz8Twz7OFii8o1%2BISsYmFhh7w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
max-age=86400
access-control-allow-credentials
true
x-debug-em-all-ga4amp-version
20230607
cf-ray
804ff1961a369975-FRA
gtag.json
cdn.ampproject.org/rtv/012308242321000/v0/analytics-vendors/ 		3 KB
956 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012308242321000/v0/analytics-vendors/gtag.json
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0cdc1d09aac29df4b32648b075b088d83174193624fe3c219cfd777692c9ba81
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 11 Sep 2023 09:35:21 GMT
age
10733
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
926
x-xss-protection
0
server
sffe
etag
"2053776e7f80c73d"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 10 Sep 2024 09:35:21 GMT
csi
csi.gstatic.com/ Frame 2D55 		0
234 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~lmev8m5z&chm=1&e=21068133&ctx=2&qqid=CJbk0dnIooEDFW3huwgdOUwIGw&met.4=fb.7~lb.8f~ol.8l~idt.8h~dt.-5y&met.3=739.8f~738.8g~749.8g_5~736.92~735.bj_1~740.bs_1~113.fa_4~112.f9_5&met.1=1.lmev8lqr~14.1~15.0~16.1~17.1~18.1~19.1~20.1~21.1&met.7=CBsQCDgB~CCIQBBgBIAkoCTBDODpoCXBCeKwCsAEBuAED~CE0QChgBIAkoCTB_OHVoCnBxeJ3GA4AB8cMDiAGkqQuwAQG4AQM~CCIQBBgBILQCKLQCMJcDOGNQtQJY3AJgtQJo3AJwlwN4rAKwAQG4AQM~CCgQChgBIJYDKJYDMLADOBpolwNwqgN4qbcBgAH9tAGIAZzlA7ABAbgBAw
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4002:816::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 11 Sep 2023 12:34:15 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=14%3A34%3A14.032&type=usage&msg=New_CTA-event-1694435654032&llvl=2&id=8457&cv=20230910-15-RELEASE&lt=deflated&file=new-cta-manager&method=&position=&extraData=%7B%22eventName%22%3A%22event-has_cta%22%2C%22itemId%22%3A%22~~V1~~8199236835066820088~~ZiixgXk2oZrfc%22%7D
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xie-yan-fu-bing-shi-qi-kong-su-yi-shi-yao-tui-xiu-bi-zhuan-zhen.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 12:34:14 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
67776
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=14%3A34%3A14.033&type=usage&msg=New_CTA-event-1694435654033&llvl=2&id=9007&cv=20230910-15-RELEASE&lt=deflated&file=new-cta-manager&method=&position=&extraData=%7B%22eventName%22%3A%22filter-next_up%22%2C%22itemId%22%3A%22~~V1~~8199236835066820088~~ZiixgXk2oZrfc%22%7D
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xie-yan-fu-bing-shi-qi-kong-su-yi-shi-yao-tui-xiu-bi-zhuan-zhen.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 12:34:14 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
67776
bulk-metrics
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
243 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/bulk-metrics?tvi48=11593&tvi50=11906&route=AM%3AIL%3AV&lti=deflated&bulkSize=3
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230910-15-RELEASE.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://www.bg3.co
pragma
no-cache
date
Mon, 11 Sep 2023 12:34:14 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
1068a0b8db2889bbb58ebf484cbc304a.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/1068a0b8db2889bbb58ebf484cbc304a.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xie-yan-fu-bing-shi-qi-kong-su-yi-shi-yao-tui-xiu-bi-zhuan-zhen.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
ca49d02e216f0f2795283ba0c6d375676c682eb1f232cb94c1113a319377d230

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Mon, 11 Sep 2023 12:34:14 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/1068a0b8db2889bbb58ebf484cbc304a.png
age
3766977
edge-cache-tag
395072785641538501151066532473712737005,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
cache-tag
395072785641538501151066532473712737005,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
HIT, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time
98
req-referer
https://www.cocinadelirante.com/
content-length
5072
x-request-id
7b5b2089feb9d62d7a19a1fcce6ebdf3
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
x-served-by
cache-iad-kiad7000165-IAD, cache-iad-kiad7000179-IAD, cache-lga21939-LGA, cache-iad-kcgs7200124-IAD, cache-fra-eddf8230134-FRA
last-modified
Tue, 18 Jul 2023 13:30:33 GMT
server
nginx
x-timer
S1694435654.052125,VS0,VE1
etag
"9ff23bbed7a850b0f7993f45415637ee"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 0, 2, 1
2c74e4a19034a987fbf003b0c53d300b.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2c74e4a19034a987fbf003b0c53d300b.jpeg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xie-yan-fu-bing-shi-qi-kong-su-yi-shi-yao-tui-xiu-bi-zhuan-zhen.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
0ee93fafcad50b2f452b880a2cae07d2816d312e560207ada13312b0bd771acc

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Mon, 11 Sep 2023 12:34:14 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2c74e4a19034a987fbf003b0c53d300b.jpeg
age
602273
edge-cache-tag
357061261035143886034513095855348286159,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
cache-tag
357061261035143886034513095855348286159,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, MISS, MISS, HIT
x-envoy-upstream-service-time
466
req-referer
https://weightlossgroove.com/
content-length
5020
x-request-id
621dc238ffdfab0f51def0080aab8bb8
x-backend-name
US_nlb102
x-served-by
cache-iad-kiad7000168-IAD, cache-iad-kiad7000139-IAD, cache-lga21971-LGA, cache-iad-kjyo7100124-IAD, cache-fra-eddf8230134-FRA
last-modified
Mon, 04 Sep 2023 12:42:52 GMT
server
nginx
x-timer
S1694435654.052426,VS0,VE0
etag
"631f55616ddbcda71d170855abd8c78c"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 0, 2
59dc2ff7d57394a42f2e1770eccf577d.jpg
images.taboola.com/taboola/image/fetch/h_160,w_160,c_fill,g_xy_center,x_526,y_397/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/h_160,w_160,c_fill,g_xy_center,x_526,y_397/http%3A//cdn.taboola.com/libtrc/static/thumbnails/59dc2ff7d57394a42f2e1770eccf577d.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xie-yan-fu-bing-shi-qi-kong-su-yi-shi-yao-tui-xiu-bi-zhuan-zhen.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
85a9ec88a119779e7632b1fdb3e841cc9ba8c128040ae142086325b230c12ce5

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Mon, 11 Sep 2023 12:34:14 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/h_160,w_160,c_fill,g_xy_center,x_526,y_397/http%3A//cdn.taboola.com/libtrc/static/thumbnails/59dc2ff7d57394a42f2e1770eccf577d.jpg
age
2354810
edge-cache-tag
553345370031307653688610699912439950752,560938299729802386461231437678133054091,29ecf9b93bbf306179626feeda1fab70
cache-tag
553345370031307653688610699912439950752,560938299729802386461231437678133054091,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
94
expiration
expiry-date="Thu, 24 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.oranews.tv/
content-length
3584
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
x-served-by
cache-iad-kiad7000157-IAD, cache-iad-kcgs7200132-IAD, cache-lax10678-LGB, cache-iad-kcgs7200147-IAD, cache-fra-eddf8230134-FRA
last-modified
Mon, 24 Jul 2023 04:35:47 GMT
server
nginx
x-timer
S1694435654.052439,VS0,VE0
etag
"e5c6d9c0f2aada11bf284ce428581f10"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 1, 17, 2
css2
fonts.googleapis.com/ Frame C00E 		4 KB
767 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: 19be587d143de049fa82e13b2a9ca414.safeframe.googlesyndication.com
URL: https://19be587d143de049fa82e13b2a9ca414.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://19be587d143de049fa82e13b2a9ca414.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 11 Sep 2023 12:34:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 11 Sep 2023 11:13:10 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 11 Sep 2023 12:34:14 GMT
css
fonts.googleapis.com/ Frame B943 		14 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xie-yan-fu-bing-shi-qi-kong-su-yi-shi-yao-tui-xiu-bi-zhuan-zhen.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://19be587d143de049fa82e13b2a9ca414.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 11 Sep 2023 12:34:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 11 Sep 2023 10:51:44 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 11 Sep 2023 12:34:14 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/ Frame B943 		2 KB
973 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xie-yan-fu-bing-shi-qi-kong-su-yi-shi-yao-tui-xiu-bi-zhuan-zhen.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://19be587d143de049fa82e13b2a9ca414.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 07:18:38 GMT
content-encoding
br
x-content-type-options
nosniff
age
18936
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
865
x-xss-protection
0
server
cafe
etag
5051423035144352294
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 25 Sep 2023 07:18:38 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230906/r20110914/ Frame B943 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230906/r20110914/abg_lite_fy2021.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xie-yan-fu-bing-shi-qi-kong-su-yi-shi-yao-tui-xiu-bi-zhuan-zhen.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://19be587d143de049fa82e13b2a9ca414.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 07:18:38 GMT
content-encoding
br
x-content-type-options
nosniff
age
18936
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9135
x-xss-protection
0
server
cafe
etag
9583221549990841032
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 25 Sep 2023 07:18:38 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame EC4B 		143 B
383 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xie-yan-fu-bing-shi-qi-kong-su-yi-shi-yao-tui-xiu-bi-zhuan-zhen.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://19be587d143de049fa82e13b2a9ca414.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
1560
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 11 Sep 2023 12:08:14 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/ Frame B943 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/window_focus_fy2021.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xie-yan-fu-bing-shi-qi-kong-su-yi-shi-yao-tui-xiu-bi-zhuan-zhen.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://19be587d143de049fa82e13b2a9ca414.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 07:20:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
18828
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 25 Sep 2023 07:20:26 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame FCC0 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xie-yan-fu-bing-shi-qi-kong-su-yi-shi-yao-tui-xiu-bi-zhuan-zhen.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://19be587d143de049fa82e13b2a9ca414.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
74217
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 10 Sep 2023 15:57:17 GMT
etag
48472445140208031
expires
Mon, 11 Sep 2023 15:57:17 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/ Frame B943 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xie-yan-fu-bing-shi-qi-kong-su-yi-shi-yao-tui-xiu-bi-zhuan-zhen.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://19be587d143de049fa82e13b2a9ca414.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 06:26:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
22073
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8275
x-xss-protection
0
server
cafe
etag
7349537481621356269
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 25 Sep 2023 06:26:21 GMT
l
www.google.com/ads/measurement/ Frame B943 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTtHvd6N0Hcyo-IHPkw4EKG0Abi75VZmJFgA7GqE1OgJu9pVdk02eYtTfAhxl3zSfR16EfbvC3W-jzIPA1m-oeLmrdQEg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xie-yan-fu-bing-shi-qi-kong-su-yi-shi-yao-tui-xiu-bi-zhuan-zhen.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://19be587d143de049fa82e13b2a9ca414.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame B943 		181 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xie-yan-fu-bing-shi-qi-kong-su-yi-shi-yao-tui-xiu-bi-zhuan-zhen.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c620084286d4e8ac0ebd4811a782920ac935265c8cdbf0010ea7243bd81a6e6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://19be587d143de049fa82e13b2a9ca414.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 12:34:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57841
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1694001950986259"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 11 Sep 2023 12:34:14 GMT
3c1ec1505caf618a1f8c049839112e9c.js
www.gstatic.com/mysidia/ Frame B943 		36 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/3c1ec1505caf618a1f8c049839112e9c.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xie-yan-fu-bing-shi-qi-kong-su-yi-shi-yao-tui-xiu-bi-zhuan-zhen.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
af4c22461aedf382190d0367cfb759d2faf8fb994a917406557d81d48f63344a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://19be587d143de049fa82e13b2a9ca414.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 08 Sep 2023 15:57:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
247019
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15058
x-xss-protection
0
last-modified
Thu, 31 Aug 2023 22:08:52 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Thu, 07 Dec 2023 15:57:15 GMT
interstitial_ad_frame_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230906/r20110914/elements/html/ Frame C00E 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230906/r20110914/elements/html/interstitial_ad_frame_fy2021.js
Requested by
Host: 19be587d143de049fa82e13b2a9ca414.safeframe.googlesyndication.com
URL: https://19be587d143de049fa82e13b2a9ca414.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bd91080d2c7f2120ad82727f5c07bbb439b810ed4035993ddb1825ca1611396b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://19be587d143de049fa82e13b2a9ca414.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 10 Sep 2023 14:08:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
80745
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8566
x-xss-protection
0
server
cafe
etag
5625731030761120726
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 24 Sep 2023 14:08:29 GMT
feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame C00E 		205 B
519 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
Requested by
Host: 19be587d143de049fa82e13b2a9ca414.safeframe.googlesyndication.com
URL: https://19be587d143de049fa82e13b2a9ca414.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://19be587d143de049fa82e13b2a9ca414.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 10 Sep 2023 13:30:10 GMT
x-content-type-options
nosniff
age
83044
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
205
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 22:48:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Mon, 09 Sep 2024 13:30:10 GMT
settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame C00E 		604 B
696 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
Requested by
Host: 19be587d143de049fa82e13b2a9ca414.safeframe.googlesyndication.com
URL: https://19be587d143de049fa82e13b2a9ca414.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://19be587d143de049fa82e13b2a9ca414.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 21:04:39 GMT
x-content-type-options
nosniff
age
401375
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
604
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 22:48:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Thu, 05 Sep 2024 21:04:39 GMT
cookieSyncIframe.html
cdn.aralego.net/ucfad/cookie/ Frame 472C 		714 B
744 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:47fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
47b193b0d3ac7fcb7bf22555b602c310145a0f6c1fd9acae397c121b22203f19

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
age
8971
alt-svc
h3=":443"; ma=86400
cache-control
max-age=14400
cf-cache-status
HIT
cf-ray
804ff1964dc0bb53-FRA
content-encoding
br
content-type
text/html
date
Mon, 11 Sep 2023 12:34:14 GMT
last-modified
Wed, 09 Feb 2022 05:59:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V9S3zstYeRnGFzhdEV9Z7KcCOsqTdDTYYIW0DIQyU6Rf1Vu3hPfSRYje%2F0m3gZUsXZqUA2MftqUvcPMTGA871wKQpnXIvXnBbbrJB2jsRUzs6c3ZwDxzOn9HffX4h7uLjdVQ3eK3fajvTd0roQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 77F5
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adiiix
  • https://eus.rubiconproject.com/usync.html?p=adiiix
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=adiiix
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 11 Sep 2023 12:34:14 GMT
ETag
"40010-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Mon, 11 Sep 2023 12:34:14 GMT
location
https://eus.rubiconproject.com/usync.html?p=adiiix
server
AkamaiGHost
idsync
sync.aralego.com/
Redirect Chain
  • https://sync.aralego.com/idsync?euconsent-v2=${GDPR_CONSENT_607}&
  • https://pr-bh.ybp.yahoo.com/sync/ucfunnel/a8e44f0a-5198-33c7-8fd9-6f3707dae864?gdpr=0&euconsent=
  • https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-507AozhE2oWxWZuSO2CdU3pmDsbo7pa0CluqmYI-~A&redirect=
35 B
155 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-507AozhE2oWxWZuSO2CdU3pmDsbo7pa0CluqmYI-~A&redirect=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xie-yan-fu-bing-shi-qi-kong-su-yi-shi-yao-tui-xiu-bi-zhuan-zhen.html
Protocol
HTTP/1.1
Server
192.96.203.13 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 11 Sep 2023 12:34:15 GMT
Connection
close
Content-Length
35
Content-Type
image/gif

Redirect headers

date
Mon, 11 Sep 2023 12:34:14 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-507AozhE2oWxWZuSO2CdU3pmDsbo7pa0CluqmYI-~A&redirect=
content-length
0
cookieSyncIframe.html
cdn.aralego.net/ucfad/cookie/ Frame 0FDA 		714 B
783 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:47fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
47b193b0d3ac7fcb7bf22555b602c310145a0f6c1fd9acae397c121b22203f19

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
age
8971
alt-svc
h3=":443"; ma=86400
cache-control
max-age=14400
cf-cache-status
HIT
cf-ray
804ff1965dc3bb53-FRA
content-encoding
br
content-type
text/html
date
Mon, 11 Sep 2023 12:34:14 GMT
last-modified
Wed, 09 Feb 2022 05:59:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p3rbfiQEE4Xc0EfE5LTHf5F8AXEzIZjXmZEo8l1NB2O97WGq46XQOzyzCYx2GNhu1Hs1ZeG6E6KadZcfAb7cJZgEaNB24DMqWQNhaKFMiyQceWWpMQg4q9n%2BAvwjHafY%2B5gDM%2FEzW15bkEWfmw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 60F2
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adiiix
  • https://eus.rubiconproject.com/usync.html?p=adiiix
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=adiiix
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 11 Sep 2023 12:34:14 GMT
ETag
"40010-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Mon, 11 Sep 2023 12:34:14 GMT
location
https://eus.rubiconproject.com/usync.html?p=adiiix
server
AkamaiGHost
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 9312 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0845d35dab5cf9b981e0f96077526e9b478eca319516792ceeaa735d98d86c02
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 12:34:14 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7892
x-xss-protection
0
server
cafe
etag
306863194489249519
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 11 Sep 2023 12:34:14 GMT
pixel;r=297183559;rf=0;a=p-54Nt-1NAaEEe0;url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxie-yan-fu-bing-shi-qi-kong-su-yi-shi-yao-tui-xiu-bi-zhuan-zhen.html;uh=e51ed67dfb8d91dc24b15e2ace0c3bc33bc53c3e1dfb09200...
pixel.quantserve.com/ 		35 B
372 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=297183559;rf=0;a=p-54Nt-1NAaEEe0;url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxie-yan-fu-bing-shi-qi-kong-su-yi-shi-yao-tui-xiu-bi-zhuan-zhen.html;uh=e51ed67dfb8d91dc24b15e2ace0c3bc33bc53c3e1dfb09200d6c2f8387d67ea6;uht=2;fpan=1;fpa=P0-1714281035-1694435653873;pbc=a2d2d63e-0c15-4ae6-bcfc-093d094a8f63;ns=0;ce=1;qjs=1;qv=44310d19-20230908150619;cm=;gdpr=0;ref=;d=bg3.co;dst=1;et=1694435654131;tzo=-120;ogl=;ses=7762ebe5-1435-4f7c-abe1-061623aaaf3b;mdl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xie-yan-fu-bing-shi-qi-kong-su-yi-shi-yao-tui-xiu-bi-zhuan-zhen.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:b314:a0ef:ab7c:d546 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 11 Sep 2023 12:34:14 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame B287 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5d39fd91f927cf7efc1db80e425fa9547de4d23bfa0d32bbacf7e067773dffd8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 12:34:14 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7892
x-xss-protection
0
server
cafe
etag
13821806884996885333
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 11 Sep 2023 12:34:14 GMT
amp
www.googletagmanager.com/gtag/ 		684 B
762 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/amp?__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
2aec7a278e6dcbc6fe1215aa393f819226b5ce4c8e0490f7ff1e263f29b07f89
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=utf-8

Response headers

date
Mon, 11 Sep 2023 12:34:14 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="amp.json"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
305
x-xss-protection
0
pragma
no-cache
amp-access-control-allow-source-origin
https://www.bg3.co
server
Google Tag Manager
vary
*
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
expires
Fri, 01 Jan 1990 00:00:00 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 0FDA 		98 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7f13da8e761873121c3ee119fe3763eb299019bc6fadd0b2fb617c6557e99d1c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 12:34:14 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28969
x-xss-protection
0
server
cafe
etag
903 / 19611 / m202309050101 / config-hash: 173420558501686155
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 11 Sep 2023 12:34:14 GMT
prebid-request
onetag-sys.com/ 		15 B
357 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/js/achernar/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://www.bg3.co
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 472C 		98 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d05aa2ea0675c74115cc350a26bb3ffd70269806390adf8fca0385f292aac1f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 12:34:14 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28968
x-xss-protection
0
server
cafe
etag
28 / 19611 / m202309050101 / config-hash: 173420558501686155
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 11 Sep 2023 12:34:14 GMT
pixel
cm.g.doubleclick.net/ Frame FCC0
Redirect Chain
  • https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEHY9yg0wrfvPMAX3W8zK80Y&google_cver=1&google_push=AXcoOmS8mdEwZiJfbl0MCqbSYy_YIkyiQsoiqXiOzzsHv4FHJGWiAth...
  • https://dclk-match.dotomi.com/match/bounce/current?DotomiTest=3da238ca6ca4195a&is_secure=true&networkId=14000&version=1&google_gid=CAESEHY9yg0wrfvPMAX3W8zK80Y&google_cver=1&google_push=AXcoOmS8mdEw...
  • https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAH8ONuibQ9YgMHpG_MAAAAAAA&expiration=1694522054&google_cver=1&is_secure=true&google_gid=CAESEHY9yg0wrfvPMAX3W8zK8...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAH8ONuibQ9YgMHpG_MAAAAAAA&expiration=1694522054&google_cver=1&is_secure=true&google_gid=CAESEHY9yg0wrfvPMAX3W8zK80Y&google_push=AXcoOmS8mdEwZiJfbl0MCqbSYy_YIkyiQsoiqXiOzzsHv4FHJGWiAthZwEJvFZVvSIQZ4gIHrT-cIAe-PB5-aUL1yrlwWeXs_hyk
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xie-yan-fu-bing-shi-qi-kong-su-yi-shi-yao-tui-xiu-bi-zhuan-zhen.html
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 11 Sep 2023 12:34:14 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 11 Sep 2023 12:34:14 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAH8ONuibQ9YgMHpG_MAAAAAAA&expiration=1694522054&google_cver=1&is_secure=true&google_gid=CAESEHY9yg0wrfvPMAX3W8zK80Y&google_push=AXcoOmS8mdEwZiJfbl0MCqbSYy_YIkyiQsoiqXiOzzsHv4FHJGWiAthZwEJvFZVvSIQZ4gIHrT-cIAe-PB5-aUL1yrlwWeXs_hyk
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
pixel
cm.g.doubleclick.net/ Frame FCC0
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEDTpsAWRCAB7G1I8MP3dGI4&google_cver=1&google_push=AXcoOmSVaPHpI7QdkCtHhyqxDIAGiQxLLX-rWXZELrla1E3TPXATKzatS5QrbbkYDHt4rCGOaYOQSRKbTDyI8j_4GGqFQrn...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSVaPHpI7QdkCtHhyqxDIAGiQxLLX-rWXZELrla1E3TPXATKzatS5QrbbkYDHt4rCGOaYOQSRKbTDyI8j_4GGqFQrnKI5Xo&google_hm=eS1EQ1hicXNSRTJwRW5tc2...
170 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSVaPHpI7QdkCtHhyqxDIAGiQxLLX-rWXZELrla1E3TPXATKzatS5QrbbkYDHt4rCGOaYOQSRKbTDyI8j_4GGqFQrnKI5Xo&google_hm=eS1EQ1hicXNSRTJwRW5tc2t3c2VybEh0eEpHSXpCallpNX5B
Requested by
Host: 19be587d143de049fa82e13b2a9ca414.safeframe.googlesyndication.com
URL: https://19be587d143de049fa82e13b2a9ca414.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 11 Sep 2023 12:34:14 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Mon, 11 Sep 2023 12:34:14 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSVaPHpI7QdkCtHhyqxDIAGiQxLLX-rWXZELrla1E3TPXATKzatS5QrbbkYDHt4rCGOaYOQSRKbTDyI8j_4GGqFQrnKI5Xo&google_hm=eS1EQ1hicXNSRTJwRW5tc2t3c2VybEh0eEpHSXpCallpNX5B
content-length
0
pixel
cm.g.doubleclick.net/ Frame FCC0
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEFduTIuX4ZEy1klET8fGFK8&google_cver=1&google_push=AXcoOmQZEr5CdXiBWjt5Vcg2fLGgtFW8BZBWhaoOqf6BZ9VQF7vrujjQla_TR3dUj3P7-6YIgu2Xb18k...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEFduTIuX4ZEy1klET8fGFK8&google_cver=1&google_push=AXcoOmQZEr5CdXiBWjt5Vcg2fLGgtFW8BZBWhaoOqf6BZ9VQF7vrujjQla_TR3dUj3P7-6YIgu2...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Mzk2NzY3NDQ2NDc0MTkyNDk0Mg&google_push=AXcoOmQZEr5CdXiBWjt5Vcg2fLGgtFW8BZBWhaoOqf6BZ9VQF7vrujjQla_TR3dUj3P7-6YIgu2Xb1...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Mzk2NzY3NDQ2NDc0MTkyNDk0Mg&google_push=AXcoOmQZEr5CdXiBWjt5Vcg2fLGgtFW8BZBWhaoOqf6BZ9VQF7vrujjQla_TR3dUj3P7-6YIgu2Xb18kuREg1E-2vraRTLAfpKw
Requested by
Host: 19be587d143de049fa82e13b2a9ca414.safeframe.googlesyndication.com
URL: https://19be587d143de049fa82e13b2a9ca414.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 11 Sep 2023 12:34:14 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 11 Sep 2023 12:34:14 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Mzk2NzY3NDQ2NDc0MTkyNDk0Mg&google_push=AXcoOmQZEr5CdXiBWjt5Vcg2fLGgtFW8BZBWhaoOqf6BZ9VQF7vrujjQla_TR3dUj3P7-6YIgu2Xb18kuREg1E-2vraRTLAfpKw
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame FCC0
Redirect Chain
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsonobi%26google_push%3DAXcoOmTn_K7-evu5o_bckN--cfGp8p7kh0NWo_1yKN9JyWI54L9zprU6h1NfyOEuh5UzLzGYHMKAZiwS4m...
  • https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AXcoOmTn_K7-evu5o_bckN--cfGp8p7kh0NWo_1yKN9JyWI54L9zprU6h1NfyOEuh5UzLzGYHMKAZiwS4mtZVYPxH8fjbjp0Zm8&google_hm=cca87155-71f9-4bc6-8f6...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AXcoOmTn_K7-evu5o_bckN--cfGp8p7kh0NWo_1yKN9JyWI54L9zprU6h1NfyOEuh5UzLzGYHMKAZiwS4mtZVYPxH8fjbjp0Zm8&google_hm=cca87155-71f9-4bc6-8f6f-05bf8e7a8467
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xie-yan-fu-bing-shi-qi-kong-su-yi-shi-yao-tui-xiu-bi-zhuan-zhen.html
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 11 Sep 2023 12:34:14 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 11 Sep 2023 12:34:14 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-32
content-type
text/plain; charset=utf8
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AXcoOmTn_K7-evu5o_bckN--cfGp8p7kh0NWo_1yKN9JyWI54L9zprU6h1NfyOEuh5UzLzGYHMKAZiwS4mtZVYPxH8fjbjp0Zm8&google_hm=cca87155-71f9-4bc6-8f6f-05bf8e7a8467
cache-control
no-cache, no-store, private
tcn
Choice
content-length
0
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame FCC0
Redirect Chain
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEHbeeH4I0P5g_3_93V4L4E4&google_cver=1&google_push=AXcoOmQ2gAviXFMVWxpGzYvRuAENkdpYO0umcD5c1fOb_BWm7oeM5RedCT6com74NKc5_I8t13gctrG2G8RsOhCiN...
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEHbeeH4I0P5g_3_93V4L4E4&google_cver=1&google_push=AXcoOmQ2gAviXFMVWxpGzYvRuAENkdpYO0umcD5c1fOb_BWm7oeM5RedCT6com74NKc5_I8t13gctrG2G8RsOhCiN...
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmQ2gAviXFMVWxpGzYvRuAENkdpYO0umcD5c1fOb_BWm7oeM5RedCT6com74NKc5_I8t13gctrG2G8RsOhCiNcTS3TFZC6AZ&google_hm=HTaSDGZHE4wnbW0ERWeKz3eo
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmQ2gAviXFMVWxpGzYvRuAENkdpYO0umcD5c1fOb_BWm7oeM5RedCT6com74NKc5_I8t13gctrG2G8RsOhCiNcTS3TFZC6AZ&google_hm=HTaSDGZHE4wnbW0ERWeKz3eo
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xie-yan-fu-bing-shi-qi-kong-su-yi-shi-yao-tui-xiu-bi-zhuan-zhen.html
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 11 Sep 2023 12:34:15 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Mon, 11 Sep 2023 12:34:15 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmQ2gAviXFMVWxpGzYvRuAENkdpYO0umcD5c1fOb_BWm7oeM5RedCT6com74NKc5_I8t13gctrG2G8RsOhCiNcTS3TFZC6AZ&google_hm=HTaSDGZHE4wnbW0ERWeKz3eo
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap3sfo1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame FCC0
Redirect Chain
  • https://ads.yieldmo.com/exptsync?google_gid=CAESEGm4igMM_aEZ0mEhKcU3nEM&google_cver=1&google_push=AXcoOmSUHdMMjqJpkuCjeY0UgOtVKorA5Eb9XfiXAQgnEaoXGUMKGnXSIO7sH4Xoxj0SaeUvkvVVoFr-iglr5F3jz5k_Ef8MmzA
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AXcoOmSUHdMMjqJpkuCjeY0UgOtVKorA5Eb9XfiXAQgnEaoXGUMKGnXSIO7sH4Xoxj0SaeUvkvVVoFr-iglr5F3jz5k_Ef8MmzA&google_hm=M1JGbVZlZWtreGVfWmVDc...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AXcoOmSUHdMMjqJpkuCjeY0UgOtVKorA5Eb9XfiXAQgnEaoXGUMKGnXSIO7sH4Xoxj0SaeUvkvVVoFr-iglr5F3jz5k_Ef8MmzA&google_hm=M1JGbVZlZWtreGVfWmVDc3lmXzA=
Requested by
Host: 19be587d143de049fa82e13b2a9ca414.safeframe.googlesyndication.com
URL: https://19be587d143de049fa82e13b2a9ca414.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 11 Sep 2023 12:34:14 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 11 Sep 2023 12:34:14 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json;charset=utf-8
location
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AXcoOmSUHdMMjqJpkuCjeY0UgOtVKorA5Eb9XfiXAQgnEaoXGUMKGnXSIO7sH4Xoxj0SaeUvkvVVoFr-iglr5F3jz5k_Ef8MmzA&google_hm=M1JGbVZlZWtreGVfWmVDc3lmXzA=
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
0
v1
match.sharethrough.com/E4rooAtA/ Frame FCC0 		0
35 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/E4rooAtA/v1?google_gid=CAESEJG539dKDN2j4WHpHjKdm4g&google_cver=1&google_push=AXcoOmTfsny6L70KoFmmmDlwSg53fM3hxv9Z2_KwaGYnVbzo25LkDmXr65AmdFxQJ9jIPA9sfSxqLwwVP9_maFWo8toaAgyRLE8gOw
Requested by
Host: 19be587d143de049fa82e13b2a9ca414.safeframe.googlesyndication.com
URL: https://19be587d143de049fa82e13b2a9ca414.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.77.247.132 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-77-247-132.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 12:34:14 GMT
attr
cm.g.doubleclick.net/pixel/ Frame FCC0 		0
130 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13K5a1nS_Tl0lRRd9mB5mkg8EPcwk2dxMlGCtuAUB3r2N31rDsigV5_KJ28jccWpfWXivfV08Q
Requested by
Host: 19be587d143de049fa82e13b2a9ca414.safeframe.googlesyndication.com
URL: https://19be587d143de049fa82e13b2a9ca414.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 12:34:14 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
usync.js
eus.rubiconproject.com/ Frame 60F2 		35 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
3533595de3c25abc6157218bbb4a802130742ed36b1dd8daf9c183dc0fc7230a

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=adiiix
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 11 Sep 2023 12:34:14 GMT
Content-Encoding
gzip
Last-Modified
Mon, 11 Sep 2023 06:57:46 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=66222
Connection
keep-alive
Content-Length
10211
Expires
Tue, 12 Sep 2023 06:57:56 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame 9312 		143 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
351ad65d6e4c9a1d4787bbed0c943b941f3ed8c84c6938d5d1e2bd95eaad14e4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 12:34:14 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50468
x-xss-protection
0
server
cafe
etag
1483322091850790967
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 11 Sep 2023 12:34:14 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame B287 		143 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8438b6727d6b3cb537ab40fdd0b25a4078927c86888b020a02bd8edb3e3a96b6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 12:34:14 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50468
x-xss-protection
0
server
cafe
etag
2000643734777586035
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 11 Sep 2023 12:34:14 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame EC4B
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
307 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: 19be587d143de049fa82e13b2a9ca414.safeframe.googlesyndication.com
URL: https://19be587d143de049fa82e13b2a9ca414.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 11 Sep 2023 12:34:14 GMT
expires
Mon, 11 Sep 2023 12:34:14 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 11 Sep 2023 12:34:14 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
usync.js
eus.rubiconproject.com/ Frame 77F5 		35 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
3533595de3c25abc6157218bbb4a802130742ed36b1dd8daf9c183dc0fc7230a

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=adiiix
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 11 Sep 2023 12:34:14 GMT
Content-Encoding
gzip
Last-Modified
Mon, 11 Sep 2023 06:57:46 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=66222
Connection
keep-alive
Content-Length
10211
Expires
Tue, 12 Sep 2023 06:57:56 GMT
idsync
sync.aralego.com/ Frame 60F2
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=adiiix&khaos=LMEV8M4R-1U-JSRL
  • https://sync.aralego.com/idsync?ucf_nid=dsp-34BA74DB2DB8A36B0867EE4A76799A2&ucf_user_id=LMEV8M4R-1U-JSRL
  • https://pr-bh.ybp.yahoo.com/sync/ucfunnel/a8e44f0a-5198-33c7-8fd9-6f3707dae864?gdpr=0&euconsent=
  • https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-507AozhE2oWxWZuSO2CdU3pmDsbo7pa0CluqmYI-~A&redirect=
35 B
155 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-507AozhE2oWxWZuSO2CdU3pmDsbo7pa0CluqmYI-~A&redirect=
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol
HTTP/1.1
Server
192.96.203.13 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 11 Sep 2023 12:34:15 GMT
Connection
close
Content-Length
35
Content-Type
image/gif

Redirect headers

date
Mon, 11 Sep 2023 12:34:15 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-507AozhE2oWxWZuSO2CdU3pmDsbo7pa0CluqmYI-~A&redirect=
content-length
0
collect
region1.google-analytics.com/g/ 		0
251 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?__read_this=https%3A%2F%2Fbit.ly%2Fofficial-ga4&v=2&tid=G-JLX4K2W8JS&ds=AMP&_p=7446&cid=amp-ZZfTcNPgaU4XzHAosBFIYw&ul=en-us&sr=1600x1200&_s=1&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxie-yan-fu-bing-shi-qi-kong-su-yi-shi-yao-tui-xiu-bi-zhuan-zhen.html&dr=&dt=%E8%A1%80%E7%99%8C%E5%A4%AB%E7%97%85%E9%80%9D%E3%80%80%E5%A6%BB%E6%8E%A7%E8%A8%B4%E9%86%AB%E5%B8%AB%E8%A6%81%E9%80%80%E4%BC%91%E9%80%BC%E8%BD%89%E8%A8%BA%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&_fv=1&_ss=1&__dbg=1&__nuid=&en=page_view&sid=1694435654&sct=1&seg=1&_et=0&gcs=&uaa=&uab=&uafvl=%5B%5D&uamb=0&uam=&uap=&uapv=&uaw=0&ep.amp_hostname=www.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012308242321000/v0/amp-analytics-0.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 11 Sep 2023 12:34:14 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
251 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-JLX4K2W8JS&cid=amp-ZZfTcNPgaU4XzHAosBFIYw&aip=1&sid=1694435654&sct=1&seg=1&_et=0&gcs=&uaa=&uab=&uafvl=%5B%5D&uamb=0&uam=&uap=&uapv=&uaw=0&ep.amp_hostname=www.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012308242321000/v0/amp-analytics-0.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0c::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 11 Sep 2023 12:34:14 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309050101/ Frame 0FDA 		404 KB
127 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309050101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
84f17c357a114f92f5594d1254ef145103bd25fe28a365fc648d27678f91cdfc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 06:36:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
21450
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
129878
x-xss-protection
0
server
cafe
etag
7992010681825974757
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Tue, 10 Sep 2024 06:36:44 GMT
collect
www.google-analytics.com/r/ 		35 B
303 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=a1&ds=AMP&aip&_s=1&dt=%E8%A1%80%E7%99%8C%E5%A4%AB%E7%97%85%E9%80%9D%E3%80%80%E5%A6%BB%E6%8E%A7%E8%A8%B4%E9%86%AB%E5%B8%AB%E8%A6%81%E9%80%80%E4%BC%91%E9%80%BC%E8%BD%89%E8%A8%BA%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&sr=1600x1200&cid=amp-ZZfTcNPgaU4XzHAosBFIYw&tid=UA-172083736-2&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxie-yan-fu-bing-shi-qi-kong-su-yi-shi-yao-tui-xiu-bi-zhuan-zhen.html&dr=&sd=24&ul=en-us&de=UTF-8&t=pageview&jid=0.6737716574099495&gjid=0.5611127645095491&_r=1&a=7446&z=0.5803265232990216&gtm=45De1110
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xie-yan-fu-bing-shi-qi-kong-su-yi-shi-yao-tui-xiu-bi-zhuan-zhen.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 11 Sep 2023 12:34:14 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
video_playlist.js
ad.vidverto.io/vidverto/player/ui/js/ 		111 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/vidverto/player/ui/js/video_playlist.js?v=1653047028
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/player/vidvertoplayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
175.110.113.216 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
175-110-113-216.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
c252a63cc3245c852e13332a77220c033b56a952344862770bfe104e76a0d436

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 12:34:14 GMT
content-encoding
gzip
last-modified
Thu, 18 Aug 2022 08:21:47 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"62fdf69b-1bc07"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600, public, max-age=3600
expires
Mon, 11 Sep 2023 13:34:14 GMT
video_playlist.css
ad.vidverto.io/vidverto/player/ui/css/ 		61 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/vidverto/player/ui/css/video_playlist.css?v=1653047028
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/player/vidvertoplayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
175.110.113.216 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
175-110-113-216.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
79e5889c36479f99096a96a61cbfa92fc35ecf12d233635e0224b2c415859de1

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 12:34:14 GMT
content-encoding
gzip
last-modified
Sun, 28 Feb 2021 22:32:40 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"603c1a08-f52f"
vary
Accept-Encoding
content-type
text/css
bridge3.588.0_en.html
imasdk.googleapis.com/js/core/ Frame 5C27 		721 KB
231 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.588.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9ad6a9a711e74a049a6f6eba60c3b662aea0b8071cf6150179b52d7c822de970
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
579519
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
236614
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Mon, 04 Sep 2023 19:35:35 GMT
expires
Tue, 03 Sep 2024 19:35:35 GMT
last-modified
Mon, 04 Sep 2023 19:31:10 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/ 		44 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 12:34:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 11 Sep 2023 12:34:14 GMT
truncated
/ 		71 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
56f90a84ab6429264698fd0480ef391cb63c524b8326fc61cb42e773d4e81e99

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 63EE 		40 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 12:22:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
718
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13893
x-xss-protection
0
last-modified
Wed, 09 Aug 2023 15:57:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Mon, 11 Sep 2023 13:22:16 GMT
video
ad.vidverto.io/delivery/rtb/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.vidverto.io/delivery/rtb/video?data=hNJTioCa3pW6hK%2B0p1mPbaZhhAgHKV1%2BvXduzKybZKaY%2FdEsZeRBwO3XeRAIw0RJKwo%2B%2BmtA9f%2FbH5fhy9bbdDK%2F19XExiabd563m2fQ48vhM2M1FbcokO7hvlg82Tir1xP4bARFH0h%2FCAaC20CgydbwrmuXrrTCeuW1ZCr2IA3LrqXTBxNHrPTih8IPI1UwUF4HSmGcTMV39s4922JzCTdOPbK0BKjNVQ29Y%2BhRR8eYSS6elnnEBlqbpjmPYX8gYxm3WBhIL5TYEiRaZzlHGaNJggYHiNbygJjn1gOeFJJCVIqSs5dvx8ZaNd%2B4t44sV9UlqQB3emhpM9N%2BPrFreoCbqkRbLZ2KmrsYextm8OpQLfFmsCU%2FWSUDhOGgqBipFwsc07hY8oEjfN2MEXsEkY7AzHUu9lSo1DRepj99JHlp4zDWBrgOpeUATqpQ9%2BDEG%2BVSRN92sJ1i9cFfjYuD34u0%2BAnRbms7zoa%2FFHeukp3z5t2y%2FRLqKUXWpPnb8ZVv9wH%2Fc7zRA2I3DxkVCJR7QNUmm61x1jltU4pgJA2b4tWTMqw98iDyPJjCo%2BPZjXgA
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xie-yan-fu-bing-shi-qi-kong-su-yi-shi-yao-tui-xiu-bi-zhuan-zhen.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
175.110.113.216 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
175-110-113-216.hosted-by-worldstream.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
480_650.mp4
cdn.vidverto.io/secured2/BBXffsIs60OI88dHK70Oug:1694439253/1327/video/1811/ 		172 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.vidverto.io/secured2/BBXffsIs60OI88dHK70Oug:1694439253/1327/video/1811/480_650.mp4
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xie-yan-fu-bing-shi-qi-kong-su-yi-shi-yao-tui-xiu-bi-zhuan-zhen.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
190.2.150.144 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
190-2-150-144.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash

Request headers

Referer
https://www.bg3.co/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

Date
Mon, 11 Sep 2023 12:34:14 GMT
Last-Modified
Thu, 02 Sep 2021 16:34:58 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"6130fd32-101dff4"
Content-Type
video/mp4
Access-Control-Allow-Origin
*
Content-Range
bytes 0-16900083/16900084
Connection
keep-alive
Content-Length
16900084
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309050101/ Frame 472C 		404 KB
127 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309050101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
84f17c357a114f92f5594d1254ef145103bd25fe28a365fc648d27678f91cdfc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 06:36:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
21450
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
129878
x-xss-protection
0
server
cafe
etag
7992010681825974757
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Tue, 10 Sep 2024 06:36:44 GMT
pixel
cm.g.doubleclick.net/ Frame 60F2
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TE1FVjhNNFItMVUtSlNSTA==
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEIX4XDtDetZCSL2sZ7cKJ9k&google_cver=1
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE1FVjhNNFItMVUtSlNSTA==&google_push=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE1FVjhNNFItMVUtSlNSTA==&google_push=
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 11 Sep 2023 12:34:15 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE1FVjhNNFItMVUtSlNSTA==&google_push=
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
Expires
0
tap.php
pixel.rubiconproject.com/ Frame 60F2
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/vq-3hYfEB_Q_gH3wR6A79cn5EUdSAgOZEtemQ7w0kco?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-lOdPysZE2oIAGr9xkALf2UURHUY3pY9n3HwN_g--~A
42 B
691 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-lOdPysZE2oIAGr9xkALf2UURHUY3pY9n3HwN_g--~A
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol
HTTP/1.1
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
cc9654c54e9aa67bf2b10be1073297a8
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Mon, 11 Sep 2023 12:34:14 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-lOdPysZE2oIAGr9xkALf2UURHUY3pY9n3HwN_g--~A
content-length
0
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 60F2
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=rvCaxdi7TOOikFuYEEfcJw&rk=usync-other
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=rvCaxdi7TOOikFuYEEfcJw
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=rvCaxdi7TOOikFuYEEfcJw
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol
HTTP/1.1
Server
67.220.226.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 11 Sep 2023 12:34:15 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
DAANVVWK1CFBXH587ZN6
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=rvCaxdi7TOOikFuYEEfcJw
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
cc9654c54e9aa67bf2b10be1073297a8
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
setuid
px.ads.linkedin.com/ Frame 60F2
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LMEV8M4R-1U-JSRL
0
649 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LMEV8M4R-1U-JSRL
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 12:34:14 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: BF9F48192CA24A33A412A1B30EFEFC92 Ref B: ZRHEDGE1821 Ref C: 2023-09-11T12:34:14Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYFFItOZWRKv3+K1VtxCQ==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LMEV8M4R-1U-JSRL
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
66ef90d06496cfd000aab8206f2b6221
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
s.amazon-adsystem.com/ Frame 60F2
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=FeVniFgETx6mMjgRadgu8Q&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=FeVniFgETx6mMjgRadgu8Q
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=FeVniFgETx6mMjgRadgu8Q
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 11 Sep 2023 12:34:15 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
M29J27R2P0ZWB5VW7RHT
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=FeVniFgETx6mMjgRadgu8Q
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
cc9654c54e9aa67bf2b10be1073297a8
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 60F2
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YTVkOTlhYTNmYmJhZTc3N2Q2YjNlZWM3YzQwYjQxNTA0YmU1Y2YyMA
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YTVkOTlhYTNmYmJhZTc3N2Q2YjNlZWM3YzQwYjQxNTA0YmU1Y2YyMA
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 11 Sep 2023 12:34:14 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YTVkOTlhYTNmYmJhZTc3N2Q2YjNlZWM3YzQwYjQxNTA0YmU1Y2YyMA
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
3bafef7aa4e37890defcd73f0a080481
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 60F2
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEMVL2kxFsCz9xx7YoIH7pFQ&google_cver=1
42 B
691 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEMVL2kxFsCz9xx7YoIH7pFQ&google_cver=1
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol
HTTP/1.1
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Mon, 11 Sep 2023 12:34:14 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEMVL2kxFsCz9xx7YoIH7pFQ&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rubicon
match.adsrvr.org/track/cmf/ Frame 60F2 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/rubicon
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 11 Sep 2023 12:34:14 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309060101/ Frame 9312 		379 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309060101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1717d1affadf020e2959dd0b4358cf86bc8efe105b42242256248ced40ed88bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 12:34:14 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
131764
x-xss-protection
0
server
cafe
etag
14375934505220150716
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Mon, 11 Sep 2023 12:34:14 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230906/r20190131/ Frame 2582 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230906/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a011595b8a7a4aecacbb9bdd095cf4e446e368e8c897b2daf1807e6016137c1a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
22082
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4438
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 11 Sep 2023 06:26:12 GMT
etag
8554266389219770021
expires
Mon, 25 Sep 2023 06:26:12 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
auctionData
e3.adpushup.com/AdPushupFeedbackWebService/feedback/aphb/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/aphb/auctionData?data=eyJzaXRlSWQiOjQyNzUzLCJ1cmwiOiJodHRwczovL3d3dy5iZzMuY28vYS94aWUteWFuLWZ1LWJpbmctc2hpLXFpLWtvbmctc3UteWktc2hpLXlhby10dWkteGl1LWJpLXpodWFuLXpoZW4uaHRtbCIsInNpdGVEb21haW4iOiJodHRwczovL2JnMy5jby8iLCJwbGF0Zm9ybSI6IkRFU0tUT1AiLCJwYWNrZXRJZCI6IjAwMDBBNzAxLWZiZGJhNzFkLTM1YjMtNGM3Ny1hYjVhLWI0NDMxYzA0Mjc5YyIsInBhZ2VHcm91cCI6IkFSVElDTEUiLCJwYWdlVmFyaWF0aW9uSWQiOiI5Njc1MDEyNS1iOTBjLTQ5N2EtODY5OS03MzE3MWY3YjQ5MzUiLCJwYWdlVmFyaWF0aW9uTmFtZSI6IkFkUHVzaHVwIiwicGFnZVZhcmlhdGlvblR5cGUiOjEsInNlY3Rpb25zIjpbeyJzZWN0aW9uSWQiOiJkMWMxMGE3Mi0yN2I0LTQ5MzEtOGNlNy05OWExOGViYmRiYWUiLCJzZWN0aW9uTmFtZSI6IkFQX0lfRF9BUlRJQ0xFXzcyOFg5MF9kMWMxMCIsInBsYWNlbWVudCI6MSwicmVmcmVzaENvdW50IjowLCJwcmViaWRBdWN0aW9uSWQiOiI1MGNhZDBkZi0zYjZkLTQxYmMtYjAxNi0wNzdjZDI0YzcyYzkiLCJ0aW1lT2ZBdWN0aW9uIjoxNjk0NDM1NjUzNzQ1LCJiaWRzIjpbeyJjcG0iOjAuMDMsImFkSWQiOiI3NTFlZWRiMWIxNDhjMDMiLCJvcmlnaW5hbENwbSI6MC4wMywiYmlkZGVyIjoicnViaWNvbiIsInJldmVudWUiOjAuMDAwMDI5OTk5OTk5OTk5OTk5OTk3LCJmb3JtYXRUeXBlIjoiYmFubmVyIiwicmVzcG9uc2VUaW1lIjozNDEsInRpbWVPZkJpZFJlY2VpdmVkIjoxNjk0NDM1NjU0MTAyfSx7ImNwbSI6MC4wMjM1NjIsImFkSWQiOiI4MjM0ZTU5YzJjYjliZDkiLCJvcmlnaW5hbENwbSI6MC4wMjc3MiwiYmlkZGVyIjoiYWRsaXZldGVjaCIsInJldmVudWUiOjAuMDAwMDIzNTYyLCJmb3JtYXRUeXBlIjoiYmFubmVyIiwicmVzcG9uc2VUaW1lIjo1MjUsInRpbWVPZkJpZFJlY2VpdmVkIjoxNjk0NDM1NjU0MzAyfV0sInRpbWVkT3V0QmlkZGVycyI6W10sInJlcXVlc3RlZEZvcm1hdHMiOlsiZGlzcGxheSIsInZpZGVvIiwibmF0aXZlIl0sInByZWJpZFdpbm5lciI6InJ1Ymljb24iLCJwcmViaWRXaW5uZXJBZFVuaXRJZCI6Ijc1MWVlZGIxYjE0OGMwMyIsInByZWJpZFdpbm5lckNwbSI6MC4wMDAwMjk5OTk5OTk5OTk5OTk5OTd9LHsic2VjdGlvbklkIjoiNzdhOWMyMmYtYWMwMi00NWRkLTk2YmMtYjA4OTZhOGE3ZDVhIiwic2VjdGlvbk5hbWUiOiJBUF9MX0RfQVJUSUNMRV83MjhYMjUwXzc3YTljIiwicGxhY2VtZW50IjoxLCJyZWZyZXNoQ291bnQiOjAsInByZWJpZEF1Y3Rpb25JZCI6IjUwY2FkMGRmLTNiNmQtNDFiYy1iMDE2LTA3N2NkMjRjNzJjOSIsInRpbWVPZkF1Y3Rpb24iOjE2OTQ0MzU2NTM3NDUsImJpZHMiOlt7ImNwbSI6MC4wMiwiYWRJZCI6Ijc2ZmFiOWVjNjY1OWVlYiIsIm9yaWdpbmFsQ3BtIjowLjAyLCJiaWRkZXIiOiJydWJpY29uIiwicmV2ZW51ZSI6MC4wMDAwMiwiZm9ybWF0VHlwZSI6ImJhbm5lciIsInJlc3BvbnNlVGltZSI6MzQzLCJ0aW1lT2ZCaWRSZWNlaXZlZCI6MTY5NDQzNTY1NDEwNH0seyJjcG0iOjAuMSwiYWRJZCI6Ijc3MTc1YjM1ZTYxZTM0NCIsIm9yaWdpbmFsQ3BtIjowLjEsImJpZGRlciI6InRlYWRzIiwicmV2ZW51ZSI6MC4wMDAxLCJmb3JtYXRUeXBlIjoiYmFubmVyIiwicmVzcG9uc2VUaW1lIjozNTcsInRpbWVPZkJpZFJlY2VpdmVkIjoxNjk0NDM1NjU0MTI2fSx7ImNwbSI6MC4yNSwiYWRJZCI6Ijc4MmUyMWY5ODc4NmFkZSIsIm9yaWdpbmFsQ3BtIjowLjI1LCJiaWRkZXIiOiJ0ZWFkcyIsInJldmVudWUiOjAuMDAwMjUsImZvcm1hdFR5cGUiOiJiYW5uZXIiLCJyZXNwb25zZVRpbWUiOjM1OCwidGltZU9mQmlkUmVjZWl2ZWQiOjE2OTQ0MzU2NTQxMjd9LHsiY3BtIjowLjM3LCJhZElkIjoiNzk0ZWQ0MTZlZjVkOGM3Iiwib3JpZ2luYWxDcG0iOjAuMzcsImJpZGRlciI6InRlYWRzIiwicmV2ZW51ZSI6MC4wMDAzNywiZm9ybWF0VHlwZSI6ImJhbm5lciIsInJlc3BvbnNlVGltZSI6MzU4LCJ0aW1lT2ZCaWRSZWNlaXZlZCI6MTY5NDQzNTY1NDEyN30seyJjcG0iOjAuMSwiYWRJZCI6IjgwZGI0NmNkNzc2NjI0ZSIsIm9yaWdpbmFsQ3BtIjowLjEsImJpZGRlciI6InRlYWRzIiwicmV2ZW51ZSI6MC4wMDAxLCJmb3JtYXRUeXBlIjoiYmFubmVyIiwicmVzcG9uc2VUaW1lIjozNTksInRpbWVPZkJpZFJlY2VpdmVkIjoxNjk0NDM1NjU0MTI4fSx7ImNwbSI6MC4yOSwiYWRJZCI6IjgxM2ExYmM1MDViNmM2YiIsIm9yaWdpbmFsQ3BtIjowLjI5LCJiaWRkZXIiOiJ0ZWFkcyIsInJldmVudWUiOjAuMDAwMjksImZvcm1hdFR5cGUiOiJiYW5uZXIiLCJyZXNwb25zZVRpbWUiOjM1OSwidGltZU9mQmlkUmVjZWl2ZWQiOjE2OTQ0MzU2NTQxMjh9XSwidGltZWRPdXRCaWRkZXJzIjpbXSwicmVxdWVzdGVkRm9ybWF0cyI6WyJkaXNwbGF5IiwidmlkZW8iLCJuYXRpdmUiXSwicHJlYmlkV2lubmVyIjoidGVhZHMiLCJwcmViaWRXaW5uZXJBZFVuaXRJZCI6Ijc5NGVkNDE2ZWY1ZDhjNyIsInByZWJpZFdpbm5lckNwbSI6MC4wMDAzN31dLCJjb3VudHJ5IjoiQ0gifQ%3D%3D&c_b=3498.2000007629395
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xie-yan-fu-bing-shi-qi-kong-su-yi-shi-yao-tui-xiu-bi-zhuan-zhen.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 11 Sep 2023 12:34:14 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
bulk
trc.taboola.com/palmate-bg3co/log/3/ 		0
318 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/palmate-bg3co/log/3/bulk?tvi48=11593&tvi50=11906&route=AM%3AIL%3AV&lti=deflated&bulkSize=12
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230910-15-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
71
date
Mon, 11 Sep 2023 12:34:14 GMT
via
1.1 varnish
x-fastly-to-nlb-rtt
59185
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-fra-eddf8230134-FRA
pragma
no-cache
server
nginx
x-timer
S1694435655.750670,VS0,VE71
content-type
image/gif
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
ads
securepubads.g.doubleclick.net/gampad/ 		27 KB
11 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2213891146708900&correlator=1778811102597624&eid=31077771%2C31077596%2C31077232%2C31076771&output=ldjh&gdfp_req=1&vrg=202308240102&ptt=17&impl=fif&iu_parts=103512698%3A22574853003%2C22477626096&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C728x250%7C728x90%7C690x90%7C690x250%7C675x90%7C675x250%7C670x90%7C670x250%7C650x90%7C650x250%7C650x150%7C630x90%7C630x250%7C602x100%7C600x90%7C600x250%7C580x90%7C570x90%7C550x150%7C468x60%7C320x50%7C320x100%7C300x50%7C300x100%7C300x75%7C300x250%7C250x250%7C200x200&fluid=height&ifi=3&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D050c352e40c34459%3AT%3D1694435653%3ART%3D1694435653%3AS%3DALNI_MaMqZh8i9RnVEXbYAdt4sdhuIqPhg&gpic=UID%3D00000c71d2ea5162%3AT%3D1694435653%3ART%3D1694435653%3AS%3DALNI_MYT6Vh6T4H89y6jhRrUY6HZHhIwDg&arp=1&abxe=1&dt=1694435654734&lmt=1694428454&adxs=236&adys=60&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxie-yan-fu-bing-shi-qi-kong-su-yi-shi-yao-tui-xiu-bi-zhuan-zhen.html&vis=1&psz=728x-1&msz=728x-1&fws=4&ohw=728&ga_vid=1931317642.1694435653&ga_sid=1694435653&ga_hid=1819538051&ga_fc=false&ga_cid=amp-ZZfTcNPgaU4XzHAosBFIYw&dlt=1694435652604&idt=519&prev_scp=stopUnfilledRefresh3%3Dd_g0_u0%26adpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D1%26fluid%3D0%26vacant_variation%3Dcontrol_bp_0%26vacant_RCA%3DC_0%26refreshcount%3D0%26refreshrate%3D27%26control_reporting%3Dchrome_DESKTOP_5_0%26cluster_reporting%3Dchrome_DESKTOP_5_1_active_0%26hb_ap_format%3Dbanner%26hb_ap_pb%3D0.37%26hb_ap_adid%3D794ed416ef5d8c7%26hb_ap_bidder%3Dteads%26fcEnabled%3D0&cust_params=da%3Dadx%26outbrain%3Dtrue%26ap_product%3Dadpushup%26pubmatic_eb_disable%3Dfalse%26faid%3Dfalse%26deduct_ad_fee%3Dtrue%26adro%3Dv5_c&adks=3805778231&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240102/pubads_impl.js?cb=31077596
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e554893a505573c13f0352ccbcb540e4c86d6227cd4d2ff6777daae526419da3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 12:34:15 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11609
x-xss-protection
0
google-lineitem-id
5221733924
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138440838524
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		135 KB
49 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2213891146708900&correlator=1778811102597624&eid=31077771%2C31077596%2C31077232%2C31076771&output=ldjh&gdfp_req=1&vrg=202308240102&ptt=17&impl=fif&iu_parts=103512698%3A22574853003%2C22479095528&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C970x90%7C900x90%7C728x90%7C690x90%7C675x90%7C670x90%7C650x90%7C630x90%7C600x90%7C580x90%7C570x90%7C468x60%7C320x50%7C300x50%7C300x75&fluid=height&ifi=4&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D050c352e40c34459%3AT%3D1694435653%3ART%3D1694435653%3AS%3DALNI_MaMqZh8i9RnVEXbYAdt4sdhuIqPhg&gpic=UID%3D00000c71d2ea5162%3AT%3D1694435653%3ART%3D1694435653%3AS%3DALNI_MYT6Vh6T4H89y6jhRrUY6HZHhIwDg&arp=1&abxe=1&dt=1694435654737&lmt=1694428454&adxs=315&adys=1110&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxie-yan-fu-bing-shi-qi-kong-su-yi-shi-yao-tui-xiu-bi-zhuan-zhen.html&vis=1&psz=970x-1&msz=970x-1&fws=516&ohw=1600&ga_vid=1931317642.1694435653&ga_sid=1694435653&ga_hid=1819538051&ga_fc=false&ga_cid=amp-ZZfTcNPgaU4XzHAosBFIYw&dlt=1694435652604&idt=519&prev_scp=stopUnfilledRefresh3%3Dd_g0_u0%26adpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D1%26fluid%3D0%26vacant_variation%3Dcontrol_bp_0%26vacant_RCA%3DC_0%26refreshcount%3D0%26refreshrate%3D27%26control_reporting%3Dchrome_DESKTOP_5_0%26cluster_reporting%3Dchrome_DESKTOP_5_1_active_0%26hb_ap_format%3Dbanner%26hb_ap_pb%3D0.03%26hb_ap_adid%3D751eedb1b148c03%26hb_ap_bidder%3Drubicon%26fcEnabled%3D0&cust_params=da%3Dadx%26outbrain%3Dtrue%26ap_product%3Dadpushup%26pubmatic_eb_disable%3Dfalse%26faid%3Dfalse%26deduct_ad_fee%3Dtrue%26adro%3Dv5_c&adks=3374688892&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240102/pubads_impl.js?cb=31077596
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9c777240007305de987170016f443e7911ea31a8d4e08814db5eefe46fca73ea
Security Headers
Name Value
Content-Security-Policy child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7132700366679474911/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7132700366679474911/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CKKUzNrIooEDFbEEVQgdiokHQw&gqi=&layout=/sadbundle/%24csp%253Der3%24/7132700366679474911/index.html
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7132700366679474911/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7132700366679474911/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CKKUzNrIooEDFbEEVQgdiokHQw&gqi=&layout=/sadbundle/%24csp%253Der3%24/7132700366679474911/index.html
date
Mon, 11 Sep 2023 12:34:15 GMT
x-content-type-options
nosniff
content-encoding
br
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50460
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
GMNNf8dPzMFRWE2GFsJAeeYNxVBqAV2Fx36SZG50-nU.js
pagead2.googlesyndication.com/bg/ Frame D15C 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/GMNNf8dPzMFRWE2GFsJAeeYNxVBqAV2Fx36SZG50-nU.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xie-yan-fu-bing-shi-qi-kong-su-yi-shi-yao-tui-xiu-bi-zhuan-zhen.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
18c34d7fc74fccc151584d8616c24079e60dc5506a015d85c77e92646e74fa75
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://19be587d143de049fa82e13b2a9ca414.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 09:34:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
10788
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14501
x-xss-protection
0
last-modified
Mon, 04 Sep 2023 13:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 10 Sep 2024 09:34:26 GMT
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v12/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v12/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/js/moxplayer/moxplayer.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4ab7918478793ceb022d3f5449e401b44b78d87bc4429058ebb8b64163640da2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ad.vidverto.io/
Origin
https://www.bg3.co
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 08 Sep 2023 23:29:48 GMT
x-content-type-options
nosniff
age
219866
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18684
x-xss-protection
0
last-modified
Tue, 07 Nov 2017 15:24:32 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 07 Sep 2024 23:29:48 GMT
JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v12/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v12/JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/js/moxplayer/moxplayer.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
746589ecfb4406519933a6aea5f1149224afcba81e3c3ef0541e7ad6c8111b7e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ad.vidverto.io/
Origin
https://www.bg3.co
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 04:05:52 GMT
x-content-type-options
nosniff
age
203302
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18956
x-xss-protection
0
last-modified
Tue, 07 Nov 2017 15:27:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 08 Sep 2024 04:05:52 GMT
logo.svg
ad.vidverto.io/vidverto/player/ 		414 B
551 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.vidverto.io/vidverto/player/logo.svg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xie-yan-fu-bing-shi-qi-kong-su-yi-shi-yao-tui-xiu-bi-zhuan-zhen.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
175.110.113.216 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
175-110-113-216.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
8d5d4d2769bdb28802f4309747ef6a358007eeb37daadc66a78ba0ca81cd4bce

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 12:34:14 GMT
last-modified
Wed, 04 May 2022 14:39:21 GMT
server
nginx/1.14.0 (Ubuntu)
accept-ranges
bytes
etag
"62729019-19e"
content-length
414
content-type
image/svg+xml
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309060101/ Frame B287 		379 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309060101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e99293bec7097e1d648165f751e353a81786c3e7cc7d34c33736c1d498375486
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 12:34:14 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
131765
x-xss-protection
0
server
cafe
etag
5462182406461369005
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Mon, 11 Sep 2023 12:34:14 GMT
480_650.mp4
cdn.vidverto.io/secured2/BBXffsIs60OI88dHK70Oug:1694439253/1327/video/1811/ 		148 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.vidverto.io/secured2/BBXffsIs60OI88dHK70Oug:1694439253/1327/video/1811/480_650.mp4
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xie-yan-fu-bing-shi-qi-kong-su-yi-shi-yao-tui-xiu-bi-zhuan-zhen.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
190.2.150.144 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
190-2-150-144.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash

Request headers

Referer
https://www.bg3.co/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

Date
Mon, 11 Sep 2023 12:34:14 GMT
Last-Modified
Thu, 02 Sep 2021 16:34:58 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"6130fd32-101dff4"
Content-Type
video/mp4
Access-Control-Allow-Origin
*
Content-Range
bytes 0-16900083/16900084
Connection
keep-alive
Content-Length
16900084
bridge3.588.0_en.html
imasdk.googleapis.com/js/core/ Frame A95D 		721 KB
231 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.588.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9ad6a9a711e74a049a6f6eba60c3b662aea0b8071cf6150179b52d7c822de970
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
579519
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
236614
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Mon, 04 Sep 2023 19:35:35 GMT
expires
Tue, 03 Sep 2024 19:35:35 GMT
last-modified
Mon, 04 Sep 2023 19:31:10 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame DC32 		40 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 12:22:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
718
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13893
x-xss-protection
0
last-modified
Wed, 09 Aug 2023 15:57:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Mon, 11 Sep 2023 13:22:16 GMT
logs
http-intake.logs.datadoghq.com/api/v2/ 		2 B
253 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://http-intake.logs.datadoghq.com/api/v2/logs?dd-api-key=pub6b45632781dd758b20e9d8357c39efab&ddsource=nodejs&service=adpushup.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:24e6:b901:6050:e3cc:2cea:ee57 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 11 Sep 2023 12:34:15 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
accept-encoding
identity,gzip,x-gzip,deflate,x-deflate,zstd
content-type
application/json
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
2
L2EveGllLXlhbi1mdS1iaW5nLXNoaS1xaS1rb25nLXN1LXlpLXNoaS15YW8tdHVpLXhpdS1iaS16aHVhbi16aGVuLmh0bWw=.json
cdn.adpushup.com/42753/ 		555 B
874 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/42753/L2EveGllLXlhbi1mdS1iaW5nLXNoaS1xaS1rb25nLXN1LXlpLXNoaS15YW8tdHVpLXhpdS1iaS16aHVhbi16aGVuLmh0bWw=.json
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ede Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
6d83b77c3d8c5c0ccc7078540a1fb0bd9fa43eeb82b89f83264d469aa100c088

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
CH
date
Mon, 11 Sep 2023 12:34:15 GMT
server
nginx/1.18.0
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=3600
server-timing
cdn-cache; desc=MISS, edge; dur=7, origin; dur=88, ak_p; desc="1694435654958_34831774_514012151_9557_1139_29_0_219";dur=1
content-length
555
expires
Mon, 11 Sep 2023 13:34:15 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame 0FDA 		492 B
270 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3749438291413053&correlator=1487293593092200&eid=31077747&output=ldjh&gdfp_req=1&vrg=202309050101&ptt=17&impl=fifs&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&sfv=1-0-40&sc=1&cdm=cdn.aralego.net&abxe=1&dt=1694435654962&lmt=1644382753&adxs=-12245933&adys=-12245933&biw=-12245933&bih=-12245933&scr_x=-12245933&scr_y=-12245933&ucis=fp4x7xwib7at&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2FcookieSyncIframe.html&ref=https%3A%2F%2Fwww.bg3.co%2F&top=https%3A%2F%2Fwww.bg3.co%2F&etu=AA-V4qOAqvP1mQ1ctWEFuMsrQkzAhaYmR2vP7rXm55D0-c-mYRC8ssP1XaKGog-zLUyJRVu8hZcc1HSaD9tDD6IxpfpvoFphh_pDmDnyezu2ZHeo2hoV20DgAmRKPbJQjEOB2_BMi9ar740p7Bq8eqRPkTYLn-rUcRMiV8XV&vis=1&psz=0x0&msz=0x-1&fws=256&ohw=0&ea=0&ga_vid=1032323774.1694435655&ga_sid=1694435655&ga_hid=645988149&ga_fc=false&dlt=1694435654259&idt=489&adks=64515409&frm=24
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309050101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a11a0e3f3d72fb3cc58ab15a8c7339dc909575a81d970bbe69999a5214feb615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 12:34:15 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
233
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://cdn.aralego.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 0FDA 		15 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202309050101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309050101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e2b2b9125d11f0e26ab246c5f82d9a181e99441c4a6172b0a8a035070dd07da1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 12:34:15 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11754
x-xss-protection
0
container.html
104ebd0ebba7900dd8a9c965df094f7f.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 73DE 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://104ebd0ebba7900dd8a9c965df094f7f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309050101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 11 Sep 2023 12:34:15 GMT
expires
Tue, 10 Sep 2024 12:34:15 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ 		254 B
742 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xie-yan-fu-bing-shi-qi-kong-su-yi-shi-yao-tui-xiu-bi-zhuan-zhen.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
date
Mon, 11 Sep 2023 12:34:14 GMT
via
1.1 varnish
x-amz-request-id
1V3H9VCVPBG1B2M0
age
22009
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
254
x-amz-id-2
ecEkqIT2UiXx3kNvrYZW8vzeO4j3+ukvjDCTHGC9cb5Y1awQ9zHumBitHqhNLm54Y/VcUMLqVJ0=
x-served-by
cache-fra-eddf8230134-FRA
last-modified
Wed, 24 Jun 2015 07:14:11 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer
S1694435655.980836,VS0,VE0
etag
"dfa7b52c86e56bd67fa4002f6ed19854"
content-type
image/png
abp
16
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
18733
cookie.js
partner.googleadservices.com/gampad/ Frame 9312 		210 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.bg3.co&callback=_gfp_s_&client=ca-pub-4485239425924787&cookie=ID%3D050c352e40c34459%3AT%3D1694435653%3ART%3D1694435653%3AS%3DALNI_MaMqZh8i9RnVEXbYAdt4sdhuIqPhg&gpic=UID%3D00000c71d2ea5162%3AT%3D1694435653%3ART%3D1694435653%3AS%3DALNI_MYT6Vh6T4H89y6jhRrUY6HZHhIwDg
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309060101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
21ca97669f2b009e6f2e26f17f09d995dbb18a1f6afe45131a2c6ccfe66484de
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 12:34:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
197
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame ABB7 		37 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301106&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1694428455&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxie-yan-fu-bing-shi-qi-kong-su-yi-shi-yao-tui-xiu-bi-zhuan-zhen.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694435654340&bpp=270&bdt=780&idt=734&shv=r20230906&mjsv=m202309060101&ptt=5&saldr=sd&cookie=ID%3D050c352e40c34459%3AT%3D1694435653%3ART%3D1694435653%3AS%3DALNI_MaMqZh8i9RnVEXbYAdt4sdhuIqPhg&gpic=UID%3D00000c71d2ea5162%3AT%3D1694435653%3ART%3D1694435653%3AS%3DALNI_MYT6Vh6T4H89y6jhRrUY6HZHhIwDg&correlator=1234989831690&frm=23&ife=1&pv=2&ga_vid=2034881998.1694435655&ga_sid=1694435655&ga_hid=1127634491&ga_fc=0&ga_cid=amp-ZZfTcNPgaU4XzHAosBFIYw&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2335&biw=1600&bih=1200&isw=336&ish=280&ifk=4206194273&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31076838%2C31077330%2C31077559%2C42532334%2C44792013&oid=2&pvsid=1976443460035150&tmod=441640564&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.w3234lx7lhfr&btvi=1&fsb=1&dtd=751
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309060101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
29009306e563339178f58b0b5095eb91dcc0a9d203122e35ea73569e449f80e6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
15612
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 11 Sep 2023 12:34:15 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
480_650.mp4
cdn.vidverto.io/secured2/BBXffsIs60OI88dHK70Oug:1694439253/1327/video/1811/ 		152 KB
152 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.vidverto.io/secured2/BBXffsIs60OI88dHK70Oug:1694439253/1327/video/1811/480_650.mp4
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xie-yan-fu-bing-shi-qi-kong-su-yi-shi-yao-tui-xiu-bi-zhuan-zhen.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
190.2.150.144 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
190-2-150-144.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
834547203256db310a21bd6c541e05b13c741da4f7aec1c65e6d9d43f5eefef6

Request headers

Referer
https://www.bg3.co/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=16744448-

Response headers

Date
Mon, 11 Sep 2023 12:34:15 GMT
Last-Modified
Thu, 02 Sep 2021 16:34:58 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"6130fd32-101dff4"
Content-Type
video/mp4
Access-Control-Allow-Origin
*
Content-Range
bytes 16744448-16900083/16900084
Connection
keep-alive
Content-Length
155636
HEZH7OU%2B6Qrl56p7MxCNV8%2FVN1uazh6er0BXi5o3hqyHTOEhcXycnNXEsO0GmpM5JnUdhix4%2FK17m9dlSRJ9M%2BxNCIOH6sFWbFeu%2F%2FCHkdf7PcN4A%2BWXaCu4hOfQmXRAG6HdT25FRJk84bag9skSVI5JHOByQgPZ95CgJHoMs8e0iR4sn1xFggS...
ad.vidverto.io/delivery/video/pod/ Frame 5C27 		46 KB
19 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/delivery/video/pod/HEZH7OU%2B6Qrl56p7MxCNV8%2FVN1uazh6er0BXi5o3hqyHTOEhcXycnNXEsO0GmpM5JnUdhix4%2FK17m9dlSRJ9M%2BxNCIOH6sFWbFeu%2F%2FCHkdf7PcN4A%2BWXaCu4hOfQmXRAG6HdT25FRJk84bag9skSVI5JHOByQgPZ95CgJHoMs8e0iR4sn1xFggSUTKwGAANpN%2FA7gjlfRKOh%2FQxK9IlWOPMIZmBVphe%2Fr1ZFcK%2BRrgY4ZWdH02ddyxe75J7GpiBbaesbx8dOtqBpyW%2FcClPS8MHdzg%2Fm%2FA3FqPck9Z8J22bK4oBQRxwuJAT6bT3AXeT4k6mxLWXFtwlndggOHCGOf2d97QGuR%2FrCwa3l%2F0Gpg37vIiT7Sfqmkc%2Fty6LCnapovNXxlGOY42I2Xes5x5zoVBjMucFTd7nW6pRxOWm6%2FzqwSKHP3cEcwIyJxEAzUTi0XCJspWbQqV%2Fhwdc%2FtzfGUMRXqNaEMWvNQIaLWDa1JRqlupplwshislElD7Zbs6TPGORQcFB4BKOHFCc3VbX1QSIZ3mntKwUn0mZ9voaEF9y2jiHlsvPX59q0v7zVf%2FRfrIM2nsIAwS5Zf94Rc3%2BIguDm5YL1LeQCtz%2FtgSgamNLhB5btnYFKHaOhVFVMTKFzlNG8bhfjYKd8CCXJgU2xiFEvihXJ5HDry2o6Rml1mF6Cbi0EsMBFt29RLR8KlWkWRUUrGy6kOFcdoSYHcGoXJI3iX3If59MWnPuba1e74Sw%3D?bids=%7B%7D
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.588.0_en.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
175.110.113.216 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
175-110-113-216.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
9187146417c2af2c6469fcb4cccc46579fd23918c6743e2ba13e9e6d025f2a38

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://imasdk.googleapis.com
date
Mon, 11 Sep 2023 12:34:15 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/xml;charset=UTF-8
ads
securepubads.g.doubleclick.net/gampad/ Frame 472C 		492 B
272 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=845653870775387&correlator=2567196448009754&eid=31076479%2C31077748%2C31077771&output=ldjh&gdfp_req=1&vrg=202309050101&ptt=17&impl=fifs&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&sfv=1-0-40&sc=1&cdm=cdn.aralego.net&abxe=1&dt=1694435655119&lmt=1644382753&adxs=-12245933&adys=-12245933&biw=-12245933&bih=-12245933&scr_x=-12245933&scr_y=-12245933&ucis=5or2czcs7lw4&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2FcookieSyncIframe.html&ref=https%3A%2F%2Fwww.bg3.co%2F&top=https%3A%2F%2Fwww.bg3.co%2F&etu=AA-V4qOAqvP1mQ1ctWEFuMsrQkzAhaYmR2vP7rXm55D0-c-mYRC8ssP1XaKGog-zLUyJRVu8hZcc1HSaD9tDD6IxpfpvoFphh_pDmDnyezu2ZHeo2hoV20DgAmRKPbJQjEOB2_BMi9ar740p7Bq8eqRPkTYLn-rUcRMiV8XV&vis=1&psz=0x0&msz=0x-1&fws=256&ohw=0&ea=0&ga_vid=963416408.1694435655&ga_sid=1694435655&ga_hid=108526028&ga_fc=false&dlt=1694435654295&idt=653&adks=64515409&frm=24
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309050101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
efd960956aea12e71501815f5943601d5ed9baddabfb94e1d07ddaaddc3ada82
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 12:34:15 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
234
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://cdn.aralego.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 472C 		15 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202309050101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309050101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bda4c3576652ddbd1d5ae3fc9bf1e960d2a87a15f8780443d8029db45e005bbe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 12:34:15 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11765
x-xss-protection
0
container.html
5f46b4dda7d494b425316c7180c2bfe6.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 31C0 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://5f46b4dda7d494b425316c7180c2bfe6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309050101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 11 Sep 2023 12:34:15 GMT
expires
Tue, 10 Sep 2024 12:34:15 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 0FDA 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309050101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 12:34:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 11 Sep 2023 12:34:15 GMT
js
www.googletagmanager.com/gtag/ 		266 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
03980ff5b77ec2cd9220085ed6ddab54282db4c8cb7081702efe5a6371290ae8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 12:34:15 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
90901
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 11 Sep 2023 12:34:15 GMT
csi
csi.gstatic.com/ Frame 5C27 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~lmev8mrb&c=1234989831690&slotId=617494915845&eee=missing-element&bi=missing-id&vast_v=3.0&lima_p_ich=0&lima_p_icu=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.588.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4002:816::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 11 Sep 2023 12:34:15 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 8FF3 		603 B
65 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=400x250&w=400&h=250&ptt=12&adk=90073500&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-37491243461962603652&dff=sans-serif&prev_fmts=1600x96%2C1600x250&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=3&pfx=0&pwprc=1037897477&adf=16789255&nhd=0&adx=1000&ady=3278&oid=2&is_amp=5&amp_v=2308242321000&d_imp=1&c=4007446&ga_cid=amp-ZZfTcNPgaU4XzHAosBFIYw&ga_hid=1819538051&dt=1694435654786&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=120&u_his=3&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxie-yan-fu-bing-shi-qi-kong-su-yi-shi-yao-tui-xiu-bi-zhuan-zhen.html&bdt=2182&dtd=120&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012308242321000/v0/amp-ad-0.1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 11 Sep 2023 12:34:15 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
cookie.js
partner.googleadservices.com/gampad/ Frame B287 		210 B
264 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.bg3.co&callback=_gfp_s_&client=ca-pub-4485239425924787&cookie=ID%3D050c352e40c34459%3AT%3D1694435653%3ART%3D1694435653%3AS%3DALNI_MaMqZh8i9RnVEXbYAdt4sdhuIqPhg&gpic=UID%3D00000c71d2ea5162%3AT%3D1694435653%3ART%3D1694435653%3AS%3DALNI_MYT6Vh6T4H89y6jhRrUY6HZHhIwDg
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309060101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
887f57c3953bee72a6bfa8ec7a0cb687c601ce99a16b08a42014d8521dc564ad
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 12:34:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
195
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 102A 		37 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301107&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1694428455&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxie-yan-fu-bing-shi-qi-kong-su-yi-shi-yao-tui-xiu-bi-zhuan-zhen.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694435654342&bpp=539&bdt=789&idt=931&shv=r20230906&mjsv=m202309060101&ptt=5&saldr=sd&cookie=ID%3D050c352e40c34459%3AT%3D1694435653%3ART%3D1694435653%3AS%3DALNI_MaMqZh8i9RnVEXbYAdt4sdhuIqPhg&gpic=UID%3D00000c71d2ea5162%3AT%3D1694435653%3ART%3D1694435653%3AS%3DALNI_MYT6Vh6T4H89y6jhRrUY6HZHhIwDg&correlator=1234989831690&frm=23&ife=1&pv=1&ga_vid=2033806290.1694435655&ga_sid=1694435655&ga_hid=47684765&ga_fc=0&ga_cid=amp-ZZfTcNPgaU4XzHAosBFIYw&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=2780182601&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C44798934&oid=2&pvsid=562622493605378&tmod=187379184&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.tw4huzh369ut&fsb=1&dtd=948
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309060101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
080a3460248357fbb435bae35f0527d425228119315f9d5f65a2a9b2dde3bddc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
15704
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 11 Sep 2023 12:34:16 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 472C 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309050101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 12:34:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 11 Sep 2023 12:34:15 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame 5C27 		156 B
186 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21830442390%2C22574853003%2Fbg3.co%2Fvast_2.5&description_url=http%3A%2F%2Fbg3.co&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=3680466766299074&sdkv=h.3.588.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=vidvertoplayer&mpv=1.0.0&sdki=445&ptt=20&adk=3951846657&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.588.0&media_url=https%3A%2F%2Fcdn.vidverto.io%2Fsecured2%2FBBXffsIs60OI88dHK70Oug%3A1694439253%2F1327%2Fvideo%2F1811%2F480_650.mp4&sid=216613D4-9C83-4F14-99BD-7E0501CFE137&nel=0&eid=44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44794530%2C44797559%2C44797735&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxie-yan-fu-bing-shi-qi-kong-su-yi-shi-yao-tui-xiu-bi-zhuan-zhen.html&dt=1694435655312&cookie=ID%3D050c352e40c34459%3AT%3D1694435653%3ART%3D1694435653%3AS%3DALNI_MaMqZh8i9RnVEXbYAdt4sdhuIqPhg&gpic=UID%3D00000c71d2ea5162%3AT%3D1694435653%3ART%3D1694435653%3AS%3DALNI_MYT6Vh6T4H89y6jhRrUY6HZHhIwDg&scor=419082383633430&ged=ve4_td2_tt0_pd2_la2000_er1171.240.1172.960_vi0.0.1200.1600_vp100_ts0_eb24171
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.588.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 12:34:15 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
adx3.adform.net/adx/ Frame 5C27 		65 B
748 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx3.adform.net/adx/?mid=1743473&t=2
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.588.0_en.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.84.60.20 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
cecd140859fded0e3056368fb89485ec9b8a63ea24c6a8dfb3d18f6a5f407772
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 12:34:15 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma
no-cache
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary
Accept-Encoding
access-control-allow-methods
GET,OPTIONS
content-type
text/xml
access-control-allow-origin
https://imasdk.googleapis.com
access-control-max-age
86400
access-control-allow-credentials
true
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
ads
pubads.g.doubleclick.net/gampad/ Frame 5C27 		156 B
676 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F52555387%2C22574853003%2Fbg3.co_video_preroll&description_url=https%3A%2F%2Fbg3.co&tfcd=0&npa=0&sz=400x300%7C640x480&max_ad_duration=30000&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=3680466766299074&sdkv=h.3.588.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=vidvertoplayer&mpv=1.0.0&sdki=445&ptt=20&adk=3951846657&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.588.0&media_url=https%3A%2F%2Fcdn.vidverto.io%2Fsecured2%2FBBXffsIs60OI88dHK70Oug%3A1694439253%2F1327%2Fvideo%2F1811%2F480_650.mp4&sid=216613D4-9C83-4F14-99BD-7E0501CFE137&nel=0&eid=44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44794530%2C44797559%2C44797735&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxie-yan-fu-bing-shi-qi-kong-su-yi-shi-yao-tui-xiu-bi-zhuan-zhen.html&dt=1694435655317&cookie=ID%3D050c352e40c34459%3AT%3D1694435653%3ART%3D1694435653%3AS%3DALNI_MaMqZh8i9RnVEXbYAdt4sdhuIqPhg&gpic=UID%3D00000c71d2ea5162%3AT%3D1694435653%3ART%3D1694435653%3AS%3DALNI_MYT6Vh6T4H89y6jhRrUY6HZHhIwDg&scor=419082383633430&ged=ve4_td2_tt0_pd2_la2000_er1171.240.1172.960_vi0.0.1200.1600_vp100_ts0_eb24171
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.588.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 12:34:15 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/live/ Frame 5C27 		156 B
260 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/live/ads?iu=%2F21679382043%2C22574853003%2Fmt_video_NPR%2Fmt_bg3.co_video&description_url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxie-yan-fu-bing-shi-qi-kong-su-yi-shi-yao-tui-xiu-bi-zhuan-zhen.html&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxie-yan-fu-bing-shi-qi-kong-su-yi-shi-yao-tui-xiu-bi-zhuan-zhen.html&tfcd=0&npa=0&sz=1x1%7C300x250%7C320x480%7C400x300%7C480x320%7C480x360%7C600x338%7C640x480%7C720x405&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=3680466766299074&cust_params=mt_fln%3D1.8&sdkv=h.3.588.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=vidvertoplayer&mpv=1.0.0&sdki=445&ptt=20&adk=3951846657&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.588.0&media_url=https%3A%2F%2Fcdn.vidverto.io%2Fsecured2%2FBBXffsIs60OI88dHK70Oug%3A1694439253%2F1327%2Fvideo%2F1811%2F480_650.mp4&sid=216613D4-9C83-4F14-99BD-7E0501CFE137&nel=0&eid=44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44794530%2C44797559%2C44797735&top=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxie-yan-fu-bing-shi-qi-kong-su-yi-shi-yao-tui-xiu-bi-zhuan-zhen.html&loc=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxie-yan-fu-bing-shi-qi-kong-su-yi-shi-yao-tui-xiu-bi-zhuan-zhen.html&dt=1694435655319&cookie=ID%3D050c352e40c34459%3AT%3D1694435653%3ART%3D1694435653%3AS%3DALNI_MaMqZh8i9RnVEXbYAdt4sdhuIqPhg&gpic=UID%3D00000c71d2ea5162%3AT%3D1694435653%3ART%3D1694435653%3AS%3DALNI_MYT6Vh6T4H89y6jhRrUY6HZHhIwDg&scor=419082383633430&ged=ve4_td2_tt0_pd2_la2000_er1171.240.1172.960_vi0.0.1200.1600_vp100_ts0_eb24171
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.588.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ltt /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 12:34:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
153
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
ltt
google-mediationtag-id
-2
google-creative-id
-2
x-frame-options
SAMEORIGIN
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame 5C27 		156 B
186 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21830442390%2C22574853003%2Fbg3.co%2Fvast_1.5&description_url=https%3A%2F%2Fbg3.co&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=3680466766299074&sdkv=h.3.588.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=vidvertoplayer&mpv=1.0.0&sdki=445&ptt=20&adk=3951846657&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.588.0&media_url=https%3A%2F%2Fcdn.vidverto.io%2Fsecured2%2FBBXffsIs60OI88dHK70Oug%3A1694439253%2F1327%2Fvideo%2F1811%2F480_650.mp4&sid=216613D4-9C83-4F14-99BD-7E0501CFE137&nel=0&eid=44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44794530%2C44797559%2C44797735&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxie-yan-fu-bing-shi-qi-kong-su-yi-shi-yao-tui-xiu-bi-zhuan-zhen.html&dt=1694435655321&cookie=ID%3D050c352e40c34459%3AT%3D1694435653%3ART%3D1694435653%3AS%3DALNI_MaMqZh8i9RnVEXbYAdt4sdhuIqPhg&gpic=UID%3D00000c71d2ea5162%3AT%3D1694435653%3ART%3D1694435653%3AS%3DALNI_MYT6Vh6T4H89y6jhRrUY6HZHhIwDg&scor=419082383633430&ged=ve4_td2_tt0_pd2_la2000_er1171.240.1172.960_vi0.0.1200.1600_vp100_ts0_eb24171
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.588.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 12:34:15 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/live/ Frame 5C27 		156 B
227 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/live/ads?iu=%2F21986089839%2C22574853003%2Fivm_video%2Fivm_bg3.co_video&description_url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxie-yan-fu-bing-shi-qi-kong-su-yi-shi-yao-tui-xiu-bi-zhuan-zhen.html&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxie-yan-fu-bing-shi-qi-kong-su-yi-shi-yao-tui-xiu-bi-zhuan-zhen.html&tfcd=0&npa=0&sz=1x1%7C300x250%7C320x480%7C400x300%7C480x320%7C480x360%7C600x338%7C640x480%7C720x405&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=3680466766299074&cust_params=mt_fln%3D1.3&sdkv=h.3.588.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=vidvertoplayer&mpv=1.0.0&sdki=445&ptt=20&adk=3951846657&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.588.0&media_url=https%3A%2F%2Fcdn.vidverto.io%2Fsecured2%2FBBXffsIs60OI88dHK70Oug%3A1694439253%2F1327%2Fvideo%2F1811%2F480_650.mp4&sid=216613D4-9C83-4F14-99BD-7E0501CFE137&nel=0&eid=44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44794530%2C44797559%2C44797735&top=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxie-yan-fu-bing-shi-qi-kong-su-yi-shi-yao-tui-xiu-bi-zhuan-zhen.html&loc=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxie-yan-fu-bing-shi-qi-kong-su-yi-shi-yao-tui-xiu-bi-zhuan-zhen.html&dt=1694435655324&cookie=ID%3D050c352e40c34459%3AT%3D1694435653%3ART%3D1694435653%3AS%3DALNI_MaMqZh8i9RnVEXbYAdt4sdhuIqPhg&gpic=UID%3D00000c71d2ea5162%3AT%3D1694435653%3ART%3D1694435653%3AS%3DALNI_MYT6Vh6T4H89y6jhRrUY6HZHhIwDg&scor=419082383633430&ged=ve4_td2_tt0_pd2_la2000_er1171.240.1172.960_vi0.0.1200.1600_vp100_ts0_eb24171
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.588.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ltt /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 12:34:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
153
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
ltt
google-mediationtag-id
-2
google-creative-id
-2
x-frame-options
SAMEORIGIN
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame 5C27 		156 B
186 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21830442390%2C22574853003%2Fbg3.co%2Fvast_1.0&description_url=http%3A%2F%2Fbg3.co&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=3680466766299074&sdkv=h.3.588.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=vidvertoplayer&mpv=1.0.0&sdki=445&ptt=20&adk=3951846657&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.588.0&media_url=https%3A%2F%2Fcdn.vidverto.io%2Fsecured2%2FBBXffsIs60OI88dHK70Oug%3A1694439253%2F1327%2Fvideo%2F1811%2F480_650.mp4&sid=216613D4-9C83-4F14-99BD-7E0501CFE137&nel=0&eid=44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44794530%2C44797559%2C44797735&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxie-yan-fu-bing-shi-qi-kong-su-yi-shi-yao-tui-xiu-bi-zhuan-zhen.html&dt=1694435655326&cookie=ID%3D050c352e40c34459%3AT%3D1694435653%3ART%3D1694435653%3AS%3DALNI_MaMqZh8i9RnVEXbYAdt4sdhuIqPhg&gpic=UID%3D00000c71d2ea5162%3AT%3D1694435653%3ART%3D1694435653%3AS%3DALNI_MYT6Vh6T4H89y6jhRrUY6HZHhIwDg&scor=419082383633430&ged=ve4_td2_tt0_pd2_la2000_er1171.240.1172.960_vi0.0.1200.1600_vp100_ts0_eb24171
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.588.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 12:34:15 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 66B2 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
5186
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 11 Sep 2023 11:07:49 GMT
expires
Tue, 10 Sep 2024 11:07:49 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 7520 		829 B
560 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
b9f4e2271452dabdf81f1d45271f5146fed6eb9549cff3a436f059d3b343a8b9
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-pfJup9NqRiC-l77X5DqjJw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
538
content-security-policy
script-src 'report-sample' 'nonce-pfJup9NqRiC-l77X5DqjJw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 11 Sep 2023 12:34:15 GMT
expires
Mon, 11 Sep 2023 12:34:15 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
view
securepubads.g.doubleclick.net/pcs/ Frame AFFD 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuPP5w0_ytunZx0p5wSfcGKoRF6UTFXygcxB-FF6QSrZsCGtni7-nGmPd7TfroqpNQiRn1IFfLV8_5saIVdfq3HjydyrMux1Br25j4TVg5m7aCf0b2MxmJ0kDiTwl4zUWenAWO2Zg1_f8uUamuInG75MW1DwCOg3i28_pHEUNm8jklWTUNYdIDYlz37_iOV81TArVVeg-LspW-tpA6po7q49XwSaU3wo5K4MJp044i4UQRFvI8WcPIY6EVqwCGXE5O7valLgUujLm-uUNuBm4cH0ctbSBO4zFBi5PkzbXB3ed3diROwnioyx8w1OLJ0im7l&sai=AMfl-YQ7Z-GdOiOrPtQDJiiZgQ8isbjl99W7jFQIIvopash8AQIzWaOBM4hgji846Mg-jcFdW09_T8jXIPMelGM9pok2b5MYwb-tNg91rrxUnkL-AclLvtVJ8TDzq0MBDQ&sig=Cg0ArKJSzG1QKa-qI0PgEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xie-yan-fu-bing-shi-qi-kong-su-yi-shi-yao-tui-xiu-bi-zhuan-zhen.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 12:34:15 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
logs
http-intake.logs.datadoghq.com/api/v2/ 		2 B
252 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://http-intake.logs.datadoghq.com/api/v2/logs?dd-api-key=pub6b45632781dd758b20e9d8357c39efab&ddsource=nodejs&service=adpushup.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:24e6:b901:6050:e3cc:2cea:ee57 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 11 Sep 2023 12:34:15 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
accept-encoding
identity,gzip,x-gzip,deflate,x-deflate,zstd
content-type
application/json
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
2
6cb247c3-d4af-47d8-af5b-93402999ab0f_50b45b42-c1ea-4c9e-9f86-d8579626f5b9
a.teads.tv/hb/ad/ Frame AFFD 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/ad/6cb247c3-d4af-47d8-af5b-93402999ab0f_50b45b42-c1ea-4c9e-9f86-d8579626f5b9
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.79.89.16 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-89-16.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
138625f595068cf9e2029e0a671fa322727c326935c09177fa95af0cacf17a49

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 11 Sep 2023 12:34:15 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
2708
expires
Mon, 11 Sep 2023 12:34:15 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame AFFD 		181 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240102/pubads_impl.js?cb=31077596
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c620084286d4e8ac0ebd4811a782920ac935265c8cdbf0010ea7243bd81a6e6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 12:34:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57841
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1694001950986259"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 11 Sep 2023 12:34:15 GMT
aphb
e3.adpushup.com/AdPushupFeedbackWebService/feedback/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/aphb?data=eyJzaXRlSWQiOjQyNzUzLCJ1cmwiOiJodHRwczovL3d3dy5iZzMuY28vYS94aWUteWFuLWZ1LWJpbmctc2hpLXFpLWtvbmctc3UteWktc2hpLXlhby10dWkteGl1LWJpLXpodWFuLXpoZW4uaHRtbCIsInNpdGVEb21haW4iOiJodHRwczovL2JnMy5jby8iLCJwbGF0Zm9ybSI6IkRFU0tUT1AiLCJwYWNrZXRJZCI6IjAwMDBBNzAxLWZiZGJhNzFkLTM1YjMtNGM3Ny1hYjVhLWI0NDMxYzA0Mjc5YyIsInBhZ2VHcm91cCI6IkFSVElDTEUiLCJwYWdlVmFyaWF0aW9uSWQiOiI5Njc1MDEyNS1iOTBjLTQ5N2EtODY5OS03MzE3MWY3YjQ5MzUiLCJwYWdlVmFyaWF0aW9uTmFtZSI6IkFkUHVzaHVwIiwicGFnZVZhcmlhdGlvblR5cGUiOjEsImJpZHMiOlt7ImJpZGRlciI6InRlYWRzIiwicmV2ZW51ZSI6MC4wMDAzNywicmVzcG9uc2VUaW1lIjozNTgsIm5ldHdvcmtSZWxhdGlvbiI6MX1dLCJtb2RlIjoxLCJlcnJvckNvZGUiOjEsIndpbm5lciI6InRlYWRzIiwid2lubmVyTmV0d29ya1JlbGF0aW9uIjoxLCJ3aW5uaW5nUmV2ZW51ZSI6MC4wMDAzNywid2lubmVyQWRVbml0SWQiOiI3OTRlZDQxNmVmNWQ4YzciLCJ0aW1lZE91dEJpZGRlcnMiOltdLCJzZXJ2aWNlcyI6WzEsM10sInNlY3Rpb25JZCI6Ijc3YTljMjJmLWFjMDItNDVkZC05NmJjLWIwODk2YThhN2Q1YSIsInNlY3Rpb25OYW1lIjoiQVBfTF9EX0FSVElDTEVfNzI4WDI1MF83N2E5YyIsImZvcm1hdFR5cGUiOiJiYW5uZXIiLCJyZWZyZXNoQ291bnQiOjAsInBsYWNlbWVudCI6MSwicmVuZGVyZWRBZFNpemUiOiIzMDB4MjUwIiwicHJlYmlkQXVjdGlvbklkIjoiNTBjYWQwZGYtM2I2ZC00MWJjLWIwMTYtMDc3Y2QyNGM3MmM5IiwiaGVhZGVyQmlkZGluZ1R5cGUiOjEsImNvdW50cnkiOiJDSCJ9&c_b=4205.700000762939
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xie-yan-fu-bing-shi-qi-kong-su-yi-shi-yao-tui-xiu-bi-zhuan-zhen.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 11 Sep 2023 12:34:15 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
collect
region1.google-analytics.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-Z0TZ7TDHS1&gtm=45je3960&_p=1819538051&cid=1931317642.1694435653&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ngs=1&_s=1&sid=1694435655&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxie-yan-fu-bing-shi-qi-kong-su-yi-shi-yao-tui-xiu-bi-zhuan-zhen.html&dt=%E8%A1%80%E7%99%8C%E5%A4%AB%E7%97%85%E9%80%9D%E3%80%80%E5%A6%BB%E6%8E%A7%E8%A8%B4%E9%86%AB%E5%B8%AB%E8%A6%81%E9%80%80%E4%BC%91%E9%80%BC%E8%BD%89%E8%A8%BA%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&en=link_preview&_fv=1&_ss=1&_ee=1&epn.value=1&epn.siteid=42753&ep.error_msg=no_mapping_success
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 11 Sep 2023 12:34:15 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame A075 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
5186
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 11 Sep 2023 11:07:49 GMT
expires
Tue, 10 Sep 2024 11:07:49 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 253B 		829 B
559 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
b1aec371e50cb6ae5417c2c38e07b2799277349de05c913717ff1eaa6ca50168
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-6zTMvjZo3dqhwO83vzzM3A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
537
content-security-policy
script-src 'report-sample' 'nonce-6zTMvjZo3dqhwO83vzzM3A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 11 Sep 2023 12:34:15 GMT
expires
Mon, 11 Sep 2023 12:34:15 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
teads-format.min.js
a.teads.tv/media/format/v3/ Frame AFFD 		600 KB
131 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/media/format/v3/teads-format.min.js
Requested by
Host: a.teads.tv
URL: https://a.teads.tv/hb/ad/6cb247c3-d4af-47d8-af5b-93402999ab0f_50b45b42-c1ea-4c9e-9f86-d8579626f5b9
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.79.89.16 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-89-16.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6e1802ceb852ade19f434f5821583a7c0bfcbd0d594e07328de4efc930f8c256

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 12:34:15 GMT
content-encoding
br
last-modified
Fri, 08 Sep 2023 09:28:31 GMT
x-amz-request-id
ZM6ZP5749WVWMXEP
etag
"60d17bc1c7f83d19ce6d05f301e4b230"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
private, must-revalidate, max-age=1800, no-transform
x-bucket
d
accept-ranges
bytes
content-length
134038
x-amz-id-2
HaE90ZIlvpW7yEMueo/Kw9F1K+PkGxtulJiJWPe4PtYlT/IQlmAGTwlLArepW6nidYfgIrJ/GnQ=
expires
Mon, 11 Sep 2023 13:04:15 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 7520 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202309050101&jk=3749438291413053&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xie-yan-fu-bing-shi-qi-kong-su-yi-shi-yao-tui-xiu-bi-zhuan-zhen.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
GMNNf8dPzMFRWE2GFsJAeeYNxVBqAV2Fx36SZG50-nU.js
pagead2.googlesyndication.com/bg/ Frame 66B2 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/GMNNf8dPzMFRWE2GFsJAeeYNxVBqAV2Fx36SZG50-nU.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
18c34d7fc74fccc151584d8616c24079e60dc5506a015d85c77e92646e74fa75
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 09:34:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
10789
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14501
x-xss-protection
0
last-modified
Mon, 04 Sep 2023 13:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 10 Sep 2024 09:34:26 GMT
truncated
/ Frame AFFD 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
806aaa3d6a2171a9af44c62f60883f1704859e40ffef985e717db88fa093d26d

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
container.html
19be587d143de049fa82e13b2a9ca414.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 73C1 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://19be587d143de049fa82e13b2a9ca414.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240102/pubads_impl.js?cb=31077596
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 11 Sep 2023 12:34:13 GMT
expires
Tue, 10 Sep 2024 12:34:13 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
480_650.mp4
cdn.vidverto.io/secured2/BBXffsIs60OI88dHK70Oug:1694439253/1327/video/1811/ 		164 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.vidverto.io/secured2/BBXffsIs60OI88dHK70Oug:1694439253/1327/video/1811/480_650.mp4
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xie-yan-fu-bing-shi-qi-kong-su-yi-shi-yao-tui-xiu-bi-zhuan-zhen.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
190.2.150.144 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
190-2-150-144.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash

Request headers

Referer
https://www.bg3.co/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=163840-

Response headers

Date
Mon, 11 Sep 2023 12:34:15 GMT
Last-Modified
Thu, 02 Sep 2021 16:34:58 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"6130fd32-101dff4"
Content-Type
video/mp4
Access-Control-Allow-Origin
*
Content-Range
bytes 163840-16900083/16900084
Connection
keep-alive
Content-Length
16736244
sodar
pagead2.googlesyndication.com/pagead/ Frame 253B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202309050101&jk=845653870775387&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xie-yan-fu-bing-shi-qi-kong-su-yi-shi-yao-tui-xiu-bi-zhuan-zhen.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
GMNNf8dPzMFRWE2GFsJAeeYNxVBqAV2Fx36SZG50-nU.js
pagead2.googlesyndication.com/bg/ Frame A075 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/GMNNf8dPzMFRWE2GFsJAeeYNxVBqAV2Fx36SZG50-nU.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
18c34d7fc74fccc151584d8616c24079e60dc5506a015d85c77e92646e74fa75
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 09:34:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
10789
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14501
x-xss-protection
0
last-modified
Mon, 04 Sep 2023 13:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 10 Sep 2024 09:34:26 GMT
iframe
sync.teads.tv/ Frame 484F 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.teads.tv/iframe?pid=169092&gdprIab={%22reason%22:240,%22status%22:24,%22consent%22:%22%22,%22apiVersion%22:null,%22cmpId%22:null}&fromFormat=true&env=js-web&hb_provider=prebid&auctid=6cb247c3-d4af-47d8-af5b-93402999ab0f_50b45b42-c1ea-4c9e-9f86-d8579626f5b9&vid=dda1694e-37ca-4de0-b5a1-6d30c645324e&1694435655641
Requested by
Host: a.teads.tv
URL: https://a.teads.tv/media/format/v3/teads-format.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.75.89.75 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-89-75.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.10 /
Resource Hash
efe1978a364bdec200bc125dabba51d891794514c733e52bae2d55be674e192a

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store
content-encoding
gzip
content-length
739
content-type
text/html; charset=UTF-8
date
Mon, 11 Sep 2023 12:34:15 GMT
expires
Mon, 11 Sep 2023 12:34:15 GMT
pragma
no-cache
server
akka-http/10.2.10
vary
Accept-Encoding
nurl
a.teads.tv/be-ms/ Frame AFFD 		28 KB
29 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/be-ms/nurl?payload=GISpCiCynEMov-U-MpMBCQAAAABgzHY_IZqZmZmZmek_KJG1psoPMl8qFAoQCI7KJRIDVVNEGgVzdGFydBgBOiEKAmF1GIC1GCIDVVNEKgppbXByZXNzaW9uMJfxHjiX8R5CJAoCdHMSBTEwMDAzGhMIABIDVVNEGgppbXByZXNzaW9uIgJhdTiH43RYBWCH43RwxPHOCnj36owLkAEAmAEAOAFCA0NIRkgBUABYAHIGanMtd2VieACAAUiSAVYIBRD0BRjBTyCfjwMqBDQ2MDAw____________AToEd2lmaUIPbTI0NyBldXJvcGUgc3JsSgE_Ug1ldXJvcGUvenVyaWNoWgVvbHRlbmIHc2Nod2VpepoBCnd3dy5iZzMuY2-gAQKoAQO4Ac83wgEGcHJlYmlk4AEB-gEyEi4KFQjYj72lvfiR2WwQj9bmzILo5K2vARIVCJ6ZqY-s6JbaUBC565ux-Yq2w58BGACAAt7y8KGoMYoCB1dpbmRvd3OSAgQxMC4wmAIAqgI2QURQXzQyNzUzXzcyOFgyNTBfNzdhOWMyMmYtYWMwMi00NWRkLTk2YmMtYjA4OTZhOGE3ZDVhsgIaChYI4JupvuOp2tDdARDO5JSyjKbb0LUBIADYAgDgAgDxAvF_3eRUjeY_-AIBgAMAogNZaHR0cHM6Ly93d3cuYmczLmNvL2EveGllLXlhbi1mdS1iaW5nLXNoaS1xaS1rb25nLXN1LXlpLXNoaS15YW8tdHVpLXhpdS1iaS16aHVhbi16aGVuLmh0bWyoAwCyAwJjaLoDBkNocm9tZcADWcgDANADAPIDDTQ1LjEyLjIyMi4xNzKABAA=&auction_currency=USD&pscid=20204&scid=7024&sid=174681&auction_price=gyESwWwMDG7UFtnYfV0egXytytyAHE6d5IJp0rZdFY1yNg&psid=415253&checksum=-699952526
Requested by
Host: a.teads.tv
URL: https://a.teads.tv/media/format/v3/teads-format.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.79.89.16 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-89-16.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6fbe38425cb794a7cb47bc9259ed531b5975af24da1c7fc9679c96e5192ec4fa

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 11 Sep 2023 12:34:15 GMT
access-control-max-age
1728000
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/xml; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Accept-Encoding, Accept-Language, Host, Referer, User-Agent
content-length
29031
expires
Mon, 11 Sep 2023 12:34:15 GMT
track
t.teads.tv/ Frame AFFD 		23 B
134 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.teads.tv/track?action=hbSlotAvailable&pid=169092&pageId=154680&vid=dda1694e-37ca-4de0-b5a1-6d30c645324e&pfid=72&env=js-web&ut=1&cid=1101362&gid=1028799&auctid=6cb247c3-d4af-47d8-af5b-93402999ab0f_50b45b42-c1ea-4c9e-9f86-d8579626f5b9&sid=174681&scid=7024&hb_provider=prebid&hb_ad_unit_code=ADP_42753_728X250_77a9c22f-ac02-45dd-96bc-b0896a8a7d5a&pscid=20204&psid=415253&cost=d1xEJCsGmqIBbvXLFJdvKzGw&cost_curr=USD&analyticsOnly=false&brid=7119&ad_source_id=128&dsp_campaign_id=1028799&dsp_creative_id=1101362&fms=9&p=URwql-FFplnWnTl6DM1xb4iYJeO8GJEWFVItLSDpOEulFbVhGBODRx7kTUlr7JuY3rg&cts=1694435654039&cs=-44274355901294854205&1694435654039&slot=native&hb_w=300&hb_h=250&fv=1247&ts=1694435655638&referer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxie-yan-fu-bing-shi-qi-kong-su-yi-shi-yao-tui-xiu-bi-zhuan-zhen.html
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xie-yan-fu-bing-shi-qi-kong-su-yi-shi-yao-tui-xiu-bi-zhuan-zhen.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.161.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-161-51.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Sat, 26 Jul 1997 05:00:00 GMT
date
Mon, 11 Sep 2023 12:34:15 GMT
cache-control
max-age=0, no-cache, no-store
content-length
23
content-type
image/gif
track
t.teads.tv/ Frame AFFD 		23 B
134 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.teads.tv/track?action=adReceived&env=js-web&auctid=6cb247c3-d4af-47d8-af5b-93402999ab0f_50b45b42-c1ea-4c9e-9f86-d8579626f5b9&pageId=154680&pid=169092&hb_provider=prebid&vid=dda1694e-37ca-4de0-b5a1-6d30c645324e&slot=native&pfid=72&fv=1247&ts=1694435655644&f=1&referer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxie-yan-fu-bing-shi-qi-kong-su-yi-shi-yao-tui-xiu-bi-zhuan-zhen.html
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xie-yan-fu-bing-shi-qi-kong-su-yi-shi-yao-tui-xiu-bi-zhuan-zhen.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.161.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-161-51.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Sat, 26 Jul 1997 05:00:00 GMT
date
Mon, 11 Sep 2023 12:34:15 GMT
cache-control
max-age=0, no-cache, no-store
content-length
23
content-type
image/gif
index.html
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7132700366679474911/ Frame A1A7 		68 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7132700366679474911/index.html
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xie-yan-fu-bing-shi-qi-kong-su-yi-shi-yao-tui-xiu-bi-zhuan-zhen.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
283044cabced3f3b05b6da4851170917bce4acf47453176876732ed9806f1eee
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://19be587d143de049fa82e13b2a9ca414.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
152569
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
17312
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
cross-origin-resource-policy
cross-origin
date
Sat, 09 Sep 2023 18:11:26 GMT
expires
Sun, 08 Sep 2024 18:11:26 GMT
last-modified
Tue, 13 Jun 2023 07:55:39 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230906/r20110914/ Frame 73C1 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230906/r20110914/abg_lite_fy2021.js
Requested by
Host: 19be587d143de049fa82e13b2a9ca414.safeframe.googlesyndication.com
URL: https://19be587d143de049fa82e13b2a9ca414.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://19be587d143de049fa82e13b2a9ca414.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 07:18:38 GMT
content-encoding
br
x-content-type-options
nosniff
age
18937
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9135
x-xss-protection
0
server
cafe
etag
9583221549990841032
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 25 Sep 2023 07:18:38 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/ Frame 73C1 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/window_focus_fy2021.js
Requested by
Host: 19be587d143de049fa82e13b2a9ca414.safeframe.googlesyndication.com
URL: https://19be587d143de049fa82e13b2a9ca414.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://19be587d143de049fa82e13b2a9ca414.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 07:20:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
18829
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 25 Sep 2023 07:20:26 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/ Frame 73C1 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 19be587d143de049fa82e13b2a9ca414.safeframe.googlesyndication.com
URL: https://19be587d143de049fa82e13b2a9ca414.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://19be587d143de049fa82e13b2a9ca414.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 06:26:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
22074
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8275
x-xss-protection
0
server
cafe
etag
7349537481621356269
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 25 Sep 2023 06:26:21 GMT
csi
csi.gstatic.com/ Frame 5C27 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~lmev8n5i&c=1234989831690&slotId=617494915845&ghmsh_eids=44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44794530%2C44797559%2C44797735&vast_v=4.0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.588.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4002:816::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 11 Sep 2023 12:34:15 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel.gif
ad.vidverto.io/vidverto/test/ Frame 5C27 		42 B
175 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/vidverto/test/pixel.gif
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.588.0_en.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
175.110.113.216 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
175-110-113-216.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 12:34:15 GMT
last-modified
Mon, 26 Oct 2020 16:14:05 GMT
server
nginx/1.14.0 (Ubuntu)
accept-ranges
bytes
etag
"5f96f5cd-2a"
content-length
42
content-type
image/gif
csi
csi.gstatic.com/ Frame 5C27 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=3~lmev8nir&c=1234989831690&slotId=617494915845&faa=1
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.588.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4002:816::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 11 Sep 2023 12:34:15 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel.gif
ad.vidverto.io/vidverto/test/ Frame 5C27 		42 B
174 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/vidverto/test/pixel.gif
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.588.0_en.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
175.110.113.216 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
175-110-113-216.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 12:34:15 GMT
last-modified
Mon, 26 Oct 2020 16:14:05 GMT
server
nginx/1.14.0 (Ubuntu)
accept-ranges
bytes
etag
"5f96f5cd-2a"
content-length
42
content-type
image/gif
Enabler.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame A1A7 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7132700366679474911/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 10 Sep 2023 19:46:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
60490
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5660
x-xss-protection
0
server
cafe
etag
544157900006238945
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Mon, 11 Sep 2023 19:46:05 GMT
addata.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame A1A7 		34 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7132700366679474911/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 02:17:36 GMT
content-encoding
br
x-content-type-options
nosniff
age
36999
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13035
x-xss-protection
0
server
cafe
etag
2319883687766034370
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Tue, 12 Sep 2023 02:17:36 GMT
7dd732d0-458b-11ee-b8ab-e36d8956f1ce
s8t.teads.tv/vast/ Frame AFFD 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://s8t.teads.tv/vast/7dd732d0-458b-11ee-b8ab-e36d8956f1ce
Requested by
Host: a.teads.tv
URL: https://a.teads.tv/media/format/v3/teads-format.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.75.89.75 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-89-75.deploy.static.akamaitechnologies.com
Software
/ Express
Resource Hash
bbae06f57e958696497b6ed11a85970c147d4c349d3080487b219d962b47b309

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 12:34:15 GMT
content-encoding
gzip
x-powered-by
Express
etag
W/"8f2-ubkUPK81+EUAAlRqJHkmSaiDx2U"
vary
Accept-Encoding
access-control-max-age
86400
content-type
application/xml; charset=utf-8
access-control-allow-origin
https://www.bg3.co
access-control-allow-methods
GET,POST
cache-control
no-cache, no-store
access-control-allow-credentials
true
access-control-allow-headers
*
content-length
1034
pixel.gif
ad.vidverto.io/vidverto/test/ Frame 5C27 		42 B
174 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/vidverto/test/pixel.gif
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.588.0_en.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
175.110.113.216 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
175-110-113-216.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 12:34:15 GMT
last-modified
Mon, 26 Oct 2020 16:14:05 GMT
server
nginx/1.14.0 (Ubuntu)
accept-ranges
bytes
etag
"5f96f5cd-2a"
content-length
42
content-type
image/gif
pixel.gif
ad.vidverto.io/vidverto/test/ Frame 5C27 		42 B
174 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/vidverto/test/pixel.gif
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.588.0_en.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
175.110.113.216 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
175-110-113-216.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 12:34:15 GMT
last-modified
Mon, 26 Oct 2020 16:14:05 GMT
server
nginx/1.14.0 (Ubuntu)
accept-ranges
bytes
etag
"5f96f5cd-2a"
content-length
42
content-type
image/gif
l
www.google.com/ads/measurement/ Frame 73C1 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRlMRo_rT7C_Js_abCuas0aA69egyGITqttjsVn-zVHPZ8P3d_yxvWQtouGr4OaJgMAqHu5MJPcmOB6E6rlUITpgXLG2g
Requested by
Host: 19be587d143de049fa82e13b2a9ca414.safeframe.googlesyndication.com
URL: https://19be587d143de049fa82e13b2a9ca414.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://19be587d143de049fa82e13b2a9ca414.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 73C1 		181 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 19be587d143de049fa82e13b2a9ca414.safeframe.googlesyndication.com
URL: https://19be587d143de049fa82e13b2a9ca414.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c620084286d4e8ac0ebd4811a782920ac935265c8cdbf0010ea7243bd81a6e6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://19be587d143de049fa82e13b2a9ca414.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 12:34:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57841
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1694001950986259"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 11 Sep 2023 12:34:15 GMT
truncated
/ Frame 73C1 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
78cee030549a70495516a27e204f36c7b0b946324d1842487634dec78c863fc8

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
generate_204
tpc.googlesyndication.com/ Frame 66B2 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?W3K1eA
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xie-yan-fu-bing-shi-qi-kong-su-yi-shi-yao-tui-xiu-bi-zhuan-zhen.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 12:34:15 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
pixel
cm.g.doubleclick.net/ Frame 484F
Redirect Chain
  • https://sync.teads.tv/um?eid=3&fp=1&uid=&vid=dda1694e-37ca-4de0-b5a1-6d30c645324e&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D&gdpr=0&gdpr_co...
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=ZGRhMTY5NGUtMzdjYS00ZGUwLWI1YTEtNmQzMGM2NDUzMjRl
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=ZGRhMTY5NGUtMzdjYS00ZGUwLWI1YTEtNmQzMGM2NDUzMjRl
Requested by
Host: sync.teads.tv
URL: https://sync.teads.tv/iframe?pid=169092&gdprIab={%22reason%22:240,%22status%22:24,%22consent%22:%22%22,%22apiVersion%22:null,%22cmpId%22:null}&fromFormat=true&env=js-web&hb_provider=prebid&auctid=6cb247c3-d4af-47d8-af5b-93402999ab0f_50b45b42-c1ea-4c9e-9f86-d8579626f5b9&vid=dda1694e-37ca-4de0-b5a1-6d30c645324e&1694435655641
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://sync.teads.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 11 Sep 2023 12:34:15 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 11 Sep 2023 12:34:15 GMT
server
akka-http/10.2.10
content-type
text/html; charset=UTF-8
location
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=ZGRhMTY5NGUtMzdjYS00ZGUwLWI1YTEtNmQzMGM2NDUzMjRl
cache-control
max-age=0, no-cache, no-store
content-length
189
expires
Mon, 11 Sep 2023 12:34:15 GMT
generic
match.adsrvr.org/track/cmf/ Frame 484F 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=teads&ttd_tpi=1&gdpr=0&gdpr_consent=&_t=1694435655792
Requested by
Host: sync.teads.tv
URL: https://sync.teads.tv/iframe?pid=169092&gdprIab={%22reason%22:240,%22status%22:24,%22consent%22:%22%22,%22apiVersion%22:null,%22cmpId%22:null}&fromFormat=true&env=js-web&hb_provider=prebid&auctid=6cb247c3-d4af-47d8-af5b-93402999ab0f_50b45b42-c1ea-4c9e-9f86-d8579626f5b9&vid=dda1694e-37ca-4de0-b5a1-6d30c645324e&1694435655641
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://sync.teads.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 11 Sep 2023 12:34:15 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
um
sync.teads.tv/ Frame 484F
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=79&p=145&cp=teads&cu=1&url=https%3A%2F%2Fsync.teads.tv%2Fum%3Ffp%3D1%26eid%3D80%26uid%3D%40%40CRITEO_USERID%40%40&gdpr=0&gdpr_consent=&_t=1694435655792
  • https://sync.teads.tv/um?fp=1&eid=80&uid=306636ff-5852-4183-8b4a-f84dcf9faf77&gdpr=0&gdpr_consent=
23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?fp=1&eid=80&uid=306636ff-5852-4183-8b4a-f84dcf9faf77&gdpr=0&gdpr_consent=
Requested by
Host: sync.teads.tv
URL: https://sync.teads.tv/iframe?pid=169092&gdprIab={%22reason%22:240,%22status%22:24,%22consent%22:%22%22,%22apiVersion%22:null,%22cmpId%22:null}&fromFormat=true&env=js-web&hb_provider=prebid&auctid=6cb247c3-d4af-47d8-af5b-93402999ab0f_50b45b42-c1ea-4c9e-9f86-d8579626f5b9&vid=dda1694e-37ca-4de0-b5a1-6d30c645324e&1694435655641
Protocol
H2
Server
104.75.89.75 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-89-75.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.10 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://sync.teads.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Mon, 11 Sep 2023 12:34:16 GMT
pragma
no-cache
date
Mon, 11 Sep 2023 12:34:16 GMT
cache-control
max-age=0, no-cache, no-store
server
akka-http/10.2.10
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 11 Sep 2023 12:34:15 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://sync.teads.tv/um?fp=1&eid=80&uid=306636ff-5852-4183-8b4a-f84dcf9faf77&gdpr=0&gdpr_consent=
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
936073
content-length
0
expires
Mon, 11 Sep 2023 00:00:00 GMT
um
sync.teads.tv/ Frame 484F
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/teads/dda1694e-37ca-4de0-b5a1-6d30c645324e?gdpr=0&gdpr_consent=&_t=1694435655792
  • https://sync.teads.tv/um?eid=132&uid=y-_lNNhCtE2oSG4ybdf7viNSTPZVRHSb5L5FI-~A
23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=132&uid=y-_lNNhCtE2oSG4ybdf7viNSTPZVRHSb5L5FI-~A
Requested by
Host: sync.teads.tv
URL: https://sync.teads.tv/iframe?pid=169092&gdprIab={%22reason%22:240,%22status%22:24,%22consent%22:%22%22,%22apiVersion%22:null,%22cmpId%22:null}&fromFormat=true&env=js-web&hb_provider=prebid&auctid=6cb247c3-d4af-47d8-af5b-93402999ab0f_50b45b42-c1ea-4c9e-9f86-d8579626f5b9&vid=dda1694e-37ca-4de0-b5a1-6d30c645324e&1694435655641
Protocol
H2
Server
104.75.89.75 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-89-75.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.10 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://sync.teads.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Mon, 11 Sep 2023 12:34:16 GMT
pragma
no-cache
date
Mon, 11 Sep 2023 12:34:16 GMT
cache-control
max-age=0, no-cache, no-store
server
akka-http/10.2.10
content-length
23
content-type
image/gif

Redirect headers

date
Mon, 11 Sep 2023 12:34:15 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://sync.teads.tv/um?eid=132&uid=y-_lNNhCtE2oSG4ybdf7viNSTPZVRHSb5L5FI-~A
content-length
0
/
loadm.exelator.com/load/ Frame 484F 		0
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://loadm.exelator.com/load/?p=204&g=810&j=0&buid=dda1694e-37ca-4de0-b5a1-6d30c645324e_eu_ch&gdpr_consent=&_t=1694435655792
Requested by
Host: sync.teads.tv
URL: https://sync.teads.tv/iframe?pid=169092&gdprIab={%22reason%22:240,%22status%22:24,%22consent%22:%22%22,%22apiVersion%22:null,%22cmpId%22:null}&fromFormat=true&env=js-web&hb_provider=prebid&auctid=6cb247c3-d4af-47d8-af5b-93402999ab0f_50b45b42-c1ea-4c9e-9f86-d8579626f5b9&vid=dda1694e-37ca-4de0-b5a1-6d30c645324e&1694435655641
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.198.69.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-198-69-109.eu-central-1.compute.amazonaws.com
Software
nginx / Undertow/1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://sync.teads.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 12:34:16 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
44858
tags.bluekai.com/site/ Frame 484F 		62 B
499 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.bluekai.com/site/44858?id=dda1694e-37ca-4de0-b5a1-6d30c645324e_eu_ch&limit=1&gdpr_consent=&_t=1694435655792
Requested by
Host: sync.teads.tv
URL: https://sync.teads.tv/iframe?pid=169092&gdprIab={%22reason%22:240,%22status%22:24,%22consent%22:%22%22,%22apiVersion%22:null,%22cmpId%22:null}&fromFormat=true&env=js-web&hb_provider=prebid&auctid=6cb247c3-d4af-47d8-af5b-93402999ab0f_50b45b42-c1ea-4c9e-9f86-d8579626f5b9&vid=dda1694e-37ca-4de0-b5a1-6d30c645324e&1694435655641
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.192.160.219 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a69-192-160-219.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://sync.teads.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date
Mon, 11 Sep 2023 12:34:16 GMT
content-length
62
content-type
image/gif
474599.gif
idsync.rlcdn.com/ Frame 484F 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/474599.gif?partner_uid=dda1694e-37ca-4de0-b5a1-6d30c645324e_ch&cv=&_t=1694435655792
Requested by
Host: sync.teads.tv
URL: https://sync.teads.tv/iframe?pid=169092&gdprIab={%22reason%22:240,%22status%22:24,%22consent%22:%22%22,%22apiVersion%22:null,%22cmpId%22:null}&fromFormat=true&env=js-web&hb_provider=prebid&auctid=6cb247c3-d4af-47d8-af5b-93402999ab0f_50b45b42-c1ea-4c9e-9f86-d8579626f5b9&vid=dda1694e-37ca-4de0-b5a1-6d30c645324e&1694435655641
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://sync.teads.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
g.pixel
aa.agkn.com/adscores/ Frame 484F 		43 B
500 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aa.agkn.com/adscores/g.pixel?sid=9212301178&puid=dda1694e-37ca-4de0-b5a1-6d30c645324e_ch&_tid=dda1694e-37ca-4de0-b5a1-6d30c645324e&gdpr_consent=&_t=1694435655792
Requested by
Host: sync.teads.tv
URL: https://sync.teads.tv/iframe?pid=169092&gdprIab={%22reason%22:240,%22status%22:24,%22consent%22:%22%22,%22apiVersion%22:null,%22cmpId%22:null}&fromFormat=true&env=js-web&hb_provider=prebid&auctid=6cb247c3-d4af-47d8-af5b-93402999ab0f_50b45b42-c1ea-4c9e-9f86-d8579626f5b9&vid=dda1694e-37ca-4de0-b5a1-6d30c645324e&1694435655641
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.129.25.174 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-108-129-25-174.eu-west-1.compute.amazonaws.com
Software
AAWebServer /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://sync.teads.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 11 Sep 2023 12:34:16 GMT
server
AAWebServer
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
content-length
43
expires
0
usermatch.gif
beacon.krxd.net/ Frame 484F 		0
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=teadspartner&partner_uid=dda1694e-37ca-4de0-b5a1-6d30c645324e_ch&gdpr_consent=&_t=1694435655792
Requested by
Host: sync.teads.tv
URL: https://sync.teads.tv/iframe?pid=169092&gdprIab={%22reason%22:240,%22status%22:24,%22consent%22:%22%22,%22apiVersion%22:null,%22cmpId%22:null}&fromFormat=true&env=js-web&hb_provider=prebid&auctid=6cb247c3-d4af-47d8-af5b-93402999ab0f_50b45b42-c1ea-4c9e-9f86-d8579626f5b9&vid=dda1694e-37ca-4de0-b5a1-6d30c645324e&1694435655641
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.203.183.215 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-183-215.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://sync.teads.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-served-by
beacon-n024-dub-prod.krxd.net
date
Mon, 11 Sep 2023 12:34:16 GMT
cache-control
private, no-cache, no-store
x-request-time
D=47 t=1694435656
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
usersync
sync.springserve.com/ Frame 484F
Redirect Chain
  • https://sync.teads.tv/um?fp=1&ssb_provider_id=1&uid=&vid=dda1694e-37ca-4de0-b5a1-6d30c645324e&fb=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000024%26uuid%3D%5BVID%5D&gdpr=0&gdpr_consent...
  • https://sync.springserve.com/usersync?aid=1000024&uuid=dda1694e-37ca-4de0-b5a1-6d30c645324e
43 B
206 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.springserve.com/usersync?aid=1000024&uuid=dda1694e-37ca-4de0-b5a1-6d30c645324e
Requested by
Host: sync.teads.tv
URL: https://sync.teads.tv/iframe?pid=169092&gdprIab={%22reason%22:240,%22status%22:24,%22consent%22:%22%22,%22apiVersion%22:null,%22cmpId%22:null}&fromFormat=true&env=js-web&hb_provider=prebid&auctid=6cb247c3-d4af-47d8-af5b-93402999ab0f_50b45b42-c1ea-4c9e-9f86-d8579626f5b9&vid=dda1694e-37ca-4de0-b5a1-6d30c645324e&1694435655641
Protocol
H2
Server
54.154.20.43 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-154-20-43.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://sync.teads.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 11 Sep 2023 12:34:16 GMT
access-control-allow-credentials
true
server
nginx
content-length
43
access-control-allow-methods
GET, OPTIONS
content-type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 11 Sep 2023 12:34:15 GMT
server
akka-http/10.2.10
content-type
text/html; charset=UTF-8
location
https://sync.springserve.com/usersync?aid=1000024&uuid=dda1694e-37ca-4de0-b5a1-6d30c645324e
cache-control
max-age=0, no-cache, no-store
content-length
164
expires
Mon, 11 Sep 2023 12:34:15 GMT
report
sync.teads.tv/um/ Frame 484F
Redirect Chain
  • https://sync.teads.tv/um?fp=1&ssb_provider_id=3&google_nid=teadstv_ab&uid=&vid=dda1694e-37ca-4de0-b5a1-6d30c645324e&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_...
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=ZGRhMTY5NGUtMzdjYS00ZGUwLWI1YTEtNmQzMGM2NDUzMjRl
  • https://sync.teads.tv/um/report?ssb_provider_id=3&google_nid=teadstv_ab&fp=1
23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um/report?ssb_provider_id=3&google_nid=teadstv_ab&fp=1
Requested by
Host: sync.teads.tv
URL: https://sync.teads.tv/iframe?pid=169092&gdprIab={%22reason%22:240,%22status%22:24,%22consent%22:%22%22,%22apiVersion%22:null,%22cmpId%22:null}&fromFormat=true&env=js-web&hb_provider=prebid&auctid=6cb247c3-d4af-47d8-af5b-93402999ab0f_50b45b42-c1ea-4c9e-9f86-d8579626f5b9&vid=dda1694e-37ca-4de0-b5a1-6d30c645324e&1694435655641
Protocol
H2
Server
104.75.89.75 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-89-75.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.10 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://sync.teads.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Mon, 11 Sep 2023 12:34:16 GMT
pragma
no-cache
date
Mon, 11 Sep 2023 12:34:16 GMT
cache-control
max-age=0, no-cache, no-store
server
akka-http/10.2.10
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 11 Sep 2023 12:34:16 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um/report?ssb_provider_id=3&google_nid=teadstv_ab&fp=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame AFFD 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuN7ZBDNVhs2Uf82aOpPkx4JDpJ9glk9Go2kjtWN1DW93Huusj534nGFdExuGf4bCvqjMRpB-Cp_M_GonaebOj-4MXl0wExTUD42u0SYLH38-FS_62FiDrij05vt8YQH-qeGSPe447XeZEczwR2v3x3ot6VID8-QOHRT6iNags2-C7cZYvJFy0YcA9-K3yWUejkuQnBP0mRW_DwT4rX5LKpEFQ48ilE3b9ZhY2xPQi0h8vkpuemHEF7pBSQbP8XOZpVe7-NzDjmR4WXINTA8tLRxVz7GLRWb1wRV3oTIRjjVnmO6vueMolmaMp-CtPllEAq8_E&sai=AMfl-YSgNerquxyeJqSXifh6UbGEzThVHgumZf667GKA3no-Z-YpeQK6sLkLCqFpEDbdgoUNWTjvv1gkql8fKwax8u7pACtaQHNeTWbGK33qA2G8oF3wFuSwOSg9_Ed3ug&sig=Cg0ArKJSzMejZajZHbgMEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 12:34:15 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 11 Sep 2023 12:34:15 GMT
csi
csi.gstatic.com/ Frame 5C27 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=4~lmev8niv&c=1234989831690&slotId=617494915845&fas=1
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.588.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4002:816::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 11 Sep 2023 12:34:16 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel.gif
ad.vidverto.io/vidverto/test/ Frame 5C27 		42 B
174 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/vidverto/test/pixel.gif
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.588.0_en.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
175.110.113.216 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
175-110-113-216.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 12:34:15 GMT
last-modified
Mon, 26 Oct 2020 16:14:05 GMT
server
nginx/1.14.0 (Ubuntu)
accept-ranges
bytes
etag
"5f96f5cd-2a"
content-length
42
content-type
image/gif
GMNNf8dPzMFRWE2GFsJAeeYNxVBqAV2Fx36SZG50-nU.js
pagead2.googlesyndication.com/bg/ Frame A1A7 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/GMNNf8dPzMFRWE2GFsJAeeYNxVBqAV2Fx36SZG50-nU.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
18c34d7fc74fccc151584d8616c24079e60dc5506a015d85c77e92646e74fa75
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 09:34:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
10789
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14501
x-xss-protection
0
last-modified
Mon, 04 Sep 2023 13:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 10 Sep 2024 09:34:26 GMT
text-3.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7132700366679474911/ Frame A1A7 		9 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7132700366679474911/text-3.svg
Requested by
Host: 19be587d143de049fa82e13b2a9ca414.safeframe.googlesyndication.com
URL: https://19be587d143de049fa82e13b2a9ca414.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a393eaa516a10f13683c525f9dae11592c60e2004a9b056fe3499c886db187b4
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 08 Sep 2023 19:18:26 GMT
age
234949
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2304
x-xss-protection
0
last-modified
Tue, 13 Jun 2023 07:55:39 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 07 Sep 2024 19:18:26 GMT
cta-2.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7132700366679474911/ Frame A1A7 		9 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7132700366679474911/cta-2.svg
Requested by
Host: 19be587d143de049fa82e13b2a9ca414.safeframe.googlesyndication.com
URL: https://19be587d143de049fa82e13b2a9ca414.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3a98517892b7d4c2822ccbf5ba94dc48bd74547adf954f1172975a87e358cbd2
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 09 Sep 2023 18:20:37 GMT
age
152018
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3517
x-xss-protection
0
last-modified
Tue, 13 Jun 2023 07:55:39 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 08 Sep 2024 18:20:37 GMT
cta-1.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7132700366679474911/ Frame A1A7 		9 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7132700366679474911/cta-1.svg
Requested by
Host: 19be587d143de049fa82e13b2a9ca414.safeframe.googlesyndication.com
URL: https://19be587d143de049fa82e13b2a9ca414.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5026aec02fea15b7314300cf6269ef40756b0866cf1a39876a7ac688b71de6f0
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 10 Sep 2023 16:08:28 GMT
age
73547
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2778
x-xss-protection
0
last-modified
Tue, 13 Jun 2023 07:55:39 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Mon, 09 Sep 2024 16:08:28 GMT
text-2.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7132700366679474911/ Frame A1A7 		16 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7132700366679474911/text-2.svg
Requested by
Host: 19be587d143de049fa82e13b2a9ca414.safeframe.googlesyndication.com
URL: https://19be587d143de049fa82e13b2a9ca414.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
74309922b4df0c2c7a9e39e7ae9f742056458a1d18e9bc05b7902c9e699570de
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 06 Sep 2023 20:25:48 GMT
age
403707
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4323
x-xss-protection
0
last-modified
Tue, 13 Jun 2023 07:55:39 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 05 Sep 2024 20:25:48 GMT
text-1.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7132700366679474911/ Frame A1A7 		21 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7132700366679474911/text-1.svg
Requested by
Host: 19be587d143de049fa82e13b2a9ca414.safeframe.googlesyndication.com
URL: https://19be587d143de049fa82e13b2a9ca414.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3b7b2a773ec223a34c95163b8105950e9815a4a726e7108837e56dc8cc40ac45
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 09 Sep 2023 18:20:37 GMT
age
152018
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5117
x-xss-protection
0
last-modified
Tue, 13 Jun 2023 07:55:39 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 08 Sep 2024 18:20:37 GMT
logo.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7132700366679474911/ Frame A1A7 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7132700366679474911/logo.svg
Requested by
Host: 19be587d143de049fa82e13b2a9ca414.safeframe.googlesyndication.com
URL: https://19be587d143de049fa82e13b2a9ca414.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
58c008fd490fd9d7a14b3c416ee60338704e28b5ea228cea2263341363368939
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 09 Sep 2023 18:20:37 GMT
age
152018
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1042
x-xss-protection
0
last-modified
Tue, 13 Jun 2023 07:55:39 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 08 Sep 2024 18:20:37 GMT
MCH_Ilmac-bg_728x90.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7132700366679474911/ Frame A1A7 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7132700366679474911/MCH_Ilmac-bg_728x90.jpg
Requested by
Host: 19be587d143de049fa82e13b2a9ca414.safeframe.googlesyndication.com
URL: https://19be587d143de049fa82e13b2a9ca414.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
395faa0cafda34ba9ca0683c77b9f278c1c03069a9b5f7724cf51c33810b269c
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Wed, 06 Sep 2023 20:25:48 GMT
x-content-type-options
nosniff
age
403707
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12472
x-xss-protection
0
last-modified
Tue, 13 Jun 2023 07:55:39 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 05 Sep 2024 20:25:48 GMT
generate_204
tpc.googlesyndication.com/ Frame A075 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?nvxf1Q
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xie-yan-fu-bing-shi-qi-kong-su-yi-shi-yao-tui-xiu-bi-zhuan-zhen.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 12:34:15 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/ Frame ABB7 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301106&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1694428455&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxie-yan-fu-bing-shi-qi-kong-su-yi-shi-yao-tui-xiu-bi-zhuan-zhen.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694435654340&bpp=270&bdt=780&idt=734&shv=r20230906&mjsv=m202309060101&ptt=5&saldr=sd&cookie=ID%3D050c352e40c34459%3AT%3D1694435653%3ART%3D1694435653%3AS%3DALNI_MaMqZh8i9RnVEXbYAdt4sdhuIqPhg&gpic=UID%3D00000c71d2ea5162%3AT%3D1694435653%3ART%3D1694435653%3AS%3DALNI_MYT6Vh6T4H89y6jhRrUY6HZHhIwDg&correlator=1234989831690&frm=23&ife=1&pv=2&ga_vid=2034881998.1694435655&ga_sid=1694435655&ga_hid=1127634491&ga_fc=0&ga_cid=amp-ZZfTcNPgaU4XzHAosBFIYw&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2335&biw=1600&bih=1200&isw=336&ish=280&ifk=4206194273&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31076838%2C31077330%2C31077559%2C42532334%2C44792013&oid=2&pvsid=1976443460035150&tmod=441640564&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.w3234lx7lhfr&btvi=1&fsb=1&dtd=751
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 07:20:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
18829
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 25 Sep 2023 07:20:26 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/ Frame ABB7 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301106&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1694428455&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxie-yan-fu-bing-shi-qi-kong-su-yi-shi-yao-tui-xiu-bi-zhuan-zhen.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694435654340&bpp=270&bdt=780&idt=734&shv=r20230906&mjsv=m202309060101&ptt=5&saldr=sd&cookie=ID%3D050c352e40c34459%3AT%3D1694435653%3ART%3D1694435653%3AS%3DALNI_MaMqZh8i9RnVEXbYAdt4sdhuIqPhg&gpic=UID%3D00000c71d2ea5162%3AT%3D1694435653%3ART%3D1694435653%3AS%3DALNI_MYT6Vh6T4H89y6jhRrUY6HZHhIwDg&correlator=1234989831690&frm=23&ife=1&pv=2&ga_vid=2034881998.1694435655&ga_sid=1694435655&ga_hid=1127634491&ga_fc=0&ga_cid=amp-ZZfTcNPgaU4XzHAosBFIYw&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2335&biw=1600&bih=1200&isw=336&ish=280&ifk=4206194273&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31076838%2C31077330%2C31077559%2C42532334%2C44792013&oid=2&pvsid=1976443460035150&tmod=441640564&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.w3234lx7lhfr&btvi=1&fsb=1&dtd=751
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 06:26:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
22074
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8275
x-xss-protection
0
server
cafe
etag
7349537481621356269
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 25 Sep 2023 06:26:21 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame ABB7 		181 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301106&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1694428455&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxie-yan-fu-bing-shi-qi-kong-su-yi-shi-yao-tui-xiu-bi-zhuan-zhen.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694435654340&bpp=270&bdt=780&idt=734&shv=r20230906&mjsv=m202309060101&ptt=5&saldr=sd&cookie=ID%3D050c352e40c34459%3AT%3D1694435653%3ART%3D1694435653%3AS%3DALNI_MaMqZh8i9RnVEXbYAdt4sdhuIqPhg&gpic=UID%3D00000c71d2ea5162%3AT%3D1694435653%3ART%3D1694435653%3AS%3DALNI_MYT6Vh6T4H89y6jhRrUY6HZHhIwDg&correlator=1234989831690&frm=23&ife=1&pv=2&ga_vid=2034881998.1694435655&ga_sid=1694435655&ga_hid=1127634491&ga_fc=0&ga_cid=amp-ZZfTcNPgaU4XzHAosBFIYw&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2335&biw=1600&bih=1200&isw=336&ish=280&ifk=4206194273&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31076838%2C31077330%2C31077559%2C42532334%2C44792013&oid=2&pvsid=1976443460035150&tmod=441640564&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.w3234lx7lhfr&btvi=1&fsb=1&dtd=751
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c620084286d4e8ac0ebd4811a782920ac935265c8cdbf0010ea7243bd81a6e6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 12:34:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57841
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1694001950986259"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 11 Sep 2023 12:34:15 GMT
truncated
/ Frame FDCE 		669 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
35463ce93e7c820faa404db98d939ff640ae78ca0e29be043861853c9e07c586

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
performance-single-video
s8t.teads.tv/vpaid-builder/ Frame 0F9A 		98 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s8t.teads.tv/vpaid-builder/performance-single-video?1232
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xie-yan-fu-bing-shi-qi-kong-su-yi-shi-yao-tui-xiu-bi-zhuan-zhen.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.75.89.75 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-89-75.deploy.static.akamaitechnologies.com
Software
/ Express
Resource Hash
ff17b8630719315504de11eb21395948b10ae7bcf47c361f27bdce55472eb763

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 12:34:16 GMT
content-encoding
gzip
x-powered-by
Express
etag
W/"186b4-ax20487VnByVUn0F1fyPANCT7es"
vary
Accept-Encoding
access-control-max-age
86400
content-type
application/javascript
access-control-allow-origin
*
access-control-allow-methods
GET,POST
cache-control
max-age=2087
access-control-allow-credentials
false
access-control-allow-headers
*
content-length
28544
pixel.gif
ad.vidverto.io/vidverto/test/ Frame 5C27 		42 B
174 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/vidverto/test/pixel.gif
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.588.0_en.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
175.110.113.216 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
175-110-113-216.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 12:34:16 GMT
last-modified
Mon, 26 Oct 2020 16:14:05 GMT
server
nginx/1.14.0 (Ubuntu)
accept-ranges
bytes
etag
"5f96f5cd-2a"
content-length
42
content-type
image/gif
pixel.gif
ad.vidverto.io/vidverto/test/ Frame 5C27 		42 B
174 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/vidverto/test/pixel.gif
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.588.0_en.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
175.110.113.216 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
175-110-113-216.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 12:34:16 GMT
last-modified
Mon, 26 Oct 2020 16:14:05 GMT
server
nginx/1.14.0 (Ubuntu)
accept-ranges
bytes
etag
"5f96f5cd-2a"
content-length
42
content-type
image/gif
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/ Frame 102A 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301107&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1694428455&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxie-yan-fu-bing-shi-qi-kong-su-yi-shi-yao-tui-xiu-bi-zhuan-zhen.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694435654342&bpp=539&bdt=789&idt=931&shv=r20230906&mjsv=m202309060101&ptt=5&saldr=sd&cookie=ID%3D050c352e40c34459%3AT%3D1694435653%3ART%3D1694435653%3AS%3DALNI_MaMqZh8i9RnVEXbYAdt4sdhuIqPhg&gpic=UID%3D00000c71d2ea5162%3AT%3D1694435653%3ART%3D1694435653%3AS%3DALNI_MYT6Vh6T4H89y6jhRrUY6HZHhIwDg&correlator=1234989831690&frm=23&ife=1&pv=1&ga_vid=2033806290.1694435655&ga_sid=1694435655&ga_hid=47684765&ga_fc=0&ga_cid=amp-ZZfTcNPgaU4XzHAosBFIYw&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=2780182601&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C44798934&oid=2&pvsid=562622493605378&tmod=187379184&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.tw4huzh369ut&fsb=1&dtd=948
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 07:20:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
18830
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 25 Sep 2023 07:20:26 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/ Frame 102A 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301107&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1694428455&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxie-yan-fu-bing-shi-qi-kong-su-yi-shi-yao-tui-xiu-bi-zhuan-zhen.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694435654342&bpp=539&bdt=789&idt=931&shv=r20230906&mjsv=m202309060101&ptt=5&saldr=sd&cookie=ID%3D050c352e40c34459%3AT%3D1694435653%3ART%3D1694435653%3AS%3DALNI_MaMqZh8i9RnVEXbYAdt4sdhuIqPhg&gpic=UID%3D00000c71d2ea5162%3AT%3D1694435653%3ART%3D1694435653%3AS%3DALNI_MYT6Vh6T4H89y6jhRrUY6HZHhIwDg&correlator=1234989831690&frm=23&ife=1&pv=1&ga_vid=2033806290.1694435655&ga_sid=1694435655&ga_hid=47684765&ga_fc=0&ga_cid=amp-ZZfTcNPgaU4XzHAosBFIYw&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=2780182601&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C44798934&oid=2&pvsid=562622493605378&tmod=187379184&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.tw4huzh369ut&fsb=1&dtd=948
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 06:26:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
22075
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8275
x-xss-protection
0
server
cafe
etag
7349537481621356269
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 25 Sep 2023 06:26:21 GMT
l
www.google.com/ads/measurement/ Frame 102A 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQyXecyyCumebvya-oZrPWvXoTlwa8bMnbi7k-Iy4IjQGNYpYvqRiosqdfKAXLtLOOO3E6mrQDexGfFnzcNQWagB6-_Ew
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301107&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1694428455&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxie-yan-fu-bing-shi-qi-kong-su-yi-shi-yao-tui-xiu-bi-zhuan-zhen.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694435654342&bpp=539&bdt=789&idt=931&shv=r20230906&mjsv=m202309060101&ptt=5&saldr=sd&cookie=ID%3D050c352e40c34459%3AT%3D1694435653%3ART%3D1694435653%3AS%3DALNI_MaMqZh8i9RnVEXbYAdt4sdhuIqPhg&gpic=UID%3D00000c71d2ea5162%3AT%3D1694435653%3ART%3D1694435653%3AS%3DALNI_MYT6Vh6T4H89y6jhRrUY6HZHhIwDg&correlator=1234989831690&frm=23&ife=1&pv=1&ga_vid=2033806290.1694435655&ga_sid=1694435655&ga_hid=47684765&ga_fc=0&ga_cid=amp-ZZfTcNPgaU4XzHAosBFIYw&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=2780182601&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C44798934&oid=2&pvsid=562622493605378&tmod=187379184&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.tw4huzh369ut&fsb=1&dtd=948
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 102A 		181 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301107&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1694428455&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxie-yan-fu-bing-shi-qi-kong-su-yi-shi-yao-tui-xiu-bi-zhuan-zhen.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694435654342&bpp=539&bdt=789&idt=931&shv=r20230906&mjsv=m202309060101&ptt=5&saldr=sd&cookie=ID%3D050c352e40c34459%3AT%3D1694435653%3ART%3D1694435653%3AS%3DALNI_MaMqZh8i9RnVEXbYAdt4sdhuIqPhg&gpic=UID%3D00000c71d2ea5162%3AT%3D1694435653%3ART%3D1694435653%3AS%3DALNI_MYT6Vh6T4H89y6jhRrUY6HZHhIwDg&correlator=1234989831690&frm=23&ife=1&pv=1&ga_vid=2033806290.1694435655&ga_sid=1694435655&ga_hid=47684765&ga_fc=0&ga_cid=amp-ZZfTcNPgaU4XzHAosBFIYw&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=2780182601&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C44798934&oid=2&pvsid=562622493605378&tmod=187379184&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.tw4huzh369ut&fsb=1&dtd=948
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c620084286d4e8ac0ebd4811a782920ac935265c8cdbf0010ea7243bd81a6e6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 12:34:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57841
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1694001950986259"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 11 Sep 2023 12:34:16 GMT
bridge3.588.0_en.html
imasdk.googleapis.com/js/core/ Frame C557 		721 KB
231 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.588.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9ad6a9a711e74a049a6f6eba60c3b662aea0b8071cf6150179b52d7c822de970
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
579521
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
236614
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Mon, 04 Sep 2023 19:35:35 GMT
expires
Tue, 03 Sep 2024 19:35:35 GMT
last-modified
Mon, 04 Sep 2023 19:31:10 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 25F3 		40 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 12:22:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
720
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13893
x-xss-protection
0
last-modified
Wed, 09 Aug 2023 15:57:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Mon, 11 Sep 2023 13:22:16 GMT
afr.php
ads.eu.criteo.com/delivery/r/ Frame 2466 		126 KB
45 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=ZP8JRwAC7ZkEws-YAAnYNK_Rvdbw6A3rk4RXdA&u=%7C7986pjaTk5YjvYxH8g2UIflWwdIND8LKNA8ieL3ryIo%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdhoxLfz-cNqzFiF5C1iIi-No5dsH_gGJ612oS23GCZbDG9-Jcw020wuh3fZaV5E5SsgfVE6kyN1UvGKTou5wsTULlF2dG6nzs5PKE-5vrOg1FsaYmKRAfRJogjhObTA8e4UOkj3_fI0gVE2EdEGFBZqrhvgblifP4J_eCyCtRv4jDnGdyZp2nx-C96sDRNzNPlCJgvOYRlaxwMq3vhRX5Hae-sbXcXItMzS8oDT-KcnTdqdPeq_2ZeJB3BLtwUqwhY-4OmuEeJA-wDEhV8DjdhXCabOShbHvq5ZXug6U7yQNiFQX1Udrb3K5v-PnUo2Fd2j-6m-XTd989Ph2yUqsply4jNzveBAKV2w60p_f8n_mp8ERyzuhamERsyP6m9Ttr5Vs4QBgpRQgndaMEJbautuA_kajzBEePFDXdETDg4mvBawd_3oEo4VZi-530SzPZlfX7kKYDIwpfpLrNGyxgoF1ppOtIHNGTa5FYsyujBzGR0k1hsBI4EMS8STJi2mhef0rURPXOB8Dqkp_JYb0OuvFihMeRVYRFv4rz6QL0Oz20qosFnhmky17ugpbGEb6_gVqCKyPbnie_QYRGX9WSPh6nFmIHpisBmZawua_7Af8F7yY_Lt4NhG1540VYClTD_2b9NGQEXMqzFlhDAH76JwS_wT6OTsuMIbRxu-4wnMbfVLnezUd73KmOdFUwbd0CGHDS6GJyy6e7A5g4Je3JD&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQd9QRwn_ZJnbC5ifi9YPtLCnYMme0rFc1Z2R93DAjbcBEAEgAGD1lc6B4ASCARdjYS1wdWItNDQ4NTIzOTQyNTkyNDc4N8gBCakC9j0qZY8Csj6oAwHIAwKqBKwCT9AhyZOFqcqqvKCkPcmvCzGw_gPl6JTczkUaZlhG49_ZWQSQ4BkpgkvIOOUM5FtNjvbC3vokxA_Q-VV_mXdKVn0dPjb_WRylIOeP52aj3m9J49yBWdG_gW5xytSjKs6By-ugQQfs2R0Ule7m-uvzBWt2kD0Z-rGrmj-utlSYas7MZc3iiDdecij0dxer050PY5tGXlm8ZP59JKB14reM1XAv2cPPBQ7lsUzloPwj6hfUS863BSqIGFAkC-lrkYfoEs9qmCf6MRUyueX6kyinB9HHBP6P9tt99svwC1fjKWJrFF72I-SpzZCaGOOo3pEsRPNhAspVvPpX0P7N2etMM9mWIxvI08OhokxMJBbjs0sBA2Z_atooGBhZ6SgsduL6I3Ahau2VIpvzzP8IgAbupIOpr9Xfr1mgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2BTuq4EUzkUXY6v5LEOhLM1IJkyQ%26client%3Dca-pub-4485239425924787%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301106&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1694428455&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxie-yan-fu-bing-shi-qi-kong-su-yi-shi-yao-tui-xiu-bi-zhuan-zhen.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694435654340&bpp=270&bdt=780&idt=734&shv=r20230906&mjsv=m202309060101&ptt=5&saldr=sd&cookie=ID%3D050c352e40c34459%3AT%3D1694435653%3ART%3D1694435653%3AS%3DALNI_MaMqZh8i9RnVEXbYAdt4sdhuIqPhg&gpic=UID%3D00000c71d2ea5162%3AT%3D1694435653%3ART%3D1694435653%3AS%3DALNI_MYT6Vh6T4H89y6jhRrUY6HZHhIwDg&correlator=1234989831690&frm=23&ife=1&pv=2&ga_vid=2034881998.1694435655&ga_sid=1694435655&ga_hid=1127634491&ga_fc=0&ga_cid=amp-ZZfTcNPgaU4XzHAosBFIYw&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2335&biw=1600&bih=1200&isw=336&ish=280&ifk=4206194273&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31076838%2C31077330%2C31077559%2C42532334%2C44792013&oid=2&pvsid=1976443460035150&tmod=441640564&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.w3234lx7lhfr&btvi=1&fsb=1&dtd=751
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
850c7b2181c7009368f3917622104354545493c6b1a445623ef2d2c1f8dcc732
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Mon, 11 Sep 2023 12:34:15 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=0j0TwBF1f3OdGv3qZliAyuCQ1BQH4AdyszmCgd4Zjz1Wh0yOlChvYI3xdwlOyEGSYfsDCDKV2o6Uuq2oy0ieq99eDviXrGEX1EY6rE1frRn-oX0BkdBrbpL2jl6SRpf43rHp_NvqYJS-TbchSCdXZKsZjWY56pyvqWNhrr9F7OWSgvSi3_IEFPNx28nvg8C-4PkfP_RNYsGkhbaQnEsuXajOV43BCARvOxl77KlHzBpXJy-5UWXimY8G88Ev-tEtN0pWIw"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
60932555
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 6F21 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301106&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1694428455&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxie-yan-fu-bing-shi-qi-kong-su-yi-shi-yao-tui-xiu-bi-zhuan-zhen.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694435654340&bpp=270&bdt=780&idt=734&shv=r20230906&mjsv=m202309060101&ptt=5&saldr=sd&cookie=ID%3D050c352e40c34459%3AT%3D1694435653%3ART%3D1694435653%3AS%3DALNI_MaMqZh8i9RnVEXbYAdt4sdhuIqPhg&gpic=UID%3D00000c71d2ea5162%3AT%3D1694435653%3ART%3D1694435653%3AS%3DALNI_MYT6Vh6T4H89y6jhRrUY6HZHhIwDg&correlator=1234989831690&frm=23&ife=1&pv=2&ga_vid=2034881998.1694435655&ga_sid=1694435655&ga_hid=1127634491&ga_fc=0&ga_cid=amp-ZZfTcNPgaU4XzHAosBFIYw&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2335&biw=1600&bih=1200&isw=336&ish=280&ifk=4206194273&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31076838%2C31077330%2C31077559%2C42532334%2C44792013&oid=2&pvsid=1976443460035150&tmod=441640564&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.w3234lx7lhfr&btvi=1&fsb=1&dtd=751
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
74219
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 10 Sep 2023 15:57:17 GMT
etag
48472445140208031
expires
Mon, 11 Sep 2023 15:57:17 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
/
www.googleadservices.com/pagead/ar-adview/ Frame 73C1
Redirect Chain
  • https://securepubads.g.doubleclick.net/pagead/adview?ai=Cu_htRwn_ZOLUDbGJ1PIPipOemASz8rngcY-LuYTZEciLhZ4LEAEguoTAM2D1lc6B4ASgAajh7KIDyAEJqQJJ9CHsiNmyPuACAKgDAcgDSKoE3QJP0KNI-82jEdN1aKagxd8hoRfytPd2...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x4f42bc62f6c7a0780000000000000000%22,%222%22:%220xe074b6e847d661b60000000000000000%22,%223%22:%220x77d792...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x4f42bc62f6c7a0780000000000000000%22,%222%22:%220xe074b6e847d661b60000000000000000%22,%223%22:%220x77d792cd05be6fd50000000000000000%22,%224%22:%220xec09973066c779700000000000000000%22,%225%22:%220xd363a04b26b7c0220000000000000000%22},%22debug_key%22:%229155305784230816682%22,%22debug_reporting%22:true,%22destination%22:%22https://ilmac.ch%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22878391464%22],%224%22:[%2209-11%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%221187606285425782721%22}&andc=true
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xie-yan-fu-bing-shi-qi-kong-su-yi-shi-yao-tui-xiu-bi-zhuan-zhen.html
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://19be587d143de049fa82e13b2a9ca414.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 12:34:16 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"aggregation_keys":{"1":"0x4f42bc62f6c7a0780000000000000000","2":"0xe074b6e847d661b60000000000000000","3":"0x77d792cd05be6fd50000000000000000","4":"0xec09973066c779700000000000000000","5":"0xd363a04b26b7c0220000000000000000"},"debug_key":"9155305784230816682","debug_reporting":true,"destination":"https://ilmac.ch","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["878391464"],"4":["09-11"],"6":["true"]},"priority":"500","source_event_id":"1187606285425782721"}
server
cafe
content-type
text/css; charset=UTF-8
access-control-allow-origin
null
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 11 Sep 2023 12:34:16 GMT

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
date
Mon, 11 Sep 2023 12:34:16 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x4f42bc62f6c7a0780000000000000000","2":"0xe074b6e847d661b60000000000000000","3":"0x77d792cd05be6fd50000000000000000","4":"0xec09973066c779700000000000000000","5":"0xd363a04b26b7c0220000000000000000"},"debug_key":"9155305784230816682","debug_reporting":true,"destination":"https://ilmac.ch","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["878391464"],"4":["09-11"],"6":["true"]},"priority":"500","source_event_id":"1187606285425782721"}&andc=true
access-control-allow-origin
https://19be587d143de049fa82e13b2a9ca414.safeframe.googlesyndication.com
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
adview
securepubads.g.doubleclick.net/pagead/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=Cu_htRwn_ZOLUDbGJ1PIPipOemASz8rngcY-LuYTZEciLhZ4LEAEguoTAM2D1lc6B4ASgAajh7KIDyAEJqQJJ9CHsiNmyPuACAKgDAcgDSKoE3QJP0KNI-82jEdN1aKagxd8hoRfytPd2q1j7Wj0yVzwK0H1Yaa8W8WNAY7-71gyvmOtKwkW87me1odXJHqemFqJgFBBBnU3obUZAlaZmgZZqA6ZKhlZYdH_TwTI551sic9Kx0u5GD8tr4d2IYszcOD1kBX3-c910__YWmhyjAg4miBMLSrET6Wwly6HebQpUZEDWC-7A4Vi6mo4ySZIom51_qeL9czOv0vMLYX8wXMZ1SUrkewWaTQfA-DNDdBthhH0pRpnecA1omF5waOQcZTIKbdRNd3sUQE1LlGGO9sgQ9tzhqUlObittTyfjjzORBMve-3lT7U_YiUgvN40WOBq2x4Mgh2Mt92WsFF16zTOl-UeFm26Q8u6ehMBsIo8G_tB_IPTxIfRCRuE1u22iMZe57PaJ84rpbFXgmJKJR_kOjYkQyRaVPa5Mpj4lIeMNAcxX3dpgipNUuDqXOYeswASrsdn1qwTgBAGIBdyuw9JKkgUECAQYAZIFBAgFGASgBi6AB8Cek12oB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBDa3RbSCBQIgGEQARgdMgKKAjoCgEBIvf3BOvIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MJoJLWh0dHBzOi8vd3d3LmlsbWFjLmNoL2VuL2Jhc2VsL3Zpc2l0L2NhbXBhaWduL4AKA8gLAdoMEQoLEKCfxZT8sLDltgESAgED2BMK0BUBmBYBgBcBshceChwIABIUcHViLTEzMjUzNDA0Mjk4MjM1MDIYyqse&sigh=KdC6N-viG2Q&uach_m=[UACH]&ase=2&cid=CAQSOwBpAlJW3aVz6k-DOUADUxcKtWGHLUfdSPKG5RSdDuzhXoYp8blOuuPcyMYuzjzmqVY9jcnZ9yU9rcE7GAE&template_id=419&cbvp=2&vis=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://19be587d143de049fa82e13b2a9ca414.safeframe.googlesyndication.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://19be587d143de049fa82e13b2a9ca414.safeframe.googlesyndication.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Mon, 11 Sep 2023 12:34:16 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
480_650.mp4
cdn.vidverto.io/secured2/BBXffsIs60OI88dHK70Oug:1694439253/1327/video/1811/ 		84 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.vidverto.io/secured2/BBXffsIs60OI88dHK70Oug:1694439253/1327/video/1811/480_650.mp4
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xie-yan-fu-bing-shi-qi-kong-su-yi-shi-yao-tui-xiu-bi-zhuan-zhen.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
190.2.150.144 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
190-2-150-144.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash

Request headers

Referer
https://www.bg3.co/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

Date
Mon, 11 Sep 2023 12:34:16 GMT
Last-Modified
Thu, 02 Sep 2021 16:34:58 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"6130fd32-101dff4"
Content-Type
video/mp4
Access-Control-Allow-Origin
*
Content-Range
bytes 0-16900083/16900084
Connection
keep-alive
Content-Length
16900084
afr.php
ads.eu.criteo.com/delivery/r/ Frame C39C 		127 KB
45 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=ZP8JRwAGGbMEwtBXAAKM2XQFzJ89oRjm8wW57A&u=%7C7986pjaTk5bKDdYvow31XtW5mXBQNx1y0xT0l5y4rlQ%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdhoxLfz-cNqzFiF5C1iIi-No5dsH_gGJ612oS23GCZbDG9-Jcw020wuh3fZaV5E5SsgfVE6kyN1dHenPxHoxWxpsS9TrFIAD7Pk3t4SD6FX2elV3AWLexpWEnMttjdNdRrnvoJ-mjfXQj0VdsQIyXAMZuf36wroCtmDyIZtDfft0dNaV-V9hmkJxVx8lxTwZVy_y1_ADx9Ar-_Ei-6gT_jrx3O9kht9cqZtnUSA4xr493VizFwCyymKTR_7OX8ziG31mCm3D2-3ObqFMGyKcp0uxL-XYmkUscyBQh9HBZOh3wB3YA7q-86o8Er50EVIrJvRUBfqopuT6WmINMqe2-L76CG-RtYdN-RXsBHQbcWBh6TY8lEyXi6vtSOgMf2TSMDRrRIvqyQ1Igrx9bQQG4wzeo4CRBOWuWnmjoVBLD-RGSyj1T8l37Wqe8oSmQo6fnRzm1sCnWinecfnqy2eZETh62zRQn-rqEzd4iuZGAmNQv2SfmhILQSTfMyFuudMTt8pnroT-nODKVEIWhZcSAtgjWa4sv_YYHQPlXCQi3Is4P1OZFdgKk5cUdJiYi9TD_-LWOsWMosydbneyjRaz8nDXia5DQS7Bdu2kQcQ6aP4sAf856kyEn4UyXAca5qJtF0zCpk0_wSWxZUtA6-2dZLjlitwqiR8xrN-91BqZ7qQstI0M3Jt3LPrPZfbauku7CFmeP5x6ATGS4h8xkaPBEw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCRwV0Rwn_ZLOzGNegi9YP2ZmKoAbJntKxXNWdkfdwwI23ARABIABg9ZXOgeAEggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpArmvXfDW_7E-qAMByAMCqgSmAk_Qp2AR8pQUQclIptlDolgLizSaTVtEjot56kucIj6rfVdLHcEteWVwn5PxHVoQ8y0ZJRHqouskacXBOETF6lcCr8itTMwqd1WgU5odgXF3NOxvUpmmThO4Yfvd1jUJHrEUU5Fvbz1aHGk9KEyw-v9M_9SG6rgHoR_vK4qtPqpq0SvogC39aT7d6E66zK8VNXey0pax3uCB8KcbaFRigKAcShz19UW3pUAmdR8pdKGVSNF-yJsV-B5s9QKBVddWoiqEJcaLI58PxQ6uElrodZuSlpUNE_LOTjebZAj6hnIVAlrr13Ew6dLQJBrYMr1LWfUKbJEDSUNmCBviU-drDg7uHaE9EQjZIjhFa1JEnHrndeNyje37emwh4Q8y58SuXsrIiZWVi4AG7qSDqa_V369ZoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0baRgu6aIY4Ta0a8WTPnHM6ys4Eg%26client%3Dca-pub-4485239425924787%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301107&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1694428455&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxie-yan-fu-bing-shi-qi-kong-su-yi-shi-yao-tui-xiu-bi-zhuan-zhen.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694435654342&bpp=539&bdt=789&idt=931&shv=r20230906&mjsv=m202309060101&ptt=5&saldr=sd&cookie=ID%3D050c352e40c34459%3AT%3D1694435653%3ART%3D1694435653%3AS%3DALNI_MaMqZh8i9RnVEXbYAdt4sdhuIqPhg&gpic=UID%3D00000c71d2ea5162%3AT%3D1694435653%3ART%3D1694435653%3AS%3DALNI_MYT6Vh6T4H89y6jhRrUY6HZHhIwDg&correlator=1234989831690&frm=23&ife=1&pv=1&ga_vid=2033806290.1694435655&ga_sid=1694435655&ga_hid=47684765&ga_fc=0&ga_cid=amp-ZZfTcNPgaU4XzHAosBFIYw&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=2780182601&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C44798934&oid=2&pvsid=562622493605378&tmod=187379184&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.tw4huzh369ut&fsb=1&dtd=948
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
b85377882900eda490f8f0958453388a21ba8d101e2193e7e540a40e1ecf031e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Mon, 11 Sep 2023 12:34:15 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=xecHPRF1f3OdGv3qez0nm4USt6ChkJjJlYFzAHUnYoBjy_MhTMGSc2qUtNWrVkhc_rG7O01Z5wVSQmLR_Xx7mh64xjG9RWbtvXhkpqe5zBF69NmqnxgkW89Nob-LP4Dx56MXCKU1Bz8JzONW5MTIMnPZqIsimc69FA5LN_8OIJCwJ9-kC_TJ6oQDmqg5PEkowiSNYs99RDKDKFyvTc26L0EHpSKLa9qjeOmZq1R8AKUTEUxevwsE6D3XkTNqjHMCuzL7Iw"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
47257077
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame C160 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301107&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1694428455&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxie-yan-fu-bing-shi-qi-kong-su-yi-shi-yao-tui-xiu-bi-zhuan-zhen.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694435654342&bpp=539&bdt=789&idt=931&shv=r20230906&mjsv=m202309060101&ptt=5&saldr=sd&cookie=ID%3D050c352e40c34459%3AT%3D1694435653%3ART%3D1694435653%3AS%3DALNI_MaMqZh8i9RnVEXbYAdt4sdhuIqPhg&gpic=UID%3D00000c71d2ea5162%3AT%3D1694435653%3ART%3D1694435653%3AS%3DALNI_MYT6Vh6T4H89y6jhRrUY6HZHhIwDg&correlator=1234989831690&frm=23&ife=1&pv=1&ga_vid=2033806290.1694435655&ga_sid=1694435655&ga_hid=47684765&ga_fc=0&ga_cid=amp-ZZfTcNPgaU4XzHAosBFIYw&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=2780182601&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C44798934&oid=2&pvsid=562622493605378&tmod=187379184&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.tw4huzh369ut&fsb=1&dtd=948
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
74219
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 10 Sep 2023 15:57:17 GMT
etag
48472445140208031
expires
Mon, 11 Sep 2023 15:57:17 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
track
t.teads.tv/ Frame AFFD 		23 B
134 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.teads.tv/track?action=adAvailable-success&env=js-web&auctid=6cb247c3-d4af-47d8-af5b-93402999ab0f_50b45b42-c1ea-4c9e-9f86-d8579626f5b9&pageId=154680&pid=169092&hb_provider=prebid&vid=dda1694e-37ca-4de0-b5a1-6d30c645324e&slot=native&pfid=72&gid=1028799&sid=174681&fv=1247&ts=1694435656246&f=1&referer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxie-yan-fu-bing-shi-qi-kong-su-yi-shi-yao-tui-xiu-bi-zhuan-zhen.html
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xie-yan-fu-bing-shi-qi-kong-su-yi-shi-yao-tui-xiu-bi-zhuan-zhen.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.161.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-161-51.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Sat, 26 Jul 1997 05:00:00 GMT
date
Mon, 11 Sep 2023 12:34:16 GMT
cache-control
max-age=0, no-cache, no-store
content-length
23
content-type
image/gif
truncated
/ Frame ABB7 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
029bdff55dd57172035b8fffea0b4ec78250a925ecef0011b8369da909e8ee47

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
/
www.googleadservices.com/pagead/ar-adview/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x4f42bc62f6c7a0780000000000000000%22,%222%22:%220xe074b6e847d661b60000000000000000%22,%223%22:%220x77d792cd05be6fd50000000000000000%22,%224%22:%220xec09973066c779700000000000000000%22,%225%22:%220xd363a04b26b7c0220000000000000000%22},%22debug_key%22:%229155305784230816682%22,%22debug_reporting%22:true,%22destination%22:%22https://ilmac.ch%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22878391464%22],%224%22:[%2209-11%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%221187606285425782721%22}&andc=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
null
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Mon, 11 Sep 2023 12:34:16 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
privacy_small.svg
static.criteo.net/flash/icon/ Frame C39C 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZP8JRwAGGbMEwtBXAAKM2XQFzJ89oRjm8wW57A&u=%7C7986pjaTk5bKDdYvow31XtW5mXBQNx1y0xT0l5y4rlQ%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdhoxLfz-cNqzFiF5C1iIi-No5dsH_gGJ612oS23GCZbDG9-Jcw020wuh3fZaV5E5SsgfVE6kyN1dHenPxHoxWxpsS9TrFIAD7Pk3t4SD6FX2elV3AWLexpWEnMttjdNdRrnvoJ-mjfXQj0VdsQIyXAMZuf36wroCtmDyIZtDfft0dNaV-V9hmkJxVx8lxTwZVy_y1_ADx9Ar-_Ei-6gT_jrx3O9kht9cqZtnUSA4xr493VizFwCyymKTR_7OX8ziG31mCm3D2-3ObqFMGyKcp0uxL-XYmkUscyBQh9HBZOh3wB3YA7q-86o8Er50EVIrJvRUBfqopuT6WmINMqe2-L76CG-RtYdN-RXsBHQbcWBh6TY8lEyXi6vtSOgMf2TSMDRrRIvqyQ1Igrx9bQQG4wzeo4CRBOWuWnmjoVBLD-RGSyj1T8l37Wqe8oSmQo6fnRzm1sCnWinecfnqy2eZETh62zRQn-rqEzd4iuZGAmNQv2SfmhILQSTfMyFuudMTt8pnroT-nODKVEIWhZcSAtgjWa4sv_YYHQPlXCQi3Is4P1OZFdgKk5cUdJiYi9TD_-LWOsWMosydbneyjRaz8nDXia5DQS7Bdu2kQcQ6aP4sAf856kyEn4UyXAca5qJtF0zCpk0_wSWxZUtA6-2dZLjlitwqiR8xrN-91BqZ7qQstI0M3Jt3LPrPZfbauku7CFmeP5x6ATGS4h8xkaPBEw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCRwV0Rwn_ZLOzGNegi9YP2ZmKoAbJntKxXNWdkfdwwI23ARABIABg9ZXOgeAEggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpArmvXfDW_7E-qAMByAMCqgSmAk_Qp2AR8pQUQclIptlDolgLizSaTVtEjot56kucIj6rfVdLHcEteWVwn5PxHVoQ8y0ZJRHqouskacXBOETF6lcCr8itTMwqd1WgU5odgXF3NOxvUpmmThO4Yfvd1jUJHrEUU5Fvbz1aHGk9KEyw-v9M_9SG6rgHoR_vK4qtPqpq0SvogC39aT7d6E66zK8VNXey0pax3uCB8KcbaFRigKAcShz19UW3pUAmdR8pdKGVSNF-yJsV-B5s9QKBVddWoiqEJcaLI58PxQ6uElrodZuSlpUNE_LOTjebZAj6hnIVAlrr13Ew6dLQJBrYMr1LWfUKbJEDSUNmCBviU-drDg7uHaE9EQjZIjhFa1JEnHrndeNyje37emwh4Q8y58SuXsrIiZWVi4AG7qSDqa_V369ZoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0baRgu6aIY4Ta0a8WTPnHM6ys4Eg%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 12:34:16 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 05 Sep 2024 12:34:16 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame C39C 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZP8JRwAGGbMEwtBXAAKM2XQFzJ89oRjm8wW57A&u=%7C7986pjaTk5bKDdYvow31XtW5mXBQNx1y0xT0l5y4rlQ%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdhoxLfz-cNqzFiF5C1iIi-No5dsH_gGJ612oS23GCZbDG9-Jcw020wuh3fZaV5E5SsgfVE6kyN1dHenPxHoxWxpsS9TrFIAD7Pk3t4SD6FX2elV3AWLexpWEnMttjdNdRrnvoJ-mjfXQj0VdsQIyXAMZuf36wroCtmDyIZtDfft0dNaV-V9hmkJxVx8lxTwZVy_y1_ADx9Ar-_Ei-6gT_jrx3O9kht9cqZtnUSA4xr493VizFwCyymKTR_7OX8ziG31mCm3D2-3ObqFMGyKcp0uxL-XYmkUscyBQh9HBZOh3wB3YA7q-86o8Er50EVIrJvRUBfqopuT6WmINMqe2-L76CG-RtYdN-RXsBHQbcWBh6TY8lEyXi6vtSOgMf2TSMDRrRIvqyQ1Igrx9bQQG4wzeo4CRBOWuWnmjoVBLD-RGSyj1T8l37Wqe8oSmQo6fnRzm1sCnWinecfnqy2eZETh62zRQn-rqEzd4iuZGAmNQv2SfmhILQSTfMyFuudMTt8pnroT-nODKVEIWhZcSAtgjWa4sv_YYHQPlXCQi3Is4P1OZFdgKk5cUdJiYi9TD_-LWOsWMosydbneyjRaz8nDXia5DQS7Bdu2kQcQ6aP4sAf856kyEn4UyXAca5qJtF0zCpk0_wSWxZUtA6-2dZLjlitwqiR8xrN-91BqZ7qQstI0M3Jt3LPrPZfbauku7CFmeP5x6ATGS4h8xkaPBEw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCRwV0Rwn_ZLOzGNegi9YP2ZmKoAbJntKxXNWdkfdwwI23ARABIABg9ZXOgeAEggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpArmvXfDW_7E-qAMByAMCqgSmAk_Qp2AR8pQUQclIptlDolgLizSaTVtEjot56kucIj6rfVdLHcEteWVwn5PxHVoQ8y0ZJRHqouskacXBOETF6lcCr8itTMwqd1WgU5odgXF3NOxvUpmmThO4Yfvd1jUJHrEUU5Fvbz1aHGk9KEyw-v9M_9SG6rgHoR_vK4qtPqpq0SvogC39aT7d6E66zK8VNXey0pax3uCB8KcbaFRigKAcShz19UW3pUAmdR8pdKGVSNF-yJsV-B5s9QKBVddWoiqEJcaLI58PxQ6uElrodZuSlpUNE_LOTjebZAj6hnIVAlrr13Ew6dLQJBrYMr1LWfUKbJEDSUNmCBviU-drDg7uHaE9EQjZIjhFa1JEnHrndeNyje37emwh4Q8y58SuXsrIiZWVi4AG7qSDqa_V369ZoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0baRgu6aIY4Ta0a8WTPnHM6ys4Eg%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 12:34:16 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 05 Sep 2024 12:34:16 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame C39C 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZP8JRwAGGbMEwtBXAAKM2XQFzJ89oRjm8wW57A&u=%7C7986pjaTk5bKDdYvow31XtW5mXBQNx1y0xT0l5y4rlQ%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdhoxLfz-cNqzFiF5C1iIi-No5dsH_gGJ612oS23GCZbDG9-Jcw020wuh3fZaV5E5SsgfVE6kyN1dHenPxHoxWxpsS9TrFIAD7Pk3t4SD6FX2elV3AWLexpWEnMttjdNdRrnvoJ-mjfXQj0VdsQIyXAMZuf36wroCtmDyIZtDfft0dNaV-V9hmkJxVx8lxTwZVy_y1_ADx9Ar-_Ei-6gT_jrx3O9kht9cqZtnUSA4xr493VizFwCyymKTR_7OX8ziG31mCm3D2-3ObqFMGyKcp0uxL-XYmkUscyBQh9HBZOh3wB3YA7q-86o8Er50EVIrJvRUBfqopuT6WmINMqe2-L76CG-RtYdN-RXsBHQbcWBh6TY8lEyXi6vtSOgMf2TSMDRrRIvqyQ1Igrx9bQQG4wzeo4CRBOWuWnmjoVBLD-RGSyj1T8l37Wqe8oSmQo6fnRzm1sCnWinecfnqy2eZETh62zRQn-rqEzd4iuZGAmNQv2SfmhILQSTfMyFuudMTt8pnroT-nODKVEIWhZcSAtgjWa4sv_YYHQPlXCQi3Is4P1OZFdgKk5cUdJiYi9TD_-LWOsWMosydbneyjRaz8nDXia5DQS7Bdu2kQcQ6aP4sAf856kyEn4UyXAca5qJtF0zCpk0_wSWxZUtA6-2dZLjlitwqiR8xrN-91BqZ7qQstI0M3Jt3LPrPZfbauku7CFmeP5x6ATGS4h8xkaPBEw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCRwV0Rwn_ZLOzGNegi9YP2ZmKoAbJntKxXNWdkfdwwI23ARABIABg9ZXOgeAEggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpArmvXfDW_7E-qAMByAMCqgSmAk_Qp2AR8pQUQclIptlDolgLizSaTVtEjot56kucIj6rfVdLHcEteWVwn5PxHVoQ8y0ZJRHqouskacXBOETF6lcCr8itTMwqd1WgU5odgXF3NOxvUpmmThO4Yfvd1jUJHrEUU5Fvbz1aHGk9KEyw-v9M_9SG6rgHoR_vK4qtPqpq0SvogC39aT7d6E66zK8VNXey0pax3uCB8KcbaFRigKAcShz19UW3pUAmdR8pdKGVSNF-yJsV-B5s9QKBVddWoiqEJcaLI58PxQ6uElrodZuSlpUNE_LOTjebZAj6hnIVAlrr13Ew6dLQJBrYMr1LWfUKbJEDSUNmCBviU-drDg7uHaE9EQjZIjhFa1JEnHrndeNyje37emwh4Q8y58SuXsrIiZWVi4AG7qSDqa_V369ZoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0baRgu6aIY4Ta0a8WTPnHM6ys4Eg%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 12:34:16 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Thu, 05 Sep 2024 12:34:16 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame C39C 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZP8JRwAGGbMEwtBXAAKM2XQFzJ89oRjm8wW57A&u=%7C7986pjaTk5bKDdYvow31XtW5mXBQNx1y0xT0l5y4rlQ%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdhoxLfz-cNqzFiF5C1iIi-No5dsH_gGJ612oS23GCZbDG9-Jcw020wuh3fZaV5E5SsgfVE6kyN1dHenPxHoxWxpsS9TrFIAD7Pk3t4SD6FX2elV3AWLexpWEnMttjdNdRrnvoJ-mjfXQj0VdsQIyXAMZuf36wroCtmDyIZtDfft0dNaV-V9hmkJxVx8lxTwZVy_y1_ADx9Ar-_Ei-6gT_jrx3O9kht9cqZtnUSA4xr493VizFwCyymKTR_7OX8ziG31mCm3D2-3ObqFMGyKcp0uxL-XYmkUscyBQh9HBZOh3wB3YA7q-86o8Er50EVIrJvRUBfqopuT6WmINMqe2-L76CG-RtYdN-RXsBHQbcWBh6TY8lEyXi6vtSOgMf2TSMDRrRIvqyQ1Igrx9bQQG4wzeo4CRBOWuWnmjoVBLD-RGSyj1T8l37Wqe8oSmQo6fnRzm1sCnWinecfnqy2eZETh62zRQn-rqEzd4iuZGAmNQv2SfmhILQSTfMyFuudMTt8pnroT-nODKVEIWhZcSAtgjWa4sv_YYHQPlXCQi3Is4P1OZFdgKk5cUdJiYi9TD_-LWOsWMosydbneyjRaz8nDXia5DQS7Bdu2kQcQ6aP4sAf856kyEn4UyXAca5qJtF0zCpk0_wSWxZUtA6-2dZLjlitwqiR8xrN-91BqZ7qQstI0M3Jt3LPrPZfbauku7CFmeP5x6ATGS4h8xkaPBEw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCRwV0Rwn_ZLOzGNegi9YP2ZmKoAbJntKxXNWdkfdwwI23ARABIABg9ZXOgeAEggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpArmvXfDW_7E-qAMByAMCqgSmAk_Qp2AR8pQUQclIptlDolgLizSaTVtEjot56kucIj6rfVdLHcEteWVwn5PxHVoQ8y0ZJRHqouskacXBOETF6lcCr8itTMwqd1WgU5odgXF3NOxvUpmmThO4Yfvd1jUJHrEUU5Fvbz1aHGk9KEyw-v9M_9SG6rgHoR_vK4qtPqpq0SvogC39aT7d6E66zK8VNXey0pax3uCB8KcbaFRigKAcShz19UW3pUAmdR8pdKGVSNF-yJsV-B5s9QKBVddWoiqEJcaLI58PxQ6uElrodZuSlpUNE_LOTjebZAj6hnIVAlrr13Ew6dLQJBrYMr1LWfUKbJEDSUNmCBviU-drDg7uHaE9EQjZIjhFa1JEnHrndeNyje37emwh4Q8y58SuXsrIiZWVi4AG7qSDqa_V369ZoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0baRgu6aIY4Ta0a8WTPnHM6ys4Eg%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 12:34:16 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Thu, 05 Sep 2024 12:34:16 GMT
lg.php
cat.fr3.eu.criteo.com/delivery/ Frame C39C 		43 B
348 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.fr3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=JWL4pB0rqOpHnIth6-Awl8Qw4fgLpn6HSHnoDlbVgW5gQQsdxeBEDjdZHcMy4qp8y4Fi7AugdbTOWnq_1gEEU_DkBUzhlNbnYNYEIVTVD3qVgBGRtUezooJ7fBX22yJp99Gv5pqnXcLZcOTUiUODeYjvEYgJwRgzqjP8o_M4XkJr3Et5zu6ZsABIOgRH6xCTyLCyZhom4nwYtEoBBTbO2XDINjqjO8rafGJJo2BXr_3pE4g-Vf5Hu6peR27-SRbZdUNbJI7M8m4vCp53csXAKicz4H29Ljx0eFrt5GeEqF6ggKPMeRzqutaQUbxTVO-TSDJJzVbIpKLBJSBYPqSdWdNOfB6DaUh16sb8FP28t49g-CDaQHpWiQ1lOmgsbwr739zCjC5PzkoiIZHURou4u7s3n26vikKsowudWQgFP3V0i-jdpN0yeaO9arWvkuxny_swNKPa0jx60UcVAvIVqH11Ju2FVe_ZrGE5aLG3a_akrHQMwxxP3ED8DrXWEZ8POB8Z9Fr2_8QegpepIloE37KASjlWgMTG-Di81_MCrhXIIAhQ
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZP8JRwAGGbMEwtBXAAKM2XQFzJ89oRjm8wW57A&u=%7C7986pjaTk5bKDdYvow31XtW5mXBQNx1y0xT0l5y4rlQ%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdhoxLfz-cNqzFiF5C1iIi-No5dsH_gGJ612oS23GCZbDG9-Jcw020wuh3fZaV5E5SsgfVE6kyN1dHenPxHoxWxpsS9TrFIAD7Pk3t4SD6FX2elV3AWLexpWEnMttjdNdRrnvoJ-mjfXQj0VdsQIyXAMZuf36wroCtmDyIZtDfft0dNaV-V9hmkJxVx8lxTwZVy_y1_ADx9Ar-_Ei-6gT_jrx3O9kht9cqZtnUSA4xr493VizFwCyymKTR_7OX8ziG31mCm3D2-3ObqFMGyKcp0uxL-XYmkUscyBQh9HBZOh3wB3YA7q-86o8Er50EVIrJvRUBfqopuT6WmINMqe2-L76CG-RtYdN-RXsBHQbcWBh6TY8lEyXi6vtSOgMf2TSMDRrRIvqyQ1Igrx9bQQG4wzeo4CRBOWuWnmjoVBLD-RGSyj1T8l37Wqe8oSmQo6fnRzm1sCnWinecfnqy2eZETh62zRQn-rqEzd4iuZGAmNQv2SfmhILQSTfMyFuudMTt8pnroT-nODKVEIWhZcSAtgjWa4sv_YYHQPlXCQi3Is4P1OZFdgKk5cUdJiYi9TD_-LWOsWMosydbneyjRaz8nDXia5DQS7Bdu2kQcQ6aP4sAf856kyEn4UyXAca5qJtF0zCpk0_wSWxZUtA6-2dZLjlitwqiR8xrN-91BqZ7qQstI0M3Jt3LPrPZfbauku7CFmeP5x6ATGS4h8xkaPBEw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCRwV0Rwn_ZLOzGNegi9YP2ZmKoAbJntKxXNWdkfdwwI23ARABIABg9ZXOgeAEggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpArmvXfDW_7E-qAMByAMCqgSmAk_Qp2AR8pQUQclIptlDolgLizSaTVtEjot56kucIj6rfVdLHcEteWVwn5PxHVoQ8y0ZJRHqouskacXBOETF6lcCr8itTMwqd1WgU5odgXF3NOxvUpmmThO4Yfvd1jUJHrEUU5Fvbz1aHGk9KEyw-v9M_9SG6rgHoR_vK4qtPqpq0SvogC39aT7d6E66zK8VNXey0pax3uCB8KcbaFRigKAcShz19UW3pUAmdR8pdKGVSNF-yJsV-B5s9QKBVddWoiqEJcaLI58PxQ6uElrodZuSlpUNE_LOTjebZAj6hnIVAlrr13Ew6dLQJBrYMr1LWfUKbJEDSUNmCBviU-drDg7uHaE9EQjZIjhFa1JEnHrndeNyje37emwh4Q8y58SuXsrIiZWVi4AG7qSDqa_V369ZoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0baRgu6aIY4Ta0a8WTPnHM6ys4Eg%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 11 Sep 2023 12:34:15 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2272683
expires
Mon, 26 Jul 1997 05:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 6F21
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEPfOl1hm4CI34Ui5bmBoBa8&google_cve...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEPfOl1hm4CI34Ui5bmBoBa8&goog...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=M3lIb2lEdnYxUUZHN201&google_gid=CAESEPfOl1hm4CI34Ui5bmBoBa8&google_cver=1&google_push=AXcoOmQ6nzGL-beta5H3YfjpUaXJhV4s5vKw3VcBoEcoqSN...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=M3lIb2lEdnYxUUZHN201&google_gid=CAESEPfOl1hm4CI34Ui5bmBoBa8&google_cver=1&google_push=AXcoOmQ6nzGL-beta5H3YfjpUaXJhV4s5vKw3VcBoEcoqSN4gS7jnJOWCszziJQf56GR1WOj9evDcWvKsWv1sAhGimknWpLRbBbQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301106&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1694428455&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxie-yan-fu-bing-shi-qi-kong-su-yi-shi-yao-tui-xiu-bi-zhuan-zhen.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694435654340&bpp=270&bdt=780&idt=734&shv=r20230906&mjsv=m202309060101&ptt=5&saldr=sd&cookie=ID%3D050c352e40c34459%3AT%3D1694435653%3ART%3D1694435653%3AS%3DALNI_MaMqZh8i9RnVEXbYAdt4sdhuIqPhg&gpic=UID%3D00000c71d2ea5162%3AT%3D1694435653%3ART%3D1694435653%3AS%3DALNI_MYT6Vh6T4H89y6jhRrUY6HZHhIwDg&correlator=1234989831690&frm=23&ife=1&pv=2&ga_vid=2034881998.1694435655&ga_sid=1694435655&ga_hid=1127634491&ga_fc=0&ga_cid=amp-ZZfTcNPgaU4XzHAosBFIYw&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2335&biw=1600&bih=1200&isw=336&ish=280&ifk=4206194273&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31076838%2C31077330%2C31077559%2C42532334%2C44792013&oid=2&pvsid=1976443460035150&tmod=441640564&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.w3234lx7lhfr&btvi=1&fsb=1&dtd=751
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 11 Sep 2023 12:34:16 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 11 Sep 2023 12:34:16 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-788-g55788f4#dev-temp-decrease-retargeting-updates-batch i-0f5e39ca57a5c2bae@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=M3lIb2lEdnYxUUZHN201&google_gid=CAESEPfOl1hm4CI34Ui5bmBoBa8&google_cver=1&google_push=AXcoOmQ6nzGL-beta5H3YfjpUaXJhV4s5vKw3VcBoEcoqSN4gS7jnJOWCszziJQf56GR1WOj9evDcWvKsWv1sAhGimknWpLRbBbQ
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
i.match
s.tribalfusion.com/z/ Frame 6F21
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEDc2nLbVJXS8T2tE2ICwbK4&google_cver=1&google_push=AXcoOmT8ElVHG5aUiM1kXwZvp2dzl4aTzaiBqunBHXP9vYBiyMq_Gxb4dZX1sKG3p_QLugpKikDE5Sch1st76ej6onXgdfmL_9LO&...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEDc2nLbVJXS8T2tE2ICwbK4&google_cver=1&google_push=AXcoOmT8ElVHG5aUiM1kXwZvp2dzl4aTzaiBqunBHXP9vYBiyMq_Gxb4dZX1sKG3p_QLugpKikDE5Sch1st76ej6onXgdfmL_9L...
43 B
418 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEDc2nLbVJXS8T2tE2ICwbK4&google_cver=1&google_push=AXcoOmT8ElVHG5aUiM1kXwZvp2dzl4aTzaiBqunBHXP9vYBiyMq_Gxb4dZX1sKG3p_QLugpKikDE5Sch1st76ej6onXgdfmL_9LO&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmT8ElVHG5aUiM1kXwZvp2dzl4aTzaiBqunBHXP9vYBiyMq_Gxb4dZX1sKG3p_QLugpKikDE5Sch1st76ej6onXgdfmL_9LO%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301106&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1694428455&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxie-yan-fu-bing-shi-qi-kong-su-yi-shi-yao-tui-xiu-bi-zhuan-zhen.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694435654340&bpp=270&bdt=780&idt=734&shv=r20230906&mjsv=m202309060101&ptt=5&saldr=sd&cookie=ID%3D050c352e40c34459%3AT%3D1694435653%3ART%3D1694435653%3AS%3DALNI_MaMqZh8i9RnVEXbYAdt4sdhuIqPhg&gpic=UID%3D00000c71d2ea5162%3AT%3D1694435653%3ART%3D1694435653%3AS%3DALNI_MYT6Vh6T4H89y6jhRrUY6HZHhIwDg&correlator=1234989831690&frm=23&ife=1&pv=2&ga_vid=2034881998.1694435655&ga_sid=1694435655&ga_hid=1127634491&ga_fc=0&ga_cid=amp-ZZfTcNPgaU4XzHAosBFIYw&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2335&biw=1600&bih=1200&isw=336&ish=280&ifk=4206194273&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31076838%2C31077330%2C31077559%2C42532334%2C44792013&oid=2&pvsid=1976443460035150&tmod=441640564&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.w3234lx7lhfr&btvi=1&fsb=1&dtd=751
Protocol
H2
Server
2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 11 Sep 2023 12:34:16 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
804ff1a649d65272-MXP
alt-svc
h3=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 11 Sep 2023 12:34:16 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
266
content-type
text/html
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEDc2nLbVJXS8T2tE2ICwbK4&google_cver=1&google_push=AXcoOmT8ElVHG5aUiM1kXwZvp2dzl4aTzaiBqunBHXP9vYBiyMq_Gxb4dZX1sKG3p_QLugpKikDE5Sch1st76ej6onXgdfmL_9LO&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmT8ElVHG5aUiM1kXwZvp2dzl4aTzaiBqunBHXP9vYBiyMq_Gxb4dZX1sKG3p_QLugpKikDE5Sch1st76ej6onXgdfmL_9LO%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
804ff1a4f8035272-MXP
alt-svc
h3=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 6F21
Redirect Chain
  • https://ums.acuityplatform.com/tum?umid=4&uid=CAESELuMQOabAOMo4tMFZVdAY5E&google_cver=1&google_push=AXcoOmRW2U0Me8V4xioJZ8YN945D2BjKGB4c9JJEAvZoBhzp0dmmY8U7qxX7jM7cwciU2ylpGIzerniAJByCEGiZZsB4KUdG5Neg
  • https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=826005494477
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=826005494477
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301106&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1694428455&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxie-yan-fu-bing-shi-qi-kong-su-yi-shi-yao-tui-xiu-bi-zhuan-zhen.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694435654340&bpp=270&bdt=780&idt=734&shv=r20230906&mjsv=m202309060101&ptt=5&saldr=sd&cookie=ID%3D050c352e40c34459%3AT%3D1694435653%3ART%3D1694435653%3AS%3DALNI_MaMqZh8i9RnVEXbYAdt4sdhuIqPhg&gpic=UID%3D00000c71d2ea5162%3AT%3D1694435653%3ART%3D1694435653%3AS%3DALNI_MYT6Vh6T4H89y6jhRrUY6HZHhIwDg&correlator=1234989831690&frm=23&ife=1&pv=2&ga_vid=2034881998.1694435655&ga_sid=1694435655&ga_hid=1127634491&ga_fc=0&ga_cid=amp-ZZfTcNPgaU4XzHAosBFIYw&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2335&biw=1600&bih=1200&isw=336&ish=280&ifk=4206194273&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31076838%2C31077330%2C31077559%2C42532334%2C44792013&oid=2&pvsid=1976443460035150&tmod=441640564&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.w3234lx7lhfr&btvi=1&fsb=1&dtd=751
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 11 Sep 2023 12:34:16 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

access-control-allow-origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=826005494477
content-length
0
pixel
cm.g.doubleclick.net/ Frame 6F21
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEFduTIuX4ZEy1klET8fGFK8&google_cver=1&google_push=AXcoOmTAsM2l_wJFPnOHHE-EcidtK6GF3IZJU5dGEjNRtzjmCNpXZQE8evWh2q4kbfPOXojkR0QlvXf1...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Mzk2NzY3NDQ2NDc0MTkyNDk0Mg&google_push=AXcoOmTAsM2l_wJFPnOHHE-EcidtK6GF3IZJU5dGEjNRtzjmCNpXZQE8evWh2q4kbfPOXojkR0QlvX...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Mzk2NzY3NDQ2NDc0MTkyNDk0Mg&google_push=AXcoOmTAsM2l_wJFPnOHHE-EcidtK6GF3IZJU5dGEjNRtzjmCNpXZQE8evWh2q4kbfPOXojkR0QlvXf1Cx_ow6_8Hla9sjTzI54
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301106&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1694428455&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxie-yan-fu-bing-shi-qi-kong-su-yi-shi-yao-tui-xiu-bi-zhuan-zhen.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694435654340&bpp=270&bdt=780&idt=734&shv=r20230906&mjsv=m202309060101&ptt=5&saldr=sd&cookie=ID%3D050c352e40c34459%3AT%3D1694435653%3ART%3D1694435653%3AS%3DALNI_MaMqZh8i9RnVEXbYAdt4sdhuIqPhg&gpic=UID%3D00000c71d2ea5162%3AT%3D1694435653%3ART%3D1694435653%3AS%3DALNI_MYT6Vh6T4H89y6jhRrUY6HZHhIwDg&correlator=1234989831690&frm=23&ife=1&pv=2&ga_vid=2034881998.1694435655&ga_sid=1694435655&ga_hid=1127634491&ga_fc=0&ga_cid=amp-ZZfTcNPgaU4XzHAosBFIYw&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2335&biw=1600&bih=1200&isw=336&ish=280&ifk=4206194273&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31076838%2C31077330%2C31077559%2C42532334%2C44792013&oid=2&pvsid=1976443460035150&tmod=441640564&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.w3234lx7lhfr&btvi=1&fsb=1&dtd=751
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 11 Sep 2023 12:34:16 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 11 Sep 2023 12:34:16 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Mzk2NzY3NDQ2NDc0MTkyNDk0Mg&google_push=AXcoOmTAsM2l_wJFPnOHHE-EcidtK6GF3IZJU5dGEjNRtzjmCNpXZQE8evWh2q4kbfPOXojkR0QlvXf1Cx_ow6_8Hla9sjTzI54
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame 6F21
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEPx65T5jvdeR08WW4YRIoc8&google_cver=1&google_push=AXcoOmRr0SbHW5o-GLkyq0opAooVTEGhiItmQkwIOBPzh-H6_U1pjGeUVtLZ07tUnNuYxOLhl8qK4t...
  • https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AXcoOmRr0SbHW5o-GLkyq0opAooVTEGhiItmQkwIOBPzh-H6_U1pjGeUVtLZ07tUnNuYxOLhl8qK4tPqx8pKlVsgD5XxjwqIol0W&google_hm=NjAyODU0Mj...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AXcoOmRr0SbHW5o-GLkyq0opAooVTEGhiItmQkwIOBPzh-H6_U1pjGeUVtLZ07tUnNuYxOLhl8qK4tPqx8pKlVsgD5XxjwqIol0W&google_hm=NjAyODU0MjM5MDY3NjQyNzM5Ng%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301106&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1694428455&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxie-yan-fu-bing-shi-qi-kong-su-yi-shi-yao-tui-xiu-bi-zhuan-zhen.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694435654340&bpp=270&bdt=780&idt=734&shv=r20230906&mjsv=m202309060101&ptt=5&saldr=sd&cookie=ID%3D050c352e40c34459%3AT%3D1694435653%3ART%3D1694435653%3AS%3DALNI_MaMqZh8i9RnVEXbYAdt4sdhuIqPhg&gpic=UID%3D00000c71d2ea5162%3AT%3D1694435653%3ART%3D1694435653%3AS%3DALNI_MYT6Vh6T4H89y6jhRrUY6HZHhIwDg&correlator=1234989831690&frm=23&ife=1&pv=2&ga_vid=2034881998.1694435655&ga_sid=1694435655&ga_hid=1127634491&ga_fc=0&ga_cid=amp-ZZfTcNPgaU4XzHAosBFIYw&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2335&biw=1600&bih=1200&isw=336&ish=280&ifk=4206194273&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31076838%2C31077330%2C31077559%2C42532334%2C44792013&oid=2&pvsid=1976443460035150&tmod=441640564&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.w3234lx7lhfr&btvi=1&fsb=1&dtd=751
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 11 Sep 2023 12:34:16 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AXcoOmRr0SbHW5o-GLkyq0opAooVTEGhiItmQkwIOBPzh-H6_U1pjGeUVtLZ07tUnNuYxOLhl8qK4tPqx8pKlVsgD5XxjwqIol0W&google_hm=NjAyODU0MjM5MDY3NjQyNzM5Ng%3D%3D
date
Mon, 11 Sep 2023 12:34:15 GMT
content-length
0
attr
cm.g.doubleclick.net/pixel/ Frame 6F21 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13L6Ro9BHWNQRysfVBuyIsR78ha2E_MJlo4y3zaOjeQXDU8UonR1aBokbG8
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301106&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1694428455&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxie-yan-fu-bing-shi-qi-kong-su-yi-shi-yao-tui-xiu-bi-zhuan-zhen.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694435654340&bpp=270&bdt=780&idt=734&shv=r20230906&mjsv=m202309060101&ptt=5&saldr=sd&cookie=ID%3D050c352e40c34459%3AT%3D1694435653%3ART%3D1694435653%3AS%3DALNI_MaMqZh8i9RnVEXbYAdt4sdhuIqPhg&gpic=UID%3D00000c71d2ea5162%3AT%3D1694435653%3ART%3D1694435653%3AS%3DALNI_MYT6Vh6T4H89y6jhRrUY6HZHhIwDg&correlator=1234989831690&frm=23&ife=1&pv=2&ga_vid=2034881998.1694435655&ga_sid=1694435655&ga_hid=1127634491&ga_fc=0&ga_cid=amp-ZZfTcNPgaU4XzHAosBFIYw&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2335&biw=1600&bih=1200&isw=336&ish=280&ifk=4206194273&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31076838%2C31077330%2C31077559%2C42532334%2C44792013&oid=2&pvsid=1976443460035150&tmod=441640564&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.w3234lx7lhfr&btvi=1&fsb=1&dtd=751
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 12:34:16 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
privacy_small.svg
static.criteo.net/flash/icon/ Frame 2466 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZP8JRwAC7ZkEws-YAAnYNK_Rvdbw6A3rk4RXdA&u=%7C7986pjaTk5YjvYxH8g2UIflWwdIND8LKNA8ieL3ryIo%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdhoxLfz-cNqzFiF5C1iIi-No5dsH_gGJ612oS23GCZbDG9-Jcw020wuh3fZaV5E5SsgfVE6kyN1UvGKTou5wsTULlF2dG6nzs5PKE-5vrOg1FsaYmKRAfRJogjhObTA8e4UOkj3_fI0gVE2EdEGFBZqrhvgblifP4J_eCyCtRv4jDnGdyZp2nx-C96sDRNzNPlCJgvOYRlaxwMq3vhRX5Hae-sbXcXItMzS8oDT-KcnTdqdPeq_2ZeJB3BLtwUqwhY-4OmuEeJA-wDEhV8DjdhXCabOShbHvq5ZXug6U7yQNiFQX1Udrb3K5v-PnUo2Fd2j-6m-XTd989Ph2yUqsply4jNzveBAKV2w60p_f8n_mp8ERyzuhamERsyP6m9Ttr5Vs4QBgpRQgndaMEJbautuA_kajzBEePFDXdETDg4mvBawd_3oEo4VZi-530SzPZlfX7kKYDIwpfpLrNGyxgoF1ppOtIHNGTa5FYsyujBzGR0k1hsBI4EMS8STJi2mhef0rURPXOB8Dqkp_JYb0OuvFihMeRVYRFv4rz6QL0Oz20qosFnhmky17ugpbGEb6_gVqCKyPbnie_QYRGX9WSPh6nFmIHpisBmZawua_7Af8F7yY_Lt4NhG1540VYClTD_2b9NGQEXMqzFlhDAH76JwS_wT6OTsuMIbRxu-4wnMbfVLnezUd73KmOdFUwbd0CGHDS6GJyy6e7A5g4Je3JD&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQd9QRwn_ZJnbC5ifi9YPtLCnYMme0rFc1Z2R93DAjbcBEAEgAGD1lc6B4ASCARdjYS1wdWItNDQ4NTIzOTQyNTkyNDc4N8gBCakC9j0qZY8Csj6oAwHIAwKqBKwCT9AhyZOFqcqqvKCkPcmvCzGw_gPl6JTczkUaZlhG49_ZWQSQ4BkpgkvIOOUM5FtNjvbC3vokxA_Q-VV_mXdKVn0dPjb_WRylIOeP52aj3m9J49yBWdG_gW5xytSjKs6By-ugQQfs2R0Ule7m-uvzBWt2kD0Z-rGrmj-utlSYas7MZc3iiDdecij0dxer050PY5tGXlm8ZP59JKB14reM1XAv2cPPBQ7lsUzloPwj6hfUS863BSqIGFAkC-lrkYfoEs9qmCf6MRUyueX6kyinB9HHBP6P9tt99svwC1fjKWJrFF72I-SpzZCaGOOo3pEsRPNhAspVvPpX0P7N2etMM9mWIxvI08OhokxMJBbjs0sBA2Z_atooGBhZ6SgsduL6I3Ahau2VIpvzzP8IgAbupIOpr9Xfr1mgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2BTuq4EUzkUXY6v5LEOhLM1IJkyQ%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 12:34:16 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 05 Sep 2024 12:34:16 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame 2466 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZP8JRwAC7ZkEws-YAAnYNK_Rvdbw6A3rk4RXdA&u=%7C7986pjaTk5YjvYxH8g2UIflWwdIND8LKNA8ieL3ryIo%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdhoxLfz-cNqzFiF5C1iIi-No5dsH_gGJ612oS23GCZbDG9-Jcw020wuh3fZaV5E5SsgfVE6kyN1UvGKTou5wsTULlF2dG6nzs5PKE-5vrOg1FsaYmKRAfRJogjhObTA8e4UOkj3_fI0gVE2EdEGFBZqrhvgblifP4J_eCyCtRv4jDnGdyZp2nx-C96sDRNzNPlCJgvOYRlaxwMq3vhRX5Hae-sbXcXItMzS8oDT-KcnTdqdPeq_2ZeJB3BLtwUqwhY-4OmuEeJA-wDEhV8DjdhXCabOShbHvq5ZXug6U7yQNiFQX1Udrb3K5v-PnUo2Fd2j-6m-XTd989Ph2yUqsply4jNzveBAKV2w60p_f8n_mp8ERyzuhamERsyP6m9Ttr5Vs4QBgpRQgndaMEJbautuA_kajzBEePFDXdETDg4mvBawd_3oEo4VZi-530SzPZlfX7kKYDIwpfpLrNGyxgoF1ppOtIHNGTa5FYsyujBzGR0k1hsBI4EMS8STJi2mhef0rURPXOB8Dqkp_JYb0OuvFihMeRVYRFv4rz6QL0Oz20qosFnhmky17ugpbGEb6_gVqCKyPbnie_QYRGX9WSPh6nFmIHpisBmZawua_7Af8F7yY_Lt4NhG1540VYClTD_2b9NGQEXMqzFlhDAH76JwS_wT6OTsuMIbRxu-4wnMbfVLnezUd73KmOdFUwbd0CGHDS6GJyy6e7A5g4Je3JD&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQd9QRwn_ZJnbC5ifi9YPtLCnYMme0rFc1Z2R93DAjbcBEAEgAGD1lc6B4ASCARdjYS1wdWItNDQ4NTIzOTQyNTkyNDc4N8gBCakC9j0qZY8Csj6oAwHIAwKqBKwCT9AhyZOFqcqqvKCkPcmvCzGw_gPl6JTczkUaZlhG49_ZWQSQ4BkpgkvIOOUM5FtNjvbC3vokxA_Q-VV_mXdKVn0dPjb_WRylIOeP52aj3m9J49yBWdG_gW5xytSjKs6By-ugQQfs2R0Ule7m-uvzBWt2kD0Z-rGrmj-utlSYas7MZc3iiDdecij0dxer050PY5tGXlm8ZP59JKB14reM1XAv2cPPBQ7lsUzloPwj6hfUS863BSqIGFAkC-lrkYfoEs9qmCf6MRUyueX6kyinB9HHBP6P9tt99svwC1fjKWJrFF72I-SpzZCaGOOo3pEsRPNhAspVvPpX0P7N2etMM9mWIxvI08OhokxMJBbjs0sBA2Z_atooGBhZ6SgsduL6I3Ahau2VIpvzzP8IgAbupIOpr9Xfr1mgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2BTuq4EUzkUXY6v5LEOhLM1IJkyQ%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 12:34:16 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 05 Sep 2024 12:34:16 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 2466 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZP8JRwAC7ZkEws-YAAnYNK_Rvdbw6A3rk4RXdA&u=%7C7986pjaTk5YjvYxH8g2UIflWwdIND8LKNA8ieL3ryIo%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdhoxLfz-cNqzFiF5C1iIi-No5dsH_gGJ612oS23GCZbDG9-Jcw020wuh3fZaV5E5SsgfVE6kyN1UvGKTou5wsTULlF2dG6nzs5PKE-5vrOg1FsaYmKRAfRJogjhObTA8e4UOkj3_fI0gVE2EdEGFBZqrhvgblifP4J_eCyCtRv4jDnGdyZp2nx-C96sDRNzNPlCJgvOYRlaxwMq3vhRX5Hae-sbXcXItMzS8oDT-KcnTdqdPeq_2ZeJB3BLtwUqwhY-4OmuEeJA-wDEhV8DjdhXCabOShbHvq5ZXug6U7yQNiFQX1Udrb3K5v-PnUo2Fd2j-6m-XTd989Ph2yUqsply4jNzveBAKV2w60p_f8n_mp8ERyzuhamERsyP6m9Ttr5Vs4QBgpRQgndaMEJbautuA_kajzBEePFDXdETDg4mvBawd_3oEo4VZi-530SzPZlfX7kKYDIwpfpLrNGyxgoF1ppOtIHNGTa5FYsyujBzGR0k1hsBI4EMS8STJi2mhef0rURPXOB8Dqkp_JYb0OuvFihMeRVYRFv4rz6QL0Oz20qosFnhmky17ugpbGEb6_gVqCKyPbnie_QYRGX9WSPh6nFmIHpisBmZawua_7Af8F7yY_Lt4NhG1540VYClTD_2b9NGQEXMqzFlhDAH76JwS_wT6OTsuMIbRxu-4wnMbfVLnezUd73KmOdFUwbd0CGHDS6GJyy6e7A5g4Je3JD&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQd9QRwn_ZJnbC5ifi9YPtLCnYMme0rFc1Z2R93DAjbcBEAEgAGD1lc6B4ASCARdjYS1wdWItNDQ4NTIzOTQyNTkyNDc4N8gBCakC9j0qZY8Csj6oAwHIAwKqBKwCT9AhyZOFqcqqvKCkPcmvCzGw_gPl6JTczkUaZlhG49_ZWQSQ4BkpgkvIOOUM5FtNjvbC3vokxA_Q-VV_mXdKVn0dPjb_WRylIOeP52aj3m9J49yBWdG_gW5xytSjKs6By-ugQQfs2R0Ule7m-uvzBWt2kD0Z-rGrmj-utlSYas7MZc3iiDdecij0dxer050PY5tGXlm8ZP59JKB14reM1XAv2cPPBQ7lsUzloPwj6hfUS863BSqIGFAkC-lrkYfoEs9qmCf6MRUyueX6kyinB9HHBP6P9tt99svwC1fjKWJrFF72I-SpzZCaGOOo3pEsRPNhAspVvPpX0P7N2etMM9mWIxvI08OhokxMJBbjs0sBA2Z_atooGBhZ6SgsduL6I3Ahau2VIpvzzP8IgAbupIOpr9Xfr1mgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2BTuq4EUzkUXY6v5LEOhLM1IJkyQ%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 12:34:16 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Thu, 05 Sep 2024 12:34:16 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame 2466 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZP8JRwAC7ZkEws-YAAnYNK_Rvdbw6A3rk4RXdA&u=%7C7986pjaTk5YjvYxH8g2UIflWwdIND8LKNA8ieL3ryIo%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdhoxLfz-cNqzFiF5C1iIi-No5dsH_gGJ612oS23GCZbDG9-Jcw020wuh3fZaV5E5SsgfVE6kyN1UvGKTou5wsTULlF2dG6nzs5PKE-5vrOg1FsaYmKRAfRJogjhObTA8e4UOkj3_fI0gVE2EdEGFBZqrhvgblifP4J_eCyCtRv4jDnGdyZp2nx-C96sDRNzNPlCJgvOYRlaxwMq3vhRX5Hae-sbXcXItMzS8oDT-KcnTdqdPeq_2ZeJB3BLtwUqwhY-4OmuEeJA-wDEhV8DjdhXCabOShbHvq5ZXug6U7yQNiFQX1Udrb3K5v-PnUo2Fd2j-6m-XTd989Ph2yUqsply4jNzveBAKV2w60p_f8n_mp8ERyzuhamERsyP6m9Ttr5Vs4QBgpRQgndaMEJbautuA_kajzBEePFDXdETDg4mvBawd_3oEo4VZi-530SzPZlfX7kKYDIwpfpLrNGyxgoF1ppOtIHNGTa5FYsyujBzGR0k1hsBI4EMS8STJi2mhef0rURPXOB8Dqkp_JYb0OuvFihMeRVYRFv4rz6QL0Oz20qosFnhmky17ugpbGEb6_gVqCKyPbnie_QYRGX9WSPh6nFmIHpisBmZawua_7Af8F7yY_Lt4NhG1540VYClTD_2b9NGQEXMqzFlhDAH76JwS_wT6OTsuMIbRxu-4wnMbfVLnezUd73KmOdFUwbd0CGHDS6GJyy6e7A5g4Je3JD&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQd9QRwn_ZJnbC5ifi9YPtLCnYMme0rFc1Z2R93DAjbcBEAEgAGD1lc6B4ASCARdjYS1wdWItNDQ4NTIzOTQyNTkyNDc4N8gBCakC9j0qZY8Csj6oAwHIAwKqBKwCT9AhyZOFqcqqvKCkPcmvCzGw_gPl6JTczkUaZlhG49_ZWQSQ4BkpgkvIOOUM5FtNjvbC3vokxA_Q-VV_mXdKVn0dPjb_WRylIOeP52aj3m9J49yBWdG_gW5xytSjKs6By-ugQQfs2R0Ule7m-uvzBWt2kD0Z-rGrmj-utlSYas7MZc3iiDdecij0dxer050PY5tGXlm8ZP59JKB14reM1XAv2cPPBQ7lsUzloPwj6hfUS863BSqIGFAkC-lrkYfoEs9qmCf6MRUyueX6kyinB9HHBP6P9tt99svwC1fjKWJrFF72I-SpzZCaGOOo3pEsRPNhAspVvPpX0P7N2etMM9mWIxvI08OhokxMJBbjs0sBA2Z_atooGBhZ6SgsduL6I3Ahau2VIpvzzP8IgAbupIOpr9Xfr1mgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2BTuq4EUzkUXY6v5LEOhLM1IJkyQ%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 12:34:16 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Thu, 05 Sep 2024 12:34:16 GMT
lg.php
cat.fr3.eu.criteo.com/delivery/ Frame 2466 		43 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.fr3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=CsX9yB0rqOpHnIth6-Awl8Qw4fgF0BJySt8k-gEfq1R8BXfYGvSs5UvQ_-T97oq5yc7e8z62i-KId92BubC20UHm5TpLhBfXLZwmgYN2NwZm9frHzWSVLvvtVZSJYRzUj69ct7wlmmPR3kBMXM47GgvePrWTxf7g28DYzQG3twt15KxV-Et2lb3XSEkpX5S2OThyDkQ4jiTs3gb1VqznFlQk938w89x3xYA9cCbyPqz3EoBj3QFe9JKLzz6Gt-gXzK0JR1eQaDOwedGfuDCLtSGdisSDOattFUJBGk_cbgWaJjF1_fqlEV__hFqavepXLJDy-mXaRjYMyr2uN89LiO8glFIEd0qNTWXDNsEf40FBjkOgarI_jp6fv-dV2LUTKnhMcFhFt2xPHyYAGR_KXx1-Zl62iheeCe2strMCW9Fc3r3PoyD4uvnE9SGu4RvE77HcEYpobBBdCf4CF9V26Yk87LJo9EpPcOgkYA-Whta_OAiS-UeSVlwEdYl5f0-gtBqG0TOanBhXFKHKDCfhHNlFFjyy7rdAahhBFb1Tl3LqVEVB
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZP8JRwAC7ZkEws-YAAnYNK_Rvdbw6A3rk4RXdA&u=%7C7986pjaTk5YjvYxH8g2UIflWwdIND8LKNA8ieL3ryIo%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdhoxLfz-cNqzFiF5C1iIi-No5dsH_gGJ612oS23GCZbDG9-Jcw020wuh3fZaV5E5SsgfVE6kyN1UvGKTou5wsTULlF2dG6nzs5PKE-5vrOg1FsaYmKRAfRJogjhObTA8e4UOkj3_fI0gVE2EdEGFBZqrhvgblifP4J_eCyCtRv4jDnGdyZp2nx-C96sDRNzNPlCJgvOYRlaxwMq3vhRX5Hae-sbXcXItMzS8oDT-KcnTdqdPeq_2ZeJB3BLtwUqwhY-4OmuEeJA-wDEhV8DjdhXCabOShbHvq5ZXug6U7yQNiFQX1Udrb3K5v-PnUo2Fd2j-6m-XTd989Ph2yUqsply4jNzveBAKV2w60p_f8n_mp8ERyzuhamERsyP6m9Ttr5Vs4QBgpRQgndaMEJbautuA_kajzBEePFDXdETDg4mvBawd_3oEo4VZi-530SzPZlfX7kKYDIwpfpLrNGyxgoF1ppOtIHNGTa5FYsyujBzGR0k1hsBI4EMS8STJi2mhef0rURPXOB8Dqkp_JYb0OuvFihMeRVYRFv4rz6QL0Oz20qosFnhmky17ugpbGEb6_gVqCKyPbnie_QYRGX9WSPh6nFmIHpisBmZawua_7Af8F7yY_Lt4NhG1540VYClTD_2b9NGQEXMqzFlhDAH76JwS_wT6OTsuMIbRxu-4wnMbfVLnezUd73KmOdFUwbd0CGHDS6GJyy6e7A5g4Je3JD&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQd9QRwn_ZJnbC5ifi9YPtLCnYMme0rFc1Z2R93DAjbcBEAEgAGD1lc6B4ASCARdjYS1wdWItNDQ4NTIzOTQyNTkyNDc4N8gBCakC9j0qZY8Csj6oAwHIAwKqBKwCT9AhyZOFqcqqvKCkPcmvCzGw_gPl6JTczkUaZlhG49_ZWQSQ4BkpgkvIOOUM5FtNjvbC3vokxA_Q-VV_mXdKVn0dPjb_WRylIOeP52aj3m9J49yBWdG_gW5xytSjKs6By-ugQQfs2R0Ule7m-uvzBWt2kD0Z-rGrmj-utlSYas7MZc3iiDdecij0dxer050PY5tGXlm8ZP59JKB14reM1XAv2cPPBQ7lsUzloPwj6hfUS863BSqIGFAkC-lrkYfoEs9qmCf6MRUyueX6kyinB9HHBP6P9tt99svwC1fjKWJrFF72I-SpzZCaGOOo3pEsRPNhAspVvPpX0P7N2etMM9mWIxvI08OhokxMJBbjs0sBA2Z_atooGBhZ6SgsduL6I3Ahau2VIpvzzP8IgAbupIOpr9Xfr1mgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2BTuq4EUzkUXY6v5LEOhLM1IJkyQ%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 11 Sep 2023 12:34:16 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2506115
expires
Mon, 26 Jul 1997 05:00:00 GMT
webfontloader.js
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame C39C 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZP8JRwAGGbMEwtBXAAKM2XQFzJ89oRjm8wW57A&u=%7C7986pjaTk5bKDdYvow31XtW5mXBQNx1y0xT0l5y4rlQ%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdhoxLfz-cNqzFiF5C1iIi-No5dsH_gGJ612oS23GCZbDG9-Jcw020wuh3fZaV5E5SsgfVE6kyN1dHenPxHoxWxpsS9TrFIAD7Pk3t4SD6FX2elV3AWLexpWEnMttjdNdRrnvoJ-mjfXQj0VdsQIyXAMZuf36wroCtmDyIZtDfft0dNaV-V9hmkJxVx8lxTwZVy_y1_ADx9Ar-_Ei-6gT_jrx3O9kht9cqZtnUSA4xr493VizFwCyymKTR_7OX8ziG31mCm3D2-3ObqFMGyKcp0uxL-XYmkUscyBQh9HBZOh3wB3YA7q-86o8Er50EVIrJvRUBfqopuT6WmINMqe2-L76CG-RtYdN-RXsBHQbcWBh6TY8lEyXi6vtSOgMf2TSMDRrRIvqyQ1Igrx9bQQG4wzeo4CRBOWuWnmjoVBLD-RGSyj1T8l37Wqe8oSmQo6fnRzm1sCnWinecfnqy2eZETh62zRQn-rqEzd4iuZGAmNQv2SfmhILQSTfMyFuudMTt8pnroT-nODKVEIWhZcSAtgjWa4sv_YYHQPlXCQi3Is4P1OZFdgKk5cUdJiYi9TD_-LWOsWMosydbneyjRaz8nDXia5DQS7Bdu2kQcQ6aP4sAf856kyEn4UyXAca5qJtF0zCpk0_wSWxZUtA6-2dZLjlitwqiR8xrN-91BqZ7qQstI0M3Jt3LPrPZfbauku7CFmeP5x6ATGS4h8xkaPBEw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCRwV0Rwn_ZLOzGNegi9YP2ZmKoAbJntKxXNWdkfdwwI23ARABIABg9ZXOgeAEggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpArmvXfDW_7E-qAMByAMCqgSmAk_Qp2AR8pQUQclIptlDolgLizSaTVtEjot56kucIj6rfVdLHcEteWVwn5PxHVoQ8y0ZJRHqouskacXBOETF6lcCr8itTMwqd1WgU5odgXF3NOxvUpmmThO4Yfvd1jUJHrEUU5Fvbz1aHGk9KEyw-v9M_9SG6rgHoR_vK4qtPqpq0SvogC39aT7d6E66zK8VNXey0pax3uCB8KcbaFRigKAcShz19UW3pUAmdR8pdKGVSNF-yJsV-B5s9QKBVddWoiqEJcaLI58PxQ6uElrodZuSlpUNE_LOTjebZAj6hnIVAlrr13Ew6dLQJBrYMr1LWfUKbJEDSUNmCBviU-drDg7uHaE9EQjZIjhFa1JEnHrndeNyje37emwh4Q8y58SuXsrIiZWVi4AG7qSDqa_V369ZoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0baRgu6aIY4Ta0a8WTPnHM6ys4Eg%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 12:34:16 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
2047498
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
4418
last-modified
Thu, 22 Jun 2023 11:22:44 GMT
server
cloudflare
cf-cdnjs-via
cfworker/r2
etag
"64942f04-1142"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=73JPqCvURaYtDll9pMvkBmB1CFtpdn3AIDPljDVH7jmGpmB2I3Aq9Zh8C8yA%2FmE5Azugh2uTwNb81%2F4vRTtbdr5RKnVqvR8ZlzzrG8zW2YmpJDLFZOc47c9F4Pv9yGycVp%2F%2FZFEFEiXsx1zljkC%2FgBIx"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
804ff1a5599e526e-MXP
expires
Sat, 31 Aug 2024 12:34:16 GMT
animejs.js
static.criteo.net/animejs/ Frame C39C 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZP8JRwAGGbMEwtBXAAKM2XQFzJ89oRjm8wW57A&u=%7C7986pjaTk5bKDdYvow31XtW5mXBQNx1y0xT0l5y4rlQ%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdhoxLfz-cNqzFiF5C1iIi-No5dsH_gGJ612oS23GCZbDG9-Jcw020wuh3fZaV5E5SsgfVE6kyN1dHenPxHoxWxpsS9TrFIAD7Pk3t4SD6FX2elV3AWLexpWEnMttjdNdRrnvoJ-mjfXQj0VdsQIyXAMZuf36wroCtmDyIZtDfft0dNaV-V9hmkJxVx8lxTwZVy_y1_ADx9Ar-_Ei-6gT_jrx3O9kht9cqZtnUSA4xr493VizFwCyymKTR_7OX8ziG31mCm3D2-3ObqFMGyKcp0uxL-XYmkUscyBQh9HBZOh3wB3YA7q-86o8Er50EVIrJvRUBfqopuT6WmINMqe2-L76CG-RtYdN-RXsBHQbcWBh6TY8lEyXi6vtSOgMf2TSMDRrRIvqyQ1Igrx9bQQG4wzeo4CRBOWuWnmjoVBLD-RGSyj1T8l37Wqe8oSmQo6fnRzm1sCnWinecfnqy2eZETh62zRQn-rqEzd4iuZGAmNQv2SfmhILQSTfMyFuudMTt8pnroT-nODKVEIWhZcSAtgjWa4sv_YYHQPlXCQi3Is4P1OZFdgKk5cUdJiYi9TD_-LWOsWMosydbneyjRaz8nDXia5DQS7Bdu2kQcQ6aP4sAf856kyEn4UyXAca5qJtF0zCpk0_wSWxZUtA6-2dZLjlitwqiR8xrN-91BqZ7qQstI0M3Jt3LPrPZfbauku7CFmeP5x6ATGS4h8xkaPBEw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCRwV0Rwn_ZLOzGNegi9YP2ZmKoAbJntKxXNWdkfdwwI23ARABIABg9ZXOgeAEggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpArmvXfDW_7E-qAMByAMCqgSmAk_Qp2AR8pQUQclIptlDolgLizSaTVtEjot56kucIj6rfVdLHcEteWVwn5PxHVoQ8y0ZJRHqouskacXBOETF6lcCr8itTMwqd1WgU5odgXF3NOxvUpmmThO4Yfvd1jUJHrEUU5Fvbz1aHGk9KEyw-v9M_9SG6rgHoR_vK4qtPqpq0SvogC39aT7d6E66zK8VNXey0pax3uCB8KcbaFRigKAcShz19UW3pUAmdR8pdKGVSNF-yJsV-B5s9QKBVddWoiqEJcaLI58PxQ6uElrodZuSlpUNE_LOTjebZAj6hnIVAlrr13Ew6dLQJBrYMr1LWfUKbJEDSUNmCBviU-drDg7uHaE9EQjZIjhFa1JEnHrndeNyje37emwh4Q8y58SuXsrIiZWVi4AG7qSDqa_V369ZoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0baRgu6aIY4Ta0a8WTPnHM6ys4Eg%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 12:34:16 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 05 Sep 2024 12:34:16 GMT
truncated
/ Frame 102A 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ca3e6fa3507a8a74f0619f6a77ec0839c05c4d7195393bea5e53f329ddd9b50f

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
logo.high.jpg
s8t.teads.tv/creative-7dd732d0-458b-11ee-b8ab-e36d8956f1ce/ Frame 0F9A 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s8t.teads.tv/creative-7dd732d0-458b-11ee-b8ab-e36d8956f1ce/logo.high.jpg?c3e3aad7ea638fdbb5502c9c00f3904b
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xie-yan-fu-bing-shi-qi-kong-su-yi-shi-yao-tui-xiu-bi-zhuan-zhen.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.75.89.75 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-89-75.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
9b8fb907c5fb5e5c1dbd483e15a293407065789bb4094b1707b70bd94040d70b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 12:34:16 GMT
x-amz-request-id
XMMQ1FFB5AE4B7Z6
x-amz-server-side-encryption
AES256
content-length
3653
x-amz-id-2
EDfjlhSObGoJur8+xnuv9VFueB4V1UyKUNEuvqaoYAsREhbeOm9WsKB/F96+HVAFYxo7yagFQOA=
last-modified
Mon, 28 Aug 2023 10:13:12 GMT
server
AmazonS3
etag
"f58b397429c3bff8892ce54a504e5bde"
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=31540000
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
expires
Tue, 10 Sep 2024 13:40:56 GMT
webfontloader.js
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 2466 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZP8JRwAC7ZkEws-YAAnYNK_Rvdbw6A3rk4RXdA&u=%7C7986pjaTk5YjvYxH8g2UIflWwdIND8LKNA8ieL3ryIo%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdhoxLfz-cNqzFiF5C1iIi-No5dsH_gGJ612oS23GCZbDG9-Jcw020wuh3fZaV5E5SsgfVE6kyN1UvGKTou5wsTULlF2dG6nzs5PKE-5vrOg1FsaYmKRAfRJogjhObTA8e4UOkj3_fI0gVE2EdEGFBZqrhvgblifP4J_eCyCtRv4jDnGdyZp2nx-C96sDRNzNPlCJgvOYRlaxwMq3vhRX5Hae-sbXcXItMzS8oDT-KcnTdqdPeq_2ZeJB3BLtwUqwhY-4OmuEeJA-wDEhV8DjdhXCabOShbHvq5ZXug6U7yQNiFQX1Udrb3K5v-PnUo2Fd2j-6m-XTd989Ph2yUqsply4jNzveBAKV2w60p_f8n_mp8ERyzuhamERsyP6m9Ttr5Vs4QBgpRQgndaMEJbautuA_kajzBEePFDXdETDg4mvBawd_3oEo4VZi-530SzPZlfX7kKYDIwpfpLrNGyxgoF1ppOtIHNGTa5FYsyujBzGR0k1hsBI4EMS8STJi2mhef0rURPXOB8Dqkp_JYb0OuvFihMeRVYRFv4rz6QL0Oz20qosFnhmky17ugpbGEb6_gVqCKyPbnie_QYRGX9WSPh6nFmIHpisBmZawua_7Af8F7yY_Lt4NhG1540VYClTD_2b9NGQEXMqzFlhDAH76JwS_wT6OTsuMIbRxu-4wnMbfVLnezUd73KmOdFUwbd0CGHDS6GJyy6e7A5g4Je3JD&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQd9QRwn_ZJnbC5ifi9YPtLCnYMme0rFc1Z2R93DAjbcBEAEgAGD1lc6B4ASCARdjYS1wdWItNDQ4NTIzOTQyNTkyNDc4N8gBCakC9j0qZY8Csj6oAwHIAwKqBKwCT9AhyZOFqcqqvKCkPcmvCzGw_gPl6JTczkUaZlhG49_ZWQSQ4BkpgkvIOOUM5FtNjvbC3vokxA_Q-VV_mXdKVn0dPjb_WRylIOeP52aj3m9J49yBWdG_gW5xytSjKs6By-ugQQfs2R0Ule7m-uvzBWt2kD0Z-rGrmj-utlSYas7MZc3iiDdecij0dxer050PY5tGXlm8ZP59JKB14reM1XAv2cPPBQ7lsUzloPwj6hfUS863BSqIGFAkC-lrkYfoEs9qmCf6MRUyueX6kyinB9HHBP6P9tt99svwC1fjKWJrFF72I-SpzZCaGOOo3pEsRPNhAspVvPpX0P7N2etMM9mWIxvI08OhokxMJBbjs0sBA2Z_atooGBhZ6SgsduL6I3Ahau2VIpvzzP8IgAbupIOpr9Xfr1mgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2BTuq4EUzkUXY6v5LEOhLM1IJkyQ%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 12:34:16 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
2047498
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
4418
last-modified
Thu, 22 Jun 2023 11:22:44 GMT
server
cloudflare
cf-cdnjs-via
cfworker/r2
etag
"64942f04-1142"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BAy9o7zjZWcILfwiCofGbXYanOXYH2xdWyJyTcArQaf%2FejRUWQ2hdf%2FsC6WbePlort18ob88M1%2F7L9QbRaUODE7iv6Ptw5Ek5ehzC9DDL6o0U9F2K0Q91FToJ4imjLrq70737D6%2Bz9YVVYo5PpfxNOmB"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
804ff1a559a2526e-MXP
expires
Sat, 31 Aug 2024 12:34:16 GMT
animejs.js
static.criteo.net/animejs/ Frame 2466 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZP8JRwAC7ZkEws-YAAnYNK_Rvdbw6A3rk4RXdA&u=%7C7986pjaTk5YjvYxH8g2UIflWwdIND8LKNA8ieL3ryIo%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdhoxLfz-cNqzFiF5C1iIi-No5dsH_gGJ612oS23GCZbDG9-Jcw020wuh3fZaV5E5SsgfVE6kyN1UvGKTou5wsTULlF2dG6nzs5PKE-5vrOg1FsaYmKRAfRJogjhObTA8e4UOkj3_fI0gVE2EdEGFBZqrhvgblifP4J_eCyCtRv4jDnGdyZp2nx-C96sDRNzNPlCJgvOYRlaxwMq3vhRX5Hae-sbXcXItMzS8oDT-KcnTdqdPeq_2ZeJB3BLtwUqwhY-4OmuEeJA-wDEhV8DjdhXCabOShbHvq5ZXug6U7yQNiFQX1Udrb3K5v-PnUo2Fd2j-6m-XTd989Ph2yUqsply4jNzveBAKV2w60p_f8n_mp8ERyzuhamERsyP6m9Ttr5Vs4QBgpRQgndaMEJbautuA_kajzBEePFDXdETDg4mvBawd_3oEo4VZi-530SzPZlfX7kKYDIwpfpLrNGyxgoF1ppOtIHNGTa5FYsyujBzGR0k1hsBI4EMS8STJi2mhef0rURPXOB8Dqkp_JYb0OuvFihMeRVYRFv4rz6QL0Oz20qosFnhmky17ugpbGEb6_gVqCKyPbnie_QYRGX9WSPh6nFmIHpisBmZawua_7Af8F7yY_Lt4NhG1540VYClTD_2b9NGQEXMqzFlhDAH76JwS_wT6OTsuMIbRxu-4wnMbfVLnezUd73KmOdFUwbd0CGHDS6GJyy6e7A5g4Je3JD&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQd9QRwn_ZJnbC5ifi9YPtLCnYMme0rFc1Z2R93DAjbcBEAEgAGD1lc6B4ASCARdjYS1wdWItNDQ4NTIzOTQyNTkyNDc4N8gBCakC9j0qZY8Csj6oAwHIAwKqBKwCT9AhyZOFqcqqvKCkPcmvCzGw_gPl6JTczkUaZlhG49_ZWQSQ4BkpgkvIOOUM5FtNjvbC3vokxA_Q-VV_mXdKVn0dPjb_WRylIOeP52aj3m9J49yBWdG_gW5xytSjKs6By-ugQQfs2R0Ule7m-uvzBWt2kD0Z-rGrmj-utlSYas7MZc3iiDdecij0dxer050PY5tGXlm8ZP59JKB14reM1XAv2cPPBQ7lsUzloPwj6hfUS863BSqIGFAkC-lrkYfoEs9qmCf6MRUyueX6kyinB9HHBP6P9tt99svwC1fjKWJrFF72I-SpzZCaGOOo3pEsRPNhAspVvPpX0P7N2etMM9mWIxvI08OhokxMJBbjs0sBA2Z_atooGBhZ6SgsduL6I3Ahau2VIpvzzP8IgAbupIOpr9Xfr1mgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2BTuq4EUzkUXY6v5LEOhLM1IJkyQ%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 12:34:16 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 05 Sep 2024 12:34:16 GMT
pixel
cm.g.doubleclick.net/ Frame C160
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEPfOl1hm4CI34Ui5bmBoBa8&google_cve...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=M3lIb2lEdnYxUUZHN201&google_gid=CAESEPfOl1hm4CI34Ui5bmBoBa8&google_cver=1&google_push=AXcoOmS0CxfPUMK1LkfTM3tTENjhmW6uz7d4O2E_ntGBeEK...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=M3lIb2lEdnYxUUZHN201&google_gid=CAESEPfOl1hm4CI34Ui5bmBoBa8&google_cver=1&google_push=AXcoOmS0CxfPUMK1LkfTM3tTENjhmW6uz7d4O2E_ntGBeEKtqrYsvnSAdBp6hDAivcLcPiHQntcqd-VdtAB7KGao2-VTAcqRj56o
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301107&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1694428455&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxie-yan-fu-bing-shi-qi-kong-su-yi-shi-yao-tui-xiu-bi-zhuan-zhen.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694435654342&bpp=539&bdt=789&idt=931&shv=r20230906&mjsv=m202309060101&ptt=5&saldr=sd&cookie=ID%3D050c352e40c34459%3AT%3D1694435653%3ART%3D1694435653%3AS%3DALNI_MaMqZh8i9RnVEXbYAdt4sdhuIqPhg&gpic=UID%3D00000c71d2ea5162%3AT%3D1694435653%3ART%3D1694435653%3AS%3DALNI_MYT6Vh6T4H89y6jhRrUY6HZHhIwDg&correlator=1234989831690&frm=23&ife=1&pv=1&ga_vid=2033806290.1694435655&ga_sid=1694435655&ga_hid=47684765&ga_fc=0&ga_cid=amp-ZZfTcNPgaU4XzHAosBFIYw&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=2780182601&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C44798934&oid=2&pvsid=562622493605378&tmod=187379184&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.tw4huzh369ut&fsb=1&dtd=948
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 11 Sep 2023 12:34:16 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 11 Sep 2023 12:34:15 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-788-g55788f4#dev-temp-decrease-retargeting-updates-batch i-0f5e39ca57a5c2bae@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=M3lIb2lEdnYxUUZHN201&google_gid=CAESEPfOl1hm4CI34Ui5bmBoBa8&google_cver=1&google_push=AXcoOmS0CxfPUMK1LkfTM3tTENjhmW6uz7d4O2E_ntGBeEKtqrYsvnSAdBp6hDAivcLcPiHQntcqd-VdtAB7KGao2-VTAcqRj56o
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
i.match
s.tribalfusion.com/z/ Frame C160
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEDc2nLbVJXS8T2tE2ICwbK4&google_cver=1&google_push=AXcoOmRp1VP47H4GYUnlEAeDcBgc8KWOaAxiGal3Gy-v687O_oE-H2sqmX0pP_9XDCXm9iHUeV8aCmukNQ-WGBrPZ-7xlvFjQcA&r...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEDc2nLbVJXS8T2tE2ICwbK4&google_cver=1&google_push=AXcoOmRp1VP47H4GYUnlEAeDcBgc8KWOaAxiGal3Gy-v687O_oE-H2sqmX0pP_9XDCXm9iHUeV8aCmukNQ-WGBrPZ-7xlvFjQcA...
43 B
403 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEDc2nLbVJXS8T2tE2ICwbK4&google_cver=1&google_push=AXcoOmRp1VP47H4GYUnlEAeDcBgc8KWOaAxiGal3Gy-v687O_oE-H2sqmX0pP_9XDCXm9iHUeV8aCmukNQ-WGBrPZ-7xlvFjQcA&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmRp1VP47H4GYUnlEAeDcBgc8KWOaAxiGal3Gy-v687O_oE-H2sqmX0pP_9XDCXm9iHUeV8aCmukNQ-WGBrPZ-7xlvFjQcA%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301107&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1694428455&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxie-yan-fu-bing-shi-qi-kong-su-yi-shi-yao-tui-xiu-bi-zhuan-zhen.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694435654342&bpp=539&bdt=789&idt=931&shv=r20230906&mjsv=m202309060101&ptt=5&saldr=sd&cookie=ID%3D050c352e40c34459%3AT%3D1694435653%3ART%3D1694435653%3AS%3DALNI_MaMqZh8i9RnVEXbYAdt4sdhuIqPhg&gpic=UID%3D00000c71d2ea5162%3AT%3D1694435653%3ART%3D1694435653%3AS%3DALNI_MYT6Vh6T4H89y6jhRrUY6HZHhIwDg&correlator=1234989831690&frm=23&ife=1&pv=1&ga_vid=2033806290.1694435655&ga_sid=1694435655&ga_hid=47684765&ga_fc=0&ga_cid=amp-ZZfTcNPgaU4XzHAosBFIYw&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=2780182601&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C44798934&oid=2&pvsid=562622493605378&tmod=187379184&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.tw4huzh369ut&fsb=1&dtd=948
Protocol
H2
Server
2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 11 Sep 2023 12:34:16 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
804ff1a6ead25272-MXP
alt-svc
h3=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 11 Sep 2023 12:34:16 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
1581
content-type
text/html
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEDc2nLbVJXS8T2tE2ICwbK4&google_cver=1&google_push=AXcoOmRp1VP47H4GYUnlEAeDcBgc8KWOaAxiGal3Gy-v687O_oE-H2sqmX0pP_9XDCXm9iHUeV8aCmukNQ-WGBrPZ-7xlvFjQcA&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmRp1VP47H4GYUnlEAeDcBgc8KWOaAxiGal3Gy-v687O_oE-H2sqmX0pP_9XDCXm9iHUeV8aCmukNQ-WGBrPZ-7xlvFjQcA%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
804ff1a568b35272-MXP
alt-svc
h3=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame C160
Redirect Chain
  • https://ums.acuityplatform.com/tum?umid=4&uid=CAESELuMQOabAOMo4tMFZVdAY5E&google_cver=1&google_push=AXcoOmQDqEkwXyI98yhpz9Wm1K9RVSUyLUI1bAQ5BRjsnTRNVw6WfAsvyDEXYynXXi3QZqLKDULObZfBgTLyQ3Yc5exvc_hIr0kr
  • https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=826005494477
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=826005494477
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301107&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1694428455&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxie-yan-fu-bing-shi-qi-kong-su-yi-shi-yao-tui-xiu-bi-zhuan-zhen.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694435654342&bpp=539&bdt=789&idt=931&shv=r20230906&mjsv=m202309060101&ptt=5&saldr=sd&cookie=ID%3D050c352e40c34459%3AT%3D1694435653%3ART%3D1694435653%3AS%3DALNI_MaMqZh8i9RnVEXbYAdt4sdhuIqPhg&gpic=UID%3D00000c71d2ea5162%3AT%3D1694435653%3ART%3D1694435653%3AS%3DALNI_MYT6Vh6T4H89y6jhRrUY6HZHhIwDg&correlator=1234989831690&frm=23&ife=1&pv=1&ga_vid=2033806290.1694435655&ga_sid=1694435655&ga_hid=47684765&ga_fc=0&ga_cid=amp-ZZfTcNPgaU4XzHAosBFIYw&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=2780182601&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C44798934&oid=2&pvsid=562622493605378&tmod=187379184&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.tw4huzh369ut&fsb=1&dtd=948
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 11 Sep 2023 12:34:16 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

access-control-allow-origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=826005494477
content-length
0
pixel
cm.g.doubleclick.net/ Frame C160
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEFduTIuX4ZEy1klET8fGFK8&google_cver=1&google_push=AXcoOmRAD50EoWYSkN9ifKGsPBSK5QQUgvMzWjdB7lK9-lIizKIQLagbOCaPSbLAmDFvAs8XxwwakINV...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Mzk2NzY3NDQ2NDc0MTkyNDk0Mg&google_push=AXcoOmRAD50EoWYSkN9ifKGsPBSK5QQUgvMzWjdB7lK9-lIizKIQLagbOCaPSbLAmDFvAs8XxwwakI...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Mzk2NzY3NDQ2NDc0MTkyNDk0Mg&google_push=AXcoOmRAD50EoWYSkN9ifKGsPBSK5QQUgvMzWjdB7lK9-lIizKIQLagbOCaPSbLAmDFvAs8XxwwakINVCWA7Jl75tkvnfelG2PM
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301107&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1694428455&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxie-yan-fu-bing-shi-qi-kong-su-yi-shi-yao-tui-xiu-bi-zhuan-zhen.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694435654342&bpp=539&bdt=789&idt=931&shv=r20230906&mjsv=m202309060101&ptt=5&saldr=sd&cookie=ID%3D050c352e40c34459%3AT%3D1694435653%3ART%3D1694435653%3AS%3DALNI_MaMqZh8i9RnVEXbYAdt4sdhuIqPhg&gpic=UID%3D00000c71d2ea5162%3AT%3D1694435653%3ART%3D1694435653%3AS%3DALNI_MYT6Vh6T4H89y6jhRrUY6HZHhIwDg&correlator=1234989831690&frm=23&ife=1&pv=1&ga_vid=2033806290.1694435655&ga_sid=1694435655&ga_hid=47684765&ga_fc=0&ga_cid=amp-ZZfTcNPgaU4XzHAosBFIYw&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=2780182601&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C44798934&oid=2&pvsid=562622493605378&tmod=187379184&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.tw4huzh369ut&fsb=1&dtd=948
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 11 Sep 2023 12:34:16 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 11 Sep 2023 12:34:16 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Mzk2NzY3NDQ2NDc0MTkyNDk0Mg&google_push=AXcoOmRAD50EoWYSkN9ifKGsPBSK5QQUgvMzWjdB7lK9-lIizKIQLagbOCaPSbLAmDFvAs8XxwwakINVCWA7Jl75tkvnfelG2PM
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame C160
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEPx65T5jvdeR08WW4YRIoc8&google_cver=1&google_push=AXcoOmRyvgrqbBehiMJjYhauFSvcAjBymiAM4G1dwc9MFg9GrOdRTEk4YaR9SZqkZhDeRWFTc7ZW_W...
  • https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AXcoOmRyvgrqbBehiMJjYhauFSvcAjBymiAM4G1dwc9MFg9GrOdRTEk4YaR9SZqkZhDeRWFTc7ZW_WGSDCBoLl29Ws3073jk3_A&google_hm=NjYyNjIxNjk...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AXcoOmRyvgrqbBehiMJjYhauFSvcAjBymiAM4G1dwc9MFg9GrOdRTEk4YaR9SZqkZhDeRWFTc7ZW_WGSDCBoLl29Ws3073jk3_A&google_hm=NjYyNjIxNjkyMjc1NzY2NTI4OA%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301107&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1694428455&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxie-yan-fu-bing-shi-qi-kong-su-yi-shi-yao-tui-xiu-bi-zhuan-zhen.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694435654342&bpp=539&bdt=789&idt=931&shv=r20230906&mjsv=m202309060101&ptt=5&saldr=sd&cookie=ID%3D050c352e40c34459%3AT%3D1694435653%3ART%3D1694435653%3AS%3DALNI_MaMqZh8i9RnVEXbYAdt4sdhuIqPhg&gpic=UID%3D00000c71d2ea5162%3AT%3D1694435653%3ART%3D1694435653%3AS%3DALNI_MYT6Vh6T4H89y6jhRrUY6HZHhIwDg&correlator=1234989831690&frm=23&ife=1&pv=1&ga_vid=2033806290.1694435655&ga_sid=1694435655&ga_hid=47684765&ga_fc=0&ga_cid=amp-ZZfTcNPgaU4XzHAosBFIYw&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=2780182601&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C44798934&oid=2&pvsid=562622493605378&tmod=187379184&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.tw4huzh369ut&fsb=1&dtd=948
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 11 Sep 2023 12:34:16 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AXcoOmRyvgrqbBehiMJjYhauFSvcAjBymiAM4G1dwc9MFg9GrOdRTEk4YaR9SZqkZhDeRWFTc7ZW_WGSDCBoLl29Ws3073jk3_A&google_hm=NjYyNjIxNjkyMjc1NzY2NTI4OA%3D%3D
date
Mon, 11 Sep 2023 12:34:16 GMT
content-length
0
attr
cm.g.doubleclick.net/pixel/ Frame C160 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JE4Wap-sWUmUVsboKfdIpoGZl8UNVERAGcDvTq0yLFmSSSQepB6_Hx7JA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301107&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1694428455&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxie-yan-fu-bing-shi-qi-kong-su-yi-shi-yao-tui-xiu-bi-zhuan-zhen.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694435654342&bpp=539&bdt=789&idt=931&shv=r20230906&mjsv=m202309060101&ptt=5&saldr=sd&cookie=ID%3D050c352e40c34459%3AT%3D1694435653%3ART%3D1694435653%3AS%3DALNI_MaMqZh8i9RnVEXbYAdt4sdhuIqPhg&gpic=UID%3D00000c71d2ea5162%3AT%3D1694435653%3ART%3D1694435653%3AS%3DALNI_MYT6Vh6T4H89y6jhRrUY6HZHhIwDg&correlator=1234989831690&frm=23&ife=1&pv=1&ga_vid=2033806290.1694435655&ga_sid=1694435655&ga_hid=47684765&ga_fc=0&ga_cid=amp-ZZfTcNPgaU4XzHAosBFIYw&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=2780182601&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C44798934&oid=2&pvsid=562622493605378&tmod=187379184&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.tw4huzh369ut&fsb=1&dtd=948
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 12:34:16 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
img
imageproxy.eu.criteo.net/img/ Frame C39C 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?h=92&m=0&partner=102789&q=80&r=0&u=http%3A%2F%2Fstatic.fr3.eu.criteo.net%2Fdesign%2Fdt%2F102789%2F4782559%2F7a34ef86a86540a5adebf22d382f4e90_digicomp_logo_white_criteobanner_cta_horizontal.png&v=3&w=668&s=jE2gZoG1tNbQutE2yyZXUCGG
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZP8JRwAGGbMEwtBXAAKM2XQFzJ89oRjm8wW57A&u=%7C7986pjaTk5bKDdYvow31XtW5mXBQNx1y0xT0l5y4rlQ%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdhoxLfz-cNqzFiF5C1iIi-No5dsH_gGJ612oS23GCZbDG9-Jcw020wuh3fZaV5E5SsgfVE6kyN1dHenPxHoxWxpsS9TrFIAD7Pk3t4SD6FX2elV3AWLexpWEnMttjdNdRrnvoJ-mjfXQj0VdsQIyXAMZuf36wroCtmDyIZtDfft0dNaV-V9hmkJxVx8lxTwZVy_y1_ADx9Ar-_Ei-6gT_jrx3O9kht9cqZtnUSA4xr493VizFwCyymKTR_7OX8ziG31mCm3D2-3ObqFMGyKcp0uxL-XYmkUscyBQh9HBZOh3wB3YA7q-86o8Er50EVIrJvRUBfqopuT6WmINMqe2-L76CG-RtYdN-RXsBHQbcWBh6TY8lEyXi6vtSOgMf2TSMDRrRIvqyQ1Igrx9bQQG4wzeo4CRBOWuWnmjoVBLD-RGSyj1T8l37Wqe8oSmQo6fnRzm1sCnWinecfnqy2eZETh62zRQn-rqEzd4iuZGAmNQv2SfmhILQSTfMyFuudMTt8pnroT-nODKVEIWhZcSAtgjWa4sv_YYHQPlXCQi3Is4P1OZFdgKk5cUdJiYi9TD_-LWOsWMosydbneyjRaz8nDXia5DQS7Bdu2kQcQ6aP4sAf856kyEn4UyXAca5qJtF0zCpk0_wSWxZUtA6-2dZLjlitwqiR8xrN-91BqZ7qQstI0M3Jt3LPrPZfbauku7CFmeP5x6ATGS4h8xkaPBEw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCRwV0Rwn_ZLOzGNegi9YP2ZmKoAbJntKxXNWdkfdwwI23ARABIABg9ZXOgeAEggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpArmvXfDW_7E-qAMByAMCqgSmAk_Qp2AR8pQUQclIptlDolgLizSaTVtEjot56kucIj6rfVdLHcEteWVwn5PxHVoQ8y0ZJRHqouskacXBOETF6lcCr8itTMwqd1WgU5odgXF3NOxvUpmmThO4Yfvd1jUJHrEUU5Fvbz1aHGk9KEyw-v9M_9SG6rgHoR_vK4qtPqpq0SvogC39aT7d6E66zK8VNXey0pax3uCB8KcbaFRigKAcShz19UW3pUAmdR8pdKGVSNF-yJsV-B5s9QKBVddWoiqEJcaLI58PxQ6uElrodZuSlpUNE_LOTjebZAj6hnIVAlrr13Ew6dLQJBrYMr1LWfUKbJEDSUNmCBviU-drDg7uHaE9EQjZIjhFa1JEnHrndeNyje37emwh4Q8y58SuXsrIiZWVi4AG7qSDqa_V369ZoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0baRgu6aIY4Ta0a8WTPnHM6ys4Eg%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
b8e8e03b984d03eb6e39a9ffdb6cb101eb51bfee351add25d30813d81242fde8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 12:34:15 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/png
cache-control
public, max-age=31104000
content-length
14927
expires
Wed, 04 Sep 2024 02:02:54 GMT
img
imageproxy.eu.criteo.net/img/ Frame C39C 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=102789&q=80&r=0&u=https%3A%2F%2Fres.cloudinary.com%2Fdigicomp-academy-ag%2Fimage%2Fupload%2Ffeed%2FA02.jpg&v=3&w=400&s=iz4_IhT-23ldv0WqXrXciIUt&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZP8JRwAGGbMEwtBXAAKM2XQFzJ89oRjm8wW57A&u=%7C7986pjaTk5bKDdYvow31XtW5mXBQNx1y0xT0l5y4rlQ%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdhoxLfz-cNqzFiF5C1iIi-No5dsH_gGJ612oS23GCZbDG9-Jcw020wuh3fZaV5E5SsgfVE6kyN1dHenPxHoxWxpsS9TrFIAD7Pk3t4SD6FX2elV3AWLexpWEnMttjdNdRrnvoJ-mjfXQj0VdsQIyXAMZuf36wroCtmDyIZtDfft0dNaV-V9hmkJxVx8lxTwZVy_y1_ADx9Ar-_Ei-6gT_jrx3O9kht9cqZtnUSA4xr493VizFwCyymKTR_7OX8ziG31mCm3D2-3ObqFMGyKcp0uxL-XYmkUscyBQh9HBZOh3wB3YA7q-86o8Er50EVIrJvRUBfqopuT6WmINMqe2-L76CG-RtYdN-RXsBHQbcWBh6TY8lEyXi6vtSOgMf2TSMDRrRIvqyQ1Igrx9bQQG4wzeo4CRBOWuWnmjoVBLD-RGSyj1T8l37Wqe8oSmQo6fnRzm1sCnWinecfnqy2eZETh62zRQn-rqEzd4iuZGAmNQv2SfmhILQSTfMyFuudMTt8pnroT-nODKVEIWhZcSAtgjWa4sv_YYHQPlXCQi3Is4P1OZFdgKk5cUdJiYi9TD_-LWOsWMosydbneyjRaz8nDXia5DQS7Bdu2kQcQ6aP4sAf856kyEn4UyXAca5qJtF0zCpk0_wSWxZUtA6-2dZLjlitwqiR8xrN-91BqZ7qQstI0M3Jt3LPrPZfbauku7CFmeP5x6ATGS4h8xkaPBEw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCRwV0Rwn_ZLOzGNegi9YP2ZmKoAbJntKxXNWdkfdwwI23ARABIABg9ZXOgeAEggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpArmvXfDW_7E-qAMByAMCqgSmAk_Qp2AR8pQUQclIptlDolgLizSaTVtEjot56kucIj6rfVdLHcEteWVwn5PxHVoQ8y0ZJRHqouskacXBOETF6lcCr8itTMwqd1WgU5odgXF3NOxvUpmmThO4Yfvd1jUJHrEUU5Fvbz1aHGk9KEyw-v9M_9SG6rgHoR_vK4qtPqpq0SvogC39aT7d6E66zK8VNXey0pax3uCB8KcbaFRigKAcShz19UW3pUAmdR8pdKGVSNF-yJsV-B5s9QKBVddWoiqEJcaLI58PxQ6uElrodZuSlpUNE_LOTjebZAj6hnIVAlrr13Ew6dLQJBrYMr1LWfUKbJEDSUNmCBviU-drDg7uHaE9EQjZIjhFa1JEnHrndeNyje37emwh4Q8y58SuXsrIiZWVi4AG7qSDqa_V369ZoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0baRgu6aIY4Ta0a8WTPnHM6ys4Eg%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
3a3b6228c8b0ca57f754c5044f9ac8a6dbb8ae04dbcd96f0daad569bcccbaabc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 12:34:16 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=2592000
content-length
14514
expires
Tue, 03 Oct 2023 06:25:43 GMT
all
csm.eu.criteo.net/ Frame C39C 		0
128 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=xecHPRF1f3OdGv3qez0nm4USt6ChkJjJlYFzAHUnYoBjy_MhTMGSc2qUtNWrVkhc_rG7O01Z5wVSQmLR_Xx7mh64xjG9RWbtvXhkpqe5zBF69NmqnxgkW89Nob-LP4Dx56MXCKU1Bz8JzONW5MTIMnPZqIsimc69FA5LN_8OIJCwJ9-kC_TJ6oQDmqg5PEkowiSNYs99RDKDKFyvTc26L0EHpSKLa9qjeOmZq1R8AKUTEUxevwsE6D3XkTNqjHMCuzL7Iw&sds=2&rev=88356&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZP8JRwAGGbMEwtBXAAKM2XQFzJ89oRjm8wW57A&u=%7C7986pjaTk5bKDdYvow31XtW5mXBQNx1y0xT0l5y4rlQ%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdhoxLfz-cNqzFiF5C1iIi-No5dsH_gGJ612oS23GCZbDG9-Jcw020wuh3fZaV5E5SsgfVE6kyN1dHenPxHoxWxpsS9TrFIAD7Pk3t4SD6FX2elV3AWLexpWEnMttjdNdRrnvoJ-mjfXQj0VdsQIyXAMZuf36wroCtmDyIZtDfft0dNaV-V9hmkJxVx8lxTwZVy_y1_ADx9Ar-_Ei-6gT_jrx3O9kht9cqZtnUSA4xr493VizFwCyymKTR_7OX8ziG31mCm3D2-3ObqFMGyKcp0uxL-XYmkUscyBQh9HBZOh3wB3YA7q-86o8Er50EVIrJvRUBfqopuT6WmINMqe2-L76CG-RtYdN-RXsBHQbcWBh6TY8lEyXi6vtSOgMf2TSMDRrRIvqyQ1Igrx9bQQG4wzeo4CRBOWuWnmjoVBLD-RGSyj1T8l37Wqe8oSmQo6fnRzm1sCnWinecfnqy2eZETh62zRQn-rqEzd4iuZGAmNQv2SfmhILQSTfMyFuudMTt8pnroT-nODKVEIWhZcSAtgjWa4sv_YYHQPlXCQi3Is4P1OZFdgKk5cUdJiYi9TD_-LWOsWMosydbneyjRaz8nDXia5DQS7Bdu2kQcQ6aP4sAf856kyEn4UyXAca5qJtF0zCpk0_wSWxZUtA6-2dZLjlitwqiR8xrN-91BqZ7qQstI0M3Jt3LPrPZfbauku7CFmeP5x6ATGS4h8xkaPBEw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCRwV0Rwn_ZLOzGNegi9YP2ZmKoAbJntKxXNWdkfdwwI23ARABIABg9ZXOgeAEggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpArmvXfDW_7E-qAMByAMCqgSmAk_Qp2AR8pQUQclIptlDolgLizSaTVtEjot56kucIj6rfVdLHcEteWVwn5PxHVoQ8y0ZJRHqouskacXBOETF6lcCr8itTMwqd1WgU5odgXF3NOxvUpmmThO4Yfvd1jUJHrEUU5Fvbz1aHGk9KEyw-v9M_9SG6rgHoR_vK4qtPqpq0SvogC39aT7d6E66zK8VNXey0pax3uCB8KcbaFRigKAcShz19UW3pUAmdR8pdKGVSNF-yJsV-B5s9QKBVddWoiqEJcaLI58PxQ6uElrodZuSlpUNE_LOTjebZAj6hnIVAlrr13Ew6dLQJBrYMr1LWfUKbJEDSUNmCBviU-drDg7uHaE9EQjZIjhFa1JEnHrndeNyje37emwh4Q8y58SuXsrIiZWVi4AG7qSDqa_V369ZoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0baRgu6aIY4Ta0a8WTPnHM6ys4Eg%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Mon, 11 Sep 2023 12:34:15 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame C39C 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZP8JRwAGGbMEwtBXAAKM2XQFzJ89oRjm8wW57A&u=%7C7986pjaTk5bKDdYvow31XtW5mXBQNx1y0xT0l5y4rlQ%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdhoxLfz-cNqzFiF5C1iIi-No5dsH_gGJ612oS23GCZbDG9-Jcw020wuh3fZaV5E5SsgfVE6kyN1dHenPxHoxWxpsS9TrFIAD7Pk3t4SD6FX2elV3AWLexpWEnMttjdNdRrnvoJ-mjfXQj0VdsQIyXAMZuf36wroCtmDyIZtDfft0dNaV-V9hmkJxVx8lxTwZVy_y1_ADx9Ar-_Ei-6gT_jrx3O9kht9cqZtnUSA4xr493VizFwCyymKTR_7OX8ziG31mCm3D2-3ObqFMGyKcp0uxL-XYmkUscyBQh9HBZOh3wB3YA7q-86o8Er50EVIrJvRUBfqopuT6WmINMqe2-L76CG-RtYdN-RXsBHQbcWBh6TY8lEyXi6vtSOgMf2TSMDRrRIvqyQ1Igrx9bQQG4wzeo4CRBOWuWnmjoVBLD-RGSyj1T8l37Wqe8oSmQo6fnRzm1sCnWinecfnqy2eZETh62zRQn-rqEzd4iuZGAmNQv2SfmhILQSTfMyFuudMTt8pnroT-nODKVEIWhZcSAtgjWa4sv_YYHQPlXCQi3Is4P1OZFdgKk5cUdJiYi9TD_-LWOsWMosydbneyjRaz8nDXia5DQS7Bdu2kQcQ6aP4sAf856kyEn4UyXAca5qJtF0zCpk0_wSWxZUtA6-2dZLjlitwqiR8xrN-91BqZ7qQstI0M3Jt3LPrPZfbauku7CFmeP5x6ATGS4h8xkaPBEw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCRwV0Rwn_ZLOzGNegi9YP2ZmKoAbJntKxXNWdkfdwwI23ARABIABg9ZXOgeAEggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpArmvXfDW_7E-qAMByAMCqgSmAk_Qp2AR8pQUQclIptlDolgLizSaTVtEjot56kucIj6rfVdLHcEteWVwn5PxHVoQ8y0ZJRHqouskacXBOETF6lcCr8itTMwqd1WgU5odgXF3NOxvUpmmThO4Yfvd1jUJHrEUU5Fvbz1aHGk9KEyw-v9M_9SG6rgHoR_vK4qtPqpq0SvogC39aT7d6E66zK8VNXey0pax3uCB8KcbaFRigKAcShz19UW3pUAmdR8pdKGVSNF-yJsV-B5s9QKBVddWoiqEJcaLI58PxQ6uElrodZuSlpUNE_LOTjebZAj6hnIVAlrr13Ew6dLQJBrYMr1LWfUKbJEDSUNmCBviU-drDg7uHaE9EQjZIjhFa1JEnHrndeNyje37emwh4Q8y58SuXsrIiZWVi4AG7qSDqa_V369ZoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0baRgu6aIY4Ta0a8WTPnHM6ys4Eg%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 12:34:16 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 05 Sep 2024 12:34:16 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame C39C 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZP8JRwAGGbMEwtBXAAKM2XQFzJ89oRjm8wW57A&u=%7C7986pjaTk5bKDdYvow31XtW5mXBQNx1y0xT0l5y4rlQ%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdhoxLfz-cNqzFiF5C1iIi-No5dsH_gGJ612oS23GCZbDG9-Jcw020wuh3fZaV5E5SsgfVE6kyN1dHenPxHoxWxpsS9TrFIAD7Pk3t4SD6FX2elV3AWLexpWEnMttjdNdRrnvoJ-mjfXQj0VdsQIyXAMZuf36wroCtmDyIZtDfft0dNaV-V9hmkJxVx8lxTwZVy_y1_ADx9Ar-_Ei-6gT_jrx3O9kht9cqZtnUSA4xr493VizFwCyymKTR_7OX8ziG31mCm3D2-3ObqFMGyKcp0uxL-XYmkUscyBQh9HBZOh3wB3YA7q-86o8Er50EVIrJvRUBfqopuT6WmINMqe2-L76CG-RtYdN-RXsBHQbcWBh6TY8lEyXi6vtSOgMf2TSMDRrRIvqyQ1Igrx9bQQG4wzeo4CRBOWuWnmjoVBLD-RGSyj1T8l37Wqe8oSmQo6fnRzm1sCnWinecfnqy2eZETh62zRQn-rqEzd4iuZGAmNQv2SfmhILQSTfMyFuudMTt8pnroT-nODKVEIWhZcSAtgjWa4sv_YYHQPlXCQi3Is4P1OZFdgKk5cUdJiYi9TD_-LWOsWMosydbneyjRaz8nDXia5DQS7Bdu2kQcQ6aP4sAf856kyEn4UyXAca5qJtF0zCpk0_wSWxZUtA6-2dZLjlitwqiR8xrN-91BqZ7qQstI0M3Jt3LPrPZfbauku7CFmeP5x6ATGS4h8xkaPBEw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCRwV0Rwn_ZLOzGNegi9YP2ZmKoAbJntKxXNWdkfdwwI23ARABIABg9ZXOgeAEggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpArmvXfDW_7E-qAMByAMCqgSmAk_Qp2AR8pQUQclIptlDolgLizSaTVtEjot56kucIj6rfVdLHcEteWVwn5PxHVoQ8y0ZJRHqouskacXBOETF6lcCr8itTMwqd1WgU5odgXF3NOxvUpmmThO4Yfvd1jUJHrEUU5Fvbz1aHGk9KEyw-v9M_9SG6rgHoR_vK4qtPqpq0SvogC39aT7d6E66zK8VNXey0pax3uCB8KcbaFRigKAcShz19UW3pUAmdR8pdKGVSNF-yJsV-B5s9QKBVddWoiqEJcaLI58PxQ6uElrodZuSlpUNE_LOTjebZAj6hnIVAlrr13Ew6dLQJBrYMr1LWfUKbJEDSUNmCBviU-drDg7uHaE9EQjZIjhFa1JEnHrndeNyje37emwh4Q8y58SuXsrIiZWVi4AG7qSDqa_V369ZoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0baRgu6aIY4Ta0a8WTPnHM6ys4Eg%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 12:34:16 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 05 Sep 2024 12:34:16 GMT
track
t.teads.tv/ Frame AFFD 		23 B
134 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.teads.tv/track?action=adCall&env=js-web&pageId=154680&pid=169092&auctid=6cb247c3-d4af-47d8-af5b-93402999ab0f_50b45b42-c1ea-4c9e-9f86-d8579626f5b9&vid=dda1694e-37ca-4de0-b5a1-6d30c645324e&slot=native&pfid=72&gdpr_api_version=&gdpr_cmp_id=&gdpr_consent=&gdpr_status=24&gdpr_reason=240&rpm_reason=19&hb_provider=prebid&fv=1247&ts=1694435656577&f=1&referer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxie-yan-fu-bing-shi-qi-kong-su-yi-shi-yao-tui-xiu-bi-zhuan-zhen.html
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xie-yan-fu-bing-shi-qi-kong-su-yi-shi-yao-tui-xiu-bi-zhuan-zhen.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.161.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-161-51.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Sat, 26 Jul 1997 05:00:00 GMT
date
Mon, 11 Sep 2023 12:34:16 GMT
cache-control
max-age=0, no-cache, no-store
content-length
23
content-type
image/gif
video.high.mp4
s8t.teads.tv/creative-7dd732d0-458b-11ee-b8ab-e36d8956f1ce/ Frame 0F9A 		2 MB
2 MB 		Media
General
Check archive.org
Download Go to
Full URL
https://s8t.teads.tv/creative-7dd732d0-458b-11ee-b8ab-e36d8956f1ce/video.high.mp4?5e5724f1f1ae098d906c05d0faca76f4
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xie-yan-fu-bing-shi-qi-kong-su-yi-shi-yao-tui-xiu-bi-zhuan-zhen.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.75.89.75 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-89-75.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
c0525eeaa4015b760da768e26f5df26324bb2759e9fcd10b72fe1e84e0db2881

Request headers

Referer
https://www.bg3.co/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

date
Mon, 11 Sep 2023 12:34:16 GMT
x-amz-request-id
8VVY3HTCB7QE3NR8
x-amz-server-side-encryption
AES256
Content-Range
bytes 0-2342839/2342840
Content-Length
2342840
x-amz-id-2
EBTH5XzQJ6OG22gR40cnJkvk+yzd6yfpINQGW/Kc145V+kUV6nnkCov/47O76D3fCeGqQpvb65s=
last-modified
Mon, 28 Aug 2023 10:15:00 GMT
server
AmazonS3
etag
"56248c1dce7360963df5f2ae49387e73"
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
video/mp4
access-control-allow-origin
*
cache-control
max-age=31540000
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
expires
Tue, 10 Sep 2024 13:40:56 GMT
img
imageproxy.eu.criteo.net/img/ Frame 2466 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?h=92&m=0&partner=102789&q=80&r=0&u=http%3A%2F%2Fstatic.fr3.eu.criteo.net%2Fdesign%2Fdt%2F102789%2F4782559%2F7a34ef86a86540a5adebf22d382f4e90_digicomp_logo_white_criteobanner_cta_horizontal.png&v=3&w=668&s=jE2gZoG1tNbQutE2yyZXUCGG
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZP8JRwAC7ZkEws-YAAnYNK_Rvdbw6A3rk4RXdA&u=%7C7986pjaTk5YjvYxH8g2UIflWwdIND8LKNA8ieL3ryIo%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdhoxLfz-cNqzFiF5C1iIi-No5dsH_gGJ612oS23GCZbDG9-Jcw020wuh3fZaV5E5SsgfVE6kyN1UvGKTou5wsTULlF2dG6nzs5PKE-5vrOg1FsaYmKRAfRJogjhObTA8e4UOkj3_fI0gVE2EdEGFBZqrhvgblifP4J_eCyCtRv4jDnGdyZp2nx-C96sDRNzNPlCJgvOYRlaxwMq3vhRX5Hae-sbXcXItMzS8oDT-KcnTdqdPeq_2ZeJB3BLtwUqwhY-4OmuEeJA-wDEhV8DjdhXCabOShbHvq5ZXug6U7yQNiFQX1Udrb3K5v-PnUo2Fd2j-6m-XTd989Ph2yUqsply4jNzveBAKV2w60p_f8n_mp8ERyzuhamERsyP6m9Ttr5Vs4QBgpRQgndaMEJbautuA_kajzBEePFDXdETDg4mvBawd_3oEo4VZi-530SzPZlfX7kKYDIwpfpLrNGyxgoF1ppOtIHNGTa5FYsyujBzGR0k1hsBI4EMS8STJi2mhef0rURPXOB8Dqkp_JYb0OuvFihMeRVYRFv4rz6QL0Oz20qosFnhmky17ugpbGEb6_gVqCKyPbnie_QYRGX9WSPh6nFmIHpisBmZawua_7Af8F7yY_Lt4NhG1540VYClTD_2b9NGQEXMqzFlhDAH76JwS_wT6OTsuMIbRxu-4wnMbfVLnezUd73KmOdFUwbd0CGHDS6GJyy6e7A5g4Je3JD&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQd9QRwn_ZJnbC5ifi9YPtLCnYMme0rFc1Z2R93DAjbcBEAEgAGD1lc6B4ASCARdjYS1wdWItNDQ4NTIzOTQyNTkyNDc4N8gBCakC9j0qZY8Csj6oAwHIAwKqBKwCT9AhyZOFqcqqvKCkPcmvCzGw_gPl6JTczkUaZlhG49_ZWQSQ4BkpgkvIOOUM5FtNjvbC3vokxA_Q-VV_mXdKVn0dPjb_WRylIOeP52aj3m9J49yBWdG_gW5xytSjKs6By-ugQQfs2R0Ule7m-uvzBWt2kD0Z-rGrmj-utlSYas7MZc3iiDdecij0dxer050PY5tGXlm8ZP59JKB14reM1XAv2cPPBQ7lsUzloPwj6hfUS863BSqIGFAkC-lrkYfoEs9qmCf6MRUyueX6kyinB9HHBP6P9tt99svwC1fjKWJrFF72I-SpzZCaGOOo3pEsRPNhAspVvPpX0P7N2etMM9mWIxvI08OhokxMJBbjs0sBA2Z_atooGBhZ6SgsduL6I3Ahau2VIpvzzP8IgAbupIOpr9Xfr1mgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2BTuq4EUzkUXY6v5LEOhLM1IJkyQ%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
b8e8e03b984d03eb6e39a9ffdb6cb101eb51bfee351add25d30813d81242fde8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 12:34:15 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/png
cache-control
public, max-age=31104000
content-length
14927
expires
Wed, 04 Sep 2024 02:02:54 GMT
img
imageproxy.eu.criteo.net/img/ Frame 2466 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=102789&q=80&r=0&u=https%3A%2F%2Fres.cloudinary.com%2Fdigicomp-academy-ag%2Fimage%2Fupload%2Ffeed%2FPDFDRU.jpg&v=3&w=400&s=OFt-doyddY8XQvCKGw4kVxOO&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZP8JRwAC7ZkEws-YAAnYNK_Rvdbw6A3rk4RXdA&u=%7C7986pjaTk5YjvYxH8g2UIflWwdIND8LKNA8ieL3ryIo%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdhoxLfz-cNqzFiF5C1iIi-No5dsH_gGJ612oS23GCZbDG9-Jcw020wuh3fZaV5E5SsgfVE6kyN1UvGKTou5wsTULlF2dG6nzs5PKE-5vrOg1FsaYmKRAfRJogjhObTA8e4UOkj3_fI0gVE2EdEGFBZqrhvgblifP4J_eCyCtRv4jDnGdyZp2nx-C96sDRNzNPlCJgvOYRlaxwMq3vhRX5Hae-sbXcXItMzS8oDT-KcnTdqdPeq_2ZeJB3BLtwUqwhY-4OmuEeJA-wDEhV8DjdhXCabOShbHvq5ZXug6U7yQNiFQX1Udrb3K5v-PnUo2Fd2j-6m-XTd989Ph2yUqsply4jNzveBAKV2w60p_f8n_mp8ERyzuhamERsyP6m9Ttr5Vs4QBgpRQgndaMEJbautuA_kajzBEePFDXdETDg4mvBawd_3oEo4VZi-530SzPZlfX7kKYDIwpfpLrNGyxgoF1ppOtIHNGTa5FYsyujBzGR0k1hsBI4EMS8STJi2mhef0rURPXOB8Dqkp_JYb0OuvFihMeRVYRFv4rz6QL0Oz20qosFnhmky17ugpbGEb6_gVqCKyPbnie_QYRGX9WSPh6nFmIHpisBmZawua_7Af8F7yY_Lt4NhG1540VYClTD_2b9NGQEXMqzFlhDAH76JwS_wT6OTsuMIbRxu-4wnMbfVLnezUd73KmOdFUwbd0CGHDS6GJyy6e7A5g4Je3JD&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQd9QRwn_ZJnbC5ifi9YPtLCnYMme0rFc1Z2R93DAjbcBEAEgAGD1lc6B4ASCARdjYS1wdWItNDQ4NTIzOTQyNTkyNDc4N8gBCakC9j0qZY8Csj6oAwHIAwKqBKwCT9AhyZOFqcqqvKCkPcmvCzGw_gPl6JTczkUaZlhG49_ZWQSQ4BkpgkvIOOUM5FtNjvbC3vokxA_Q-VV_mXdKVn0dPjb_WRylIOeP52aj3m9J49yBWdG_gW5xytSjKs6By-ugQQfs2R0Ule7m-uvzBWt2kD0Z-rGrmj-utlSYas7MZc3iiDdecij0dxer050PY5tGXlm8ZP59JKB14reM1XAv2cPPBQ7lsUzloPwj6hfUS863BSqIGFAkC-lrkYfoEs9qmCf6MRUyueX6kyinB9HHBP6P9tt99svwC1fjKWJrFF72I-SpzZCaGOOo3pEsRPNhAspVvPpX0P7N2etMM9mWIxvI08OhokxMJBbjs0sBA2Z_atooGBhZ6SgsduL6I3Ahau2VIpvzzP8IgAbupIOpr9Xfr1mgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2BTuq4EUzkUXY6v5LEOhLM1IJkyQ%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
c2e108b13f9db2acc5baf4873111d47587fcfc08fac49592a736d7846993ff25
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 12:34:16 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=2592000
content-length
16322
expires
Tue, 10 Oct 2023 09:48:03 GMT
all
csm.eu.criteo.net/ Frame 2466 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=0j0TwBF1f3OdGv3qZliAyuCQ1BQH4AdyszmCgd4Zjz1Wh0yOlChvYI3xdwlOyEGSYfsDCDKV2o6Uuq2oy0ieq99eDviXrGEX1EY6rE1frRn-oX0BkdBrbpL2jl6SRpf43rHp_NvqYJS-TbchSCdXZKsZjWY56pyvqWNhrr9F7OWSgvSi3_IEFPNx28nvg8C-4PkfP_RNYsGkhbaQnEsuXajOV43BCARvOxl77KlHzBpXJy-5UWXimY8G88Ev-tEtN0pWIw&sds=2&rev=88356&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZP8JRwAC7ZkEws-YAAnYNK_Rvdbw6A3rk4RXdA&u=%7C7986pjaTk5YjvYxH8g2UIflWwdIND8LKNA8ieL3ryIo%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdhoxLfz-cNqzFiF5C1iIi-No5dsH_gGJ612oS23GCZbDG9-Jcw020wuh3fZaV5E5SsgfVE6kyN1UvGKTou5wsTULlF2dG6nzs5PKE-5vrOg1FsaYmKRAfRJogjhObTA8e4UOkj3_fI0gVE2EdEGFBZqrhvgblifP4J_eCyCtRv4jDnGdyZp2nx-C96sDRNzNPlCJgvOYRlaxwMq3vhRX5Hae-sbXcXItMzS8oDT-KcnTdqdPeq_2ZeJB3BLtwUqwhY-4OmuEeJA-wDEhV8DjdhXCabOShbHvq5ZXug6U7yQNiFQX1Udrb3K5v-PnUo2Fd2j-6m-XTd989Ph2yUqsply4jNzveBAKV2w60p_f8n_mp8ERyzuhamERsyP6m9Ttr5Vs4QBgpRQgndaMEJbautuA_kajzBEePFDXdETDg4mvBawd_3oEo4VZi-530SzPZlfX7kKYDIwpfpLrNGyxgoF1ppOtIHNGTa5FYsyujBzGR0k1hsBI4EMS8STJi2mhef0rURPXOB8Dqkp_JYb0OuvFihMeRVYRFv4rz6QL0Oz20qosFnhmky17ugpbGEb6_gVqCKyPbnie_QYRGX9WSPh6nFmIHpisBmZawua_7Af8F7yY_Lt4NhG1540VYClTD_2b9NGQEXMqzFlhDAH76JwS_wT6OTsuMIbRxu-4wnMbfVLnezUd73KmOdFUwbd0CGHDS6GJyy6e7A5g4Je3JD&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQd9QRwn_ZJnbC5ifi9YPtLCnYMme0rFc1Z2R93DAjbcBEAEgAGD1lc6B4ASCARdjYS1wdWItNDQ4NTIzOTQyNTkyNDc4N8gBCakC9j0qZY8Csj6oAwHIAwKqBKwCT9AhyZOFqcqqvKCkPcmvCzGw_gPl6JTczkUaZlhG49_ZWQSQ4BkpgkvIOOUM5FtNjvbC3vokxA_Q-VV_mXdKVn0dPjb_WRylIOeP52aj3m9J49yBWdG_gW5xytSjKs6By-ugQQfs2R0Ule7m-uvzBWt2kD0Z-rGrmj-utlSYas7MZc3iiDdecij0dxer050PY5tGXlm8ZP59JKB14reM1XAv2cPPBQ7lsUzloPwj6hfUS863BSqIGFAkC-lrkYfoEs9qmCf6MRUyueX6kyinB9HHBP6P9tt99svwC1fjKWJrFF72I-SpzZCaGOOo3pEsRPNhAspVvPpX0P7N2etMM9mWIxvI08OhokxMJBbjs0sBA2Z_atooGBhZ6SgsduL6I3Ahau2VIpvzzP8IgAbupIOpr9Xfr1mgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2BTuq4EUzkUXY6v5LEOhLM1IJkyQ%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Mon, 11 Sep 2023 12:34:16 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 2466 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZP8JRwAC7ZkEws-YAAnYNK_Rvdbw6A3rk4RXdA&u=%7C7986pjaTk5YjvYxH8g2UIflWwdIND8LKNA8ieL3ryIo%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdhoxLfz-cNqzFiF5C1iIi-No5dsH_gGJ612oS23GCZbDG9-Jcw020wuh3fZaV5E5SsgfVE6kyN1UvGKTou5wsTULlF2dG6nzs5PKE-5vrOg1FsaYmKRAfRJogjhObTA8e4UOkj3_fI0gVE2EdEGFBZqrhvgblifP4J_eCyCtRv4jDnGdyZp2nx-C96sDRNzNPlCJgvOYRlaxwMq3vhRX5Hae-sbXcXItMzS8oDT-KcnTdqdPeq_2ZeJB3BLtwUqwhY-4OmuEeJA-wDEhV8DjdhXCabOShbHvq5ZXug6U7yQNiFQX1Udrb3K5v-PnUo2Fd2j-6m-XTd989Ph2yUqsply4jNzveBAKV2w60p_f8n_mp8ERyzuhamERsyP6m9Ttr5Vs4QBgpRQgndaMEJbautuA_kajzBEePFDXdETDg4mvBawd_3oEo4VZi-530SzPZlfX7kKYDIwpfpLrNGyxgoF1ppOtIHNGTa5FYsyujBzGR0k1hsBI4EMS8STJi2mhef0rURPXOB8Dqkp_JYb0OuvFihMeRVYRFv4rz6QL0Oz20qosFnhmky17ugpbGEb6_gVqCKyPbnie_QYRGX9WSPh6nFmIHpisBmZawua_7Af8F7yY_Lt4NhG1540VYClTD_2b9NGQEXMqzFlhDAH76JwS_wT6OTsuMIbRxu-4wnMbfVLnezUd73KmOdFUwbd0CGHDS6GJyy6e7A5g4Je3JD&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQd9QRwn_ZJnbC5ifi9YPtLCnYMme0rFc1Z2R93DAjbcBEAEgAGD1lc6B4ASCARdjYS1wdWItNDQ4NTIzOTQyNTkyNDc4N8gBCakC9j0qZY8Csj6oAwHIAwKqBKwCT9AhyZOFqcqqvKCkPcmvCzGw_gPl6JTczkUaZlhG49_ZWQSQ4BkpgkvIOOUM5FtNjvbC3vokxA_Q-VV_mXdKVn0dPjb_WRylIOeP52aj3m9J49yBWdG_gW5xytSjKs6By-ugQQfs2R0Ule7m-uvzBWt2kD0Z-rGrmj-utlSYas7MZc3iiDdecij0dxer050PY5tGXlm8ZP59JKB14reM1XAv2cPPBQ7lsUzloPwj6hfUS863BSqIGFAkC-lrkYfoEs9qmCf6MRUyueX6kyinB9HHBP6P9tt99svwC1fjKWJrFF72I-SpzZCaGOOo3pEsRPNhAspVvPpX0P7N2etMM9mWIxvI08OhokxMJBbjs0sBA2Z_atooGBhZ6SgsduL6I3Ahau2VIpvzzP8IgAbupIOpr9Xfr1mgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2BTuq4EUzkUXY6v5LEOhLM1IJkyQ%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 12:34:16 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 05 Sep 2024 12:34:16 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 2466 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZP8JRwAC7ZkEws-YAAnYNK_Rvdbw6A3rk4RXdA&u=%7C7986pjaTk5YjvYxH8g2UIflWwdIND8LKNA8ieL3ryIo%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdhoxLfz-cNqzFiF5C1iIi-No5dsH_gGJ612oS23GCZbDG9-Jcw020wuh3fZaV5E5SsgfVE6kyN1UvGKTou5wsTULlF2dG6nzs5PKE-5vrOg1FsaYmKRAfRJogjhObTA8e4UOkj3_fI0gVE2EdEGFBZqrhvgblifP4J_eCyCtRv4jDnGdyZp2nx-C96sDRNzNPlCJgvOYRlaxwMq3vhRX5Hae-sbXcXItMzS8oDT-KcnTdqdPeq_2ZeJB3BLtwUqwhY-4OmuEeJA-wDEhV8DjdhXCabOShbHvq5ZXug6U7yQNiFQX1Udrb3K5v-PnUo2Fd2j-6m-XTd989Ph2yUqsply4jNzveBAKV2w60p_f8n_mp8ERyzuhamERsyP6m9Ttr5Vs4QBgpRQgndaMEJbautuA_kajzBEePFDXdETDg4mvBawd_3oEo4VZi-530SzPZlfX7kKYDIwpfpLrNGyxgoF1ppOtIHNGTa5FYsyujBzGR0k1hsBI4EMS8STJi2mhef0rURPXOB8Dqkp_JYb0OuvFihMeRVYRFv4rz6QL0Oz20qosFnhmky17ugpbGEb6_gVqCKyPbnie_QYRGX9WSPh6nFmIHpisBmZawua_7Af8F7yY_Lt4NhG1540VYClTD_2b9NGQEXMqzFlhDAH76JwS_wT6OTsuMIbRxu-4wnMbfVLnezUd73KmOdFUwbd0CGHDS6GJyy6e7A5g4Je3JD&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQd9QRwn_ZJnbC5ifi9YPtLCnYMme0rFc1Z2R93DAjbcBEAEgAGD1lc6B4ASCARdjYS1wdWItNDQ4NTIzOTQyNTkyNDc4N8gBCakC9j0qZY8Csj6oAwHIAwKqBKwCT9AhyZOFqcqqvKCkPcmvCzGw_gPl6JTczkUaZlhG49_ZWQSQ4BkpgkvIOOUM5FtNjvbC3vokxA_Q-VV_mXdKVn0dPjb_WRylIOeP52aj3m9J49yBWdG_gW5xytSjKs6By-ugQQfs2R0Ule7m-uvzBWt2kD0Z-rGrmj-utlSYas7MZc3iiDdecij0dxer050PY5tGXlm8ZP59JKB14reM1XAv2cPPBQ7lsUzloPwj6hfUS863BSqIGFAkC-lrkYfoEs9qmCf6MRUyueX6kyinB9HHBP6P9tt99svwC1fjKWJrFF72I-SpzZCaGOOo3pEsRPNhAspVvPpX0P7N2etMM9mWIxvI08OhokxMJBbjs0sBA2Z_atooGBhZ6SgsduL6I3Ahau2VIpvzzP8IgAbupIOpr9Xfr1mgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2BTuq4EUzkUXY6v5LEOhLM1IJkyQ%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 12:34:16 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 05 Sep 2024 12:34:16 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame C557 		156 B
186 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21830442390%2C22574853003%2Fbg3.co%2Fvast_0.7&description_url=https%3A%2F%2Fbg3.co&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=1138424884425369&sdkv=h.3.588.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=vidvertoplayer&mpv=1.0.0&sdki=445&ptt=20&adk=3976201203&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.588.0&media_url=https%3A%2F%2Fcdn.vidverto.io%2Fsecured2%2FBBXffsIs60OI88dHK70Oug%3A1694439253%2F1327%2Fvideo%2F1811%2F480_650.mp4&sid=291DE067-460D-49BE-9D2A-90EC8FC2951A&nel=0&eid=44752052%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44794530%2C44797559%2C44797735&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxie-yan-fu-bing-shi-qi-kong-su-yi-shi-yao-tui-xiu-bi-zhuan-zhen.html&dt=1694435656600&cookie=ID%3D050c352e40c34459-2268725c6ede0083%3AT%3D1694435653%3ART%3D1694435655%3AS%3DALNI_MYxHHkRDDdxw6RTktsYSwpFD39_SA&gpic=UID%3D00000c71d2ea5162%3AT%3D1694435653%3ART%3D1694435653%3AS%3DALNI_MYT6Vh6T4H89y6jhRrUY6HZHhIwDg&scor=27779010600129&ged=ve4_td4_tt2_pd4_la4000_er1172.240.1173.960_vi0.0.1200.1600_vp100_eb24171
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.588.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 12:34:16 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 0FDA 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202309050101&jk=3749438291413053&bg=!WFulWxTNAAa6D61Rmg87ADQBe5WfOGILXxRFf0WFeXCCGiifDY43TeoHesGECXIK9LwvfqmfKBJNNi59HCbyISQ-r7bbAgAAAUdSAAAAB2gBBwoAOnJXEflRTu8AM3nMSKwuAbDEfD0bY827a_17zUax7Xk4MkQo7ilmfDsUjFNTdh7L9GOghc2yw4j2rNeZAtSLk6LBuzArIDLI66eaEMfVD38sQgRfgDOMeF0MZumQdnZOmG56P2GlSG5E2-i6gj6XfSuy1gAKPWBBeTKCMnSqeqv-rfRQ7h-6TiVQ73Fd-8UwHc-Pd3IOoLfIZyCbKQaTbfu-z41M9FquMQbxt5Dkx9gdEgBsrHR0ByfRUD6yYUyLL3GUXJjtPZDYMLWye1t9PAB_24ft5IHjTQSSXQSJw3E57cVrPGrDDxUiGVrUFG2tQr8z1WLSgJEj95otw1lsNebt1-OcQxh-LLsSfVQBtla_l_hmDvd-HQ9XXjhYK_fK1vSxOLtU_ReyofyWMGUk18v1iamog0Kk2U9tI2vrzBnGiq6ny_8L5cMDzbFS01DwSIZLPsh0f0m5sI2HXLW97xRdiakAd3n9nJWz6DNTTNF315ve7SyE28LFLGJOGQi3NcvogMa3Ar8lRCrhEMIQ5HTgA6AVISFhL1fiLOXOtQEKSJGKfXQkTHS2RmVI2c7laEf8j5lQ4VRZ23qTjkpZt7UHsqBX7FaiYyeyexbHlfAqibc360PQEUvYnNFUZIAq0FRIppBciWIgroodl1CDlOGkGGpCYdSRsbiW2dmCnDLzc4XRpkcGYsy-DcruZpoL6xuLjbB081si_wzbGDaVKTtdxfxk1HJOtVFR5lxSY14Rc-ik0pf_OEgejDcj-I8JmhxmHOBzHedoZEglCpA_e_wyzKOubfFMJ3KboXSsd8H4ElUkI3sb8Wv28j3Cfu4xkzJ9FiuyQXOwRRDX3ubyRvEQRi6vqHGGQJxH9AA8lrD09f_aPkW-mquUGOGddh2y6xVkfIdb0PvJyPfEzghBdHj_hFlBTCbFt7QUspolt1cpvBtmSHs7GAyl_GYcEhGvrauwbnu3JH2CHjaoV26jPb6zGRSFDd4fIeQoCbTUln84JHvDLGjKQZ-Z4L9iitsDrLeUJY8Z3toNH697x1pSOtnd
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xie-yan-fu-bing-shi-qi-kong-su-yi-shi-yao-tui-xiu-bi-zhuan-zhen.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame 472C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202309050101&jk=845653870775387&bg=!k5ClkN_NAAa6D61Rmg87ADQBe5WfOHDYIN6i5IWsuyXPwjo79QIwm_TUzfqKoezioILr1T6WUfrumFNwCndZ66pY_B9yAgAAAVdSAAAACGgBBwoAoVXLfDL21ZcNfy1CEdRGABZmoGPyqwCUTqTo0_PFQ8uZbwXXfanwubuT5zO2Yio2zkUj4EZIlFZyFdtY-NXlLKHBWgBZbCd97g5xLkS5fU46T9IJ9qf-mpW2WlF91SxSwwlQHhdzketH37BqpFIaVXa7VastMXP2C47TPMtW-0bcwJw6QLfsM0-NyUkLOxI7lIghNcWfBbAso6QHGatzI882mQLMCp0fTjsmAimNLxLDWi7qsOHk-ffuk8vyBbvnnK9AI4Pyawc3QaiFQLz2r-Iw7ostZLTHCUYnM1PVZLj7vur63i5XbAtBaGpvalUOJ1CaHMg8qCFAnODfh78dFP2W0k_PcNSNhRHHhVnZ3G454kOwZn2bvh-lBM91v2U0vdeQnMVVFyIz_eonADvsDmsdda4EEGZxdPaO68_w87gDhP8wRaWk56vogPVIBe3WRgpDghf1AvO3d5N-Cf8E7Y6YApfhGpXC6NBqDZP_wwbHYuu8Kaixz02-xqYKMHByxCJCzxwq4Hp05wCIGh4A-FoGh21a7rKCtKIeHDKZ5AJwmReIYNC5VW7HGA6-z_1nb11Na6grRzE9Cuop_w09gJIONnGicYJON3qVrqG4xeFq629_oMkHtHIc0bj_savqyshPXNuUzJ8are9FHkWhVPW5rovCgEmEefU7jnDHNkNfiLvXuCYdvKBiWAWmqe3CFt6wj8qdV144V6zV9vgKU7BjruN0R46NILdwCUrM_CHWdIzZGycd51_QJQw-W4vrZfiTap5xnrUHgxIjS4XJirNSGch04F0RulsWvURVxUhncIAzoUe6onrgxSBv0455pGP0TxhjOCcqqpINaTVN52y5p5gSSN9ZlrOOlHoy0jKk67lKPn50hckxkjBcYhJ-uw1Pz9jfjJwlHlAFustoYXQmuk_J1Jty2vKjZldjMkSPnDe6eTC3VCpDm8wriclXjkZPZcb5qk1Se3XogKjNY26blEO8ohF-SPNnRdw6l9bA6RaR4wp-lTJc7VdJ-40rF-aFCSWptwtbaoX915fXE9UkFed9TGxg8zQqt2L9AMawxo0JyuAXc7oAihWSD2mED08KVnSwYbsBDSRdoBoD1cTSQWSOKksxOJ9tAOyFfJCBLizWq_T8zzPQ_z7khdKGOnsnrro8YSgYvHZVwRstAAs
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xie-yan-fu-bing-shi-qi-kong-su-yi-shi-yao-tui-xiu-bi-zhuan-zhen.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
img
imageproxy.eu.criteo.net/img/ Frame C39C 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?h=92&m=0&partner=102789&q=80&r=0&u=http%3A%2F%2Fstatic.fr3.eu.criteo.net%2Fdesign%2Fdt%2F102789%2F4782559%2F7a34ef86a86540a5adebf22d382f4e90_digicomp_logo_white_criteobanner_cta_horizontal.png&v=3&w=668&s=jE2gZoG1tNbQutE2yyZXUCGG
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZP8JRwAGGbMEwtBXAAKM2XQFzJ89oRjm8wW57A&u=%7C7986pjaTk5bKDdYvow31XtW5mXBQNx1y0xT0l5y4rlQ%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdhoxLfz-cNqzFiF5C1iIi-No5dsH_gGJ612oS23GCZbDG9-Jcw020wuh3fZaV5E5SsgfVE6kyN1dHenPxHoxWxpsS9TrFIAD7Pk3t4SD6FX2elV3AWLexpWEnMttjdNdRrnvoJ-mjfXQj0VdsQIyXAMZuf36wroCtmDyIZtDfft0dNaV-V9hmkJxVx8lxTwZVy_y1_ADx9Ar-_Ei-6gT_jrx3O9kht9cqZtnUSA4xr493VizFwCyymKTR_7OX8ziG31mCm3D2-3ObqFMGyKcp0uxL-XYmkUscyBQh9HBZOh3wB3YA7q-86o8Er50EVIrJvRUBfqopuT6WmINMqe2-L76CG-RtYdN-RXsBHQbcWBh6TY8lEyXi6vtSOgMf2TSMDRrRIvqyQ1Igrx9bQQG4wzeo4CRBOWuWnmjoVBLD-RGSyj1T8l37Wqe8oSmQo6fnRzm1sCnWinecfnqy2eZETh62zRQn-rqEzd4iuZGAmNQv2SfmhILQSTfMyFuudMTt8pnroT-nODKVEIWhZcSAtgjWa4sv_YYHQPlXCQi3Is4P1OZFdgKk5cUdJiYi9TD_-LWOsWMosydbneyjRaz8nDXia5DQS7Bdu2kQcQ6aP4sAf856kyEn4UyXAca5qJtF0zCpk0_wSWxZUtA6-2dZLjlitwqiR8xrN-91BqZ7qQstI0M3Jt3LPrPZfbauku7CFmeP5x6ATGS4h8xkaPBEw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCRwV0Rwn_ZLOzGNegi9YP2ZmKoAbJntKxXNWdkfdwwI23ARABIABg9ZXOgeAEggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpArmvXfDW_7E-qAMByAMCqgSmAk_Qp2AR8pQUQclIptlDolgLizSaTVtEjot56kucIj6rfVdLHcEteWVwn5PxHVoQ8y0ZJRHqouskacXBOETF6lcCr8itTMwqd1WgU5odgXF3NOxvUpmmThO4Yfvd1jUJHrEUU5Fvbz1aHGk9KEyw-v9M_9SG6rgHoR_vK4qtPqpq0SvogC39aT7d6E66zK8VNXey0pax3uCB8KcbaFRigKAcShz19UW3pUAmdR8pdKGVSNF-yJsV-B5s9QKBVddWoiqEJcaLI58PxQ6uElrodZuSlpUNE_LOTjebZAj6hnIVAlrr13Ew6dLQJBrYMr1LWfUKbJEDSUNmCBviU-drDg7uHaE9EQjZIjhFa1JEnHrndeNyje37emwh4Q8y58SuXsrIiZWVi4AG7qSDqa_V369ZoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0baRgu6aIY4Ta0a8WTPnHM6ys4Eg%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
b8e8e03b984d03eb6e39a9ffdb6cb101eb51bfee351add25d30813d81242fde8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 12:34:16 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/png
cache-control
public, max-age=31104000
content-length
14927
expires
Wed, 04 Sep 2024 02:02:54 GMT
img
imageproxy.eu.criteo.net/img/ Frame 2466 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?h=92&m=0&partner=102789&q=80&r=0&u=http%3A%2F%2Fstatic.fr3.eu.criteo.net%2Fdesign%2Fdt%2F102789%2F4782559%2F7a34ef86a86540a5adebf22d382f4e90_digicomp_logo_white_criteobanner_cta_horizontal.png&v=3&w=668&s=jE2gZoG1tNbQutE2yyZXUCGG
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZP8JRwAC7ZkEws-YAAnYNK_Rvdbw6A3rk4RXdA&u=%7C7986pjaTk5YjvYxH8g2UIflWwdIND8LKNA8ieL3ryIo%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdhoxLfz-cNqzFiF5C1iIi-No5dsH_gGJ612oS23GCZbDG9-Jcw020wuh3fZaV5E5SsgfVE6kyN1UvGKTou5wsTULlF2dG6nzs5PKE-5vrOg1FsaYmKRAfRJogjhObTA8e4UOkj3_fI0gVE2EdEGFBZqrhvgblifP4J_eCyCtRv4jDnGdyZp2nx-C96sDRNzNPlCJgvOYRlaxwMq3vhRX5Hae-sbXcXItMzS8oDT-KcnTdqdPeq_2ZeJB3BLtwUqwhY-4OmuEeJA-wDEhV8DjdhXCabOShbHvq5ZXug6U7yQNiFQX1Udrb3K5v-PnUo2Fd2j-6m-XTd989Ph2yUqsply4jNzveBAKV2w60p_f8n_mp8ERyzuhamERsyP6m9Ttr5Vs4QBgpRQgndaMEJbautuA_kajzBEePFDXdETDg4mvBawd_3oEo4VZi-530SzPZlfX7kKYDIwpfpLrNGyxgoF1ppOtIHNGTa5FYsyujBzGR0k1hsBI4EMS8STJi2mhef0rURPXOB8Dqkp_JYb0OuvFihMeRVYRFv4rz6QL0Oz20qosFnhmky17ugpbGEb6_gVqCKyPbnie_QYRGX9WSPh6nFmIHpisBmZawua_7Af8F7yY_Lt4NhG1540VYClTD_2b9NGQEXMqzFlhDAH76JwS_wT6OTsuMIbRxu-4wnMbfVLnezUd73KmOdFUwbd0CGHDS6GJyy6e7A5g4Je3JD&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQd9QRwn_ZJnbC5ifi9YPtLCnYMme0rFc1Z2R93DAjbcBEAEgAGD1lc6B4ASCARdjYS1wdWItNDQ4NTIzOTQyNTkyNDc4N8gBCakC9j0qZY8Csj6oAwHIAwKqBKwCT9AhyZOFqcqqvKCkPcmvCzGw_gPl6JTczkUaZlhG49_ZWQSQ4BkpgkvIOOUM5FtNjvbC3vokxA_Q-VV_mXdKVn0dPjb_WRylIOeP52aj3m9J49yBWdG_gW5xytSjKs6By-ugQQfs2R0Ule7m-uvzBWt2kD0Z-rGrmj-utlSYas7MZc3iiDdecij0dxer050PY5tGXlm8ZP59JKB14reM1XAv2cPPBQ7lsUzloPwj6hfUS863BSqIGFAkC-lrkYfoEs9qmCf6MRUyueX6kyinB9HHBP6P9tt99svwC1fjKWJrFF72I-SpzZCaGOOo3pEsRPNhAspVvPpX0P7N2etMM9mWIxvI08OhokxMJBbjs0sBA2Z_atooGBhZ6SgsduL6I3Ahau2VIpvzzP8IgAbupIOpr9Xfr1mgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2BTuq4EUzkUXY6v5LEOhLM1IJkyQ%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
b8e8e03b984d03eb6e39a9ffdb6cb101eb51bfee351add25d30813d81242fde8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 12:34:16 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/png
cache-control
public, max-age=31104000
content-length
14927
expires
Wed, 04 Sep 2024 02:02:54 GMT
frontend
s8t.teads.tv/logs/studio/ Frame 0F9A 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://s8t.teads.tv/logs/studio/frontend
Requested by
Host: s8t.teads.tv
URL: https://s8t.teads.tv/vpaid-builder/performance-single-video?1232
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.75.89.75 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-89-75.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
frontend
s8t.teads.tv/logs/studio/ Frame 0F9A 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://s8t.teads.tv/logs/studio/frontend
Requested by
Host: s8t.teads.tv
URL: https://s8t.teads.tv/vpaid-builder/performance-single-video?1232
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.75.89.75 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-89-75.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
player-sprite.svg
a.teads.tv/media/format/v3/assets/default/ Frame FDCE 		9 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.teads.tv/media/format/v3/assets/default/player-sprite.svg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xie-yan-fu-bing-shi-qi-kong-su-yi-shi-yao-tui-xiu-bi-zhuan-zhen.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.79.89.16 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-89-16.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
3ba7f40e2b4080979389e9b81e6d0ed155e9b7f74b3310bc1289ee70cba2035d

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 12:34:16 GMT
content-encoding
gzip
last-modified
Tue, 15 Feb 2022 08:41:20 GMT
x-amz-request-id
9CGM3RFEJZA4D97W
etag
"6a80cb691946e09ba579b0f8456aae28"
vary
Accept-Encoding
content-type
image/svg+xml
x-datastream-cache-status
1
cache-control
private, must-revalidate, max-age=16070400
x-bucket
d
accept-ranges
bytes
content-length
3379
x-amz-id-2
uiwrQHA64O+YejxWgfH5V2v/0BqVWRJ2XVH/K6pnz1d3Q031obZXd9KMQF1zyinvM5U62TRgmAQ=
expires
Fri, 15 Mar 2024 12:34:16 GMT
frontend
s8t.teads.tv/logs/studio/ Frame 0F9A 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://s8t.teads.tv/logs/studio/frontend
Requested by
Host: s8t.teads.tv
URL: https://s8t.teads.tv/vpaid-builder/performance-single-video?1232
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.75.89.75 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-89-75.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
track
t.teads.tv/ Frame AFFD 		23 B
134 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.teads.tv/track?action=impression&vid=dda1694e-37ca-4de0-b5a1-6d30c645324e&gid=1028799&studio_cid=7dd732d0-458b-11ee-b8ab-e36d8956f1ce&piv=76&ut=1&hb_provider=prebid&psid=415253&auctid=6cb247c3-d4af-47d8-af5b-93402999ab0f_50b45b42-c1ea-4c9e-9f86-d8579626f5b9&pscid=20204&scid=7024&pfid=72&mediaFileType=js&sid=174681&env=js-web&hb_ad_unit_code=ADP_42753_728X250_77a9c22f-ac02-45dd-96bc-b0896a8a7d5a&cts=1694435655692&cid=1101362&pid=169092&data_costs=au%23ts%2310003%23USD%23Kc31mYPT6skLDMOmK40Z95C-&data_revenues=au%23506007%23USD%23Kmo_P_zE3Qe1Abc4ykhlJGfn&fms=9&p=vs4CkehTG-RXMIz5gOeExnTjxGKJrUGeH04wmx-VlBw9rscmgPIxElVaZ9bakXFj0doEYuuFPFRVYjTFDuvmNGWABrYidPnqirUkly-YLAvI4DY-pTA3wlzLh6d0x-X_2tQLPpMNIqxY7VRuzhCyXuFTZqWvS7WYBd_hVz2BGreel9jEd7wdKl6y4FxZkWsiqYuPamx_HPQTEdi4ifGsEDkTbMmWROH9D8OZDiDdsevRJr-kKMw451YFeMeFuBivaAzTXTKRCSyug0OEqLbT6AAnEgUPpzwIa4tI6J3Pp-AjsapKqg1rhuSggtDe7p_8zFIuP06YjUpo6W66VLnVjIrG_X2NakM95MlJ_wzBpxwRXw&cs=25412238533269471305&slot=native&fv=1247&plft=apa,apnf&referer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxie-yan-fu-bing-shi-qi-kong-su-yi-shi-yao-tui-xiu-bi-zhuan-zhen.html
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xie-yan-fu-bing-shi-qi-kong-su-yi-shi-yao-tui-xiu-bi-zhuan-zhen.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.161.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-161-51.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Sat, 26 Jul 1997 05:00:00 GMT
date
Mon, 11 Sep 2023 12:34:16 GMT
cache-control
max-age=0, no-cache, no-store
content-length
23
content-type
image/gif
track
studio-t.teads.tv/ Frame AFFD 		23 B
134 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://studio-t.teads.tv/track?action=studio_impression&studio_cid=7dd732d0-458b-11ee-b8ab-e36d8956f1ce&random=92104990&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xie-yan-fu-bing-shi-qi-kong-su-yi-shi-yao-tui-xiu-bi-zhuan-zhen.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.75.89.75 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-89-75.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Sat, 26 Jul 1997 05:00:00 GMT
date
Mon, 11 Sep 2023 12:34:16 GMT
cache-control
max-age=0, no-cache, no-store
content-length
23
content-type
image/gif
track
t.teads.tv/ Frame AFFD 		23 B
134 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.teads.tv/track?action=start&vid=dda1694e-37ca-4de0-b5a1-6d30c645324e&gid=1028799&studio_cid=7dd732d0-458b-11ee-b8ab-e36d8956f1ce&piv=76&ut=1&hb_provider=prebid&psid=415253&auctid=6cb247c3-d4af-47d8-af5b-93402999ab0f_50b45b42-c1ea-4c9e-9f86-d8579626f5b9&pscid=20204&scid=7024&pfid=72&cph=0&sid=174681&env=js-web&hb_ad_unit_code=ADP_42753_728X250_77a9c22f-ac02-45dd-96bc-b0896a8a7d5a&cts=1694435655695&cid=1101362&pid=169092&erevenue=MC9vGisg4eBfYJzVTxs2Abd1&erevenue_curr=CHF&fms=9&p=ctqLlCWJ4woNDdYrifxkjR5SMLioEVUuiKuK9jVgL7ll6kX4G8nURdRX5z8KxGjCiZU1_Gb-a3XOCuYcFD59CoJBfqtPbcYlsApO86ZEnGxQd9imGzqD9FmKKXvrS_kagEJdfOd4L1QPLccdXXpyJOM1Pjchk5HhURlymwwTsAVnwqhfZCu-ePoQfmy_tiju5HU9A7Sq8Gy648UxVPWrByY66JQl6Su3uJAjatVs2YdqGGws6XYviII0uMb9xtEiG6P9FMI61BONrw0BdxdMjhMyzhqAfoi1A86y-dlFO8eUvMVQQo8wdVfCqqc_xkjxLnyXv8a4sSWjJBsT5fnT3TFsUhVKJgHWIkGPSUbMicUzIw&cs=93127728300633534405&slot=native&fv=1247&plft=apa,apnf&referer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxie-yan-fu-bing-shi-qi-kong-su-yi-shi-yao-tui-xiu-bi-zhuan-zhen.html
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xie-yan-fu-bing-shi-qi-kong-su-yi-shi-yao-tui-xiu-bi-zhuan-zhen.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.161.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-161-51.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Sat, 26 Jul 1997 05:00:00 GMT
date
Mon, 11 Sep 2023 12:34:16 GMT
cache-control
max-age=0, no-cache, no-store
content-length
23
content-type
image/gif
adview
googleads.g.doubleclick.net/pagead/ Frame ABB7 		0
19 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CV8V_Rwn_ZJnbC5ifi9YPtLCnYMme0rFc1Z2R93DAjbcBEAEgAGD1lc6B4ASCARdjYS1wdWItNDQ4NTIzOTQyNTkyNDc4N8gBCakC9j0qZY8Csj6oAwHIAwKqBKkCT9AhyZOFqcqqvKCkPcmvCzGw_gPl6JTczkUaZlhG49_ZWQSQ4BkpgkvIOOUM5FtNjvbC3vokxA_Q-VV_mXdKVn0dPjb_WRylIOeP52aj3m9J49yBWdG_gW5xytSjKs6By-ugQQfs2R0Ule7m-uvzBWt2kD0Z-rGrmj-utlSYas7MZc3iiDdecij0dxer050PY5tGXlm8ZP59JKB14reM1XAv2cPPBQ7lsUzloPwj6hfUS863BSqIGFAkC-lrkYfoEs9qmCf6MRUyueX6kyinB9HHBP6P9tt99svwC1fjKWJrFF72I-SpzZCaGOOo3pEsRPNhAspVvPpX0P7N2etMM9mWI1nK8lEhMZxxgsbEacch6sJxTdCeEjZBa5zkS0QInG4NcnVftrsagAbupIOpr9Xfr1mgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6gAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTQ0ODUyMzk0MjU5MjQ3ODcY4swZ&sigh=yBn-3BIgvNI&uach_m=[UACH]&cid=CAQSOwBpAlJWsMJ144E26hEmpTpqY5FsMxzrnTnENB2IzXguBEY0aDtdMsdEzaDUwBDu_shFo40ke_SMTRxbGAE&cbvp=2&vis=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301106&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1694428455&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxie-yan-fu-bing-shi-qi-kong-su-yi-shi-yao-tui-xiu-bi-zhuan-zhen.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694435654340&bpp=270&bdt=780&idt=734&shv=r20230906&mjsv=m202309060101&ptt=5&saldr=sd&cookie=ID%3D050c352e40c34459%3AT%3D1694435653%3ART%3D1694435653%3AS%3DALNI_MaMqZh8i9RnVEXbYAdt4sdhuIqPhg&gpic=UID%3D00000c71d2ea5162%3AT%3D1694435653%3ART%3D1694435653%3AS%3DALNI_MYT6Vh6T4H89y6jhRrUY6HZHhIwDg&correlator=1234989831690&frm=23&ife=1&pv=2&ga_vid=2034881998.1694435655&ga_sid=1694435655&ga_hid=1127634491&ga_fc=0&ga_cid=amp-ZZfTcNPgaU4XzHAosBFIYw&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2335&biw=1600&bih=1200&isw=336&ish=280&ifk=4206194273&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31076838%2C31077330%2C31077559%2C42532334%2C44792013&oid=2&pvsid=1976443460035150&tmod=441640564&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.w3234lx7lhfr&btvi=1&fsb=1&dtd=751
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301106&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1694428455&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxie-yan-fu-bing-shi-qi-kong-su-yi-shi-yao-tui-xiu-bi-zhuan-zhen.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694435654340&bpp=270&bdt=780&idt=734&shv=r20230906&mjsv=m202309060101&ptt=5&saldr=sd&cookie=ID%3D050c352e40c34459%3AT%3D1694435653%3ART%3D1694435653%3AS%3DALNI_MaMqZh8i9RnVEXbYAdt4sdhuIqPhg&gpic=UID%3D00000c71d2ea5162%3AT%3D1694435653%3ART%3D1694435653%3AS%3DALNI_MYT6Vh6T4H89y6jhRrUY6HZHhIwDg&correlator=1234989831690&frm=23&ife=1&pv=2&ga_vid=2034881998.1694435655&ga_sid=1694435655&ga_hid=1127634491&ga_fc=0&ga_cid=amp-ZZfTcNPgaU4XzHAosBFIYw&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2335&biw=1600&bih=1200&isw=336&ish=280&ifk=4206194273&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31076838%2C31077330%2C31077559%2C42532334%2C44792013&oid=2&pvsid=1976443460035150&tmod=441640564&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.w3234lx7lhfr&btvi=1&fsb=1&dtd=751
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Mon, 11 Sep 2023 12:34:16 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
notify
rtb.fr3.eu.criteo.com/google/auction/ Frame ABB7 		0
126 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.fr3.eu.criteo.com/google/auction/notify?profile=14&payload=k5uAFobWC9ACmAKdg2ICAgAAACE5AQwCW-6I5uT8ISCbaOUQRgn_ZA6RdBj-vCiWF_kAABIAAAoKQVFVQkR3RUJEdw&wp=ZP8JRwAC7ZkEws-YAAnYNK_Rvdbw6A3rk4RXdA&cbvp=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301106&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1694428455&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxie-yan-fu-bing-shi-qi-kong-su-yi-shi-yao-tui-xiu-bi-zhuan-zhen.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694435654340&bpp=270&bdt=780&idt=734&shv=r20230906&mjsv=m202309060101&ptt=5&saldr=sd&cookie=ID%3D050c352e40c34459%3AT%3D1694435653%3ART%3D1694435653%3AS%3DALNI_MaMqZh8i9RnVEXbYAdt4sdhuIqPhg&gpic=UID%3D00000c71d2ea5162%3AT%3D1694435653%3ART%3D1694435653%3AS%3DALNI_MYT6Vh6T4H89y6jhRrUY6HZHhIwDg&correlator=1234989831690&frm=23&ife=1&pv=2&ga_vid=2034881998.1694435655&ga_sid=1694435655&ga_hid=1127634491&ga_fc=0&ga_cid=amp-ZZfTcNPgaU4XzHAosBFIYw&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2335&biw=1600&bih=1200&isw=336&ish=280&ifk=4206194273&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31076838%2C31077330%2C31077559%2C42532334%2C44792013&oid=2&pvsid=1976443460035150&tmod=441640564&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.w3234lx7lhfr&btvi=1&fsb=1&dtd=751
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 12:34:16 GMT
strict-transport-security
max-age=31536000; preload;
server-processing-duration-in-ticks
196769
server
Kestrel
content-length
0
adview
googleads.g.doubleclick.net/pagead/ Frame 102A 		0
19 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CuQmrRwn_ZLOzGNegi9YP2ZmKoAbJntKxXNWdkfdwwI23ARABIABg9ZXOgeAEggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpArmvXfDW_7E-qAMByAMCqgSjAk_Qp2AR8pQUQclIptlDolgLizSaTVtEjot56kucIj6rfVdLHcEteWVwn5PxHVoQ8y0ZJRHqouskacXBOETF6lcCr8itTMwqd1WgU5odgXF3NOxvUpmmThO4Yfvd1jUJHrEUU5Fvbz1aHGk9KEyw-v9M_9SG6rgHoR_vK4qtPqpq0SvogC39aT7d6E66zK8VNXey0pax3uCB8KcbaFRigKAcShz19UW3pUAmdR8pdKGVSNF-yJsV-B5s9QKBVddWoiqEJcaLI58PxQ6uElrodZuSlpUNE_LOTjebZAj6hnIVAlrr13Ew6dLQJBrYMr1LWfUKbJEDSUNmCBviU-cpDC98nTLtLK4JBeLJS7vgkl3tw-lclW9PslGHE7Asy9w2lF7oYIAG7qSDqa_V369ZoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOoAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi00NDg1MjM5NDI1OTI0Nzg3GOLMGQ&sigh=hT4wtn0TtNk&uach_m=[UACH]&cid=CAQSOwBpAlJWaP_Llt9lUvMnCSXDCICsAz3NtB61djEw8kCRhcsPSKebX9MCcO7XuUIx5CbF3SC2-97_C3BTGAE&cbvp=2&vis=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301107&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1694428455&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxie-yan-fu-bing-shi-qi-kong-su-yi-shi-yao-tui-xiu-bi-zhuan-zhen.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694435654342&bpp=539&bdt=789&idt=931&shv=r20230906&mjsv=m202309060101&ptt=5&saldr=sd&cookie=ID%3D050c352e40c34459%3AT%3D1694435653%3ART%3D1694435653%3AS%3DALNI_MaMqZh8i9RnVEXbYAdt4sdhuIqPhg&gpic=UID%3D00000c71d2ea5162%3AT%3D1694435653%3ART%3D1694435653%3AS%3DALNI_MYT6Vh6T4H89y6jhRrUY6HZHhIwDg&correlator=1234989831690&frm=23&ife=1&pv=1&ga_vid=2033806290.1694435655&ga_sid=1694435655&ga_hid=47684765&ga_fc=0&ga_cid=amp-ZZfTcNPgaU4XzHAosBFIYw&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=2780182601&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C44798934&oid=2&pvsid=562622493605378&tmod=187379184&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.tw4huzh369ut&fsb=1&dtd=948
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301107&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1694428455&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxie-yan-fu-bing-shi-qi-kong-su-yi-shi-yao-tui-xiu-bi-zhuan-zhen.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694435654342&bpp=539&bdt=789&idt=931&shv=r20230906&mjsv=m202309060101&ptt=5&saldr=sd&cookie=ID%3D050c352e40c34459%3AT%3D1694435653%3ART%3D1694435653%3AS%3DALNI_MaMqZh8i9RnVEXbYAdt4sdhuIqPhg&gpic=UID%3D00000c71d2ea5162%3AT%3D1694435653%3ART%3D1694435653%3AS%3DALNI_MYT6Vh6T4H89y6jhRrUY6HZHhIwDg&correlator=1234989831690&frm=23&ife=1&pv=1&ga_vid=2033806290.1694435655&ga_sid=1694435655&ga_hid=47684765&ga_fc=0&ga_cid=amp-ZZfTcNPgaU4XzHAosBFIYw&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=2780182601&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C44798934&oid=2&pvsid=562622493605378&tmod=187379184&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.tw4huzh369ut&fsb=1&dtd=948
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Mon, 11 Sep 2023 12:34:16 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
notify
rtb.nl3.eu.criteo.com/google/auction/ Frame 102A 		0
126 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.nl3.eu.criteo.com/google/auction/notify?profile=14&payload=k5uAFobWC9ACmAKdg2ICAgAAACE5AQwCW-6I5uT8ISCbaOUQRwn_ZDyCelS54GGSnIsAABIAAAoKQVFVREFRRUJBUQ&wp=ZP8JRwAGGbMEwtBXAAKM2XQFzJ89oRjm8wW57A&cbvp=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301107&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1694428455&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxie-yan-fu-bing-shi-qi-kong-su-yi-shi-yao-tui-xiu-bi-zhuan-zhen.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694435654342&bpp=539&bdt=789&idt=931&shv=r20230906&mjsv=m202309060101&ptt=5&saldr=sd&cookie=ID%3D050c352e40c34459%3AT%3D1694435653%3ART%3D1694435653%3AS%3DALNI_MaMqZh8i9RnVEXbYAdt4sdhuIqPhg&gpic=UID%3D00000c71d2ea5162%3AT%3D1694435653%3ART%3D1694435653%3AS%3DALNI_MYT6Vh6T4H89y6jhRrUY6HZHhIwDg&correlator=1234989831690&frm=23&ife=1&pv=1&ga_vid=2033806290.1694435655&ga_sid=1694435655&ga_hid=47684765&ga_fc=0&ga_cid=amp-ZZfTcNPgaU4XzHAosBFIYw&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=2780182601&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C44798934&oid=2&pvsid=562622493605378&tmod=187379184&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.tw4huzh369ut&fsb=1&dtd=948
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 12:34:15 GMT
strict-transport-security
max-age=31536000; preload;
server-processing-duration-in-ticks
156774
server
Kestrel
content-length
0
publishertag.prebid.135.js
static.criteo.net/js/ld/ 		89 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.135.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
20678c305b50c0988193d64cb34f41e2dcb6f2fa48353106436ea301e07ce70a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 12:34:16 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 24 Feb 2023 07:57:32 GMT
server
nginx
etag
W/"63f86dec-16386"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 12 Sep 2023 12:34:16 GMT
csi
csi.gstatic.com/ Frame C557 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~lmev8nxj&c=1234989831690&slotId=617494915845&eee=missing-element&bi=missing-id&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.588.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4002:816::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 11 Sep 2023 12:34:17 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ 		427 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b7d818c698d26d9d34c00c94853c93b34abb2fd53e97c415fafb9e84df993f31

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		415 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9c51b3bb0c5188de2571ed94d9432b85693241de3e05e5e82247dd8a45d4d03f

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		414 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8d5d4d2769bdb28802f4309747ef6a358007eeb37daadc66a78ba0ca81cd4bce

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
publishertag.prebid.js
static.criteo.net/js/ld/ 		95 KB
31 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.135.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
82a82b0d01609a866a65587cb8bea49710d570151f8a8e53232124dccf8a4676
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 12:34:16 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 07 Sep 2023 09:22:37 GMT
server
nginx
etag
W/"64f9965d-17d52"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 12 Sep 2023 12:34:16 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame AFFD 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvk7BR2Ogqwnle5dFWXUXoN0IchXlV5iHayMq7uelRhr736Hz-w5KEHldPlkdTVmR8iHpw3Bry4IUHCBp8PXapdQG_7D8D1Fb6UrX9nNQLk5ck2IfA6IPBXIE2dW-2A&sig=Cg0ArKJSzAhElEU0xN_TEAE&id=lidar2&mcvt=1019&p=60,450,310,750&mtos=1019,1019,1019,1019,1019&tos=1019,0,0,0,0&v=20230906&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=3805778231&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1694435655347&rpt=498&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 11 Sep 2023 12:34:16 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame B287 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230906&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309060101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
40bfdc6effb9da68cff1dbfcc170bc9f062ae14d82d4dccd38ac0005fe7b40da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 12:34:16 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11744
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame 9312 		15 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230906&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309060101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a8fcae3fa47ff8a814a8a89d6fcd7851fbf9d817ed2c15279dd9bd515f7d711c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 12:34:16 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11769
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ 		15 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202308240102&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240102/pubads_impl.js?cb=31077596
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
54c950f15d3e51696296030af08a6a11dd0844ef0d6a4fcfac3e9372506b4581
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 12:34:16 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11818
x-xss-protection
0
collect
region1.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?__read_this=https%3A%2F%2Fbit.ly%2Fofficial-ga4&v=2&tid=G-JLX4K2W8JS&ds=AMP&_p=7446&cid=amp-ZZfTcNPgaU4XzHAosBFIYw&ul=en-us&sr=1600x1200&_s=3&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxie-yan-fu-bing-shi-qi-kong-su-yi-shi-yao-tui-xiu-bi-zhuan-zhen.html&dr=&dt=%E8%A1%80%E7%99%8C%E5%A4%AB%E7%97%85%E9%80%9D%E3%80%80%E5%A6%BB%E6%8E%A7%E8%A8%B4%E9%86%AB%E5%B8%AB%E8%A6%81%E9%80%80%E4%BC%91%E9%80%BC%E8%BD%89%E8%A8%BA%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&_fv=1&_ss=1&__dbg=1&__nuid=&en=performance_timing&sid=1694435654&sct=1&seg=1&_et=0&gcs=&uaa=&uab=&uafvl=%5B%5D&uamb=0&uam=&uap=&uapv=&uaw=0&ep.amp_hostname=www.bg3.co&epn.page_load_time=5753&epn.domain_lookup_time=8&epn.tcp_connect_time=742&epn.redirect_time=0&epn.server_response_time=700&epn.page_download_time=1&epn.content_download_time=1483&epn.dom_interactive_time=1483
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012308242321000/v0/amp-analytics-0.1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 11 Sep 2023 12:34:16 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
119 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=a1&ds=AMP&aip&_s=2&dt=%E8%A1%80%E7%99%8C%E5%A4%AB%E7%97%85%E9%80%9D%E3%80%80%E5%A6%BB%E6%8E%A7%E8%A8%B4%E9%86%AB%E5%B8%AB%E8%A6%81%E9%80%80%E4%BC%91%E9%80%BC%E8%BD%89%E8%A8%BA%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&sr=1600x1200&cid=amp-ZZfTcNPgaU4XzHAosBFIYw&tid=UA-172083736-2&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxie-yan-fu-bing-shi-qi-kong-su-yi-shi-yao-tui-xiu-bi-zhuan-zhen.html&dr=&sd=24&ul=en-us&de=UTF-8&jid=&plt=5753&dns=8&tcp=742&rrt=0&srt=700&pdt=1&clt=1483&dit=1483&a=7446&z=0.518341261598023&gtm=45De1110&t=timing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Sep 2023 17:39:17 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
68099
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
syncframe
gum.criteo.com/ Frame 5243 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.bg3.co
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.135.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 11 Sep 2023 12:34:16 GMT
server
Kestrel
server-processing-duration-in-ticks
1425619
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sid
mug.criteo.com/ Frame 5243
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=bg3.co&sn=ChromeSyncframe&so=0&topUrl=www.bg3.co&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=u7FaLXxBNXFiVnU2Sk5SU1l5cmhtVFRzbzVwQnVZUVk4enp5bm4wdnZtVGlYL2RobEdUOTRJYmI2UVlTVW9ZaXY1L3M5U2ZtTWlzSUN4cmNrRC9GUGFhcHZjdE16bUxkRUJBdjM1OWZWcG1jQ0Y4RlhsMkNGdFZ2MCtlcE...
433 B
655 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=u7FaLXxBNXFiVnU2Sk5SU1l5cmhtVFRzbzVwQnVZUVk4enp5bm4wdnZtVGlYL2RobEdUOTRJYmI2UVlTVW9ZaXY1L3M5U2ZtTWlzSUN4cmNrRC9GUGFhcHZjdE16bUxkRUJBdjM1OWZWcG1jQ0Y4RlhsMkNGdFZ2MCtlcEJ2Y3RhaExDcTlFQVhUR25mNzAvekpBWEJaUHFlaHQ1d0JTNDJ5MVI4SmxFUFd5cUE2clN4a20wVkE0d2phZ1grU0FHZlhFaVJZWDBIMjAvc2hGYlpuMUt2L3JVYkZneXlUb0ZmNUQzcUYvQ3NLWTVpN0l1aUs5d2dEcnducUpUcng1WEtMWm1qUXhSYXhtWnZiQ2JsRVlnNzVYejdrUT09fA&cppv=2
Protocol
H2
Server
178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
43f2ab6b587b79f7aa648b0200f42a65481c0db2f4ce6cdab291a9d29bb06f1d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 11 Sep 2023 12:34:16 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
888055
expires
0

Redirect headers

pragma
no-cache
date
Mon, 11 Sep 2023 12:34:16 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=u7FaLXxBNXFiVnU2Sk5SU1l5cmhtVFRzbzVwQnVZUVk4enp5bm4wdnZtVGlYL2RobEdUOTRJYmI2UVlTVW9ZaXY1L3M5U2ZtTWlzSUN4cmNrRC9GUGFhcHZjdE16bUxkRUJBdjM1OWZWcG1jQ0Y4RlhsMkNGdFZ2MCtlcEJ2Y3RhaExDcTlFQVhUR25mNzAvekpBWEJaUHFlaHQ1d0JTNDJ5MVI4SmxFUFd5cUE2clN4a20wVkE0d2phZ1grU0FHZlhFaVJZWDBIMjAvc2hGYlpuMUt2L3JVYkZneXlUb0ZmNUQzcUYvQ3NLWTVpN0l1aUs5d2dEcnducUpUcng1WEtMWm1qUXhSYXhtWnZiQ2JsRVlnNzVYejdrUT09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
293279
content-length
0
expires
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame B287 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309060101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 12:34:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 11 Sep 2023 12:34:17 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 9312 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309060101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 12:34:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 11 Sep 2023 12:34:17 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240102/pubads_impl.js?cb=31077596
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 12:34:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 11 Sep 2023 12:34:17 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 73C1 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstHvJsKYIpwD9tXYksxvkUXPgVhn_8cD6PwwQagz0_0tMQLLC9iBsLXldQFZlXg_uGPoBs2CpYLGho_8LRSoarcSGp3V5S3fySPtiVKyPbkPjMI5EDNstyAce074kbBmxdEhprhAKWqgA&sai=AMfl-YSL5hGTgXpnK7je_aB33UMAvOdWTF31RoL08msJ5srE0j2g54jytEMFzr7OB1o6o8Qu3hUHBJ8SOD6gtGDpCix7YNsCCog0ViBja2G8vhTT5kyqwGJxkPmfzuY&sig=Cg0ArKJSzJ2V-FfjHSRHEAE&cid=CAQSOwBpAlJW3aVz6k-DOUADUxcKtWGHLUfdSPKG5RSdDuzhXoYp8blOuuPcyMYuzjzmqVY9jcnZ9yU9rcE7GAE&id=lidar2&mcvt=1008&p=1110,436,1200,1164&mtos=1008,1008,1008,1008,1008&tos=1008,0,0,0,0&v=20230906&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=2&adk=3374688892&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1694435655548&rpt=449&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://19be587d143de049fa82e13b2a9ca414.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 11 Sep 2023 12:34:17 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 4494 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
5188
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 11 Sep 2023 11:07:49 GMT
expires
Tue, 10 Sep 2024 11:07:49 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 9A63 		829 B
558 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
ec3fe5ace4b7515865cc68ebeca4e93f9580d474e5705eff6df0ca6fc276e8e6
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-O9NNTv3qh-2t-SRm7OrEYw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
536
content-security-policy
script-src 'report-sample' 'nonce-O9NNTv3qh-2t-SRm7OrEYw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 11 Sep 2023 12:34:17 GMT
expires
Mon, 11 Sep 2023 12:34:17 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 8059 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
5188
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 11 Sep 2023 11:07:49 GMT
expires
Tue, 10 Sep 2024 11:07:49 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 67DC 		829 B
561 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
4d444190a7eae64f0b6865038484cf9ef00cd588b8cc83b0c9c40709254ae8e4
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Q4LZgija7PF0PNZaKxNAOQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
539
content-security-policy
script-src 'report-sample' 'nonce-Q4LZgija7PF0PNZaKxNAOQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 11 Sep 2023 12:34:17 GMT
expires
Mon, 11 Sep 2023 12:34:17 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 2532 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
5188
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 11 Sep 2023 11:07:49 GMT
expires
Tue, 10 Sep 2024 11:07:49 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 10D7 		829 B
559 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
09d2dfbc937e5c41c620074fc038508bca477d4b8874de9552c7503bfd8cec5e
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-0ZnW-RrU3ZvCxlhyS-2ZpA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
537
content-security-policy
script-src 'report-sample' 'nonce-0ZnW-RrU3ZvCxlhyS-2ZpA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 11 Sep 2023 12:34:17 GMT
expires
Mon, 11 Sep 2023 12:34:17 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
sodar
pagead2.googlesyndication.com/pagead/ Frame 9A63 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230906&jk=562622493605378&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
GMNNf8dPzMFRWE2GFsJAeeYNxVBqAV2Fx36SZG50-nU.js
pagead2.googlesyndication.com/bg/ Frame 4494 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/GMNNf8dPzMFRWE2GFsJAeeYNxVBqAV2Fx36SZG50-nU.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
18c34d7fc74fccc151584d8616c24079e60dc5506a015d85c77e92646e74fa75
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 09:34:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
10791
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14501
x-xss-protection
0
last-modified
Mon, 04 Sep 2023 13:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 10 Sep 2024 09:34:26 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 10D7 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202308240102&jk=2213891146708900&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame 67DC 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230906&jk=1976443460035150&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
GMNNf8dPzMFRWE2GFsJAeeYNxVBqAV2Fx36SZG50-nU.js
pagead2.googlesyndication.com/bg/ Frame 8059 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/GMNNf8dPzMFRWE2GFsJAeeYNxVBqAV2Fx36SZG50-nU.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
18c34d7fc74fccc151584d8616c24079e60dc5506a015d85c77e92646e74fa75
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 09:34:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
10791
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14501
x-xss-protection
0
last-modified
Mon, 04 Sep 2023 13:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 10 Sep 2024 09:34:26 GMT
GMNNf8dPzMFRWE2GFsJAeeYNxVBqAV2Fx36SZG50-nU.js
pagead2.googlesyndication.com/bg/ Frame 2532 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/GMNNf8dPzMFRWE2GFsJAeeYNxVBqAV2Fx36SZG50-nU.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
18c34d7fc74fccc151584d8616c24079e60dc5506a015d85c77e92646e74fa75
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 09:34:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
10791
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14501
x-xss-protection
0
last-modified
Mon, 04 Sep 2023 13:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 10 Sep 2024 09:34:26 GMT
480_650.mp4
cdn.vidverto.io/secured2/BBXffsIs60OI88dHK70Oug:1694439253/1327/video/1811/ 		3 MB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.vidverto.io/secured2/BBXffsIs60OI88dHK70Oug:1694439253/1327/video/1811/480_650.mp4
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
190.2.150.144 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
190-2-150-144.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash

Request headers

Referer
https://www.bg3.co/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=327680-

Response headers

Date
Mon, 11 Sep 2023 12:34:17 GMT
Last-Modified
Thu, 02 Sep 2021 16:34:58 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"6130fd32-101dff4"
Content-Type
video/mp4
Access-Control-Allow-Origin
*
Content-Range
bytes 327680-16900083/16900084
Connection
keep-alive
Content-Length
16572404
generate_204
tpc.googlesyndication.com/ Frame 4494 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?VtKgZg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 12:34:17 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
generate_204
tpc.googlesyndication.com/ Frame 8059 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?mUybPA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 12:34:17 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
generate_204
tpc.googlesyndication.com/ Frame 2532 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?5S_X5w
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 12:34:17 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
csi
csi.gstatic.com/ Frame C557 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~lmev8oef&c=1234989831690&slotId=617494915845&ghmsh_eids=44752052%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44794530%2C44797559%2C44797735
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.588.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4002:816::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 11 Sep 2023 12:34:17 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
onetag-sys.com/usync/ 		0
52 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/usync/?tag=img
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-cache, no-transform
activeview
pagead2.googlesyndication.com/pcs/ Frame 102A 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvmzmS93IXAJRw3qrRRgq9OL6op6ifmrxYdTIO2lqMEYXH4-1-P8r3trFXLsI8fP7HhTdhTsMq67GmRreonpVUsr5OZ0ktj0yhfD8g&sig=Cg0ArKJSzBvgWsjEJ2LvEAE&id=lidar2&mcvt=1003&p=0,0,280,336&mtos=1003,1003,1003,1003,1003&tos=1003,0,0,0,0&v=20230906&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1587687671&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1694435655292&rpt=1210&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 11 Sep 2023 12:34:17 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
all
csm.eu.criteo.net/ Frame C39C 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=xecHPRF1f3OdGv3qez0nm4USt6ChkJjJlYFzAHUnYoBjy_MhTMGSc2qUtNWrVkhc_rG7O01Z5wVSQmLR_Xx7mh64xjG9RWbtvXhkpqe5zBF69NmqnxgkW89Nob-LP4Dx56MXCKU1Bz8JzONW5MTIMnPZqIsimc69FA5LN_8OIJCwJ9-kC_TJ6oQDmqg5PEkowiSNYs99RDKDKFyvTc26L0EHpSKLa9qjeOmZq1R8AKUTEUxevwsE6D3XkTNqjHMCuzL7Iw&sds=2&rev=88356&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZP8JRwAGGbMEwtBXAAKM2XQFzJ89oRjm8wW57A&u=%7C7986pjaTk5bKDdYvow31XtW5mXBQNx1y0xT0l5y4rlQ%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdhoxLfz-cNqzFiF5C1iIi-No5dsH_gGJ612oS23GCZbDG9-Jcw020wuh3fZaV5E5SsgfVE6kyN1dHenPxHoxWxpsS9TrFIAD7Pk3t4SD6FX2elV3AWLexpWEnMttjdNdRrnvoJ-mjfXQj0VdsQIyXAMZuf36wroCtmDyIZtDfft0dNaV-V9hmkJxVx8lxTwZVy_y1_ADx9Ar-_Ei-6gT_jrx3O9kht9cqZtnUSA4xr493VizFwCyymKTR_7OX8ziG31mCm3D2-3ObqFMGyKcp0uxL-XYmkUscyBQh9HBZOh3wB3YA7q-86o8Er50EVIrJvRUBfqopuT6WmINMqe2-L76CG-RtYdN-RXsBHQbcWBh6TY8lEyXi6vtSOgMf2TSMDRrRIvqyQ1Igrx9bQQG4wzeo4CRBOWuWnmjoVBLD-RGSyj1T8l37Wqe8oSmQo6fnRzm1sCnWinecfnqy2eZETh62zRQn-rqEzd4iuZGAmNQv2SfmhILQSTfMyFuudMTt8pnroT-nODKVEIWhZcSAtgjWa4sv_YYHQPlXCQi3Is4P1OZFdgKk5cUdJiYi9TD_-LWOsWMosydbneyjRaz8nDXia5DQS7Bdu2kQcQ6aP4sAf856kyEn4UyXAca5qJtF0zCpk0_wSWxZUtA6-2dZLjlitwqiR8xrN-91BqZ7qQstI0M3Jt3LPrPZfbauku7CFmeP5x6ATGS4h8xkaPBEw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCRwV0Rwn_ZLOzGNegi9YP2ZmKoAbJntKxXNWdkfdwwI23ARABIABg9ZXOgeAEggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpArmvXfDW_7E-qAMByAMCqgSmAk_Qp2AR8pQUQclIptlDolgLizSaTVtEjot56kucIj6rfVdLHcEteWVwn5PxHVoQ8y0ZJRHqouskacXBOETF6lcCr8itTMwqd1WgU5odgXF3NOxvUpmmThO4Yfvd1jUJHrEUU5Fvbz1aHGk9KEyw-v9M_9SG6rgHoR_vK4qtPqpq0SvogC39aT7d6E66zK8VNXey0pax3uCB8KcbaFRigKAcShz19UW3pUAmdR8pdKGVSNF-yJsV-B5s9QKBVddWoiqEJcaLI58PxQ6uElrodZuSlpUNE_LOTjebZAj6hnIVAlrr13Ew6dLQJBrYMr1LWfUKbJEDSUNmCBviU-drDg7uHaE9EQjZIjhFa1JEnHrndeNyje37emwh4Q8y58SuXsrIiZWVi4AG7qSDqa_V369ZoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0baRgu6aIY4Ta0a8WTPnHM6ys4Eg%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Mon, 11 Sep 2023 12:34:16 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.bg3.co%2F&domain=www.bg3.co&cw=1&pbt=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.bg3.co
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Mon, 11 Sep 2023 12:34:16 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
209402
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
json
gum.criteo.com/sid/ 		2 B
368 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.bg3.co%2F&domain=www.bg3.co&cw=1&pbt=1&lsw=1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Mon, 11 Sep 2023 12:34:17 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
267412
expires
0
rid
match.adsrvr.org/track/ 		63 B
386 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
1e26bd82ae07435b9a20a604002ef675fb4e734df41b8381ae833368ba32be0b

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 11 Sep 2023 12:34:17 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
63
expires
Wed, 11 Oct 2023 12:34:17 GMT
sync
eb2.3lift.com/ Frame 2021 		37 B
140 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
date
Mon, 11 Sep 2023 12:34:17 GMT
pd
adpushup-d.openx.net/w/1.0/ Frame D0C8
Redirect Chain
  • https://adpushup-d.openx.net/w/1.0/pd
  • https://adpushup-d.openx.net/w/1.0/pd?cc=1
653 B
748 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adpushup-d.openx.net/w/1.0/pd?cc=1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
f7ff7c158ee343aea556ad458d5eccde7258f83904e6f6213fdb8f822d132061

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
414
content-type
text/html
date
Mon, 11 Sep 2023 12:34:17 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Mon, 11 Sep 2023 12:34:17 GMT
location
https://adpushup-d.openx.net/w/1.0/pd?cc=1
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
via
1.1 google
ixmatch.html
js-sec.indexww.com/um/ Frame 7D7C 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.38.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
1034
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
804ff1aca9bf2397-ZRH
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 11 Sep 2023 12:34:17 GMT
expires
Mon, 11 Sep 2023 16:34:17 GMT
last-modified
Mon, 25 Jul 2022 19:18:19 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
/
csync.smilewanted.com/ Frame 1015 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
25d8490844168352ee5529025f56d57c43100ecac86f486be3e3e5a7173a38e0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
804ff1ac7e7e9966-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 11 Sep 2023 12:34:17 GMT
server
cloudflare
vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame C4BD 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
21523
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Mon, 11 Sep 2023 12:34:17 GMT
ETag
W/"623de86a-cf34"
Expires
Sat, 12 Aug 2023 06:34:33 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
3448, 166958
X-Served-By
cache-lga13626-LGA, cache-fra-eddf8230029-FRA
X-Timer
S1694435658.733443,VS0,VE0
/
onetag-sys.com/usync/ Frame 8912 		2 KB
814 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1694435653886
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
usync.html
eus.rubiconproject.com/ Frame 8EA8 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 11 Sep 2023 12:34:17 GMT
ETag
"40010-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
checksync.php
contextual.media.net/ Frame B399 		24 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C2045%2C3012%2C2043%2C2040%2C244%2C2039%2C3007%2C246%2C4%2C203%2C446%2C9%2C2055%2C2099%2C173%2C294%2C251%2C175%2C450%2C132%2C374%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C459%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C461%2C222%2C345%2C468%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.20.22 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-22.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
1d7082e9253fc7753f8e457947872bbbae81919127a54d020a1427fd20cf5127
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
8472
content-type
text/html; charset=UTF-8
date
Mon, 11 Sep 2023 12:34:17 GMT
expires
Wed, 13 Sep 2023 12:34:17 GMT
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
isyn
prebid.a-mo.net/ Frame C28C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=&gpp=&gpp_sid=
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.84.158 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
max-age=0, private, must-revalidate
date
Mon, 11 Sep 2023 12:34:17 GMT
server
envoy
vary
Accept-Encoding
x-envoy-upstream-service-time
0
sync.html
public.servenobid.com/ Frame 0865 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://public.servenobid.com/sync.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-50.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ad23a556ada04655067ae0040759f5ad6ee3fbd127a947082795327b2bb7337f

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
230
cache-control
max-age=86400
content-encoding
br
content-type
text/html
date
Mon, 11 Sep 2023 12:30:28 GMT
etag
W/"cba3476b12cba88403393b498cdbcb0a"
last-modified
Wed, 02 Aug 2023 17:35:11 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 5492e1c9a06f2320204e7fcc383cff5c.cloudfront.net (CloudFront)
x-amz-cf-id
9b8EqyINL_1zZAzUCQpe24pwDpSC1chidCT9tE-tL3mrlJBNvkbAZw==
x-amz-cf-pop
FRA60-P3
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:us-east-1:559734745816:build/adserver-public-prod:31ab35ea-5a5c-48f0-b2fb-f30c51be3ea7
x-amz-meta-codebuild-content-md5
72eb3bf796cfb76b935cf7988fe9dbf6
x-amz-meta-codebuild-content-sha256
54752e6f134e9a3b5264f5fce48201b016c1d763a4f3777fb3c64f249a8a0f94
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
decode_consent.js
static.smilewanted.com/js/decode_consent/ Frame 1015 		48 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.smilewanted.com/js/decode_consent/decode_consent.js
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://csync.smilewanted.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 12:34:17 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
age
862843
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Thu, 15 Apr 2021 17:11:55 GMT
server
cloudflare
etag
W/"607873db-c1ce"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
cf-ray
804ff1acdedb9966-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
usync.js
eus.rubiconproject.com/ Frame 8EA8 		35 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
3533595de3c25abc6157218bbb4a802130742ed36b1dd8daf9c183dc0fc7230a

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 11 Sep 2023 12:34:17 GMT
Content-Encoding
gzip
Last-Modified
Mon, 11 Sep 2023 06:57:46 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=66219
Connection
keep-alive
Content-Length
10211
Expires
Tue, 12 Sep 2023 06:57:56 GMT
usermatch
ssum-sec.casalemedia.com/ Frame DA36
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
2 KB
851 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.148.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba740aefe7f14be0d4f56e62d1d0492e4696f499e5972cf73cf527c614be19e5

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
804ff1ad3c6e01e3-ZRH
content-encoding
br
content-type
text/html
date
Mon, 11 Sep 2023 12:34:17 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BXu99v2CX6b%2FVx6MNGRJtt1sygpWgZZOU8LewQhp9TjOq557udWE%2BE%2FEW2KeKtQdl1mUn9gCiCD0YIiAni5%2FyKiA7t%2BQQtmb%2BUjv9cHtVF6BJwHaj7Kjvge7mbtIjBHDwfFWcSvHnq0iUQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
804ff1acec1301e3-ZRH
content-length
0
date
Mon, 11 Sep 2023 12:34:17 GMT
expires
0
location
/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vqu6dVdxEHNQ01VviTZ8DUHE74Dti7YVEbNdPTmtCm3jnJdP%2FZNsUdoVq%2FvJXcD5GhTdnZphx9Mf9kIkJ6N1O1WfyMWrleo%2BZIVOJzqIDlRNElaiMhPe7sm1jiClKf2yVMAox5xFE70CvA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
13926
g2.gumgum.com/usync/ Frame 0652 		4 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.46.237 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-46-237.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
79f3eeb6f6e1770a10ac0cd9211978de22baf9b81f743ac6d8a3c593048e198f

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Mon, 11 Sep 2023 12:34:17 GMT
etag
W/"01019b6f786e27381598167f2cf2a2cfa"
server
nginx
timing-allow-origin
*
/
onetag-sys.com/usync/ Frame CB7D 		2 KB
814 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
sync
ssbsync.smartadserver.com/api/ Frame BF07 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.150 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
efe5618fb3fa15baa94fd206744bba32f133f32ee5a81a1b67e2da6657311006

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

content-length
1089
content-type
text/html
date
Mon, 11 Sep 2023 12:34:17 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 030C 		2 KB
871 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.148.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b5d46243a88cb80538a5566565e1370a3a0375aa1abdf39b3076089e534fbc3

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
804ff1ad3c8901e3-ZRH
content-encoding
br
content-type
text/html
date
Mon, 11 Sep 2023 12:34:17 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MsK%2Fx2UVfOLik7f%2BX84vDpClJ73eOz%2F4f0HnFobm5zgRI%2F4EUf1cuwciaU%2BeXoe57ffnTk3Z10tWtlI4%2Bs5pkK5ZHoqAJ9yUjzKsiKnXkN97WmzgIEYQVUPvcj8nOkO68h7AAYBfxHcMUw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 333F
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 11 Sep 2023 12:34:17 GMT
ETag
"40010-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Mon, 11 Sep 2023 12:34:17 GMT
location
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
server
AkamaiGHost
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame EAFE 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=24309
content-encoding
gzip
content-length
5606
content-type
text/html
date
Mon, 11 Sep 2023 12:34:17 GMT
expires
Mon, 11 Sep 2023 19:19:26 GMT
last-modified
Fri, 01 Sep 2023 11:18:33 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
sync-iframe
cs-rtb.minutemedia-prebid.com/ Frame 47E9 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:8400:1f:4c18:bd40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
25f9b84e74b6062dc2d1727a67efdd77013de311bcd0e5935ffb2560f10c03d5

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://public.servenobid.com/
content-encoding
gzip
content-type
text/html
date
Mon, 11 Sep 2023 12:34:17 GMT
server
istio-envoy
vary
Accept-Encoding
via
1.1 63505de36d604e79a77328b302a7d4a2.cloudfront.net (CloudFront)
x-amz-cf-id
z-j0l6frn54vGl04RVF69-4manqNE0WIZ8ubZxhHfVOo7w7pQg6Tjg==
x-amz-cf-pop
FRA56-P5
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
2
user-sync
sync.adkernel.com/ Frame 2689 		0
160 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adkernel.com/user-sync?zone=181225&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D152%26uid%3D%7BUID%7D&gdpr=0&gdpr_consent=&us_privacy=1YN-&
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.245.57.72 , United States, ASN36057 (WEBAIR-INTERNET-MTL, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Age
0
Cache-Control
no-store
Connection
close
Content-Length
0
Date
Mon, 11 Sep 2023 12:34:17 GMT
Pragma
no-cache
Server
nginx
sync-iframe
cs-server-s2s.yellowblue.io/ Frame 5B61 		557 B
1011 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
3.234.116.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-234-116-116.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
73256f4753d292da95856a2f391421b032b91ed9abe7f0964ada7a098ac16792

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://public.servenobid.com/
content-length
557
content-type
text/html
date
Mon, 11 Sep 2023 12:34:18 GMT
server
istio-envoy
x-envoy-upstream-service-time
1
sync
ads.servenobid.com/ Frame 0865
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID
  • https://ads.servenobid.com/sync?pid=312&uid=5233787502523251788
0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=312&uid=5233787502523251788
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.51.73.145 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-51-73-145.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 12:34:17 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

pragma
no-cache
date
Mon, 11 Sep 2023 12:34:17 GMT
an-x-request-uuid
0919919a-a174-47db-a69f-334c15ab144e
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://ads.servenobid.com/sync?pid=312&uid=5233787502523251788
x-proxy-origin
45.12.222.172; 45.12.222.172; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
ads.servenobid.com/ Frame 0865
Redirect Chain
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D
  • https://ads.servenobid.com/sync?pid=310&uid=HTaSDGZHE4wnbW0ERWeKz3eo
0
350 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=310&uid=HTaSDGZHE4wnbW0ERWeKz3eo
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.51.73.145 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-51-73-145.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 12:34:17 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Pragma
no-cache
Date
Mon, 11 Sep 2023 12:34:17 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Location
https://ads.servenobid.com/sync?pid=310&uid=HTaSDGZHE4wnbW0ERWeKz3eo
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap3ams1
Content-Length
0
Expires
Fri, 20 Mar 2009 00:00:00 GMT
pixel
ap.lijit.com/ Frame 0865 		0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
209.191.163.209 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 11 Sep 2023 12:34:17 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap3sfo1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
RX-ec50676d-f298-4393-981b-4891db2fa7c3-003
csync.smilewanted.com/set_partner_userid_get/unruly/ Frame 0865
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&zcc=1&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D&cb=1694435657890
  • https://ad.turn.com/r/cs?pid=45&rndcb=5741112020
  • https://sync.1rx.io/usersync/turn/9001601252464162412?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-ec50676d-f298-4393-981b-4891db2fa7c3-003?redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Funruly%2FRX-ec50676d-f298-4393-981b-489...
  • https://csync.smilewanted.com/set_partner_userid_get/unruly/RX-ec50676d-f298-4393-981b-4891db2fa7c3-003
0
81 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://csync.smilewanted.com/set_partner_userid_get/unruly/RX-ec50676d-f298-4393-981b-4891db2fa7c3-003
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 12:34:18 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-credentials
true
cf-ray
804ff1b04b019966-FRA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

Redirect headers

location
https://csync.smilewanted.com/set_partner_userid_get/unruly/RX-ec50676d-f298-4393-981b-4891db2fa7c3-003
date
Mon, 11 Sep 2023 12:34:18 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RXec50676df2984393981b4891db2fa7c3003
content-type
text/html
sync
ads.servenobid.com/ Frame 0865
Redirect Chain
  • https://p.rfihub.com/cm?pub=44007&in=1
  • https://ads.servenobid.com/sync?pid=324&uid=5144588526324084040
0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=324&uid=5144588526324084040
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.51.73.145 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-51-73-145.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 12:34:18 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Location
https://ads.servenobid.com/sync?pid=324&uid=5144588526324084040
Date
Mon, 11 Sep 2023 12:34:17 GMT
Server
Jetty(9.4.51.v20230217)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
sync
ads.servenobid.com/ Frame 0865
Redirect Chain
  • https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D332%26uid%3D
  • https://ads.servenobid.com/sync?pid=332&uid=cca87155-71f9-4bc6-8f6f-05bf8e7a8467
0
357 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=332&uid=cca87155-71f9-4bc6-8f6f-05bf8e7a8467
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.51.73.145 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-51-73-145.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 12:34:18 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

pragma
no-cache
date
Mon, 11 Sep 2023 12:34:18 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-32
content-type
text/plain; charset=utf8
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://ads.servenobid.com/sync?pid=332&uid=cca87155-71f9-4bc6-8f6f-05bf8e7a8467
cache-control
no-cache, no-store, private
tcn
Choice
content-length
0
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
sync
ads.servenobid.com/ Frame 0865
Redirect Chain
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D
  • https://ads.servenobid.com/sync?pid=327&uid=&us_privacy=1YN-&gdpr=0
0
252 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=327&uid=&us_privacy=1YN-&gdpr=0
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.51.73.145 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-51-73-145.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 12:34:17 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=327&uid=&us_privacy=1YN-&gdpr=0
date
Mon, 11 Sep 2023 12:34:16 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
0
server
envoy
content-length
0
sync
ads.servenobid.com/ Frame 0865
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58559/occ
  • https://ads.servenobid.com/sync?pid=337&uid=y-zU7a.SlE2uEvQFJ1XzbiH1hDv0BPLYvYCXxGM9I-~A
0
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=337&uid=y-zU7a.SlE2uEvQFJ1XzbiH1hDv0BPLYvYCXxGM9I-~A
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.51.73.145 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-51-73-145.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 12:34:17 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=337&uid=y-zU7a.SlE2uEvQFJ1XzbiH1hDv0BPLYvYCXxGM9I-~A
date
Mon, 11 Sep 2023 12:34:17 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
merge
ce.lijit.com/ Frame 0865
Redirect Chain
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID
  • https://prebid.a-mo.net/cchain/0?gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D6%26r%3DCid1YS1jNjY5NjQxZi04ZTA4LTMxYjYtYWM2MC1mODlhNjQ3YzU3ZWMQ____________ASpTa...
  • https://ssp.disqus.com/match?bidder=6&r=Cid1YS1jNjY5NjQxZi04ZTA4LTMxYjYtYWM2MC1mODlhNjQ3YzU3ZWMQ____________ASpTaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzQ2JnVpZD11YS1jNjY5NjQxZi04ZTA4LTMxY...
  • https://ce.lijit.com/merge?pid=279534&3pid=ua-c669641f-8e08-31b6-ac60-f89a647c57ec&gdpr=&gdpr_consent=&us_privacy=&location=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D12%26buyeruid%3D%5BSOVRNI...
0
465 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=279534&3pid=ua-c669641f-8e08-31b6-ac60-f89a647c57ec&gdpr=&gdpr_consent=&us_privacy=&location=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D12%26buyeruid%3D%5BSOVRNID%5D%26r%3DCid1YS1jNjY5NjQxZi04ZTA4LTMxYjYtYWM2MC1mODlhNjQ3YzU3ZWMQ____________ASpTaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzQ2JnVpZD11YS1jNjY5NjQxZi04ZTA4LTMxYjYtYWM2MC1mODlhNjQ3YzU3ZWMyAgYMOAI=
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Server
216.52.2.16 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Expires
Fri, 20 Mar 2009 00:00:00 GMT
Pragma
no-cache
Date
Mon, 11 Sep 2023 12:34:18 GMT
X-MERGE
GDPR Optout true
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap3ams1
P3P
CP="CUR ADM OUR NOR STA NID"

Redirect headers

location
https://ce.lijit.com/merge?pid=279534&3pid=ua-c669641f-8e08-31b6-ac60-f89a647c57ec&gdpr=&gdpr_consent=&us_privacy=&location=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D12%26buyeruid%3D%5BSOVRNID%5D%26r%3DCid1YS1jNjY5NjQxZi04ZTA4LTMxYjYtYWM2MC1mODlhNjQ3YzU3ZWMQ____________ASpTaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzQ2JnVpZD11YS1jNjY5NjQxZi04ZTA4LTMxYjYtYWM2MC1mODlhNjQ3YzU3ZWMyAgYMOAI=
pragma
no-cache
date
Mon, 11 Sep 2023 12:34:18 GMT
cache-control
no-store
content-length
0
expires
0
sync
ads.servenobid.com/ Frame 0865
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58632/occ
  • https://ads.servenobid.com/sync?pid=339&uid=y-zU7a.SlE2uEvQFJ1XzbiH1hDv0BPLYvYCXxGM9I-~A
0
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=339&uid=y-zU7a.SlE2uEvQFJ1XzbiH1hDv0BPLYvYCXxGM9I-~A
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.51.73.145 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-51-73-145.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 12:34:17 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=339&uid=y-zU7a.SlE2uEvQFJ1XzbiH1hDv0BPLYvYCXxGM9I-~A
date
Mon, 11 Sep 2023 12:34:17 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
v1
match.sharethrough.com/universal/ Frame 0865 		0
34 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/universal/v1?supply_id=KW3eSFMR&gdpr=0&gdpr_consent=&us_privacy=1YN-&
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.77.247.132 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-77-247-132.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 12:34:17 GMT
sync
ads.servenobid.com/ Frame 0865
Redirect Chain
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D353%26uid%3D%3Cvsid%3E
  • https://ads.servenobid.com/sync?pid=353&uid=0000EEA
0
336 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=353&uid=0000EEA
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.51.73.145 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-51-73-145.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 12:34:18 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

pragma
no-cache
strict-transport-security
max-age=86400 ; includeSubDomains, max-age=604800
date
Mon, 11 Sep 2023 12:34:17 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
location
https://ads.servenobid.com/sync?pid=353&uid=0000EEA
content-type
text/html
cache-control
max-age=0, no-cache, no-store
content-length
154
x-mnet-hl2
E
expires
Mon, 11 Sep 2023 12:34:17 GMT
sync
ads.servenobid.com/ Frame 0865
Redirect Chain
  • https://sync.admanmedia.com/pbs.gif?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D328%26uid%3D%5BUID%5D
  • https://ads.servenobid.com/sync?pid=328&uid=99d34ffe-6936-4f50-a951-df488c2b5870
0
357 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=328&uid=99d34ffe-6936-4f50-a951-df488c2b5870
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.51.73.145 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-51-73-145.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 12:34:18 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Location
https://ads.servenobid.com/sync?pid=328&uid=99d34ffe-6936-4f50-a951-df488c2b5870
Date
Mon, 11 Sep 2023 12:34:18 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
sd
us-u.openx.net/w/1.0/ Frame D0C8
Redirect Chain
  • https://cms.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=-o_be_yCiSvhiY4q_d2QKfiOiyvhiYop_Nnn0ZtY
43 B
180 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=-o_be_yCiSvhiY4q_d2QKfiOiyvhiYop_Nnn0ZtY
Requested by
Host: adpushup-d.openx.net
URL: https://adpushup-d.openx.net/w/1.0/pd?cc=1
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://adpushup-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 11 Sep 2023 12:34:17 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 11 Sep 2023 12:34:17 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=-o_be_yCiSvhiY4q_d2QKfiOiyvhiYop_Nnn0ZtY
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame D0C8
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=22
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=3967674464741924942
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=3967674464741924942
Requested by
Host: adpushup-d.openx.net
URL: https://adpushup-d.openx.net/w/1.0/pd?cc=1
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://adpushup-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 11 Sep 2023 12:34:17 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 11 Sep 2023 12:34:17 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=3967674464741924942
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
dcm
aax-eu.amazon-adsystem.com/s/ Frame D0C8 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=48d09fff-b33f-8446-aa80-6ab68ae551a6
Requested by
Host: adpushup-d.openx.net
URL: https://adpushup-d.openx.net/w/1.0/pd?cc=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.220.226.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://adpushup-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 11 Sep 2023 12:34:17 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
8WYRP0QYFZPGQRRF9NEY
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
openx
match.adsrvr.org/track/cmf/ Frame D0C8 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/openx?oxid=1006e382-af95-3fbc-6a8e-e821e2d69a46&gdpr=0
Requested by
Host: adpushup-d.openx.net
URL: https://adpushup-d.openx.net/w/1.0/pd?cc=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://adpushup-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 11 Sep 2023 12:34:17 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame D0C8 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=M2M2OTMwNDgtNjZlMi02MTE4LTdmNmUtYjI5ODI4MzQ1NDI2
Requested by
Host: adpushup-d.openx.net
URL: https://adpushup-d.openx.net/w/1.0/pd?cc=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://adpushup-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 11 Sep 2023 12:34:17 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame D0C8
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKRIZaCqLPdQtSz5K2Rz_8k&google_cver=1
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKRIZaCqLPdQtSz5K2Rz_8k&google_cver=1
Requested by
Host: adpushup-d.openx.net
URL: https://adpushup-d.openx.net/w/1.0/pd?cc=1
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://adpushup-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 11 Sep 2023 12:34:17 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 11 Sep 2023 12:34:17 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKRIZaCqLPdQtSz5K2Rz_8k&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
ads.servenobid.com/ Frame BF07 		0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=317&uid=6626216922757665288&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.51.73.145 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-51-73-145.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 12:34:17 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
/
rtb-csync.smartadserver.com/redir/ Frame BF07
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=30&p=273&cp=smartortb&cu=1&url=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D79%26partneruserid%3D%40%40CRITEO_USERID%40%4...
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=79&partneruserid=306636ff-5852-4183-8b4a-f84dcf9faf77&gdpr=0&gdpr_consent=
43 B
348 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=79&partneruserid=306636ff-5852-4183-8b4a-f84dcf9faf77&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Server
185.86.139.104 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 11 Sep 2023 12:34:17 GMT
cache-control
no-cache,no-store
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma
no-cache
date
Mon, 11 Sep 2023 12:34:17 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=79&partneruserid=306636ff-5852-4183-8b4a-f84dcf9faf77&gdpr=0&gdpr_consent=
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
671400
content-length
0
expires
Mon, 11 Sep 2023 00:00:00 GMT
/
rtb-csync.smartadserver.com/redir/ Frame BF07
Redirect Chain
  • https://s.ad.smaato.net/c/?adExInit=sas&redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D133%26partneruserid%3D$UID&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=133&partneruserid=3d10188f64
43 B
321 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=133&partneruserid=3d10188f64
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Server
185.86.139.104 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 11 Sep 2023 12:34:17 GMT
cache-control
no-cache,no-store
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

date
Mon, 11 Sep 2023 12:34:09 GMT
via
1.1 95adda0bdbd310a1a9e4f54f540543e2.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA56-C2
age
8
x-cache
Hit from cloudfront
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=133&partneruserid=3d10188f64
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
IQVPhUq2gv-h5EG5OW9UybMuVvyu6seKsncgc8sh29yqWKUL_OpW0g==
/
rtb-csync.smartadserver.com/redir/ Frame BF07
Redirect Chain
  • https://visitor.omnitagjs.com/visitor/bsync?uid=627080440e659fbe0f85333c665ae1de&name=SMARTADSERVER&url=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D117%26partnerus...
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=117&partneruserid=313c806812dd1064840e01e9d6644e4a&gdpr=0&gdpr_consent=0
43 B
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=117&partneruserid=313c806812dd1064840e01e9d6644e4a&gdpr=0&gdpr_consent=0
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Server
185.86.139.104 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 11 Sep 2023 12:34:17 GMT
cache-control
no-cache,no-store
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma
no-cache
date
Mon, 11 Sep 2023 12:34:17 GMT
x-content-type-options
nosniff
server
ayl-lb-fra02
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=117&partneruserid=313c806812dd1064840e01e9d6644e4a&gdpr=0&gdpr_consent=0
p3p
CP="CAO PSA OUR"
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
1
content-length
0
expires
0
dcm
s.amazon-adsystem.com/ Frame BF07
Redirect Chain
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=135&partneruserid=TAM_OK&redirurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fdcm%3Fpid%3D72348060-38ad-4586-8e4f-f1e2a8e789b3%26id%3DSMART_USE...
  • https://s.amazon-adsystem.com/dcm?pid=72348060-38ad-4586-8e4f-f1e2a8e789b3&id=6626216922757665288&gdpr=0&gdpr_consent=
43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=72348060-38ad-4586-8e4f-f1e2a8e789b3&id=6626216922757665288&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 11 Sep 2023 12:34:18 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
R553NPMJZV4HTGZT5X7T
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.amazon-adsystem.com/dcm?pid=72348060-38ad-4586-8e4f-f1e2a8e789b3&id=6626216922757665288&gdpr=0&gdpr_consent=
pragma
no-cache
date
Mon, 11 Sep 2023 12:34:17 GMT
cache-control
no-cache,no-store
content-length
0
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
async_usersync
ib.adnxs.com/ Frame C4BD 		0
594 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 11 Sep 2023 12:34:17 GMT
an-x-request-uuid
938d20ee-68e1-4b95-b791-75fe77d2e8da
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
45.12.222.172; 45.12.222.172; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame DA36
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZP8JSb9F2Gk.yDTXMxwhQgAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEHOG7cbi4_L_gjVuRxytQ1k&google_cver=1&google_hm=2
43 B
731 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEHOG7cbi4_L_gjVuRxytQ1k&google_cver=1&google_hm=2
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H3
Server
172.64.148.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 11 Sep 2023 12:34:18 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T7Bn3pqBu3LsBorN5NCJ5Dwu3r7c%2BHObrYunee1jtvLqOz1FIvLb8U0C3YDjk3K0P0s%2FX7BypEqd3p2iQ4yl8ZEp4n22CNVkEkF6hC1y2n0trEvu7enD4JTqYGY1s92d%2BM4o1dHeNTkMVQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
804ff1aed91323c7-ZRH
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 11 Sep 2023 12:34:17 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEHOG7cbi4_L_gjVuRxytQ1k&google_cver=1&google_hm=2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
330
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame DA36 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZP8JSb9F2Gk-yDTXMxwhQgAAFIoAAAAB&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 11 Sep 2023 12:34:17 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
H5HPY0QRP3455TCXTZET
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame DA36 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 11 Sep 2023 12:34:17 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
usermatchredir
ssum-sec.casalemedia.com/ Frame DA36
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZP8JSb9F2Gk-yDTXMxwhQgAAFIoAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEO99dCffnNgVpY9Vf59-O9s&google_cver=1
43 B
734 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEO99dCffnNgVpY9Vf59-O9s&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H3
Server
172.64.148.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 11 Sep 2023 12:34:17 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t3Ukzo%2B3qveelFf%2BKAX6Tx4Ta9YoYPdlIka%2F83eWBqIuRWHV8ZyaLvgzeN8JoZ4mmcjbUp%2FL1gmiflCyJkWEVOgdWvY6Y7jt94xWP%2FcRn2b962RVAueuFjfyYS4acTtz0aVw11iMUFBX4w%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
804ff1ae487323c7-ZRH
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 11 Sep 2023 12:34:17 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEO99dCffnNgVpY9Vf59-O9s&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ix
ad4m.at/ad/sim/ Frame DA36 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad4m.at/ad/sim/ix
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
bridge
cm.adgrx.com/ Frame DA36 		43 B
282 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.251.232.170 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
ams-mon-1.sys.adgear.com
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 11 Sep 2023 12:34:17 GMT
server
Cowboy
content-type
image/gif
p3p
CP="NOI OTC OTP OUR NOR"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
x-realserver-nx
ams-delivery-2
content-length
43
expires
Thu, 23 Sep 2004 17:42:04 GMT
rum
dsum-sec.casalemedia.com/ Frame DA36
Redirect Chain
  • https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=UrYrzlS7eZ5JsH6fVeRgnFC3e55JsHqcVOCbkid-
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=UrYrzlS7eZ5JsH6fVeRgnFC3e55JsHqcVOCbkid-
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H3
Server
172.64.148.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 11 Sep 2023 12:34:17 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1l2pwXzx8oSCwUfcXjDCuw1W850wx8yHxoO0QjEqoXur5JbML1O2nxIQFbt66LtBrOGs%2FXmBVMeOLLTaAeyUcnfChr3sbhOmNSd7gI07JzvQxg1QQEH4Oe7GCdjLZDQHQNmPebgV0qxhKg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
804ff1ae285c23c7-ZRH
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 11 Sep 2023 12:34:17 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=UrYrzlS7eZ5JsH6fVeRgnFC3e55JsHqcVOCbkid-
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
user-registering
ads.stickyadstv.com/ Frame DA36 		43 B
651 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.stickyadstv.com/user-registering?dataProviderId=1025&userId=ZP8JSb9F2Gk-yDTXMxwhQgAAFIoAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.54.235 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-101-54-235.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 11 Sep 2023 12:34:18 GMT
Server
nginx
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
43
x-sticky-vk
1694435658038061-372
Expires
Mon, 11 Sep 2023 12:34:18 GMT
htw-pixel.gif
cdn.indexww.com/ht/ Frame DA36 		43 B
229 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?ZP8JSb9F2Gk.yDTXMxwhQgAA%265258
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.38.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 12:34:17 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
52354
etag
"902a3d-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
804ff1adeb1f2397-ZRH
content-length
43
expires
Tue, 12 Sep 2023 12:34:17 GMT
crum
dsum-sec.casalemedia.com/ Frame 030C
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=5233787502523251788
43 B
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=5233787502523251788
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Server
172.64.148.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 11 Sep 2023 12:34:17 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XFk2rr6BWB4nL5cw%2BgBCiqUSehtAl2VQIjsOStGLSDdu4iXEh8X3rWVu7hH82Hvmz4S1l6qNESINH7JXE2D21mtikyxbLWVqbMobQA2eUXnK955XPk00HP46TUKHa%2B3KHpzJ5IxFXRLsaA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
804ff1ae2dcf01e3-ZRH
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 11 Sep 2023 12:34:17 GMT
an-x-request-uuid
131be5f7-e504-4c11-96f3-0f0ff51c1209
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=5233787502523251788
x-proxy-origin
45.12.222.172; 45.12.222.172; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
ZP8JSb9F2Gk-yDTXMxwhQgAAFIoAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 030C 		43 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/ZP8JSb9F2Gk-yDTXMxwhQgAAFIoAAAAB?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3601:970f:dde0:5c57:1e8b Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 12:34:17 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
ZP8JSb9F2Gk-yDTXMxwhQgAAFIoAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 030C
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZP8JSb9F2Gk-yDTXMxwhQgAAFIoAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://pr-bh.ybp.yahoo.com/sync/casale/ZP8JSb9F2Gk-yDTXMxwhQgAAFIoAAAAB
43 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/ZP8JSb9F2Gk-yDTXMxwhQgAAFIoAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Server
2a05:d018:d29:3601:970f:dde0:5c57:1e8b Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 12:34:17 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43

Redirect headers

location
https://pr-bh.ybp.yahoo.com/sync/casale/ZP8JSb9F2Gk-yDTXMxwhQgAAFIoAAAAB
date
Mon, 11 Sep 2023 12:34:17 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
ZMAwryCI
sync-tm.everesttech.net/ct/upi/pid/ Frame 030C
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
  • https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&_test=ZP8JSgAPe-ChpQA_
85 B
161 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&_test=ZP8JSgAPe-ChpQA_
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Server
151.101.66.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-served-by
cache-fra-eddf8230112-FRA
pragma
no-cache
date
Mon, 11 Sep 2023 12:34:18 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
age
2360
x-timer
S1694435658.115508,VS0,VE0
x-cache
HIT
content-type
image/png
cache-control
no-cache
accept-ranges
bytes
content-length
85
x-cache-hits
14354

Redirect headers

x-served-by
cache-fra-eddf8230112-FRA
pragma
no-cache
date
Mon, 11 Sep 2023 12:34:18 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1694435658.968232,VS0,VE94
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin
*
location
https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&_test=ZP8JSgAPe-ChpQA_
cache-control
no-cache
accept-ranges
bytes
content-length
0
x-cache-hits
0
crum
dsum.casalemedia.com/ Frame 030C
Redirect Chain
  • https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID
  • https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=5233787502523251788
43 B
471 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=5233787502523251788
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Server
172.64.148.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 11 Sep 2023 12:34:17 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g5tcFr1EOssZ4mJIboybDcwmIIR1v9M%2BGAbnidlSVXnTfNENWrDE%2FhULxIQajgcKYsLg6IG%2BwUudmATygkIWZOcHaK27HgcxWlngkIH5yFvgbPDTsCmBWnEvnRw3N%2F%2FPd9gvDe%2Bd"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
804ff1ae3ddc01e3-ZRH
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 11 Sep 2023 12:34:17 GMT
an-x-request-uuid
3f9e8112-f7c6-4035-b312-0eaf74418a05
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=5233787502523251788
x-proxy-origin
45.12.222.172; 45.12.222.172; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 030C
Redirect Chain
  • https://euexchangesync.digitaleast.mobi/usersync/index.gif?us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=462b9ba9-e327-4b9c-a6e7-95abbc192185
43 B
739 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=462b9ba9-e327-4b9c-a6e7-95abbc192185
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H3
Server
172.64.148.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 11 Sep 2023 12:34:18 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NGcJbfP4YqVg5yfD%2FmpDfPIlASjE3mXE5t4LBF7oVLenmeiHComqd0t%2F%2Fa5A%2BOFU1r9VxQb%2FeFyJiif8%2FFdYW2z7%2FFhyYXKFOJbRTblGnAhERng6Kc3AxOUVpMNkFLYkeCnCpWq4Z8SFQA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
804ff1aea8dc23c7-ZRH
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=462b9ba9-e327-4b9c-a6e7-95abbc192185
date
Mon, 11 Sep 2023 12:34:17 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
131
content-type
text/html; charset=utf-8
indexexchange
sync.adotmob.com/cookie/ Frame 030C 		0
0
tp_out
d.adroll.com/cm/index/ Frame 030C 		42 B
181 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.adroll.com/cm/index/tp_out?advertisable=3GMDZMBFQREVBC75SYYKWH
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:cc3:fe05:3a22:211:eb82:9c6b Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.22.1 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 12:34:18 GMT
cache-control
no-transform,public,max-age=300,s-maxage=900
server
nginx/1.22.1
content-length
42
vary
Cookie
content-type
image/gif
sync
ads.servenobid.com/ Frame 030C 		0
357 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=333&uid=ZP8JSb9F2Gk-yDTXMxwhQgAAFIoAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.51.73.145 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-51-73-145.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 12:34:17 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
usync.js
eus.rubiconproject.com/ Frame 333F 		35 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
3533595de3c25abc6157218bbb4a802130742ed36b1dd8daf9c183dc0fc7230a

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 11 Sep 2023 12:34:17 GMT
Content-Encoding
gzip
Last-Modified
Mon, 11 Sep 2023 06:57:46 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=66219
Connection
keep-alive
Content-Length
10211
Expires
Tue, 12 Sep 2023 06:57:56 GMT
drop_cookie_sw.php
csync.smilewanted.com/ Frame DF7C 		0
320 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/drop_cookie_sw.php
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
804ff1adf8039966-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 11 Sep 2023 12:34:17 GMT
server
cloudflare
vary
Accept-Encoding
/
onetag-sys.com/usync/ Frame 49CD 		2 KB
814 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
usersync
usersync.gumgum.com/ Frame 0652
Redirect Chain
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID
  • https://usersync.gumgum.com/usersync?b=apn&i=5233787502523251788
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=apn&i=5233787502523251788
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 11 Sep 2023 12:34:18 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

pragma
no-cache
date
Mon, 11 Sep 2023 12:34:17 GMT
an-x-request-uuid
1694a6a2-700d-4587-8c12-5066b02c629c
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://usersync.gumgum.com/usersync?b=apn&i=5233787502523251788
x-proxy-origin
45.12.222.172; 45.12.222.172; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame 0652
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_2f035c10-e63b-4afd-8d71-7c710d283d44&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://u.ipw.metadsp.co.uk/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2&bsw_user_id=${BSW_USER_UD}&bsw_param=41d2615c-4204-49d0-87f5-f4cd3d0e3ac4&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=1---
  • https://u.ipw.metadsp.co.uk/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2&bsw_user_id=${BSW_USER_UD}&bsw_param=41d2615c-4204-49d0-87f5-f4cd3d0e3ac4&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=1---
  • https://x.bidswitch.net/sync?dsp_id=339&expires=14&gdpr=0&gdpr_consent=&user_group=1&user_id=d377ac1b-129f-4658-9447-feed8008c559&ssp=gumgum2&bsw_param=41d2615c-4204-49d0-87f5-f4cd3d0e3ac4
  • https://usersync.gumgum.com/usersync?b=bsw&i=41d2615c-4204-49d0-87f5-f4cd3d0e3ac4&gdpr=0&gdpr_consent=&us_privacy=
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=bsw&i=41d2615c-4204-49d0-87f5-f4cd3d0e3ac4&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 11 Sep 2023 12:34:18 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
//usersync.gumgum.com/usersync?b=bsw&i=41d2615c-4204-49d0-87f5-f4cd3d0e3ac4&gdpr=0&gdpr_consent=&us_privacy=
date
Mon, 11 Sep 2023 12:34:18 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
syncPlatform
sync.outbrain.com/ Frame 0652
Redirect Chain
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobR...
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%280tVQ3cWzgwyb0-pJskFXOB98T00kAhc-LjsF7Bq8Hr5SkkjKJHj8-EStnsw-IBo3%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%...
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_2f035c10-e63b-4afd-8d71-7c710d283d44&obuid=ENC(0tVQ3cWzgwyb0-pJskFXOB98T00kAhc-LjsF7Bq8Hr5SkkjKJHj8-EStnsw-IBo3...
  • https://sync.outbrain.com/syncPlatform?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0
0
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/syncPlatform?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
70.42.32.191 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 11 Sep 2023 12:34:18 GMT
Cache-Control
no-cache
X-TraceId
ddd433de313289a9797b88b18cac9d8f
Content-Length
0

Redirect headers

Location
https://sync.outbrain.com/syncPlatform?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0
Date
Mon, 11 Sep 2023 12:34:18 GMT
X-TraceId
18a729834f89e68f48a1884b4884cb59
Content-Length
0
usersync
usersync.gumgum.com/ Frame 0652
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://usersync.gumgum.com/usersync?b=opx&i=e73b47f2-8780-07ea-0df5-f8cc2a869b00
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=opx&i=e73b47f2-8780-07ea-0df5-f8cc2a869b00
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 11 Sep 2023 12:34:18 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Mon, 11 Sep 2023 12:34:17 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://usersync.gumgum.com/usersync?b=opx&i=e73b47f2-8780-07ea-0df5-f8cc2a869b00
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
usersync
usersync.gumgum.com/ Frame 0652
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sta&i=0-73f9e74a-1c2d-5408-7c31-b11ae59682f8$ip$45.12.222.172
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sta&i=0-73f9e74a-1c2d-5408-7c31-b11ae59682f8$ip$45.12.222.172
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 11 Sep 2023 12:34:18 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=sta&i=0-73f9e74a-1c2d-5408-7c31-b11ae59682f8$ip$45.12.222.172
Date
Mon, 11 Sep 2023 12:34:18 GMT
Connection
keep-alive
Content-Length
127
Content-Type
text/html; charset=utf-8
usersync
usersync.gumgum.com/ Frame 0652
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=oth&i=y-g6s9gBRE2pfc0S0FHHpYi5ij41C7LHIyRpXU~A
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=oth&i=y-g6s9gBRE2pfc0S0FHHpYi5ij41C7LHIyRpXU~A
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 11 Sep 2023 12:34:18 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Mon, 11 Sep 2023 12:34:17 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://usersync.gumgum.com/usersync?b=oth&i=y-g6s9gBRE2pfc0S0FHHpYi5ij41C7LHIyRpXU~A
content-length
0
usersync
usersync.gumgum.com/ Frame 0652
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fuser...
  • https://usersync.gumgum.com/usersync?b=vnt&i=d6b8d5df-b882-4872-9d92-f42e34d0c7a3
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=vnt&i=d6b8d5df-b882-4872-9d92-f42e34d0c7a3
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 11 Sep 2023 12:34:18 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=vnt&i=d6b8d5df-b882-4872-9d92-f42e34d0c7a3
Date
Mon, 11 Sep 2023 12:34:18 GMT
Connection
keep-alive
X-CI-RTID
ed7db236-bc67-48ea-8574-8bdceef88b20
Content-Length
108
Content-Type
text/html; charset=utf-8
142
match.deepintent.com/usersync/ Frame 0652 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
38.91.45.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
Software
c /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 12:34:17 GMT
content-length
0
server
c
usersync
usersync.gumgum.com/ Frame 0652
Redirect Chain
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_2f035c10-e63b-4afd-8d71-7c710d283d44&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__
  • https://stags.bluekai.com/site/23178?id=Vu556JS18JTqeIP0j08S&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LO...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2VTVGU2TMSSTGE4EUVDRMVEVAMDKGA4FG...
  • https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=Vu556JS18JTqeIP0j08S&us_privacy=1---
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=Vu556JS18JTqeIP0j08S&us_privacy=1---
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 11 Sep 2023 12:34:18 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
Date
Mon, 11 Sep 2023 12:34:18 GMT
Content-Type
text/html; charset=utf-8
Location
https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=Vu556JS18JTqeIP0j08S&us_privacy=1---
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
123
Expires
Thu, 01 Dec 1994 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame 0652
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://usersync.gumgum.com/usersync?b=idi&i=bfa793fe-5bd6-4e4a-aead-b2202346f7a4
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=idi&i=bfa793fe-5bd6-4e4a-aead-b2202346f7a4
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 11 Sep 2023 12:34:18 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=idi&i=bfa793fe-5bd6-4e4a-aead-b2202346f7a4
access-control-allow-origin
*
date
Mon, 11 Sep 2023 12:34:18 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
usersync
usersync.gumgum.com/ Frame 0652
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
  • https://usersync.gumgum.com/usersync?b=pln&i=pAbGTa6N6sPG&ev=1&pid=558355
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=pln&i=pAbGTa6N6sPG&ev=1&pid=558355
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 11 Sep 2023 12:34:18 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
de-CH
location
https://usersync.gumgum.com/usersync?b=pln&i=pAbGTa6N6sPG&ev=1&pid=558355
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-cdb79dd64-clmxg
expires
-1
usersync
usersync.gumgum.com/ Frame 0652
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sad&i=6626216922757665288
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sad&i=6626216922757665288
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 11 Sep 2023 12:34:18 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=sad&i=6626216922757665288
date
Mon, 11 Sep 2023 12:34:17 GMT
content-length
0
sync
ads.servenobid.com/ Frame 0652 		0
358 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=309&uid=e_2f035c10-e63b-4afd-8d71-7c710d283d44
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.51.73.145 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-51-73-145.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 12:34:17 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
PugMaster
image6.pubmatic.com/AdServer/ Frame EAFE 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=20007564&p=162412&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1YN-
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
ac9d0828f96c638e8ea47891966612b14773f311f3e9bfc0ef3f02437891e7d3

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Mon, 11 Sep 2023 12:34:16 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
usersync
usersync.gumgum.com/ Frame 085A
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=
  • https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=ZP8JSgAPdnzS7QAN
  • https://usersync.gumgum.com/usersync?b=atm&i=ZP8JSgAPdnzS7QAN&gdpr=0&gdpr_consent=&_test=ZP8JSgAPdnzS7QAN
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=atm&i=ZP8JSgAPdnzS7QAN&gdpr=0&gdpr_consent=&_test=ZP8JSgAPdnzS7QAN
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Mon, 11 Sep 2023 12:34:18 GMT
Expires
0
Pragma
no-cache

Redirect headers

accept-ranges
bytes
cache-control
no-cache
content-length
0
date
Mon, 11 Sep 2023 12:34:18 GMT
location
https://usersync.gumgum.com/usersync?b=atm&i=ZP8JSgAPdnzS7QAN&gdpr=0&gdpr_consent=&_test=ZP8JSgAPdnzS7QAN
pragma
no-cache
retry-after
0
server
Varnish
via
1.1 varnish
x-cache
HIT
x-cache-hits
0
x-served-by
cache-fra-eddf8230112-FRA
x-timer
S1694435658.088805,VS0,VE0
pixel
cm.g.doubleclick.net/ Frame 8D9C 		170 B
188 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV8yZjAzNWMxMC1lNjNiLTRhZmQtOGQ3MS03YzcxMGQyODNkNDQ=&gdpr=0&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
170
content-type
image/png
cross-origin-resource-policy
cross-origin
date
Mon, 11 Sep 2023 12:34:17 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 9AB5 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=24309
content-encoding
gzip
content-length
5606
content-type
text/html
date
Mon, 11 Sep 2023 12:34:17 GMT
expires
Mon, 11 Sep 2023 19:19:26 GMT
last-modified
Fri, 01 Sep 2023 11:18:33 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
generic
match.adsrvr.org/track/cmf/ Frame F2A8 		70 B
264 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
private,no-cache, must-revalidate
content-length
70
content-type
image/gif
date
Mon, 11 Sep 2023 12:34:17 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319
usersync
usersync.gumgum.com/ Frame E396
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=gumgum
  • https://usersync.gumgum.com/usersync?b=sus&i=ZP8JSsCo5tAAALhaufgAAAAA
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=sus&i=ZP8JSsCo5tAAALhaufgAAAAA
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Mon, 11 Sep 2023 12:34:18 GMT
Expires
0
Pragma
no-cache

Redirect headers

Cache-Control
private
Connection
keep-alive
Content-Length
0
Date
Mon, 11 Sep 2023 12:34:18 GMT
Location
https://usersync.gumgum.com/usersync?b=sus&i=ZP8JSsCo5tAAALhaufgAAAAA
P3P
CP="See also http://www.scaleout.jp/privacy/"
Server
nginx
X-SO-Ads-Time
2
X-SO-Cluster-ID
0
X-SO-HostName
a-ad40102.dc2p.scaleout.jp
X-SO-IP
45.12.222.172
X-SO-Key
ZP8JSsCo5tAAALhaufgAAAAA
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":0,"gdpr":false,"ipv4":"45.12.222.172","key":"ZP8JSsCo5tAAALhaufgAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"a-ad40102"}
X-SO-LB-Hostname
a-tgng40012.dc2p.scaleout.jp
X-SO-Upstream-ID
a-ad40102
gumgum
cs.admanmedia.com/sync/ Frame 6F80 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cs.admanmedia.com/sync/gumgum?puid=e_2f035c10-e63b-4afd-8d71-7c710d283d44&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Daad%26i%3D%5BDSP_USER_ID%5D&gdpr=0&gdpr_consent=&ccpa=1---
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
80.77.87.161 Clifton, United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Connection
keep-alive
Date
Mon, 11 Sep 2023 12:34:18 GMT
Server
nginx
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
usersync
usersync.gumgum.com/ Frame 5F24
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1
  • https://usersync.gumgum.com/usersync?b=rth&i=osix3W7DkZuBqGTUiPiu&pi=gumgum&tc=1
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=rth&i=osix3W7DkZuBqGTUiPiu&pi=gumgum&tc=1
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Mon, 11 Sep 2023 12:34:18 GMT
Expires
0
Pragma
no-cache

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Mon, 11 Sep 2023 12:34:18 GMT Mon, 11 Sep 2023 12:34:18 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://usersync.gumgum.com/usersync?b=rth&i=osix3W7DkZuBqGTUiPiu&pi=gumgum&tc=1
pragma
no-cache
usync.html
eus.rubiconproject.com/ Frame 1A70
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
  • https://eus.rubiconproject.com/usync.html?p=gumgum
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 11 Sep 2023 12:34:18 GMT
ETag
"40010-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Mon, 11 Sep 2023 12:34:17 GMT
location
https://eus.rubiconproject.com/usync.html?p=gumgum
server
AkamaiGHost
sync
ads.servenobid.com/ Frame 333F
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=duration_media&khaos=LMEV8M4R-1U-JSRL
  • https://ads.servenobid.com/sync?pid=323&uid=LMEV8M4R-1U-JSRL
0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=323&uid=LMEV8M4R-1U-JSRL
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol
H2
Server
52.51.73.145 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-51-73-145.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 12:34:18 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ads.servenobid.com/sync?pid=323&uid=LMEV8M4R-1U-JSRL
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
a414d61fde5a538d1bc5c621aec59518
Expires
0
pixel
ap.lijit.com/ Frame 7E7F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fsovrn%2F%24UID
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
209.191.163.209 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Date
Mon, 11 Sep 2023 12:34:18 GMT
X-Sovrn-Pod
ad_ap3sfo1
cs
cs.minutemedia-prebid.com/ Frame 47E9
Redirect Chain
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&cb=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21492%26uid%3D%26ismms2s%3D1
  • https://cs.minutemedia-prebid.com/cs?aid=21492&uid=&ismms2s=1&gdpr=0
0
378 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21492&uid=&ismms2s=1&gdpr=0
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
34.249.177.138 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-249-177-138.eu-west-1.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 12:34:18 GMT
server
istio-envoy
x-reason
missing buyer cookie sync value, buyer id: '21492'
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
content-type
application/javascript
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

location
https://cs.minutemedia-prebid.com/cs?aid=21492&uid=&ismms2s=1&gdpr=0
date
Mon, 11 Sep 2023 12:34:17 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
0
server
envoy
content-length
0
pixel
ap.lijit.com/ Frame 47E9 		0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21488%26id%3D%24UID%26ismms2s%3D1
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
209.191.163.209 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 11 Sep 2023 12:34:18 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap3sfo1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
cs
cs.minutemedia-prebid.com/ Frame 47E9
Redirect Chain
  • https://eb2.3lift.com/getuid?gdpr=0&cmp_cs=&redir=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21480%26id%3D$UID%26ismms2s%3D1
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21480%26id%3D%24UID%26ismms2s%3D1
  • https://cs.minutemedia-prebid.com/cs?aid=21480&id=742876909853207093297&ismms2s=1
0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21480&id=742876909853207093297&ismms2s=1
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
34.249.177.138 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-249-177-138.eu-west-1.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 12:34:18 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

location
https://cs.minutemedia-prebid.com/cs?aid=21480&id=742876909853207093297&ismms2s=1
date
Mon, 11 Sep 2023 12:34:18 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
cs
cs.minutemedia-prebid.com/ Frame 47E9
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=161683&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21482%26id%3D%23PMUID%26ismms2s%3D1
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://sync.bumlam.com/?src=bsw2&bsw_ssp=pubmatic&bsw_param=41d2615c-4204-49d0-87f5-f4cd3d0e3ac4&gdpr=0&gdpr_consent=
  • https://sync.bumlam.com/?src=bsw2&s_data=CAIQARjKkvynBloJCgRnZHByEgEwWg4KDGdkcHJfY29uc2VudKIBEIaRpgxQnxHuhuAAJZDAZHyqAQhwdWJtYXRpY7IBJDQxZDI2MTVjLTQyMDQtNDlkMC04N2Y1LWY0Y2QzZDBlM2FjNA**
  • https://x.bidswitch.net/sync?dsp_id=476&user_id=8691a60c-509f-11ee-86e0-002590c0647c&expires=90&ssp=pubmatic&bsw_param=41d2615c-4204-49d0-87f5-f4cd3d0e3ac4
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=41d2615c-4204-49d0-87f5-f4cd3d0e3ac4&gdpr=&gdpr_consent=&gdpr_pd=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://cs.minutemedia-prebid.com/cs?aid=21482&id=53BC0C8B-6C9E-42B6-8F3B-DFDEDFA20CB1&ismms2s=1
0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21482&id=53BC0C8B-6C9E-42B6-8F3B-DFDEDFA20CB1&ismms2s=1
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
34.249.177.138 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-249-177-138.eu-west-1.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 12:34:18 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
2
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

location
https://cs.minutemedia-prebid.com/cs?aid=21482&id=53BC0C8B-6C9E-42B6-8F3B-DFDEDFA20CB1&ismms2s=1
date
Mon, 11 Sep 2023 12:34:18 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
127
content-type
text/html; charset=utf-8
cs
cs.minutemedia-prebid.com/ Frame 47E9
Redirect Chain
  • https://visitor.omnitagjs.com/visitor/bsync?uid=a1aca1d7a7acd80e26595e82223f1e6f&name=MinuteMedia&gdpr=0&gdpr_consent=&url=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21502%26id%3D%5BBUYER...
  • https://cs.minutemedia-prebid.com/cs?aid=21502&id=313c806812dd1064840e01e9d6644e4a&ismms2s=1
0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21502&id=313c806812dd1064840e01e9d6644e4a&ismms2s=1
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
34.249.177.138 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-249-177-138.eu-west-1.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 12:34:18 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

pragma
no-cache
date
Mon, 11 Sep 2023 12:34:18 GMT
x-content-type-options
nosniff
server
ayl-lb-fra02
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
location
https://cs.minutemedia-prebid.com/cs?aid=21502&id=313c806812dd1064840e01e9d6644e4a&ismms2s=1
p3p
CP="CAO PSA OUR"
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
3
content-length
0
expires
0
cs
cs.minutemedia-prebid.com/ Frame 47E9
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=196326&cb=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21476%26id%3D%26ismms2s%3D1
  • https://cs.minutemedia-prebid.com/cs?aid=21476&id=&ismms2s=1ZP8JSb9F2Gk.yDTXMxwhQgAA%265258
0
377 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21476&id=&ismms2s=1ZP8JSb9F2Gk.yDTXMxwhQgAA%265258
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
34.249.177.138 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-249-177-138.eu-west-1.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 12:34:18 GMT
server
istio-envoy
x-reason
missing buyer cookie sync value, buyer id: '21476'
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
content-type
application/javascript
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

pragma
no-cache
date
Mon, 11 Sep 2023 12:34:18 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tXlhjnCCoi1X8V2FNZSkNv%2FQfdkzTsAFP7u2i0KCuyKZppLam8RTTE2oaMeHrUH0VV2%2FY3%2BkuArsBlbI8BwxSJcAGpY5GXT%2BGbABtvAi1hqQC3jx2Oy3ajT%2FvpmkGaR5EQ2b%2BgMXXnNaPQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://cs.minutemedia-prebid.com/cs?aid=21476&id=&ismms2s=1ZP8JSb9F2Gk.yDTXMxwhQgAA%265258
cache-control
no-cache
cf-ray
804ff1aed91123c7-ZRH
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
cs
cs.minutemedia-prebid.com/ Frame 47E9
Redirect Chain
  • https://u.openx.net/w/1.0/cm?id=29975467-6f1b-4e06-b545-920b22ea49b2&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21477%26id%3D%26ismms2s%3D1
  • https://cs.minutemedia-prebid.com/cs?aid=21477&id=&ismms2s=1895f0186-d007-00e8-1216-f1d6a2d510a3
0
377 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21477&id=&ismms2s=1895f0186-d007-00e8-1216-f1d6a2d510a3
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
34.249.177.138 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-249-177-138.eu-west-1.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 12:34:18 GMT
server
istio-envoy
x-reason
missing buyer cookie sync value, buyer id: '21477'
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
content-type
application/javascript
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

date
Mon, 11 Sep 2023 12:34:18 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://cs.minutemedia-prebid.com/cs?aid=21477&id=&ismms2s=1895f0186-d007-00e8-1216-f1d6a2d510a3
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sync
ads.servenobid.com/ Frame 47E9 		0
341 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=348&uid=uf6BQDTzkp_mm
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.51.73.145 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-51-73-145.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 12:34:18 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
/
sync.richaudience.com/697a8452aebbe5875da0878cfaf3d0d0/ Frame FD0B
Redirect Chain
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=ns9qrKJLKD&consentString=&r=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Frichaudience%2F%5BPDID%5D
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcsync.smilewanted.com%2F
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcsync.smilewanted.com%2F&rd=1
  • https://x.bidswitch.net/sync?ssp=richaudience&gdpr=0&gdpr_consent=&user_id=0d572816-e041-450a-93cc-1zz1694435647
  • https://dis.criteo.com/dis/usersync.aspx?r=25&p=52&dis=0&gdpr=0&gdpr_consent=&url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D462%26ssp%3Drichaudience%26user_id%3D%40%40CRITEO_USERID%40%40
  • https://x.bidswitch.net/sync?dsp_id=462&ssp=richaudience&user_id=k-14BU6dnQOJKoo5BPBPlyS6wVxs1KvYOkTqdA9w&gdpr=0&gdpr_consent=
  • https://sync.richaudience.com/697a8452aebbe5875da0878cfaf3d0d0/?uid=41d2615c-4204-49d0-87f5-f4cd3d0e3ac4&gdpr=0&gdpr_consent=&us_ps=
95 B
379 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.richaudience.com/697a8452aebbe5875da0878cfaf3d0d0/?uid=41d2615c-4204-49d0-87f5-f4cd3d0e3ac4&gdpr=0&gdpr_consent=&us_ps=
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.55.236.225 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.225.236.55.162.clients.your-server.de
Software
nginx/1.14.1 / PHP/8.2.4
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

content-type
image/png
date
Mon, 11 Sep 2023 12:34:07 GMT
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
server
nginx/1.14.1
x-powered-by
PHP/8.2.4

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Mon, 11 Sep 2023 12:34:18 GMT
location
//sync.richaudience.com/697a8452aebbe5875da0878cfaf3d0d0/?uid=41d2615c-4204-49d0-87f5-f4cd3d0e3ac4&gdpr=0&gdpr_consent=&us_ps=
track
t.teads.tv/ Frame AFFD 		23 B
134 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.teads.tv/track?action=progress-1&vid=dda1694e-37ca-4de0-b5a1-6d30c645324e&gid=1028799&studio_cid=7dd732d0-458b-11ee-b8ab-e36d8956f1ce&piv=76&ut=1&hb_provider=prebid&psid=415253&auctid=6cb247c3-d4af-47d8-af5b-93402999ab0f_50b45b42-c1ea-4c9e-9f86-d8579626f5b9&pscid=20204&scid=7024&pfid=72&sid=174681&env=js-web&hb_ad_unit_code=ADP_42753_728X250_77a9c22f-ac02-45dd-96bc-b0896a8a7d5a&cts=1694435655693&cid=1101362&pid=169092&p=Onwwdmct0Q5xn0pLbrDS3XqPVOUtUkepGinL1FXhiq84FGK03fv3naDeu_WR8CwVyMvMeQuGaVh_5fXbBLeGNYZn3zXDOrbINs9S9mXwg4wZsNPMjg7TiZFEi4vtPhlH51M5yFjlFAUl6d9Vpqg59Ac4Q3Dp1MtkNIl2HaeWtI0YHUJzSQ9IXDxfjUtMFoKhMX7KW3LeClD3Pmq2nFvErDl6dquEDFmQsQdFWD6dEYxl1HZIb_ZThOIBkgoAH5dlW1OyjpAj5uYGUo0pNsK9xB1dE7GDUpmhXiHgAMVp40yxNuEzlFOv9ZvzXOjkcwbOpnpmKV6L1R_tGvIun1hFr2NBKWqGk2Xt2OLhINGXnO5pBQ&cs=248706410805358509505&slot=native&fv=1247&plft=apa,apnf&referer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxie-yan-fu-bing-shi-qi-kong-su-yi-shi-yao-tui-xiu-bi-zhuan-zhen.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.161.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-161-51.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Sat, 26 Jul 1997 05:00:00 GMT
date
Mon, 11 Sep 2023 12:34:18 GMT
cache-control
max-age=0, no-cache, no-store
content-length
23
content-type
image/gif
sodar
pagead2.googlesyndication.com/pagead/ Frame B287 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230906&jk=562622493605378&bg=!EhGlEV7NAAa6D61Rmg87ADQBe5WfOGxGql9dP5412WSjPgIo_wgWThD-PDzHRM1WfBmaLhiAsxYIPcsY3UEcXiiSsZW7AgAAAOZSAAAAB2gBB5kC0qNAtZ0-0daDfWq_Tj3bzK1aYbAOSUlivPUAzRrSIeIrrTPcwn-8P5eqaX2nP-JMHoQsYPlmz2wHvkFaJKNhE3aOkugI9QIOTGuRPIZC9F0XUBMCq17kRd0v2s4zwkNRoWpqhQ57NGA0a2Fw7rZliyeadGb21hkka0N4eLUWkOulLF7Cr68e8LzGF_DCgSztPNhmbn6dO7GMscoYwk7pzOw2uzQ7l7VRTyLIC4xo1iLtG9FxoBeWfPDYhANWnQEiv38_WeoHgDM4XYyxIln8fCktz-9osuXN_DJAuPdFY2mS1pg3zSYv0GxOj14Mq7rlJTthtDu6ESprIiWt8xYj0qz_Oan3n5ghpqa7Bp8lYRNDeIAKjrB1gmPPCVQrUgdjB-uSTwkB3-TqQaqLxgkz4Zyh2Yk4a_iJLAv7q99zkmo2vHIaxWiIIEe27EmLbHA7NeV-d9v_c1eaEmJf2gHbIdUWQWJfEnwc2SaAdEoToxyA1lEjQ9dyElcYoWkOgKStFUedpqAJHqSQuMj8g-QNrnhVsz2sY5JyoiFOCGsGXwRLDpXnAFzXWqye_LUwPJiVuMF3HhWtxAoNRUrk8JWMWIAXJPKCxRXiluymaKwhPBl7j0-5Lf-oR3juSsPngDcipztdWPIeFNkngSJRI6nWe1HD6l7vu-29G6pEC_qO2a16sR6y-Rhvu32obM6NblL32-QiPfA0SuevQf_1_S1SMKY-DTM9V-84knVIJyeyxc5tmSqbsG4GvFqOm1iJe5KOttE2h5O_RMjTCZYpH7U9q71xVlUgKQS7uj_1SPifSViOUueBJ-yfz7S5lZ4nuvD0j-mNEo5TWpihBw_jmqiDAU2zG3LiiU12krkPYyQRFzvBYZodxCtCEUvnCctRSYWR95ASSlV4Ke_bE6Onf7j3nktM7eZdsUID3IwnaV3itGhoso6nNFhbw7_5yDQqWMj6NPiF
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame 9312 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230906&jk=1976443460035150&bg=!l5SllNvNAAa6D61Rmg87ADQBe5WfODKR3bILs_MTAospb1AMoFLp5k-ZmeX7Xo2B795NuJJVLFrbGG2zWRWD-Y9n7VYZAgAAAN5SAAAAB2gBBwoAjmZY5ndkgVJmHR6mkjmwwfIWdj_5ooc0E-Nb_a3wFb4FpiB5OR9HkGDF-IXk8l3E_YS_twQ1_EFXe6wlFlDwqgSJswa6zUkzfwSNSC8o1LFm8aeXQexI2YFB3VogzVOSG-SZBhGwZs1XP8JffKWUk5xkifOo0KG4hmu4s3gVS3irP5cucBNAt7a8XwIOKZ6ZArwpsQ6X43yV7xymlCiibz47eXfsUpLxjjMohn6MJwQULILiOQwxNGVk7ckKn5id9dKApaEMVwvaN2T-4wFalaakBDlJWp5QbMy-WjDp1IJHMxtati2NlUgXK5__bDSAqR-C4r8o3UiCSCYzvkXiOEsriixxVt2sPU2jDh3SD3fEsqiI1xhFo-HWO3_eUKz4KuLRdbrQyYVOTjgEzEXIVSd978cTbVNcV6nnfnRkTyUIgpX3B8o_MYUf2JSHNoOvYNm06d8w1-3AsCQz7fV3TklJTnSF5uwgjui6abXDTaibZ4Xm2WEJ3iVAPRMrh6nNerCMJnKojRmkZ9_FweOofqPQoY1bimIJGY6uXjDIdl_cFXqlrrVwZOzQKrzHqhOvbPrr46T5du-e9MiDVGe_nhlrAPp4qUq0xuDyRZ-s8nKto3u5zoTwNWTDMB1vYphW4UKleGYcs9Xrsp06RIWCjDD3V6BvUPNlLmPeEH_227PFXcbEFxXLCp0eOPmWxxrXM5xzp2Bid0ItEsIL8l9JCLluh03ja62Qv58sofXP9vD5CvSAuzkUZBoPyoGZrD_dyOdlzbZ-MuoaT6mYC7HWn9MjpJPpiINImm7OB-Bz_dJME8qs9MN52DamRS-3fD-FW6UnZTzOPavX0foaqe1mA5JjLMICspKrcuPxyyHjf9muMwXI6EDnXgPXzpcql_N1ZofmKkRvHkSTBMni968jIkK86WKmj647hMkiWIYhK4X9y0_obu_ATC5CehC5clPotO4nPNJ9xqxteoOfjOKpzGL20xvLVMxfQZQFPUiyOjUnDSDAESzlYgvLi9eYGiQ2ac6NZHZLRNw0lvS2E30mL-_xM_jjPPjsRavqg4I09PAwX6HZLJaSesfnzADHWHydLUF9X-JeZSi_ngpdM9NUfiY0w6HTCH6O5CIJXgym
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
usync.js
eus.rubiconproject.com/ Frame 1A70 		35 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
3533595de3c25abc6157218bbb4a802130742ed36b1dd8daf9c183dc0fc7230a

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 11 Sep 2023 12:34:18 GMT
Content-Encoding
gzip
Last-Modified
Mon, 11 Sep 2023 06:57:46 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=66218
Connection
keep-alive
Content-Length
10211
Expires
Tue, 12 Sep 2023 06:57:56 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202308240102&jk=2213891146708900&bg=!2Nul25TNAAa6D61Rmg87ADQBe5WfODhjb16vKK3AeY18FaE6hPemx-EIBVkweZI5XSBtcCwbevVkEQ0v0ypbPboe-PMeAgAAANNSAAAAB2gBBwoAHpxWs30NM4v5JYjtCSORD9a9BDQ6NslYUaWwJqmWIJkCvKsxL5H6WCbJNKurM2oSqAxh-KFlSOGWfTrmJbFRHPoGaw2Xt10BNLl_rrjiT1zHrXOW0lLwtQVOI37bj-9CMJMtlkbeZy6LFau8iaBYyiE6ad8d54XAhuAAbahbpSKPhAZzj8q5okuqxsNbplUOot9Xl3wpJUnwW3XTQI6SXmRE1fYONGEPrGBylszhPa9eynO67LNA0MN8bQtrPkcvB2kUJ6_l32iiuBv1jXEgr6nLlCbo4DkEr4pyKrp_CnoW7lQWs_iWJFO5YGC0f4Rns0vXli88mqBReTfFCU2oHYdK1ezVTYFL-N_vb63OqfUc7x15L9d6yIAIe07EvY6-11tIfq47KLJ92fAwKa4quD8TfGD-wddrGjeghMct42nvb70DiFZq-o_vzAtWeu38dtvLstUorduQOvO-R8i7kECZPaAkIgZFFqTuYZTGgS5s5OiAgkNnaygQvDvdeUdbdBt5KsnoUp1bHG63t2H-K3Seic6MJnBXAIX2G-e5hYUssKaIu7uePmQ-Dq06ondSMMUu5a9DcIOrOI9Hf2nGeLuvQAY11wZoznywpwMkCTmCj35GewXouGd8NdyV7aX-amy1c80Yq-kDstmuKSVgCpODrxwSJrRqhI9f7XQhKS4yy-1NO_b1-Zo65JiPO4uoJJy3ZnrPWbjmTndtkUudFOfZKT9j2TnfWLJJ0wzcjX1GMneBNaHucLRB-61dLkPHG7pL-4suXpxTF0GMYPMtNj0ko4Tj9i2J0e2-yMdROCmg1dA5ft2rJ9nklzQrRAVQtedao3hMTsqMRKCeW0LApYGibPP1vNyHtuzSrhtaJMU7iB2sBGjMPaXTwwYN8bhZdDVDoqWJ0Eor3CaAcfbuHwOTxh-NX-u56xKyCLw5cNoaJFPWVcNYSwQgrB8bZMylsUhKMVsz3vKLEhgG0QM
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
RX-ec50676d-f298-4393-981b-4891db2fa7c3-003
csync.smilewanted.com/set_partner_userid_get/unruly/ Frame C144
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=smilewanted
  • https://ad.turn.com/r/cs?pid=45&rndcb=550956088
  • https://sync.1rx.io/usersync/turn/3021665372246275692?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-ec50676d-f298-4393-981b-4891db2fa7c3-003?redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Funruly%2FRX-ec50676d-f298-4393-981b-489...
  • https://csync.smilewanted.com/set_partner_userid_get/unruly/RX-ec50676d-f298-4393-981b-4891db2fa7c3-003
0
424 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/unruly/RX-ec50676d-f298-4393-981b-4891db2fa7c3-003
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
804ff1b03ae69966-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 11 Sep 2023 12:34:18 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

content-type
text/html
date
Mon, 11 Sep 2023 12:34:18 GMT
etag
RXec50676df2984393981b4891db2fa7c3003
location
https://csync.smilewanted.com/set_partner_userid_get/unruly/RX-ec50676d-f298-4393-981b-4891db2fa7c3-003
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Pug
simage2.pubmatic.com/AdServer/ Frame 3DB5
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
42 B
245 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 11 Sep 2023 12:34:17 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

cache-control
no-cache
content-length
0
cross-origin-resource-policy
cross-origin
date
Mon, 11 Sep 2023 12:34:17 GMT
expires
Mon, 11 Sep 2023 00:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
728488
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
dcm
aax-eu.amazon-adsystem.com/s/ Frame CC21 		43 B
855 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=53BC0C8B-6C9E-42B6-8F3B-DFDEDFA20CB1&redir=true&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.220.226.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Mon, 11 Sep 2023 12:34:18 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
DHBSFMM35GP3P0AKB7B1
Pug
image2.pubmatic.com/AdServer/ Frame D3C1
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=AjqK5gQ32LYZPN-3BWjBtAA72rYZPNu0BGxqoYIN
42 B
421 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=AjqK5gQ32LYZPN-3BWjBtAA72rYZPNu0BGxqoYIN
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 11 Sep 2023 12:34:17 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
date
Mon, 11 Sep 2023 12:34:18 GMT
expires
Fri, 04 Aug 1978 12:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=AjqK5gQ32LYZPN-3BWjBtAA72rYZPNu0BGxqoYIN
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma
no-cache
strict-transport-security
max-age=86400
sync
ads.servenobid.com/ Frame D67D 		0
358 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/sync?pid=316&uid=53BC0C8B-6C9E-42B6-8F3B-DFDEDFA20CB1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.51.73.145 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-51-73-145.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
amp-access-control-allow-source-origin
*
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
content-length
0
content-type
text/html;charset=ISO-8859-1
date
Mon, 11 Sep 2023 12:34:18 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame EAFE
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=U7wMi2yeQraPO9_e36IMsQ%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 12:34:18 GMT
content-encoding
gzip
last-modified
Fri, 01 Sep 2023 11:18:33 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=24308
accept-ranges
bytes
content-length
5606
expires
Mon, 11 Sep 2023 19:19:26 GMT

Redirect headers

pragma
no-cache
date
Mon, 11 Sep 2023 12:34:18 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
qmap
sync.crwdcntrl.net/ Frame EAFE
Redirect Chain
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=53BC0C8B-6C9E-42B6-8F3B-DFDEDFA20CB1&gdpr=0&gdpr_consent=
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=53BC0C8B-6C9E-42B6-8F3B-DFDEDFA20CB1&gdpr=0&gdpr_consent=&ct=y
49 B
545 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=53BC0C8B-6C9E-42B6-8F3B-DFDEDFA20CB1&gdpr=0&gdpr_consent=&ct=y
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
54.77.82.203 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-82-203.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 11 Sep 2023 12:34:18 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.3.61
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Mon, 11 Sep 2023 12:34:18 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=53BC0C8B-6C9E-42B6-8F3B-DFDEDFA20CB1&gdpr=0&gdpr_consent=&ct=y
cache-control
no-cache
x-server
10.45.21.137
content-length
0
expires
0
cr
cr.frontend.weborama.fr/ Frame EAFE
Redirect Chain
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=1302039167
0
45 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=1302039167
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
34.111.129.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.129.111.34.bc.googleusercontent.com
Software
Weborama Collect Frontend /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 11 Sep 2023 12:34:17 GMT
via
1.1 google
last-modified
Mon, 11 Sep 2023 12:34:18 GMT
server
Weborama Collect Frontend
vary
Origin
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 11 Sep 2023 12:34:17 GMT
via
1.1 google
last-modified
Mon, 11 Sep 2023 12:34:18 GMT
server
Weborama Collect Frontend
vary
Origin
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
location
https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=1302039167
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Tue, 03 Jul 2001 06:00:00 GMT
p
a.audrte.com/ Frame EAFE
Redirect Chain
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=53BC0C8B-6C9E-42B6-8F3B-DFDEDFA20CB1
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=YTVhREdIYTYwZklSb3FFb3lKUDl0ZzZ6UQ==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL...
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent=
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent=
  • https://a.audrte.com/a?adform_uid=3967674464741924942&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D
  • https://a.audrte.com/p
68 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
HTTP/1.1
Server
44.206.88.126 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-206-88-126.compute-1.amazonaws.com
Software
nginx/1.22.1 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 11 Sep 2023 12:34:19 GMT
Server
nginx/1.22.1
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Mon, 11 Sep 2023 12:34:18 GMT
Server
nginx/1.22.1
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Access-Control-Allow-Origin
*
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Pug
image2.pubmatic.com/AdServer/ Frame EAFE
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NTNCQzBDOEItNkM5RS00MkI2LThGM0ItREZERURGQTIwQ0Ix&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Mon, 11 Sep 2023 12:34:17 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 11 Sep 2023 12:34:18 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ImgSync
image8.pubmatic.com/AdServer/ Frame EAFE
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEPFEg4qjtijcgqOLcA3tS8g&google_cver=1
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=53BC0C8B-6C9E-42B6-8F3B-DFDEDFA20CB1&gdpr=0&gdpr_consent=
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=631515c94a0a16e5&is_secure=true&networkId=17100&version=1&nuid=53BC0C8B-6C9E-42B6-8F3B-DFDEDFA20CB1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAIIkVofGBZvwM8yb47AAAAAAA&expiration=1694522058&nuid=53BC0C8B-6C9E-42B6-8F3B-DFDEDFA20CB1&...
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3021665372246275692&gdpr=0&gdpr_consent=&us_privacy=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=c77113ac-87f2-409b-8e20-bd9869d8554d-64ff094a-4348&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
0
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
198.47.127.18 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 12:34:18 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
date
Mon, 11 Sep 2023 12:34:18 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
pubmatic
um.simpli.fi/ Frame EAFE 		43 B
610 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.204.158.49 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
49.158.204.35.bc.googleusercontent.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 12:34:18 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Sun, 10 Sep 2023 12:34:18 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame EAFE
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=3967674464741924942
42 B
323 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=3967674464741924942
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Mon, 11 Sep 2023 12:34:17 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 11 Sep 2023 12:34:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=3967674464741924942
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
generic
match.adsrvr.org/track/cmf/ Frame EAFE 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 11 Sep 2023 12:34:18 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
53BC0C8B-6C9E-42B6-8F3B-DFDEDFA20CB1
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame EAFE 		43 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/53BC0C8B-6C9E-42B6-8F3B-DFDEDFA20CB1?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3601:970f:dde0:5c57:1e8b Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 12:34:18 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
SPug
image4.pubmatic.com/AdServer/ Frame EAFE
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=53BC0C8B-6C9E-42B6-8F3B-DFDEDFA20CB1&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-UYF4sf9E2uVUNTMOtAdWGjtdG.o7sOA-~A&gdpr=0
0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-UYF4sf9E2uVUNTMOtAdWGjtdG.o7sOA-~A&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 12:34:17 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-UYF4sf9E2uVUNTMOtAdWGjtdG.o7sOA-~A&gdpr=0
date
Mon, 11 Sep 2023 12:34:18 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
08ac9396-bbfc-52fe-9732-98e0f3cd91ab
csync.smilewanted.com/set_partner_userid_get/betweenx/ Frame 8FCC
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=45128&callback_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbetweenx%2F${USER_ID}
  • https://ads.betweendigital.com/match?bidder_id=45128&callback_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbetweenx%2F${USER_ID}&crf=1&rts=577376535648684461
  • https://csync.smilewanted.com/set_partner_userid_get/betweenx/08ac9396-bbfc-52fe-9732-98e0f3cd91ab
0
633 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/betweenx/08ac9396-bbfc-52fe-9732-98e0f3cd91ab
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
804ff1b75b929966-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 11 Sep 2023 12:34:19 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
location
https://csync.smilewanted.com/set_partner_userid_get/betweenx/08ac9396-bbfc-52fe-9732-98e0f3cd91ab
usersync
usersync.gumgum.com/ Frame 1A70
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&khaos=LMEV8M4R-1U-JSRL
  • https://usersync.gumgum.com/usersync?b=mag&i=LMEV8M4R-1U-JSRL
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=mag&i=LMEV8M4R-1U-JSRL
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 11 Sep 2023 12:34:18 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://usersync.gumgum.com/usersync?b=mag&i=LMEV8M4R-1U-JSRL
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
cc9654c54e9aa67bf2b10be1073297a8
Expires
0
5836908490248cbb9c1e0869632dc36e2e9f24108fe3974f95361aa2f40fe23b
csync.smilewanted.com/set_partner_userid_get/bizzclick/ Frame 5F7F
Redirect Chain
  • https://us.ck-ie.com/smwt256.gif?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbizzclick%2F%7B%24PARTNER_UID%7D
  • https://csync.smilewanted.com/set_partner_userid_get/bizzclick/5836908490248cbb9c1e0869632dc36e2e9f24108fe3974f95361aa2f40fe23b
0
704 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/bizzclick/5836908490248cbb9c1e0869632dc36e2e9f24108fe3974f95361aa2f40fe23b
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
804ff1b1cc979966-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 11 Sep 2023 12:34:18 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Date
Mon, 11 Sep 2023 12:34:18 GMT
Expires
0
Location
https://csync.smilewanted.com/set_partner_userid_get/bizzclick/5836908490248cbb9c1e0869632dc36e2e9f24108fe3974f95361aa2f40fe23b
Pragma
no-cache
Server
nginx
Transfer-Encoding
chunked
cs
cs-server-s2s.yellowblue.io/ Frame 5B61
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160295&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11576%26id%3D%23PMUID
  • https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=53BC0C8B-6C9E-42B6-8F3B-DFDEDFA20CB1
0
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=53BC0C8B-6C9E-42B6-8F3B-DFDEDFA20CB1
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
3.234.116.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-234-116-116.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 12:34:18 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

location
https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=53BC0C8B-6C9E-42B6-8F3B-DFDEDFA20CB1
date
Mon, 11 Sep 2023 12:34:16 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
115
content-type
text/html; charset=utf-8
v1
match.sharethrough.com/universal/ Frame 5B61 		0
34 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/universal/v1?supply_id=5926d422&gdpr=0&gdpr_consent=
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.77.247.132 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-77-247-132.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 12:34:18 GMT
cs
cs.yellowblue.io/ Frame 5B61
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=3663&gdpr=0&gdpr_consent=
  • https://cs.yellowblue.io/cs?aid=11601&id=8cf949d9eb42688341a39649a18acb0&gdpr_consent=&gdpr=0
0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.yellowblue.io/cs?aid=11601&id=8cf949d9eb42688341a39649a18acb0&gdpr_consent=&gdpr=0
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
52.213.151.23 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-213-151-23.eu-west-1.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 12:34:18 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

Pragma
no-cache
Date
Mon, 11 Sep 2023 12:34:18 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://cs.yellowblue.io/cs?aid=11601&id=8cf949d9eb42688341a39649a18acb0&gdpr_consent=&gdpr=0
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1694435658108081-332
Expires
Mon, 11 Sep 2023 12:34:18 GMT
sync
ads.servenobid.com/ Frame 5B61 		0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=352&uid=0EwB1YT-Cp_s
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.51.73.145 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-51-73-145.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 12:34:18 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
3967674464741924942
csync.smilewanted.com/set_partner_userid_get/adform/ Frame A0FA
Redirect Chain
  • https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fadform%2F%24UID
  • https://csync.smilewanted.com/set_partner_userid_get/adform/3967674464741924942
0
407 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/adform/3967674464741924942
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
804ff1b0cb879966-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 11 Sep 2023 12:34:18 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

content-length
0
content-type
text/plain
date
Mon, 11 Sep 2023 12:34:18 GMT
location
https://csync.smilewanted.com/set_partner_userid_get/adform/3967674464741924942
server
nginx
752eecf13974878c386c923ba072665d
csync.smilewanted.com/set_partner_userid_get/freewheel/ Frame 6939
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=3602&gdpr=0&gdpr_consent=
  • https://csync.smilewanted.com/set_partner_userid_get/freewheel/752eecf13974878c386c923ba072665d?gdpr_consent=&gdpr=0
0
388 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/freewheel/752eecf13974878c386c923ba072665d?gdpr_consent=&gdpr=0
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
804ff1b07b2b9966-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 11 Sep 2023 12:34:18 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
0
Date
Mon, 11 Sep 2023 12:34:18 GMT
Expires
Mon, 11 Sep 2023 12:34:18 GMT
Location
https://csync.smilewanted.com/set_partner_userid_get/freewheel/752eecf13974878c386c923ba072665d?gdpr_consent=&gdpr=0
Pragma
no-cache
Server
nginx
x-sticky-vk
1694435658206058-368
v1
match.sharethrough.com/universal/ Frame D6C2 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://match.sharethrough.com/universal/v1?supply_id=GmfSCHMu&gdpr=0&gdpr_consent=
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.77.247.132 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-77-247-132.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

date
Mon, 11 Sep 2023 12:34:18 GMT
ab1f81d4d83d79149d5ab8b30b479378eb02bf2689b0b5cec7ef8b9878eefcfb
csync.smilewanted.com/set_partner_userid_get/smartyads/ Frame 3215
Redirect Chain
  • https://us.ck-ie.com/smw888.gif?gdpr=0&gdpr_consent=&us_privacy={$USPrivacy}&coppa={$COPPA}&puid={$PARTNER_UID}
  • https://csync.smilewanted.com/set_partner_userid_get/smartyads/ab1f81d4d83d79149d5ab8b30b479378eb02bf2689b0b5cec7ef8b9878eefcfb
0
607 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/smartyads/ab1f81d4d83d79149d5ab8b30b479378eb02bf2689b0b5cec7ef8b9878eefcfb
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
804ff1b27e139966-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 11 Sep 2023 12:34:18 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Date
Mon, 11 Sep 2023 12:34:18 GMT
Expires
0
Location
https://csync.smilewanted.com/set_partner_userid_get/smartyads/ab1f81d4d83d79149d5ab8b30b479378eb02bf2689b0b5cec7ef8b9878eefcfb
Pragma
no-cache
Server
nginx
Transfer-Encoding
chunked
async_usersync
ib.adnxs.com/ Frame C4BD 		0
594 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 11 Sep 2023 12:34:18 GMT
an-x-request-uuid
7d85b92b-51c0-4ace-8e69-7957618a89b8
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
45.12.222.172; 45.12.222.172; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
track
t.teads.tv/ Frame AFFD 		23 B
134 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.teads.tv/track?action=progress-2&vid=dda1694e-37ca-4de0-b5a1-6d30c645324e&gid=1028799&studio_cid=7dd732d0-458b-11ee-b8ab-e36d8956f1ce&piv=76&ut=1&hb_provider=prebid&psid=415253&auctid=6cb247c3-d4af-47d8-af5b-93402999ab0f_50b45b42-c1ea-4c9e-9f86-d8579626f5b9&pscid=20204&scid=7024&pfid=72&sid=174681&env=js-web&hb_ad_unit_code=ADP_42753_728X250_77a9c22f-ac02-45dd-96bc-b0896a8a7d5a&cts=1694435655693&cid=1101362&pid=169092&p=dEpsYlowIa8k4C3PbOQsxYly8jnK4O0kWsG0eavdHrkXhuyqyu8AAbHHaXRD5y2NLHDEl2HnvVRlD3Hq-pafGtNdsRP0gxK19rFr5PwE_mNfzVXNKONVbAx6G2ySJF9B4DPin27p1GhtENwXH7Cpi09AtOMuSNXPXlEiiv5S3TXRDErgSOTIk4gVxBiefuFSl2FnTBe2JzE6BkmDScdXFr5oGFSQpN5a5lobfIvH1BnLArX8VF9kgJUS0mkQqCMqU4vwh6fBSWUexcPuy7K9D5XF9E4-TJGrH5qoZErh6eRB6GKW147jlCm_152k2HEXIS_PzM3nxRjkHzN_uvS7Yyx4Et6kEukga5Xav3MHta4hcg&cs=722961473425831774205&slot=native&fv=1247&plft=apa,apnf&referer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxie-yan-fu-bing-shi-qi-kong-su-yi-shi-yao-tui-xiu-bi-zhuan-zhen.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.161.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-161-51.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Sat, 26 Jul 1997 05:00:00 GMT
date
Mon, 11 Sep 2023 12:34:19 GMT
cache-control
max-age=0, no-cache, no-store
content-length
23
content-type
image/gif
track
t.teads.tv/ Frame AFFD 		23 B
134 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.teads.tv/track?action=progress-3&vid=dda1694e-37ca-4de0-b5a1-6d30c645324e&gid=1028799&studio_cid=7dd732d0-458b-11ee-b8ab-e36d8956f1ce&piv=76&ut=1&hb_provider=prebid&psid=415253&auctid=6cb247c3-d4af-47d8-af5b-93402999ab0f_50b45b42-c1ea-4c9e-9f86-d8579626f5b9&pscid=20204&scid=7024&pfid=72&sid=174681&env=js-web&hb_ad_unit_code=ADP_42753_728X250_77a9c22f-ac02-45dd-96bc-b0896a8a7d5a&cts=1694435655693&cid=1101362&pid=169092&p=4fl5J9lYKEZbB367rRSCfIDfxDNh9_GUtCSHkaNDJpO3p0PI-O8zewA6PQ3bblTLEWpye93UjnYQu1S6kRKKEKfKDLC-DwdEro18GXYS-LTJKiryG9kkdW-bf1NHJ15VaLQFQ0I2ABf2NewfBrp2oKsBO4yGXL0Jg93OLt58pOOe_dZnd54Q6vGMzpm76UaQYQC7yWrAz3BZ38R-vXeeycIhutWEp81XiI7UaOYS8myq82GBiOKvi8OH2DLgA5AMAAhIVWePom4UrdaZ_9mf9yN_igs_GdWQ7YuCzvaS6rwXdrYFKiB-LF_hNBc5wSwUQIEDV1LsOu4K6I8bJGIRXG5PepGaB7D7xTUxDwQjUlLHpw&cs=45199016105815293105&slot=native&fv=1247&plft=apa,apnf&referer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxie-yan-fu-bing-shi-qi-kong-su-yi-shi-yao-tui-xiu-bi-zhuan-zhen.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.161.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-161-51.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Sat, 26 Jul 1997 05:00:00 GMT
date
Mon, 11 Sep 2023 12:34:20 GMT
cache-control
max-age=0, no-cache, no-store
content-length
23
content-type
image/gif
SPug
simage4.pubmatic.com/AdServer/ Frame EAFE 		0
260 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=162412&gdpr=0&gdpr_consent=&us_privacy=1YN-
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.20 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 12:34:19 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
jAcd8JK4PxyYuTjIiRH2O9NUmkuGZRMlTca1PY21xPhUv2LnhqoVfIzEzL%2FynD3cNIywxnlHZ0Ot6hg1MSxyNjcUO7WwqBSvKt%2Fxuzt6dr1QFtUBcC0QFZ4BMWzp87SdqZDfBC1iwvcOIDE5UfK4%2BpfOqhHnTNzsztxFUnmnN94O8q5rqgPaVhcm%2Bmvf3...
ad.vidverto.io/delivery/v2/content/tracking/progress/1811/ 		50 B
50 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.vidverto.io/delivery/v2/content/tracking/progress/1811/jAcd8JK4PxyYuTjIiRH2O9NUmkuGZRMlTca1PY21xPhUv2LnhqoVfIzEzL%2FynD3cNIywxnlHZ0Ot6hg1MSxyNjcUO7WwqBSvKt%2Fxuzt6dr1QFtUBcC0QFZ4BMWzp87SdqZDfBC1iwvcOIDE5UfK4%2BpfOqhHnTNzsztxFUnmnN94O8q5rqgPaVhcm%2Bmvf3efsa4Qa%2FVGPAhyF%2BxGMypTsww%3D%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
175.110.113.216 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
175-110-113-216.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 12:34:20 GMT
content-encoding
gzip
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/plain; charset=utf-8
collect
region1.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-Z0TZ7TDHS1&gtm=45je3960&_p=1819538051&cid=1931317642.1694435653&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ngs=1&_s=2&sid=1694435655&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxie-yan-fu-bing-shi-qi-kong-su-yi-shi-yao-tui-xiu-bi-zhuan-zhen.html&dt=%E8%A1%80%E7%99%8C%E5%A4%AB%E7%97%85%E9%80%9D%E3%80%80%E5%A6%BB%E6%8E%A7%E8%A8%B4%E9%86%AB%E5%B8%AB%E8%A6%81%E9%80%80%E4%BC%91%E9%80%BC%E8%BD%89%E8%A8%BA%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&en=link_preview&_ee=1&epn.value=1&epn.siteid=42753&ep.error_msg=no_mapping_failed&_et=5
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 11 Sep 2023 12:34:20 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
visible
trc.taboola.com/palmate-bg3co/log/3/ 		0
365 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/palmate-bg3co/log/3/visible?tvi48=11593&tvi50=11906&route=AM%3AIL%3AV&lti=deflated
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230910-15-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
62
date
Mon, 11 Sep 2023 12:34:20 GMT
via
1.1 varnish
x-fastly-to-nlb-rtt
59892
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-fra-eddf8230134-FRA
pragma
no-cache
server
nginx
x-timer
S1694435661.711791,VS0,VE62
content-type
image/gif
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
PugMaster
image6.pubmatic.com/AdServer/ Frame EAFE 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=93424792&p=162412&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1YN-
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
15340b82f698f3c468515a97dbbe8a4004a9edafa4c29408919b809d8d0b48fe

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Mon, 11 Sep 2023 12:34:20 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
match
c1.adform.net/serving/cookie/ Frame F4D3 		35 B
600 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?party=14&cid=53BC0C8B-6C9E-42B6-8F3B-DFDEDFA20CB1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.84 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Mon, 11 Sep 2023 12:34:21 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame 6DFC
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5233787502523251788&gdpr=0&gdpr_consent=
42 B
297 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5233787502523251788&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 11 Sep 2023 12:34:21 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
access-control-allow-origin
*
an-x-request-uuid
5fd511a0-0b76-44c2-841c-4e5b6e3488bf
cache-control
no-store, no-cache, private
content-length
0
content-type
text/html; charset=utf-8
date
Mon, 11 Sep 2023 12:34:21 GMT
expires
Sat, 15 Nov 2008 16:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5233787502523251788&gdpr=0&gdpr_consent=
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma
no-cache
server
nginx/1.21.3
x-proxy-origin
45.12.222.172; 45.12.222.172; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
x-xss-protection
0
Pug
simage2.pubmatic.com/AdServer/ Frame 72A9
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=c_nnShwtVAh8MbEa5ZaC-C0M3qw&gdpr=0&gdpr_consent=
42 B
376 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=c_nnShwtVAh8MbEa5ZaC-C0M3qw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 11 Sep 2023 12:34:20 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
188
Content-Type
text/html; charset=utf-8
Date
Mon, 11 Sep 2023 12:34:21 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=c_nnShwtVAh8MbEa5ZaC-C0M3qw&gdpr=0&gdpr_consent=
Pug
simage2.pubmatic.com/AdServer/ Frame D8A6
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7277545749176252559&gdpr=0&gdpr_consent=
42 B
219 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7277545749176252559&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 11 Sep 2023 12:34:21 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Date
Mon, 11 Sep 2023 12:34:21 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7277545749176252559&gdpr=0&gdpr_consent=
Server
nginx
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
bridge
cm.adgrx.com/ Frame 53FC 		43 B
281 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.251.232.170 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
ams-mon-1.sys.adgear.com
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
content-length
43
content-type
image/gif
date
Mon, 11 Sep 2023 12:34:21 GMT
expires
Thu, 23 Sep 2004 17:42:04 GMT
p3p
CP="NOI OTC OTP OUR NOR"
pragma
no-cache
server
Cowboy
x-realserver-nx
ams-delivery-2
b9pj45k4
sync-tm.everesttech.net/upi/pid/ Frame 7514 		85 B
251 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
85
content-type
image/png
date
Mon, 11 Sep 2023 12:34:21 GMT
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-fra-eddf8230112-FRA
x-timer
S1694435661.100633,VS0,VE100
Pug
simage2.pubmatic.com/AdServer/ Frame 3DEC
Redirect Chain
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
0
93 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Mon, 11 Sep 2023 12:34:21 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
date
Mon, 11 Sep 2023 12:34:21 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
server
_
Pug
image2.pubmatic.com/AdServer/ Frame 9B4E
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFFRmpVN0pfaE1BQUNXY1prVnFMZw&gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_syn...
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://bh.contextweb.com/bh/rtset?ev=AAEFjU7J_hMAACWcZkVqLg&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsas%252Cpm%26bee_sync_current_par...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=sas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AAEFjU7J_hMAACWcZkVqLg&pid=558502&do=add&gdpr=0
  • https://rtb-csync.smartadserver.com/redir?partneruserid=AAEFjU7J_hMAACWcZkVqLg&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr%3D0%26bee_sync_partners%3Dpm%2...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&gdpr=0&bee_sync_partners=pm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=6626216922757665288&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAEFjU7J_hMAACWcZkVqLg&gdpr=0&gdpr_consent=
42 B
279 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAEFjU7J_hMAACWcZkVqLg&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 11 Sep 2023 12:34:19 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
0
Date
Mon, 11 Sep 2023 12:34:21 GMT
Server
gunicorn
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAEFjU7J_hMAACWcZkVqLg&gdpr=0&gdpr_consent=
strict-transport-security
max-age=2592000; includeSubDomains
Pug
image2.pubmatic.com/AdServer/ Frame 369E
Redirect Chain
  • https://t.adx.opera.com/pub/sync?pubid=pub8730968190912
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU75d3fb94fc184e0e8f41c19f04ab1166
42 B
358 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU75d3fb94fc184e0e8f41c19f04ab1166
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 11 Sep 2023 12:34:20 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
access-control-allow-methods
POST, GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
content-length
166
content-type
text/html; charset=utf-8
date
Mon, 11 Sep 2023 12:34:21 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU75d3fb94fc184e0e8f41c19f04ab1166
pragma
no-cache
server
nginx
Pug
simage2.pubmatic.com/AdServer/ Frame 9ED1
Redirect Chain
  • https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent=
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw%26piggybackCookie%3D%23PM_USER_ID%26gdpr...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=53BC0C8B-6C9E-42B6-8F3B-DFDEDFA20CB1&gdpr=0&gdpr_consent=
42 B
251 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=53BC0C8B-6C9E-42B6-8F3B-DFDEDFA20CB1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 11 Sep 2023 12:34:21 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
content-type
text/html; charset=UTF-8
date
Mon, 11 Sep 2023 12:34:19 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=53BC0C8B-6C9E-42B6-8F3B-DFDEDFA20CB1&gdpr=0&gdpr_consent=
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
sync
ads.servenobid.com/ Frame C9C1 		0
358 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/sync?pid=316&uid=53BC0C8B-6C9E-42B6-8F3B-DFDEDFA20CB1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.51.73.145 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-51-73-145.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
amp-access-control-allow-source-origin
*
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
content-length
0
content-type
text/html;charset=ISO-8859-1
date
Mon, 11 Sep 2023 12:34:21 GMT
mw
mwzeom.zeotap.com/ Frame EAFE 		95 B
438 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=53BC0C8B-6C9E-42B6-8F3B-DFDEDFA20CB1
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 12:34:21 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
804ff1c2380c03b0-FRA
access-control-allow-headers
*
content-length
95
info2
uipglob.semasio.net/pubmatic/1/ Frame EAFE
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=53BC0C8B-6C9E-42B6-8F3B-DFDEDFA20CB1&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=53BC0C8B-6C9E-42B6-8F3B-DFDEDFA20CB1&sInitiator=external&gdpr=0&gdpr_consent=
42 B
604 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=53BC0C8B-6C9E-42B6-8F3B-DFDEDFA20CB1&sInitiator=external&gdpr=0&gdpr_consent=
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Server
77.243.51.122 , Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 11 Sep 2023 12:34:33 GMT
frontend-id
12
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
content-type
image/gif
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin
*
content-length
42
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 11 Sep 2023 12:34:33 GMT
frontend-id
0
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
location
/pubmatic/1/info2?sType=sync&sExtCookieId=53BC0C8B-6C9E-42B6-8F3B-DFDEDFA20CB1&sInitiator=external&gdpr=0&gdpr_consent=
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin
*
content-length
0
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT
mw
mwzeom.zeotap.com/ Frame EAFE
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=53BC0C8B-6C9E-42B6-8F3B-DFDEDFA20CB1&gdpr=0&gdpr_consent=
  • https://spl.zeotap.com/?zdid=1332&zcluid=ec949265eef87fdc
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=62de7bc1-0a00-4bcd-419e-a899a2e0b775&reqId=4440f7a6-0c07-4a58-5e92-4654027c71e7&zclui...
  • https://mwzeom.zeotap.com/mw?google_gid=CAESEAqV2I73ouwVfisZnt7Xe5U&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=62de7bc1-0a00-4bcd-419e-a899a2e0b775&reqId=4440f7a6-0c07-4a58-5e92-465...
95 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?google_gid=CAESEAqV2I73ouwVfisZnt7Xe5U&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=62de7bc1-0a00-4bcd-419e-a899a2e0b775&reqId=4440f7a6-0c07-4a58-5e92-4654027c71e7&zcluid=ec949265eef87fdc&zdid=1332
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 12:34:21 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
804ff1c3197503b0-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Mon, 11 Sep 2023 12:34:21 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://mwzeom.zeotap.com/mw?google_gid=CAESEAqV2I73ouwVfisZnt7Xe5U&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=62de7bc1-0a00-4bcd-419e-a899a2e0b775&reqId=4440f7a6-0c07-4a58-5e92-4654027c71e7&zcluid=ec949265eef87fdc&zdid=1332
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
469
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmaticmatch
match.adsby.bidtheatre.com/ Frame EAFE 		0
0
PugMaster
image6.pubmatic.com/AdServer/ Frame 9AB5 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=11960618&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
4cc2cdf175e8d4af60917a984f30c313a32ffe85a9162d6529504af7eff23410

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Mon, 11 Sep 2023 12:34:21 GMT
content-length
1768
content-type
text/html; charset=UTF-8
Pug
image2.pubmatic.com/AdServer/ Frame 0AAA
Redirect Chain
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5144588526324084040
42 B
274 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5144588526324084040
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 11 Sep 2023 12:34:20 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Content-Length
0
Date
Mon, 11 Sep 2023 12:34:21 GMT
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5144588526324084040
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server
Jetty(9.4.51.v20230217)
cm
ipac.ctnsnet.com/int/ Frame A8CF 		43 B
369 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.193.173 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
173.193.186.35.bc.googleusercontent.com
Software
Apache-Coyote/1.1 /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
43
content-type
image/gif
date
Mon, 11 Sep 2023 12:34:21 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
CP="NOI DSP COR NID CUR OUR NOR"
pragma
no-cache
server
Apache-Coyote/1.1
via
1.1 google
Pug
image2.pubmatic.com/AdServer/ Frame 67A5
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=557907400668329831
42 B
273 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=557907400668329831
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 11 Sep 2023 12:34:21 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=557907400668329831
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
cookiesync
core.iprom.net/ Frame 4BAA 		43 B
279 B 		Document
General
Check archive.org
Download Go to
Full URL
https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Connection
close
Content-Length
43
Content-Type
image/gif
Date
Mon, 11 Sep 2023 12:34:21 GMT
Vary
Accept-Encoding
X-adserver-worker
erebus-6b468a76b43e@version_1.569v3
X-core-time
1ms
X-server-arch
v2
Pug
image2.pubmatic.com/AdServer/ Frame 3EB2
Redirect Chain
  • https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent=
  • https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25...
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=ec949265eef87fdc/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%...
  • https://pixel-eu.onaudience.com/?partner=104&icm&cver&mapped=a689fc08d5b338ae9beabc1d75779a03&gdpr=0&redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4OD...
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=kODCF8PznjRWRXUVnnMSTMQj&gdpr=0&gdpr_consent=
42 B
282 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=kODCF8PznjRWRXUVnnMSTMQj&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 11 Sep 2023 12:34:20 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=kODCF8PznjRWRXUVnnMSTMQj&gdpr=0&gdpr_consent=
Pug
image2.pubmatic.com/AdServer/ Frame E44D
Redirect Chain
  • https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=o28wl4nm9rjs
42 B
229 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=o28wl4nm9rjs
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 11 Sep 2023 12:34:21 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-encoding
utf-8
cache-control
no-cache, no-store
content-length
0
date
Mon, 11 Sep 2023 12:34:21 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=o28wl4nm9rjs
lws
123
strict-transport-security
max-age=31536000; includeSubDomains
time-ms
0
i.match
a.tribalfusion.com/ Frame 4237 		43 B
478 B 		Document
General
Check archive.org
Download Go to
Full URL
https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
804ff1c23d985272-MXP
content-length
43
content-type
image/gif; charset=utf-8
date
Mon, 11 Sep 2023 12:34:21 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
302
pub
matching.truffle.bid/sync/ Frame A9BD 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.88.86.2 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.2.86.88.23.clients.your-server.de
Software
nginx/1.23.1 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Connection
keep-alive
Date
Mon, 11 Sep 2023 12:34:21 GMT
Server
nginx/1.23.1
Strict-Transport-Security
max-age=15768000
Pug
simage2.pubmatic.com/AdServer/ Frame 891B
Redirect Chain
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:50BD6F1CB66849598C0773C882236912&gdpr=0&gdpr_consent=
1 B
53 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:50BD6F1CB66849598C0773C882236912&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Mon, 11 Sep 2023 12:34:21 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
content-length
142
content-type
text/html
date
Mon, 11 Sep 2023 12:34:21 GMT
expires
Sun, 10 Sep 2023 12:34:21 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:50BD6F1CB66849598C0773C882236912&gdpr=0&gdpr_consent=
server
openresty
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
usersync
usersync.gumgum.com/ Frame 9CD9 		35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=pbm&i=53BC0C8B-6C9E-42B6-8F3B-DFDEDFA20CB1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Mon, 11 Sep 2023 12:34:21 GMT
Expires
0
Pragma
no-cache
Pug
simage2.pubmatic.com/AdServer/ Frame 9AB5
Redirect Chain
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=5233787502523251788
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=5233787502523251788
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Mon, 11 Sep 2023 12:34:21 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 11 Sep 2023 12:34:21 GMT
an-x-request-uuid
c0af4c14-fbf4-45b1-98c5-374cc3d12968
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=5233787502523251788
x-proxy-origin
45.12.222.172; 45.12.222.172; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
track
t.teads.tv/ Frame AFFD 		23 B
134 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.teads.tv/track?action=progress-4&vid=dda1694e-37ca-4de0-b5a1-6d30c645324e&gid=1028799&studio_cid=7dd732d0-458b-11ee-b8ab-e36d8956f1ce&piv=76&ut=1&hb_provider=prebid&psid=415253&auctid=6cb247c3-d4af-47d8-af5b-93402999ab0f_50b45b42-c1ea-4c9e-9f86-d8579626f5b9&pscid=20204&scid=7024&pfid=72&sid=174681&env=js-web&hb_ad_unit_code=ADP_42753_728X250_77a9c22f-ac02-45dd-96bc-b0896a8a7d5a&cts=1694435655693&cid=1101362&pid=169092&p=gQ2a3KqrFS1wM0AdDyNQcF2YUHdiPUfllt4KGwDrKPouEeRv5xFnadYHqD1WYfHRhEGhyZjCIJZq4hLeF9QqyH1afTlbT8MpaUheRlHCm_2hg-s4R1GT8n1Stq8nzQX4iFdGdeFwhMshIYg7JbG6SmmrLGD0hx8J_1gHo_noSz9t8VUFvqgTBwW-bsg65ofj-Pr4Jmq96RxZhyrTj4-vu1LWoi0uBazYf9grXUFLsHpL4TkaTUQ3OGF3Z5ICqpppMWmK-VsthVE5FEt7p0iFp9WLnFZwMW06fA9OUT0fkSj_IZMcwFs7SAaAtHsrICiqEHuYIWq_TXfCh7y8nSG_e_GJLMLqYmZ3R241Qchi5XL7bg&cs=376947744806178963105&slot=native&fv=1247&plft=apa,apnf&referer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxie-yan-fu-bing-shi-qi-kong-su-yi-shi-yao-tui-xiu-bi-zhuan-zhen.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.161.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-161-51.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Sat, 26 Jul 1997 05:00:00 GMT
date
Mon, 11 Sep 2023 12:34:21 GMT
cache-control
max-age=0, no-cache, no-store
content-length
23
content-type
image/gif
track
t.teads.tv/ Frame AFFD 		23 B
134 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.teads.tv/track?action=progress-5&vid=dda1694e-37ca-4de0-b5a1-6d30c645324e&gid=1028799&studio_cid=7dd732d0-458b-11ee-b8ab-e36d8956f1ce&piv=76&ut=1&hb_provider=prebid&psid=415253&auctid=6cb247c3-d4af-47d8-af5b-93402999ab0f_50b45b42-c1ea-4c9e-9f86-d8579626f5b9&pscid=20204&scid=7024&pfid=72&sid=174681&env=js-web&hb_ad_unit_code=ADP_42753_728X250_77a9c22f-ac02-45dd-96bc-b0896a8a7d5a&cts=1694435655694&cid=1101362&pid=169092&p=v9Ds7lVPe1gzFzQV--iizjdhPbSZaHS2KwhbuMf4frh0chBtdThiWT6UycnyYbsRFYpWEf3O8JeqmjQLOYt9Bgfwkr7CMs9BzzvjaCysDCb2h3n8WZVcQn7_CpZl4oiqvcpnUPlQ8fWqhTKVaguietaMYx-uKcj62EWKR1-aWM3uImHS7M6hLhT5rWMGPbIqZFXeQsvrSck6JhYINIjsTBbYE0uEk6bm-IToaNEI-Wc78_uGDNPgTq2je6rdyYsgQZTU7BpM8uTNv3AplbJGdzfiNUCBP8P43ak__fLAPfwgwcdYQG14Axnn2xL6RDViDPv-rI6CgZtEjqPbnjD2PNbr25LIb78nW2eRvW4SiTmGlQ&cs=-580276617378232337105&slot=native&fv=1247&plft=apa,apnf&referer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxie-yan-fu-bing-shi-qi-kong-su-yi-shi-yao-tui-xiu-bi-zhuan-zhen.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.161.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-161-51.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Sat, 26 Jul 1997 05:00:00 GMT
date
Mon, 11 Sep 2023 12:34:22 GMT
cache-control
max-age=0, no-cache, no-store
content-length
23
content-type
image/gif
track
t.teads.tv/ Frame AFFD 		23 B
134 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.teads.tv/track?action=firstQuartile&vid=dda1694e-37ca-4de0-b5a1-6d30c645324e&gid=1028799&studio_cid=7dd732d0-458b-11ee-b8ab-e36d8956f1ce&piv=76&ut=1&hb_provider=prebid&psid=415253&auctid=6cb247c3-d4af-47d8-af5b-93402999ab0f_50b45b42-c1ea-4c9e-9f86-d8579626f5b9&pscid=20204&scid=7024&pfid=72&cph=00:00:05.014&sid=174681&env=js-web&hb_ad_unit_code=ADP_42753_728X250_77a9c22f-ac02-45dd-96bc-b0896a8a7d5a&cts=1694435655695&cid=1101362&pid=169092&p=Qe1vFYcCzVywQlBtNOZ34MuaWl5EpRJuULDN_R0nuez8y3ij97421dXzzK_zYCD9HSIu6jxf2wShol0XWkD0CLyM3OtwHQQDVZGBVjrhTStNVn1AIFNEhFXv1_ITMmrrruW0tkXjwROKk0Z2tHv4159oBRML3b6ChB9UKbkwnyCX35IkTx5diI_gZ5wgwOLTEnuouVxijZQsAYKFKHfZivSoKa6fYrsZh4H79C2biLa4n_tbEFaprwzUgNMk8lj8A7IZz1SpfmwV_0YLAEpKd4F5ww2fsRcyod-Ru0CyLE3TrZF4SxBkBAILZG-mcui2jrR4_ojOIhe3zqS9Z9PYDgtTgzUnyKkLJ5C-Bux6CIcjGQ&cs=307313402971000385605&slot=native&fv=1247&plft=apa,apnf&referer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxie-yan-fu-bing-shi-qi-kong-su-yi-shi-yao-tui-xiu-bi-zhuan-zhen.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.161.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-161-51.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Sat, 26 Jul 1997 05:00:00 GMT
date
Mon, 11 Sep 2023 12:34:22 GMT
cache-control
max-age=0, no-cache, no-store
content-length
23
content-type
image/gif
ads
googleads.g.doubleclick.net/pagead/ Frame 3CAF 		603 B
65 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=1600x250&w=1600&h=250&ptt=12&adk=2733026255&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-2613695223671390398&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=470780615&nhd=0&adx=0&ady=3921&oid=2&is_amp=5&amp_v=2308242321000&d_imp=1&c=4007446&ga_hid=1819538051&dt=1694435654264&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=120&u_his=3&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxie-yan-fu-bing-shi-qi-kong-su-yi-shi-yao-tui-xiu-bi-zhuan-zhen.html&bdt=1660&dtd=53&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012308242321000/v0/amp-ad-0.1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 11 Sep 2023 12:34:22 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
track
t.teads.tv/ Frame AFFD 		23 B
134 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.teads.tv/track?action=progress-6&vid=dda1694e-37ca-4de0-b5a1-6d30c645324e&gid=1028799&studio_cid=7dd732d0-458b-11ee-b8ab-e36d8956f1ce&piv=76&ut=1&hb_provider=prebid&psid=415253&auctid=6cb247c3-d4af-47d8-af5b-93402999ab0f_50b45b42-c1ea-4c9e-9f86-d8579626f5b9&pscid=20204&scid=7024&pfid=72&sid=174681&env=js-web&hb_ad_unit_code=ADP_42753_728X250_77a9c22f-ac02-45dd-96bc-b0896a8a7d5a&cts=1694435655694&cid=1101362&pid=169092&p=VHyPatE0EEwB1s_VqwuszDs6AYtLMGEqtG5XQ_ZqQgyWVn2r9actoGSuYM8ggPEQrxu54aqgFT5iiykr-xsatOPfjC95r2i-E4Ek6tWUUtHPrv7xHfZioz0jKsZt3O2RIp9culGyB4yAXecTep7hi-pWneLY4-jY3IMR9AnPWOt4onlN762vUjfc0SuHeBbtAmMGpKc8YnnivdaGUlcEXJDSrWrD1g_KskCgGkCqWk7BmIRKJZq3dgBduSwHHFPok8QZf4-dWMK7NJ177MepQN39PuNckhU-jjB5dyo5ZwBdhDsnqbWhQ1CKIu8d7GN3OzKxe2yCiAJBlzhXQSsLO3yVh6m0IF08HjBP55JSm_8J3A&cs=60466948518543205705&slot=native&fv=1247&plft=apa,apnf&referer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxie-yan-fu-bing-shi-qi-kong-su-yi-shi-yao-tui-xiu-bi-zhuan-zhen.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.161.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-161-51.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Sat, 26 Jul 1997 05:00:00 GMT
date
Mon, 11 Sep 2023 12:34:23 GMT
cache-control
max-age=0, no-cache, no-store
content-length
23
content-type
image/gif
SPug
simage4.pubmatic.com/AdServer/ Frame EAFE 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=162412&gdpr=0&gdpr_consent=&us_privacy=1YN-
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.20 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 12:34:22 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
SPug
simage4.pubmatic.com/AdServer/ Frame 9AB5 		0
48 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.20 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 12:34:22 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/d0d50f2eef588c4b9a433f26592537f2.jpg
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/1add04a6fe476698cd73325251b15f1e.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202107/f69c8bfe947b1bc3984872f5c92016b7.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/2a7161d2f157c7a8ec00d078b00b1d89.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/0536e31da02df323003e02f68b69bfe7.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/d78d08ed78dfb3d8bc7ee7433bb5fa9d.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/8394544561144e0503acd2d50a4b0931.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/88f470df1c544a47fa7d12d30ab7d883.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/4a314cb55d2d5974176462a38409bb28.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202109/12d9663745c4581d70256aaabb2268e6.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/2220e2c3ede1d25530f042fd31a6f726.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/21b2dd4831e86c96fdc3bd9e72b962b4.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/9a7d61c717966dc5601e5d5e77d53693.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202309/5931caa0994aae64008d8f18ad864d71.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/7937c34a45aa6905c07e45a6c1d917ac.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/4b8828759f8f622bd604225092ff65d4.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202106/ef5ab6562b0a05e563f9c64dc511050a.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/8025df046afa88b34db69816e27377e0.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/b6a233fb1069223c040fd5946ca18bf3.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202106/ec7df35cbdd3110c95d48e18cc80a375.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/aff4ed067fc9d4a6b0c925b4148644ff.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202106/535ee60ad8d855408997af3c7ee3b89c.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/5e6c68a457e7945f6603ac5ebb31381c.jpg?w=150&h=100&q=100
Domain
sync.adotmob.com
URL
https://sync.adotmob.com/cookie/indexexchange?gdpr=&gdpr_consent=&r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7Bamob_user_id%7D%26expiration%3D%5BEXPIRATION%5D&gpp=&gpp_sid=
Domain
match.adsby.bidtheatre.com
URL
https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=

Verdicts & Comments Add Verdict or Comment

177 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| 25 object| 26 object| 27 object| 28 object| 29 object| 30 object| 31 object| 32 object| 33 object| documentPictureInPicture object| _taboola number| sc_project number| sc_invisible string| sc_security object| adpushup object| ucfad_async object| googletag function| _statcounter object| TRC function| _typeof object| _tblConsole undefined| msg object| AMP object| AMP_CONFIG object| AMP_EXP object| __AMP_LOG function| HTMLElementOrig object| __AMP_ERRORS object| __AMP_MODE function| __AMP_REPORT_ERROR object| __AMP_TOP object| __AMP_SERVICES object| __AMP_URL_CACHE object| __AMP__EXPERIMENT_TOGGLES boolean| __AMP_TAG object| __AMP_EXTENDED_ELEMENTS function| __AMP_BASE_CE_CLASS object| adRecover object| ggeac object| google_tag_data object| google_js_reporting_queue function| setImmediate function| clearImmediate function| __trcCopyProps function| __trcFromError function| __trcClientTimestamp function| __trcLog function| __trcError function| __trcDebug function| __trcInfo function| __trcWarn function| __trcWarnUsingBeacon function| __trcDOMWalker function| __trcJSONify function| __trcUnJSONify function| __trcTrim function| __trcGetElementsByClass function| __trcToArray function| __trcObjectCreate function| PageManager function| addHashParam number| trc_debug_level string| trc_article_id object| TRCImpl number| taboola_view_id undefined| google_measure_js_timing number| google_unique_id object| gaGlobal number| ampAdSlotIdCounter undefined| $ undefined| jQuery function| jqAlias function| runAnimCheck string| currentState object| adpGlobals object| _apPbJs object| hbAnalytics object| adpTags object| aries object| google_reactive_ads_global_state string| nam object| placementData object| ucf object| request object| _qevents object| __AMP_EXPERIMENT_BRANCHES string| __AMP_DEFAULT_BOOTSTRAP_SUBDOMAIN string| paramsString object| _apPbJsChunk object| mnet string| nobidVersion object| nobid object| ap_link_preview_states object| apLinkPreviewUtils object| apEuCountries number| ampAdGoogleIfiCounter object| Criteo number| vidverto object| regeneratorRuntime object| aries_registry number| ampAdPageCorrelator number| _cm_wfCounter object| cmTag function| quantserve function| __qc object| ezt object| _qoptions function| IMA function| VidvertoPlayer function| inView function| VASTClient object| vpbjsChunk object| vpbjs object| _google_rum_ns_ object| google_persistent_state_async number| google_global_correlator function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList number| google_srt object| google object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$companion_ad_selection_settings object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ads_rendering_settings object| ima object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error_event object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_event object| module$contents$ima$AdsManagerLoadedEvent_AdsManagerLoadedEvent object| goog object| _aries object| inViewWindow object| vidvertoPromiseCache object| closure_lm_680354 function| VidvertoPlayerVideoPlaylistUI object| closure_lm_762013 boolean| noPreviewPage object| closure_lm_842579 object| google_ad_modifications object| google_prev_clients object| dataLayer function| gtag object| listeningFors number| 3pla object| google_tag_manager function| onYouTubeIframeAPIReady object| criteo_syncframe_state object| criteo_pubtag object| criteo_pubtag_prebid_135 object| Criteo_prebid_135 object| GoogleGcLKhOms object| google_image_requests

188 Cookies

Domain/Path Name / Value
.bg3.co/ Name: sc_is_visitor_unique
Value: rx12918656.1694435653.ECD9D7C3DC214F0AD63A802E6007B2B4.1.1.1.1.1.1.1.1.1
.statcounter.com/ Name: is_unique
Value: sc12918656.1694435652.0
.statcounter.com/ Name: is_visitor_unique
Value: 1694435652285908881
www.bg3.co/ Name: __AP_SESSION__
Value: 5a31ad09-e298-4dc6-8c63-43e21b23df28
.bg3.co/ Name: __gpi
Value: UID=00000c71d2ea5162:T=1694435653:RT=1694435653:S=ALNI_MYT6Vh6T4H89y6jhRrUY6HZHhIwDg
www.bg3.co/ Name: trc_cookie_storage
Value: taboola%2520global%253Auser-id%3D11b8c136-8c59-435c-b09d-036f962df0f5-tuctbf88ec5
www.bg3.co/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.bg3.co/ Name: _pubcid
Value: a2d2d63e-0c15-4ae6-bcfc-093d094a8f63
.doubleclick.net/ Name: IDE
Value: AHWqTUmSZ2Xklskb9y68hkp3oIbc9M516GsIGqOtKxB5mIYxkSwo7J2cMt-p1a1wDV8
ad.vidverto.io/ Name: moxuuid
Value: 750e6d7a-a347-4c62-ad15-f9ef4ad23f9b
ad.vidverto.io/ Name: _mwayss_zone_imp[9799][count]
Value: 0
ad.vidverto.io/ Name: _mwayss_zone_imp[9799][frequencyPeriodEnd]
Value: 1694522053
ad.vidverto.io/ Name: _mwayss_imp[23239][count]
Value: 0
ad.vidverto.io/ Name: _mwayss_imp[23239][frequencyPeriodEnd]
Value: 1694522053
ad.vidverto.io/ Name: _mwayss_camp_imp[10384][count]
Value: 0
ad.vidverto.io/ Name: _mwayss_camp_imp[10384][frequencyPeriodEnd]
Value: 1694522053
.prebid.a-mo.net/ Name: __amc
Value: 1_1694435653_1694435653
.adnxs.com/ Name: icu
Value: ChgIm_VtEAoYASABKAEwxZL8pwY4AUABSAEQxZL8pwYYAA..
.adnxs.com/ Name: uuid2
Value: 5233787502523251788
.rubiconproject.com/ Name: khaos
Value: LMEV8M4R-1U-JSRL
a4p.adpartner.pro/ Name: apuid
Value: 732bb4d7-e2e1-469f-bb8e-7794a3d024ed
.aralego.com/ Name: sspid
Value: a8e44f0a-5198-33c7-8fd9-6f3707dae864
.teads.tv/ Name: tt_viewer
Value: dda1694e-37ca-4de0-b5a1-6d30c645324e
.bidswitch.net/ Name: tuuid
Value: 41d2615c-4204-49d0-87f5-f4cd3d0e3ac4
.bidswitch.net/ Name: c
Value: 1694435654
.bidswitch.net/ Name: tuuid_lu
Value: 1694435654
ad.vidverto.io/ Name: adpartner
Value: 750e6d7a-a347-4c62-ad15-f9ef4ad23f9b
.quantserve.com/ Name: mc
Value: 64ff0946-2371f-44566-2740b
.bg3.co/ Name: __qca
Value: P0-1714281035-1694435653873
ad.vidver.to/ Name: bidswitch_com
Value: 41d2615c-4204-49d0-87f5-f4cd3d0e3ac4
.adform.net/ Name: C
Value: 1
.yahoo.com/ Name: A3
Value: d=AQABBEYJ_2QCEE0D2lsAUl2Xcb0lDe6HU4AFEgEBAQFaAGUIZQAAAAAA_eMAAA&S=AQAAAm_zYYJm8jAnJXWM_gh9tmg
.aralego.com/ Name: euconsent-v2
Value:
.doubleclick.net/ Name: DSID
Value: NO_DATA
.yieldmo.com/ Name: yieldmo_id
Value: 3RFmVeekkxe_ZeCsyf_0%7C1694390400000%7C0
.adform.net/ Name: uid
Value: 3967674464741924942
.omnitagjs.com/ Name: ayl_visitor
Value: 313c806812dd1064840e01e9d6644e4a
.go.sonobi.com/ Name: __uis
Value: cca87155-71f9-4bc6-8f6f-05bf8e7a8467
.lijit.com/ Name: ljt_reader
Value: HTaSDGZHE4wnbW0ERWeKz3eo
.linkedin.com/ Name: bcookie
Value: "v=2&290ef894-ae40-4061-840f-68dd161362b2"
.linkedin.com/ Name: li_gc
Value: MTswOzE2OTQ0MzU2NTQ7MjswMjG06ff1httiux+t4c5N4HTNGCeuFnnvAUBdp3sRmPVuJg==
.linkedin.com/ Name: lidc
Value: "b=OGST01:s=O:r=O:a=O:p=O:g=3044:u=1:x=1:i=1694435654:t=1694522054:v=2:sig=AQE75X-XylXRRKzBnVLCxgTn1Q1zLHFJ"
.amazon-adsystem.com/ Name: ad-id
Value: A1UqRLcTM06GmEIbYKdfyuU
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.bg3.co/ Name: _ga
Value: GA1.1.1931317642.1694435653
.bg3.co/ Name: _ga_Z0TZ7TDHS1
Value: GS1.1.1694435655.1.0.1694435655.0.0.0
.bg3.co/ Name: __gads
Value: ID=050c352e40c34459-2268725c6ede0083:T=1694435653:RT=1694435655:S=ALNI_MYxHHkRDDdxw6RTktsYSwpFD39_SA
.teads.tv/ Name: tt_exelate
Value:
.teads.tv/ Name: tt_bluekai
Value:
.teads.tv/ Name: tt_liveramp
Value:
.teads.tv/ Name: tt_neustar
Value:
.teads.tv/ Name: tt_salesforce
Value:
.criteo.com/ Name: uid
Value: 306636ff-5852-4183-8b4a-f84dcf9faf77
.agkn.com/ Name: ab
Value: 0001%3AI3MYeAObmSjJPucU%2Fcb8GtkTdYlyncob
.krxd.net/ Name: _kuid_
Value: PyiXD0PF
.bluekai.com/ Name: bku
Value: m3X99WQJdtHRPGGL
.w55c.net/ Name: wfivefivec
Value: 3yHoiDvv1QFG7m5
.acuityplatform.com/ Name: auid
Value: 826005494477
.w55c.net/ Name: matchgoogle
Value: 5
.acuityplatform.com/ Name: aum
Value: "OikKAfqbdXNlck1hdGNoQnlVc2VyTWF0Y2hpbmdJZE1hcPqANPqNdXNlck1hdGNoaW5nSWTIkWxhc3REcm9wVGltZU1pbGxpcyUBRSEHRBuOmGxhc3RTdWNjZXNzZnVsTWF0Y2hNaWxsaXMlAUUhB0Qbjo90aGlyZFBhcnR5VXNlcklkWkNBRVNFTHVNUU9hYkFPTW80dE1GWlZkQVk1Rfv7hnZlcnNpb27C+w=="
.googleadservices.com/ Name: ar_debug
Value: 1
.smartadserver.com/ Name: pid
Value: 6626216922757665288
.bg3.co/ Name: cto_bundle
Value: tAH1P19qeUZnWmQ5V3VIcmRxVXNVVVMwVjU2TTE1VGZGNlUxYUxZa0xDTWFHYkozQlNvVTF5dWJJMk9UeDNMVU9sdk1NSCUyQkkzcXRSZHphYzdmQjdiRndSJTJCUWJZb09iRm9oZ3Vad0RadEMyTVVXMm9haUlqTmV6T052cWJERCUyRmUlMkJHZlg4eUczJTJGSFUlMkZKM2FocHNHM0pxRVZZYkElM0QlM0Q
www.bg3.co/ Name: pbjs-unifiedid
Value: %7B%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222023-09-11T12%3A34%3A17%22%7D
.openx.net/ Name: i
Value: c3aadcdb-0612-004b-3058-20c986f1a9bb|1694435657
.openx.net/ Name: pd
Value: v2|1694435657|gen0vNvQiygu
.casalemedia.com/ Name: CMID
Value: ZP8JSb9F2Gk.yDTXMxwhQgAA
.casalemedia.com/ Name: CMPS
Value: 5258
.casalemedia.com/ Name: CMPRO
Value: 5258
.servenobid.com/ Name: pid_317
Value: 6626216922757665288
.gumgum.com/ Name: vst
Value: e_2f035c10-e63b-4afd-8d71-7c710d283d44
.lijit.com/ Name: _ljtrtb_273657
Value: 273657
.servenobid.com/ Name: pid_312
Value: 5233787502523251788
.servenobid.com/ Name: pid_333
Value: ZP8JSb9F2Gk-yDTXMxwhQgAAFIoAAAAB
.servenobid.com/ Name: pid_337
Value: y-zU7a.SlE2uEvQFJ1XzbiH1hDv0BPLYvYCXxGM9I-~A
.media.net/ Name: data-pbs
Value: setstatuscode~~1
.servenobid.com/ Name: pid_339
Value: y-zU7a.SlE2uEvQFJ1XzbiH1hDv0BPLYvYCXxGM9I-~A
.smaato.net/ Name: SCM
Value: 3d10188f64
.smaato.net/ Name: SCMsas
Value: 3d10188f64
.minutemedia-prebid.com/ Name: wrvUserID
Value: uf6BQDTzkp_mm
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNjU0MTG1sDA1MjM2MjGwMDEwMRDiM9QN8PGNsNA1K_dwLfADAOzh0KclAAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNjU0MTG1sDA1MjM2MjGwMDEwMRDiM9QN8PGNsNA1K_dwLfADAOzh0KclAAAA
.servenobid.com/ Name: pid_309
Value: e_2f035c10-e63b-4afd-8d71-7c710d283d44
.servenobid.com/ Name: pid_310
Value: HTaSDGZHE4wnbW0ERWeKz3eo
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 53BC0C8B-6C9E-42B6-8F3B-DFDEDFA20CB1
.contextweb.com/ Name: V
Value: pAbGTa6N6sPG
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: 7d12c197adad9f45
.servenobid.com/ Name: pid_353
Value: 0000EEA
.creativecdn.com/ Name: u
Value: osix3W7DkZuBqGTUiPiu
.creativecdn.com/ Name: ts
Value: 1694435658
.servenobid.com/ Name: pid_324
Value: 5144588526324084040
.3lift.com/ Name: tluid
Value: 742876909853207093297
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZP8JSgAPdnzS7QAN
.servenobid.com/ Name: pid_348
Value: uf6BQDTzkp_mm
.metadsp.co.uk/ Name: ruuid
Value: d377ac1b-129f-4658-9447-feed8008c559
.metadsp.co.uk/ Name: c
Value: 1694435658
.metadsp.co.uk/ Name: ruuid_lu
Value: 1694435658
.quantserve.com/ Name: d
Value: EMYBGAH2KfijCJiTCuu4EA
.analytics.yahoo.com/ Name: IDSYNC
Value: "175w~2dv0:18z8~2dv0"
.turn.com/ Name: uid
Value: 3021665372246275692
.servenobid.com/ Name: pid_316
Value: 53BC0C8B-6C9E-42B6-8F3B-DFDEDFA20CB1
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-ec50676d-f298-4393-981b-4891db2fa7c3-003%22%2C%22nxtrdr%22%3Afalse%7D
.go.sonobi.com/ Name: HAPLB8G
Value: s8632|ZP8JT
.yellowblue.io/ Name: wrvUserID
Value: 0EwB1YT-Cp_s
.weborama.fr/ Name: AFFICHE_W
Value: okwffx8XNh6i14
.richaudience.com/ Name: pdid
Value: 0d572816-e041-450a-93cc-1zz1694435647
.simpli.fi/ Name: suid
Value: 50BD6F1CB66849598C0773C882236912
.servenobid.com/ Name: pid_332
Value: cca87155-71f9-4bc6-8f6f-05bf8e7a8467
.servenobid.com/ Name: pid_352
Value: 0EwB1YT-Cp_s
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-AjqK5gQ32LYZPN-3BWjBtAA72rYZPNu0BGxqoYIN&KRTB&19420-AjqK5gQ32LYZPN-3BWjBtAA72rYZPNu0BGxqoYIN&KRTB&22979-AjqK5gQ32LYZPN-3BWjBtAA72rYZPNu0BGxqoYIN&KRTB&23403-AjqK5gQ32LYZPN-3BWjBtAA72rYZPNu0BGxqoYIN
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESEPFEg4qjtijcgqOLcA3tS8g&KRTB&23025-CAESEPFEg4qjtijcgqOLcA3tS8g&KRTB&23386-CAESEPFEg4qjtijcgqOLcA3tS8g
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-3967674464741924942&KRTB&23263-3967674464741924942&KRTB&23481-3967674464741924942
.360yield.com/ Name: tuuid
Value: bfa793fe-5bd6-4e4a-aead-b2202346f7a4
.360yield.com/ Name: tuuid_lu
Value: 1694435658
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-ec50676d-f298-4393-981b-4891db2fa7c3-003%22%7D
.disqus.com/ Name: zeta-ssp-user-id
Value: ua-c669641f-8e08-31b6-ac60-f89a647c57ec
.bumlam.com/ Name: suuid3
Value: IiQ4NjkxYTYwYy01MDlmLTExZWUtODZlMC0wMDI1OTBjMDY0N2M*
.dotomi.com/ Name: DotomiTest
Value: 631515c94a0a16e5
.crwdcntrl.net/ Name: _cc_dc
Value: 1
.crwdcntrl.net/ Name: _cc_id
Value: a689fc08d5b338ae9beabc1d75779a03
.admanmedia.com/ Name: admtr
Value: 99d34ffe-6936-4f50-a951-df488c2b5870
.richaudience.com/ Name: avcid-bsw-uid
Value: 41d2615c-4204-49d0-87f5-f4cd3d0e3ac4
.zemanta.com/ Name: zuid
Value: Vu556JS18JTqeIP0j08S
.outbrain.com/ Name: obuid
Value: 847ef8ab-cb54-4bab-a295-5616e23d3944
.pubmatic.com/ Name: KRTBCOOKIE_466
Value: 16530-41d2615c-4204-49d0-87f5-f4cd3d0e3ac4
.servenobid.com/ Name: pid_328
Value: 99d34ffe-6936-4f50-a951-df488c2b5870
.pubmatic.com/ Name: KRTBCOOKIE_32
Value: 11175-AAAIIkVofGBZvwM8yb47AAAAAAA&KRTB&22713-AAAIIkVofGBZvwM8yb47AAAAAAA&KRTB&22715-AAAIIkVofGBZvwM8yb47AAAAAAA&KRTB&23519-AAAIIkVofGBZvwM8yb47AAAAAAA
.ipredictive.com/ Name: cu
Value: d6b8d5df-b882-4872-9d92-f42e34d0c7a3|1694435658363
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-73f9e74a-1c2d-5408-7c31-b11ae59682f8.DZtf7e0KKAasuv3Kfl2TyVlEH9uOKYOWK%2Bu8OwUiLdg
.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-73f9e74a-1c2d-5408-7c31-b11ae59682f8.DZtf7e0KKAasuv3Kfl2TyVlEH9uOKYOWK%2Bu8OwUiLdg
sync.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3Ac_nnShwtVAh8MbEa5ZaC-C0M3qw.hnPB%2FZtPs9Ajx4t%2Fsr3rIBoJ4MPGdcjdDKvIR0IbLCs
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3Ac_nnShwtVAh8MbEa5ZaC-C0M3qw.hnPB%2FZtPs9Ajx4t%2Fsr3rIBoJ4MPGdcjdDKvIR0IbLCs
sync.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIFfmwgzuAmxxYy8b38bHMACRSyK88MyT8gOkF33LZF7TEHwYBCDKkvynBjABOgTwi70wQgQD5Dnc.wrvotilsNzvchNnBMX0iETaAr17fux3VKMVGKyh1XBo
.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIFfmwgzuAmxxYy8b38bHMACRSyK88MyT8gOkF33LZF7TEHwYBCDKkvynBjABOgTwi70wQgQD5Dnc.wrvotilsNzvchNnBMX0iETaAr17fux3VKMVGKyh1XBo
.rubiconproject.com/ Name: audit
Value: 1|naVuGyos1qpAxF1yIKn4wVqbBgMWySGKnddJL2ro258TPtXzgn8vBO+yhFeZk1BDoE2BbxUEbdUhVzfZLSZD/uoyBNGqA3hL1WoBSYwPI/Y=
.us.ck-ie.com/ Name: CID
Value: 6bd911faa366cb0f3ef9278196a4e9d0b89a13e8
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-3021665372246275692&KRTB&23150-3021665372246275692
.servenobid.com/ Name: pid_323
Value: LMEV8M4R-1U-JSRL
.audrte.com/ Name: arcki2
Value: a5aDGHa60fIRoqEoyJP9tg6zQ!20220908!1694435658546!ip#45.12.222.172
.audrte.com/ Name: arcki2_pubmatic
Value: 53BC0C8B-6C9E-42B6-8F3B-DFDEDFA20CB1!20220908!1694435658549
.socdm.com/ Name: SOC
Value: ZP8JSsCo5tAAALhaufgAAAAA
.sitescout.com/ Name: ssi
Value: c77113ac-87f2-409b-8e20-bd9869d8554d#1694435658638
.sitescout.com/ Name: _ssuma
Value: eyI0NSI6MTY5NDQzNTY1ODY2OX0
.pubmatic.com/ Name: KRTBCOOKIE_188
Value: 3189-c77113ac-87f2-409b-8e20-bd9869d8554d-64ff094a-4348&KRTB&23418-c77113ac-87f2-409b-8e20-bd9869d8554d-64ff094a-4348
.audrte.com/ Name: arcki2_ddp2
Value: a5aDGHa60fIRoqEoyJP9tg6zQ!20220908!1694435658712
.audrte.com/ Name: arcki2_adform
Value: 3967674464741924942!20220908!1694435658877
.betweendigital.com/ Name: dc
Value: lux1
.betweendigital.com/ Name: tuuid
Value: 08ac9396-bbfc-52fe-9732-98e0f3cd91ab
.betweendigital.com/ Name: ss
Value: 1
.betweendigital.com/ Name: ut
Value: ZP8JSwAF66Dd0E4ifOLd9PupLMFgYXv-Z4wbHw==
.smilewanted.com/ Name: sw_user_params_infos
Value: JBJf920FPA8rvfmAY%2FEjIFm8h3WCZsk3bhFeAeIYeY6kdz%2F%2BkvdS%2FDu3OVejZRtBfR6ZydVED5XVCvAJXyJEcLgrkk%2B%2B5iulXw2i%2Fu2c7JRhw36YOVdx1IWIU7168QQzx%2Ff7RDiBs%2B3J3i4I61SvOwAxC1Th29JQwtZ8%2BTnWeBRENkQtGmQ8qsCuor5x0VQOiusdy6pyRxuSGkSQBmcoUwvfW32F7KE8LFiUBtDBzrV4costt4CWxGUruhDz7QTBxmnMQLY2PS%2F262adEPfdynncZEfFTH4Q0o4lRSTKFYSXtkbYB66ZhD46ZpjY5vh8sN0t0exopOQMU2yH%2FQ0%2BdQP9YngWl%2FAji%2F9VmsZP1utwJP3zcyyEdjbcmhf%2FmBRvO0CaOslGdAyvoZJWlJUVtKNeJ8rZvSGPPICUYZo5kIdKnl2XQ9j8vDQddq6mmBBYlM6aMsf0n6T%2BAdrVeKJbp17cC%2FXHqo0mFRWMEgbsOxs%3D
.pubmatic.com/ Name: SPugT
Value: 1694435659
.pubmatic.com/ Name: DPSync3
Value: 1695600000%3A201_245_241_235_227_226_219_197
.ads.pubmatic.com/ Name: KCCH
Value: YES
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 10
.pubmatic.com/ Name: pi
Value: 0:4
.pubmatic.com/ Name: SyncRTB3
Value: 1695254400%3A63%7C1695686400%3A35%7C1695600000%3A13_238_176_243_21_71_3_56_46_249_234_233_55_214_88_251_8_54_264_22_165_166_204_220_81_161_254%7C1699574400%3A69%7C1694995200%3A2_15_223%7C1696982400%3A203
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-5233787502523251788&KRTB&23339-5233787502523251788
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_9vEyGtoZmliYmxqZmZoaGp6ShzONzW3NDMHANzO7_IgAAAA
.adfarm1.adition.com/ Name: UserID1
Value: 7277545749176252559
.zeotap.com/ Name: zc
Value: 62de7bc1-0a00-4bcd-419e-a899a2e0b775
.onaudience.com/ Name: cookie
Value: ec949265eef87fdc
.onaudience.com/ Name: done_redirects219
Value: 1
.pubmatic.com/ Name: KRTBCOOKIE_18
Value: 22947-5144588526324084040
.csync.loopme.me/ Name: viewer_token
Value: 05896702-bb58-468f-ad8c-3d1289ea2764
.ctnsnet.com/ Name: cid_e9ed9b45c8ad4e95a3471b971118942c
Value: 1
.adx.opera.com/ Name: UID
Value: OPU75d3fb94fc184e0e8f41c19f04ab1166
.pubmatic.com/ Name: KRTBCOOKIE_1101
Value: 23040-7277545749176252559&KRTB&23369-7277545749176252559
ads.playground.xyz/ Name: connect.sid
Value: s%3AFKM81IADNE8PQDP8SHwPr3yxOCF_4Czd.%2BN4I32RZBYdxOLh4dmrYgTTm8a6fCtatFu195A4bylk
.pubmatic.com/ Name: KRTBCOOKIE_860
Value: 16335-c_nnShwtVAh8MbEa5ZaC-C0M3qw&KRTB&23334-c_nnShwtVAh8MbEa5ZaC-C0M3qw&KRTB&23417-c_nnShwtVAh8MbEa5ZaC-C0M3qw&KRTB&23426-c_nnShwtVAh8MbEa5ZaC-C0M3qw
.zeotap.com/ Name: zsc
Value: %95%16w75%2A%CA%C1%1FH%E69%9C%FF4%1B%5B%D1v+%AD%2A%D3%F7%C9%E1%1F%F5%26%1E%E2%B9%A6%A6%BC%25%B7%3A%C5%CE%01%E8%A5%0B%7FLI%B6%3C%BFh%D7%83%00%A74%85%23%DE%BD%CD0%01%5E%0C%AA%EA%23%AD%05%BC%BC%97%28%5E%13%AEJ-L%3D%F4%ED
.semasio.net/ Name: SEUNCY
Value: CABB9B01DBED1E1E
.de17a.com/ Name: guid
Value: 1.557907400668329831
.pubmatic.com/ Name: KRTBCOOKIE_1305
Value: 23413-53BC0C8B-6C9E-42B6-8F3B-DFDEDFA20CB1&KRTB&23505-53BC0C8B-6C9E-42B6-8F3B-DFDEDFA20CB1
.tribalfusion.com/ Name: ANON_ID
Value: aknwYStlix98qyTAZaVq6grjuhe9OJ14FGT9gdO4GJWwqQlOqKZcxT2BUm3qPdu3UaEAs7rVqGd3dIN2X1tf2ZcuJooFgpd79oe10AWIFWZaFr5fac3KHKTMBDyUZddBv
.bidr.io/ Name: bito
Value: AAEFjU7J_hMAACWcZkVqLg
.bidr.io/ Name: bitoIsSecure
Value: ok
.pubmatic.com/ Name: KRTBCOOKIE_336
Value: 5844-557907400668329831
.onaudience.com/ Name: done_redirects104
Value: 1
.contextweb.com/ Name: pb_rtb_ev
Value: 3-1msv|7dN.0.AAEFjU7J_hMAACWcZkVqLg|7bq.0.1
.pubmatic.com/ Name: KRTBCOOKIE_409
Value: 22966-kODCF8PznjRWRXUVnnMSTMQj
.smartadserver.com/ Name: csync
Value: 117:313c806812dd1064840e01e9d6644e4a|127:AAEFjU7J_hMAACWcZkVqLg
.pubmatic.com/ Name: KRTBCOOKIE_699
Value: 22727-AAEFjU7J_hMAACWcZkVqLg
.pubmatic.com/ Name: KRTBCOOKIE_1323
Value: 23480-OPU75d3fb94fc184e0e8f41c19f04ab1166&KRTB&23485-OPU75d3fb94fc184e0e8f41c19f04ab1166&KRTB&23524-OPU75d3fb94fc184e0e8f41c19f04ab1166
.gammaplatform.com/ Name: _aGeoIp
Value: JP|Hiroshima
.gammaplatform.com/ Name: _aUID
Value: o28wl4nm9rjs
.pubmatic.com/ Name: KRTBCOOKIE_1310
Value: 23431-o28wl4nm9rjs&KRTB&23446-o28wl4nm9rjs&KRTB&23465-o28wl4nm9rjs
.pubmatic.com/ Name: PugT
Value: 1694435661

33 Console Messages

Source Level URL
Text
network error URL: https://static.bg3.co/imgs/202105/8394544561144e0503acd2d50a4b0931.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/1add04a6fe476698cd73325251b15f1e.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/d0d50f2eef588c4b9a433f26592537f2.jpg
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/88f470df1c544a47fa7d12d30ab7d883.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/d78d08ed78dfb3d8bc7ee7433bb5fa9d.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/0536e31da02df323003e02f68b69bfe7.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/2a7161d2f157c7a8ec00d078b00b1d89.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202107/f69c8bfe947b1bc3984872f5c92016b7.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/2220e2c3ede1d25530f042fd31a6f726.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202109/12d9663745c4581d70256aaabb2268e6.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/4a314cb55d2d5974176462a38409bb28.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/8025df046afa88b34db69816e27377e0.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202309/5931caa0994aae64008d8f18ad864d71.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/21b2dd4831e86c96fdc3bd9e72b962b4.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202106/ef5ab6562b0a05e563f9c64dc511050a.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/aff4ed067fc9d4a6b0c925b4148644ff.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/5e6c68a457e7945f6603ac5ebb31381c.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/b6a233fb1069223c040fd5946ca18bf3.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202106/ec7df35cbdd3110c95d48e18cc80a375.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/4b8828759f8f622bd604225092ff65d4.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202106/535ee60ad8d855408997af3c7ee3b89c.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/7937c34a45aa6905c07e45a6c1d917ac.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/9a7d61c717966dc5601e5d5e77d53693.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://rtb.openx.net/openrtbb/prebidjs
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://rtb.openx.net/openrtbb/prebidjs
Message:
Failed to load resource: the server responded with a status of 400 ()
security warning URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 484)
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security warning URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 484)
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
network error URL: https://cdn.adpushup.com/42753/L2EveGllLXlhbi1mdS1iaW5nLXNoaS1xaS1rb25nLXN1LXlpLXNoaS15YW8tdHVpLXhpdS1iaS16aHVhbi16aGVuLmh0bWw=.json
Message:
Failed to load resource: the server responded with a status of 404 ()
other warning URL: https://a.teads.tv/media/format/v3/teads-format.min.js
Message:
Origin trial controlled feature not enabled: 'attribution-reporting'.
security error URL: https://19be587d143de049fa82e13b2a9ca414.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html(Line 15)
Message:
Refused to frame 'https://pagead2.googlesyndication.com/' because it violates the following Content Security Policy directive: "frame-src cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp=er3$/7132700366679474911/index.html".
network error URL: https://idsync.rlcdn.com/474599.gif?partner_uid=dda1694e-37ca-4de0-b5a1-6d30c645324e_ch&cv=&_t=1694435655792
Message:
Failed to load resource: the server responded with a status of 400 ()
security warning URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 484)
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
javascript warning URL: https://www.bg3.co/a/xie-yan-fu-bing-shi-qi-kong-su-yi-shi-yao-tui-xiu-bi-zhuan-zhen.html
Message:
The resource https://d-7592421742405036487.ampproject.net/2308242321000/nameframe.html was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

104ebd0ebba7900dd8a9c965df094f7f.safeframe.googlesyndication.com
19be587d143de049fa82e13b2a9ca414.safeframe.googlesyndication.com
5f46b4dda7d494b425316c7180c2bfe6.safeframe.googlesyndication.com
a.audrte.com
a.teads.tv
a.tribalfusion.com
a4p.adpartner.pro
aa.agkn.com
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad.360yield.com
ad.mrtnsvr.com
ad.turn.com
ad.vidver.to
ad.vidverto.io
ad4m.at
adpushup-d.openx.net
ads.aralego.com
ads.betweendigital.com
ads.eu.criteo.com
ads.playground.xyz
ads.pubmatic.com
ads.servenobid.com
ads.stickyadstv.com
ads.yieldmo.com
adx3.adform.net
amp.analytics-debugger.com
ap.lijit.com
b1sync.zemanta.com
beacon.krxd.net
bh.contextweb.com
bidder.criteo.com
c.statcounter.com
c1.adform.net
cat.fr3.eu.criteo.com
cdn.adpushup.com
cdn.ampproject.org
cdn.aralego.net
cdn.indexww.com
cdn.jsdelivr.net
cdn.taboola.com
cdn.vidverto.io
cdnjs.cloudflare.com
ce.lijit.com
cm-supply-web.gammaplatform.com
cm.adform.net
cm.adgrx.com
cm.g.doubleclick.net
cms.quantserve.com
code.jquery.com
contextual.media.net
core.iprom.net
cr.frontend.weborama.fr
creativecdn.com
cs-rtb.minutemedia-prebid.com
cs-server-s2s.yellowblue.io
cs.admanmedia.com
cs.minutemedia-prebid.com
cs.yellowblue.io
csi.gstatic.com
csm.eu.criteo.net
csync.loopme.me
csync.smilewanted.com
d-7592421742405036487.ampproject.net
d.adroll.com
d5p.de17a.com
dclk-match.dotomi.com
delivery.adrecover.com
dis.criteo.com
dmp.adform.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
e3.adpushup.com
eb2.3lift.com
eu-u.openx.net
euexchangesync.digitaleast.mobi
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
g2.gumgum.com
googleads.g.doubleclick.net
green.erne.co
grid.bidswitch.net
gum.criteo.com
hb-api.omnitagjs.com
hbx.media.net
htlb.casalemedia.com
http-intake.logs.datadoghq.com
ib.adnxs.com
idsync.rlcdn.com
il-trc-events.taboola.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
image8.pubmatic.com
imageproxy.eu.criteo.net
images.taboola.com
imasdk.googleapis.com
ipac.ctnsnet.com
js-sec.indexww.com
loadm.exelator.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
match.sharethrough.com
matching.truffle.bid
mug.criteo.com
mwzeom.zeotap.com
onetag-sys.com
p.rfihub.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel-eu.onaudience.com
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pixel.onaudience.com
pixel.quantserve.com
pixel.rubiconproject.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prebid-server.rubiconproject.com
prebid.a-mo.net
prebid.media.net
prebid.smilewanted.com
pubads.g.doubleclick.net
public.servenobid.com
pubmatic-match.dotomi.com
px.ads.linkedin.com
region1.google-analytics.com
rtb-csync.smartadserver.com
rtb.fr3.eu.criteo.com
rtb.nl3.eu.criteo.com
rtb.openx.net
rules.quantcount.com
s.ad.smaato.net
s.amazon-adsystem.com
s.tribalfusion.com
s0.2mdn.net
s8t.teads.tv
secure-assets.rubiconproject.com
secure.adnxs.com
secure.quantserve.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
spl.zeotap.com
ssbsync.smartadserver.com
ssp.disqus.com
ssum-sec.casalemedia.com
stags.bluekai.com
static.bg3.co
static.criteo.net
static.smilewanted.com
stats.g.doubleclick.net
studio-t.teads.tv
sync-tm.everesttech.net
sync.1rx.io
sync.adkernel.com
sync.admanmedia.com
sync.adotmob.com
sync.aralego.com
sync.bumlam.com
sync.crwdcntrl.net
sync.go.sonobi.com
sync.ipredictive.com
sync.outbrain.com
sync.richaudience.com
sync.springserve.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync.teads.tv
t.adx.opera.com
t.teads.tv
tags.bluekai.com
tg.socdm.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
trc-events.taboola.com
trc.taboola.com
u.ipw.metadsp.co.uk
u.openx.net
uipglob.semasio.net
um.simpli.fi
ums.acuityplatform.com
ups.analytics.yahoo.com
us-u.openx.net
us.ck-ie.com
usersync.gumgum.com
vidstat.taboola.com
visitor.omnitagjs.com
www.bg3.co
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.statcounter.com
x.bidswitch.net
match.adsby.bidtheatre.com
static.bg3.co
sync.adotmob.com
103.231.174.251
104.18.38.76
104.20.219.77
104.22.69.131
104.75.89.75
104.79.89.16
108.129.25.174
13.32.99.50
141.226.228.48
141.94.171.214
141.94.171.215
141.94.242.206
142.250.181.226
142.250.185.130
147.75.84.158
151.101.1.44
151.101.129.44
151.101.193.108
151.101.66.49
152.199.21.70
154.59.122.79
162.55.236.225
172.64.148.101
175.110.113.208
175.110.113.216
178.250.1.11
178.250.1.9
178.250.7.9
18.193.230.43
18.198.69.109
18.203.183.215
184.30.20.22
185.106.33.48
185.184.8.90
185.255.84.151
185.255.84.152
185.64.190.80
185.64.190.81
185.84.60.20
185.86.138.150
185.86.139.104
188.42.34.65
190.2.150.144
192.96.203.13
193.0.160.131
195.5.165.20
198.47.127.18
198.47.127.19
198.47.127.20
198.47.127.205
2.18.160.23
2.18.161.51
2001:4860:4802:34::36
2001:4de0:ac18::1:a:1a
2001:678:cb4:bbbb::11
202.241.208.54
208.93.169.131
209.191.163.209
213.155.156.168
216.52.2.16
23.201.255.110
23.35.236.201
23.88.86.2
23.97.225.52
2404:6800:4002:816::2003
2600:1f18:24e6:b901:6050:e3cc:2cea:ee57
2600:9000:20ab:3800:6:44e3:f8c0:93a1
2600:9000:211e:9600:1b:5138:8a40:93a1
2600:9000:223f:8400:1f:4c18:bd40:93a1
2602:803:c003:200::43
2606:4700:10::ac43:db6
2606:4700:20::ac43:47fe
2606:4700:20::ac43:4a81
2606:4700::6810:5514
2606:4700::6811:190e
2606:4700::6812:18ad
2606:4700:e6::ac40:c526
2620:116:800d:21:b314:a0ef:ab7c:d546
2620:1ec:21::14
2a00:1450:4001:800::2003
2a00:1450:4001:80e::2002
2a00:1450:4001:80e::200a
2a00:1450:4001:811::2001
2a00:1450:4001:811::200a
2a00:1450:4001:812::2002
2a00:1450:4001:812::2003
2a00:1450:4001:827::200e
2a00:1450:4001:828::2002
2a00:1450:4001:829::2001
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2001
2a00:1450:4001:82a::2004
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::2003
2a00:1450:4001:830::2006
2a00:1450:4001:830::2008
2a00:1450:400c:c0c::9b
2a02:2638:3::10
2a02:2638:3::9
2a02:2638:3::c
2a02:2638:d::11
2a02:2638:d::2
2a02:2638:d::4
2a02:2638:d::a
2a02:2638:d::c
2a02:26f0:480:f::213:7ede
2a02:fa8:8806:16::1400
2a05:d018:cc3:fe05:3a22:211:eb82:9c6b
2a05:d018:d29:3601:970f:dde0:5c57:1e8b
3.120.226.29
3.124.92.220
3.234.116.116
3.33.220.150
3.71.149.231
3.77.247.132
3.78.196.102
31.172.81.172
34.102.163.6
34.102.253.54
34.107.148.139
34.111.129.221
34.247.233.198
34.249.177.138
34.95.81.168
34.98.64.218
35.186.154.107
35.186.193.173
35.204.158.49
35.210.239.72
35.214.209.65
35.227.252.103
35.244.174.68
37.157.3.20
37.157.5.84
37.252.173.215
38.91.45.7
44.199.97.70
44.206.88.126
46.228.174.117
51.75.86.98
52.0.248.85
52.213.151.23
52.31.253.130
52.46.130.91
52.51.73.145
54.154.20.43
54.155.169.152
54.167.186.89
54.38.197.123
54.77.46.237
54.77.82.203
63.251.232.170
63.35.57.217
64.202.112.127
67.220.226.234
69.166.1.35
69.173.144.137
69.173.144.138
69.173.144.139
69.192.160.219
70.42.32.191
76.223.111.18
77.243.51.122
77.245.57.72
8.2.108.194
8.2.110.24
8.43.72.98
80.77.87.161
82.145.213.8
85.114.159.93
95.101.149.233
95.101.54.235
98.98.134.242
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
029bdff55dd57172035b8fffea0b4ec78250a925ecef0011b8369da909e8ee47
033718a2aa071240f6adb758d23ca70c8be35d1b2e94fa7c954e3fea0f784214
03980ff5b77ec2cd9220085ed6ddab54282db4c8cb7081702efe5a6371290ae8
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
06cad48c2acc8db6b29fb6d99765a9bc5bfa6d61ea4690a484612cd4d4265e3c
080a3460248357fbb435bae35f0527d425228119315f9d5f65a2a9b2dde3bddc
08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121
0845d35dab5cf9b981e0f96077526e9b478eca319516792ceeaa735d98d86c02
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e
09d2dfbc937e5c41c620074fc038508bca477d4b8874de9552c7503bfd8cec5e
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b10180887c43fe8adf9e0042338deafea681a662ef6f561799fd3677ea489df
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0cdc1d09aac29df4b32648b075b088d83174193624fe3c219cfd777692c9ba81
0ee93fafcad50b2f452b880a2cae07d2816d312e560207ada13312b0bd771acc
133faba4c8e39ef75f5ddb4ad69bad8fdeb17f194b37864c26fbdd37adfcd7dd
138625f595068cf9e2029e0a671fa322727c326935c09177fa95af0cacf17a49
15340b82f698f3c468515a97dbbe8a4004a9edafa4c29408919b809d8d0b48fe
1717d1affadf020e2959dd0b4358cf86bc8efe105b42242256248ced40ed88bc
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
18c34d7fc74fccc151584d8616c24079e60dc5506a015d85c77e92646e74fa75
18ccd9972995ccfdf1c4ce53d0195550e2b44e9acbd5c0cf826088149fa7e7c6
1b4acc25c424b09c47ac70f9c121ebb73deb5e3dbdcdcf96c00399d79fdd1b34
1bc1c7800cbcc074e2856050c3f00058326a8fd7facb6fb363f9d5233b91caac
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced
1d7082e9253fc7753f8e457947872bbbae81919127a54d020a1427fd20cf5127
1e26bd82ae07435b9a20a604002ef675fb4e734df41b8381ae833368ba32be0b
1f623fbcd025dc4b793b7c0a9d7fd86376ce1dcca6c74a57e334829fa0405fe6
20678c305b50c0988193d64cb34f41e2dcb6f2fa48353106436ea301e07ce70a
21ca97669f2b009e6f2e26f17f09d995dbb18a1f6afe45131a2c6ccfe66484de
22e2ee38158caadd6a30d82785074ab9e9f87901e10fefda50dfbd4dd7bb73d3
25d8490844168352ee5529025f56d57c43100ecac86f486be3e3e5a7173a38e0
25f9b84e74b6062dc2d1727a67efdd77013de311bcd0e5935ffb2560f10c03d5
26914004d3a8d5ddde2202b642d7936eb61c9f195b5cd3c87e44ef8ad4d57c16
26d83a4a52389972e9fe31e51d4dcac339466a803c2033e84e3798891891aff9
283044cabced3f3b05b6da4851170917bce4acf47453176876732ed9806f1eee
29009306e563339178f58b0b5095eb91dcc0a9d203122e35ea73569e449f80e6
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2aec7a278e6dcbc6fe1215aa393f819226b5ce4c8e0490f7ff1e263f29b07f89
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e1c308b644d5be0cb3ca8d1ed6ca9caf2f559a2db097ce23040bb7e6f352d6e
2ebcdc45625d8bd6eb8cea62780c1128df28c86ef0e10a6369ec23c97d61d92c
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
351ad65d6e4c9a1d4787bbed0c943b941f3ed8c84c6938d5d1e2bd95eaad14e4
3533595de3c25abc6157218bbb4a802130742ed36b1dd8daf9c183dc0fc7230a
35463ce93e7c820faa404db98d939ff640ae78ca0e29be043861853c9e07c586
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
37517e5f3dc66819f61f5a7bb8ace1921282415f10551d2defa5c3eb0985b570
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
395faa0cafda34ba9ca0683c77b9f278c1c03069a9b5f7724cf51c33810b269c
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618
3a3b6228c8b0ca57f754c5044f9ac8a6dbb8ae04dbcd96f0daad569bcccbaabc
3a98517892b7d4c2822ccbf5ba94dc48bd74547adf954f1172975a87e358cbd2
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
3b7b2a773ec223a34c95163b8105950e9815a4a726e7108837e56dc8cc40ac45
3ba7f40e2b4080979389e9b81e6d0ed155e9b7f74b3310bc1289ee70cba2035d
3c620084286d4e8ac0ebd4811a782920ac935265c8cdbf0010ea7243bd81a6e6
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
40bfdc6effb9da68cff1dbfcc170bc9f062ae14d82d4dccd38ac0005fe7b40da
42972833f3cd3e67adf2a2d107f2982a6901d6ed8b5b379d8822d18ca67b036e
42fe10d8382d3fb7f84308b95ae83c5959838f0aeff2cb1733bab9d394c5a2d7
43f2ab6b587b79f7aa648b0200f42a65481c0db2f4ce6cdab291a9d29bb06f1d
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
454c6d9cf5018a51f584cb0ca628112d72f8df9ebd635b065f091b39a970be5e
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
47b193b0d3ac7fcb7bf22555b602c310145a0f6c1fd9acae397c121b22203f19
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4ab7918478793ceb022d3f5449e401b44b78d87bc4429058ebb8b64163640da2
4b5d46243a88cb80538a5566565e1370a3a0375aa1abdf39b3076089e534fbc3
4cc2cdf175e8d4af60917a984f30c313a32ffe85a9162d6529504af7eff23410
4d444190a7eae64f0b6865038484cf9ef00cd588b8cc83b0c9c40709254ae8e4
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
4fcde06d3963713e552d9d46936109ce6d3d389318c4c053217dd0a8b12e7b85
5026aec02fea15b7314300cf6269ef40756b0866cf1a39876a7ac688b71de6f0
5122c708c7c3b9670a5ebb4ee8f20ee2061a089456b3d808b955a213f6b5642b
5302bfe1d93dd4e0efef96171eda6cc8a0a07b18d1ed21d428db1e49c397d33b
54c950f15d3e51696296030af08a6a11dd0844ef0d6a4fcfac3e9372506b4581
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56f90a84ab6429264698fd0480ef391cb63c524b8326fc61cb42e773d4e81e99
58c008fd490fd9d7a14b3c416ee60338704e28b5ea228cea2263341363368939
59c0eee45d147d68a40864deb144f07fe8f427b8b17691b8b1e1c32c6f2eeb42
5a4a0b2d357363e3c4dcc8cef8dbb67b273ba61bad258a84d298968055bdce42
5accc9a22df4c88cdf9020ba6f9337abd3cd788cdb0f30c29ebb27877e9712d1
5b118e1496dca781d14a6f7e0dee34cc5cdb3d5b78f26d77b54089da8dbe7a1c
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5d39fd91f927cf7efc1db80e425fa9547de4d23bfa0d32bbacf7e067773dffd8
5dd78f90f733b7a6d3808b55b1d8560772bc68f0b9b55af1052c4b3f441f0222
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
5fe1f319490542fde8daf7c62ca628c32f7206d06f7dd27471eb82946014ff9e
60f74110267d386c033ca330fc5bbd7d2472c972b63b33fa8000e87c8f815de6
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
6596a3922cc32172b7a24b8bcb05dcb63aeda73ae6747768a574b2422cf760df
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b278e48df6b2e2f917803f532a9257fbb46bf576a8dfc07f1f8eb94468b54e8
6b4c3fdf8e5853f997854c3c2fe788edc4c09019dde92417b2b6e91a8a457187
6c00736e58728d82754e3e5ced15af509097d091819b27a9b72129b91d8bff3b
6d83b77c3d8c5c0ccc7078540a1fb0bd9fa43eeb82b89f83264d469aa100c088
6e1802ceb852ade19f434f5821583a7c0bfcbd0d594e07328de4efc930f8c256
6e2297899242fa4c800ff7320c93d3cd0bbb89770cf0a1d5614b0f183c94dc70
6fbe38425cb794a7cb47bc9259ed531b5975af24da1c7fc9679c96e5192ec4fa
71367f94c1b70e405665a960650d544ac4eda6ff628ae206d5826766dc674e96
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
73256f4753d292da95856a2f391421b032b91ed9abe7f0964ada7a098ac16792
74309922b4df0c2c7a9e39e7ae9f742056458a1d18e9bc05b7902c9e699570de
746589ecfb4406519933a6aea5f1149224afcba81e3c3ef0541e7ad6c8111b7e
74ef1dc879279b310d54c27709e0b28aa7d18b1f7c23b4f1733b03047d538f2c
7775ce60e8457f95afac3a696facf65693243b80c76d7b86c71785424e4767a2
77f35b9900910082f6ac05980e44068cf859f31a364fa54e1158f3501c4679b0
78cee030549a70495516a27e204f36c7b0b946324d1842487634dec78c863fc8
79e5889c36479f99096a96a61cbfa92fc35ecf12d233635e0224b2c415859de1
79f3eeb6f6e1770a10ac0cd9211978de22baf9b81f743ac6d8a3c593048e198f
7bc9a725bf6c833672ef4dcba2d2519271918b9dc6a1025de78abaa552152ffd
7c1b0b0523c8cd715c6a906f13a121cd27392d8e61d58c38c7ceb32ec22e59f4
7eddc7e40f583d7244a3f2235d6be162336c446b943ebcf7a4f4a0d02fa18030
7f13da8e761873121c3ee119fe3763eb299019bc6fadd0b2fb617c6557e99d1c
7f72778a618de493fe2f538cd70411f4b519fb511aac6dc7bb7e326531f32013
806aaa3d6a2171a9af44c62f60883f1704859e40ffef985e717db88fa093d26d
82a82b0d01609a866a65587cb8bea49710d570151f8a8e53232124dccf8a4676
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
83080dd98c9b6f663826528f01fbdb912fcfc91e709dc0628650d9f3cd7d0b42
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
834547203256db310a21bd6c541e05b13c741da4f7aec1c65e6d9d43f5eefef6
8387013ae7c0a3cb9f15765f5b7693e4011a26d041b9109781d554ee93031bcc
8438b6727d6b3cb537ab40fdd0b25a4078927c86888b020a02bd8edb3e3a96b6
84f17c357a114f92f5594d1254ef145103bd25fe28a365fc648d27678f91cdfc
850c7b2181c7009368f3917622104354545493c6b1a445623ef2d2c1f8dcc732
851e04ab30d3036701fa3d2b2a3db761579f1319cda0819efb17a2d7cf3a2862
85a9ec88a119779e7632b1fdb3e841cc9ba8c128040ae142086325b230c12ce5
8628c88637dd7936491735b4b49b51e5015222fe86f5ea5ae334fa22eca66c53
887f57c3953bee72a6bfa8ec7a0cb687c601ce99a16b08a42014d8521dc564ad
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
8d5d4d2769bdb28802f4309747ef6a358007eeb37daadc66a78ba0ca81cd4bce
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8fecae017ff4a1627943e6e72c2ef67923c0c808529c56f47a5a9f611364da55
9187146417c2af2c6469fcb4cccc46579fd23918c6743e2ba13e9e6d025f2a38
9284d948e86d2e99f31483b5f4b3a4c3e65e0a6fbca9a8d2db8c6095f82ac3f5
92e497f0152ef60a1741b07a2a3630882a6e28770386aa1a68c5c07c2b23e656
93141b5b9b73f6534458bd5e5171890448842ecdcfea5301af7599243e1f9c0d
933904306040097fbbd5d463503bf2b932cbfe5bf93f873c1ddf77681517045f
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423
9848fd9c8e8d1002001cd245c2218c1c51d6e0aa9f543a0163e19bf6899af172
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9aabc95877405be6d241a9c2aac270eb9f0da56062d1cbc78c922eaf9004c8b5
9ad6a9a711e74a049a6f6eba60c3b662aea0b8071cf6150179b52d7c822de970
9b8fb907c5fb5e5c1dbd483e15a293407065789bb4094b1707b70bd94040d70b
9c51b3bb0c5188de2571ed94d9432b85693241de3e05e5e82247dd8a45d4d03f
9c777240007305de987170016f443e7911ea31a8d4e08814db5eefe46fca73ea
9f199f10481768fbdfa8bfd7d46bad0debdc50ff26c2ada4cbaa9048162a3d5b
9fc5f6350a6f92431733fff87bca2fdf3bc2edd81df186f361fb37716f141a26
a011595b8a7a4aecacbb9bdd095cf4e446e368e8c897b2daf1807e6016137c1a
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a11a0e3f3d72fb3cc58ab15a8c7339dc909575a81d970bbe69999a5214feb615
a1fc449201f61ca3ea21d70a29c7539f8bcb19be28423a4e1258e7e1e994b042
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a393eaa516a10f13683c525f9dae11592c60e2004a9b056fe3499c886db187b4
a3aca8af72189114056225945936badf3dcc8c9d0752f5111170529cdd801c84
a44f5d561cd3e602e092304c1356809a206492fa189be1c11d923e8e768b06b5
a4af9abc3fa88d52e95d283bed70947d365a53d40ce5dc6eca3c3db355480783
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a8fcae3fa47ff8a814a8a89d6fcd7851fbf9d817ed2c15279dd9bd515f7d711c
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
ac9d0828f96c638e8ea47891966612b14773f311f3e9bfc0ef3f02437891e7d3
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
ad23a556ada04655067ae0040759f5ad6ee3fbd127a947082795327b2bb7337f
af4c22461aedf382190d0367cfb759d2faf8fb994a917406557d81d48f63344a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1aec371e50cb6ae5417c2c38e07b2799277349de05c913717ff1eaa6ca50168
b1cf9638e3196b95852ed6d2d8dc3ee05fd457c99bb41b03062e38fed5ed2547
b682ef87b0ee4f3631fb1d297c2ad373d1e423ab2d1c14dc10a3fb1dd59a1466
b7d818c698d26d9d34c00c94853c93b34abb2fd53e97c415fafb9e84df993f31
b85377882900eda490f8f0958453388a21ba8d101e2193e7e540a40e1ecf031e
b8b237d6b17c68a05bc377ae355cdadc36ecc1cc37a1053bc79c2aa0e307b169
b8e8e03b984d03eb6e39a9ffdb6cb101eb51bfee351add25d30813d81242fde8
b9f4e2271452dabdf81f1d45271f5146fed6eb9549cff3a436f059d3b343a8b9
ba740aefe7f14be0d4f56e62d1d0492e4696f499e5972cf73cf527c614be19e5
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bbae06f57e958696497b6ed11a85970c147d4c349d3080487b219d962b47b309
bd91080d2c7f2120ad82727f5c07bbb439b810ed4035993ddb1825ca1611396b
bda4c3576652ddbd1d5ae3fc9bf1e960d2a87a15f8780443d8029db45e005bbe
c0525eeaa4015b760da768e26f5df26324bb2759e9fcd10b72fe1e84e0db2881
c1046a7b5f56b3c23e1162005cfc50b1f0af39546ed1f194f63a1613acf2dea4
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c252a63cc3245c852e13332a77220c033b56a952344862770bfe104e76a0d436
c2e108b13f9db2acc5baf4873111d47587fcfc08fac49592a736d7846993ff25
c422945f8889365957851e4719699bfcaf357d50e3091beddc0819f76100ae9c
c52d31a2b13d7026c00ef7d99c26cb134e9beb46339c0b80a1664f299e785732
c8f05ce8e9e55e7ed5cc5fb1e23b601e3420086b65e8e6d561bc2b54abe09dfe
ca3e6fa3507a8a74f0619f6a77ec0839c05c4d7195393bea5e53f329ddd9b50f
ca49d02e216f0f2795283ba0c6d375676c682eb1f232cb94c1113a319377d230
cecd140859fded0e3056368fb89485ec9b8a63ea24c6a8dfb3d18f6a5f407772
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d05aa2ea0675c74115cc350a26bb3ffd70269806390adf8fca0385f292aac1f2
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d2c826e69e9064b3bbaf8c82fca27f76762936cab8d3704388c5f560b56f82fc
d592777a6d54b69a8e48ad9ef2b7abeb4c3fec5e8d88935956423d3dc8f069b8
d68cebc954d5960fba081e29d978407b2557ddff0d6373feb7d28da17f7cfb17
dae0b88c1732815e47cb0d2d0d7e270b9225d316216ee4ba20ab74eea6d8525c
de025bc75a330e6d74e088090a9933cb795259ff5501bbe07c4aba7ed7588f00
df73dbd6faa1466097426eedc7525c9fc1d5267245741ae3a04f7f8787f3c853
dfa729d82a3effadab1000181cb99108f232721e3b0af74cfae4c12704b35a32
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e2b2b9125d11f0e26ab246c5f82d9a181e99441c4a6172b0a8a035070dd07da1
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e554893a505573c13f0352ccbcb540e4c86d6227cd4d2ff6777daae526419da3
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e93384474e15b7a6181c78296f972d828c1d15862cf09ee9fcf783906fad1528
e99293bec7097e1d648165f751e353a81786c3e7cc7d34c33736c1d498375486
ead11bbf7f0e7230c63549eef766ad22f689dbda649ad51cf388c02ca1856eb5
eb2697b60c526a1d4980e0874700e7c2b4f43bb9292770f71bb4bb972506e415
eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f
eb7942f135ce5b7b6bcb9becd335aac30ed761972e48d73197a287ae13b7565b
ec3fe5ace4b7515865cc68ebeca4e93f9580d474e5705eff6df0ca6fc276e8e6
edc30a0e05622f71d52d07a0b7b5e94e654ee06854f893be1954336730eb0db6
eef130cd4b5772a252c5c9feda8c7910b5e1e52cfa27887886043ab266421fc6
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efd960956aea12e71501815f5943601d5ed9baddabfb94e1d07ddaaddc3ada82
efe1978a364bdec200bc125dabba51d891794514c733e52bae2d55be674e192a
efe5618fb3fa15baa94fd206744bba32f133f32ee5a81a1b67e2da6657311006
f549f5c3d5b80e94a9d2c447050f666dca0211f5f793db60f35984194cc1b8e9
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
f6e673f4d4e0b867662115384ef15fad415a522bb2a85684bb9c2b411a1d1efe
f7688f39110658a71414733eba35c1e7aabe50becd0e3ed9bf500703ef5808c9
f7ff7c158ee343aea556ad458d5eccde7258f83904e6f6213fdb8f822d132061
f86a8291e8d7ff29f1c4694e6c501ebdb003c609a1f87816a8fac084bf5c1915
fc02820c70407aa60fd7b6a413da60eba9445bacd0932414bba89404cdd2cdc9
fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
ff17b8630719315504de11eb21395948b10ae7bcf47c361f27bdce55472eb763
ff50078d964456e33584659af659a53f936058b98b356bd1da012867330abff0